private function addSubmission($challenge)
{
$challengeDetails = \webgoat\ContestChallenges::getByName($challenge);
$flag = $_POST['flag'];
$ip = \jf\HttpRequest::IP();
$challengeID = $challengeDetails[0]['ID'];
$userID = jf::CurrentUser();
$data = array('UserID' => $userID, 'ChallengeID' => $challengeID, 'Flag' => $flag, 'IP' => $ip, 'timestamp' => time());
\webgoat\ContestSubmissions::add($data);
\webgoat\ContestChallenges::incrementTotalAttempts($challenge);
if (\webgoat\ContestSubmissions::evaluate($challengeID, $flag)) {
$this->Submission = 1;
// Increment complete count
\webgoat\ContestChallenges::incrementCompletedCount($challenge);
} else {
$this->Submission = 0;
}
}
/**
* prints html description of services
*
* @access private
*/
function webDescription()
{
global $HTTP_SERVER_VARS;
$PHP_SELF = \jf\HttpRequest::URL(false);
// if (isset($_SERVER)) {
// $PHP_SELF = $_SERVER['PHP_SELF'];
// } elseif (isset($HTTP_SERVER_VARS)) {
// $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
// } else {
// $this->setError("Neither _SERVER nor HTTP_SERVER_VARS is available");
// }
$b = '
<html><head><title>NuSOAP: ' . $this->serviceName . '</title>
<style type="text/css">
body { font-family: arial; color: #000000; background-color: #ffffff; margin: 0px 0px 0px 0px; }
p { font-family: arial; color: #000000; margin-top: 0px; margin-bottom: 12px; }
pre { background-color: silver; padding: 5px; font-family: Courier New; font-size: x-small; color: #000000;}
ul { margin-top: 10px; margin-left: 20px; }
li { list-style-type: none; margin-top: 10px; color: #000000; }
.content{
margin-left: 0px; padding-bottom: 2em; }
.nav {
padding-top: 10px; padding-bottom: 10px; padding-left: 15px; font-size: .70em;
margin-top: 10px; margin-left: 0px; color: #000000;
background-color: #ccccff; width: 20%; margin-left: 20px; margin-top: 20px; }
.title {
font-family: arial; font-size: 26px; color: #ffffff;
background-color: #999999; width: 100%;
margin-left: 0px; margin-right: 0px;
padding-top: 10px; padding-bottom: 10px;}
.hidden {
position: absolute; visibility: hidden; z-index: 200; left: 250px; top: 100px;
font-family: arial; overflow: hidden; width: 600;
padding: 20px; font-size: 10px; background-color: #999999;
layer-background-color:#FFFFFF; }
a,a:active { color: charcoal; font-weight: bold; }
a:visited { color: #666666; font-weight: bold; }
a:hover { color: cc3300; font-weight: bold; }
</style>
<script language="JavaScript" type="text/javascript">
<!--
// POP-UP CAPTIONS...
function lib_bwcheck(){ //Browsercheck (needed)
this.ver=navigator.appVersion
this.agent=navigator.userAgent
this.dom=document.getElementById?1:0
this.opera5=this.agent.indexOf("Opera 5")>-1
this.ie5=(this.ver.indexOf("MSIE 5")>-1 && this.dom && !this.opera5)?1:0;
this.ie6=(this.ver.indexOf("MSIE 6")>-1 && this.dom && !this.opera5)?1:0;
this.ie4=(document.all && !this.dom && !this.opera5)?1:0;
this.ie=this.ie4||this.ie5||this.ie6
this.mac=this.agent.indexOf("Mac")>-1
this.ns6=(this.dom && parseInt(this.ver) >= 5) ?1:0;
this.ns4=(document.layers && !this.dom)?1:0;
this.bw=(this.ie6 || this.ie5 || this.ie4 || this.ns4 || this.ns6 || this.opera5)
return this
}
var bw = new lib_bwcheck()
//Makes crossbrowser object.
function makeObj(obj){
this.evnt=bw.dom? document.getElementById(obj):bw.ie4?document.all[obj]:bw.ns4?document.layers[obj]:0;
if(!this.evnt) return false
this.css=bw.dom||bw.ie4?this.evnt.style:bw.ns4?this.evnt:0;
this.wref=bw.dom||bw.ie4?this.evnt:bw.ns4?this.css.document:0;
this.writeIt=b_writeIt;
return this
}
// A unit of measure that will be added when setting the position of a layer.
//var px = bw.ns4||window.opera?"":"px";
function b_writeIt(text){
if (bw.ns4){this.wref.write(text);this.wref.close()}
else this.wref.innerHTML = text
}
//Shows the messages
var oDesc;
function popup(divid){
if(oDesc = new makeObj(divid)){
oDesc.css.visibility = "visible"
}
}
function popout(){ // Hides message
if(oDesc) oDesc.css.visibility = "hidden"
}
//-->
</script>
</head>
<body>
<div class=content>
<br><br>
<div class=title>' . $this->serviceName . '</div>
<div class=nav>
<p>View the <a href="' . $PHP_SELF . '?wsdl">WSDL</a> for the service.
Click on an operation name to view it's details.</p>
<ul>';
foreach ($this->getOperations() as $op => $data) {
$b .= "<li><a href='#' onclick=\"popout();popup('{$op}')\">{$op}</a></li>";
// create hidden div
$b .= "<div id='{$op}' class='hidden'>\r\n\t\t\t\t <a href='#' onclick='popout()'><font color='#ffffff'>Close</font></a><br><br>";
foreach ($data as $donnie => $marie) {
// loop through opdata
if ($donnie == 'input' || $donnie == 'output') {
// show input/output data
$b .= "<font color='white'>" . ucfirst($donnie) . ':</font><br>';
foreach ($marie as $captain => $tenille) {
// loop through data
if ($captain == 'parts') {
// loop thru parts
$b .= " {$captain}:<br>";
//if(is_array($tenille)){
foreach ($tenille as $joanie => $chachi) {
$b .= " {$joanie}: {$chachi}<br>";
}
//}
} else {
$b .= " {$captain}: {$tenille}<br>";
}
}
} else {
$b .= "<font color='white'>" . ucfirst($donnie) . ":</font> {$marie}<br>";
}
}
$b .= '</div>';
}
$b .= '
<ul>
</div>
</div></body></html>';
return $b;
}
<?php
if (\jf\HttpRequest::File() == "sys/login" or \jf\HttpRequest::File() == "sys/logout") {
return;
}
if (!j::UserID()) {
header("location: " . SiteRoot . "/sys/login?return=/{\\jf\\HttpRequest::File()}");
} else {
if (!j::$RBAC->Check("panel")) {
j::$RBAC->Enforce("root");
}
}
