<?php
require_once "../include/header.php";
gethead(8, "admin", "");
过滤();
$p = new DataAccess();
$sql = "update settings set value='{$_POST[value]}' where ssid={$_REQUEST[ssid]}";
$p->dosql($sql);
提示("修改参数<code>{$_REQUEST[ssid]}</code>成功!", 取路径("admin/settings.php?settings=settings"));
if (!preg_match('/(\\S{1,20})/', $_POST['nickname'])) {
异常("昵称长度必须在[2,20]中。", $regpage);
}
if (!preg_match('/(\\S*@\\S*\\.\\S*)/', $_POST['email'])) {
异常("电子邮箱格式不正确。", $regpage);
}
if (!preg_match('/(\\S{0,8})/', $_POST['realname'])) {
异常("真实姓名长度必须在[0,8]中,应该是汉字。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) {
异常("提示问题长度必须在[0,64]中。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) {
异常("提示问题答案长度必须在[0,64]中。", $regpage);
}
$sql = "insert into userinfo(uid,usr,nickname,readforce,admin,regtime,pwdhash,pwdtipques,pwdtipanshash,memo,realname,email,gbelong,user_style,style) values (0, '{$_POST[usr]}','{$_POST[nickname]}','{$SET['reg_readforce']}',0, " . time() . ",'" . encode($_POST[pwd]) . "' ,'{$_POST[passwordtip]}' , '" . encode($_POST[passwordtipans]) . "', '{$_POST[memo]}','{$_POST['realname']}','{$_POST['email']}','{$SET['reg_defgroup']}','{$SET['user_style']}', 0)";
$p->dosql($sql);
$sql = "select * from userinfo where usr='******'usr'] . "'";
$cnt2 = $p->dosql($sql);
if ($cnt2 == 1) {
$d = $p->rtnrlt(0);
} else {
异常("用户 {$_POST['usr']} 注册失败!", 取路径("user/register.php?accept=1"));
}
$tm = time() + 7776000;
setcookie("cogs_usr", $_POST[usr], $tm, "/");
setcookie("cogs_pwd_hash", encode($_POST[pwd]), $tm, "/");
提示("用户 {$_POST['usr']} 注册成功!生成头像缓存需要一定时间等耐心等待……<p>之后你可以更改你的个人信息看看。", 取路径("user/panel.php"));
} else {
异常("用户 {$_POST['usr']} 已存在!", 取路径("user/register.php?accept=1"));
}
<?php
require_once "../include/header.php";
gethead(8, "sess", "");
过滤();
$p = new DataAccess();
if (!$_POST['pid']) {
异常("没有选择题目!", 取路径("problem/index.php"));
}
if (!$_POST['title']) {
异常("没有填写题解名称!", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
$sql = "select * from solution where `link`='' limit 1";
$cnt = $p->dosql($sql);
if (!$cnt) {
$sql1 = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')";
$p->dosql($sql1);
} else {
提示("添加题目 {$_POST['pid']} 分类 “{$e['caid']}. {$_POST['cname']}” 成功,虽然它之前就已经存在了!", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
<?php
require_once "../include/header.php";
gethead(8, "sess", "");
$p = new DataAccess();
$_POST['fromid'] = (int) $_POST['fromid'];
$_POST['toid'] = (int) $_POST['toid'];
if (!$_POST['fromid']) {
异常("发件人错误!", 取路径("mail/index.php"));
}
if (!$_POST['toid']) {
异常("收件人错误!", 取路径("mail/index.php"));
}
if (!$_POST['title']) {
异常("标题错误!", 取路径("mail/index.php"));
}
if (!$_POST['msg']) {
异常("信件内容错误!", 取路径("mail/index.php"));
}
$sql = "insert into mail(mid, fromid, toid, time, readed, title, msg) values(0, {$_POST['fromid']}, {$_POST['toid']}, " . time() . ", 0, '{$_POST['title']}', '{$_POST['msg']}')";
$p->dosql($sql);
// or die(mysql_error());
提示("发送邮件成功!", 取路径("mail/index.php"));
if (!file_exists($_SESSION[ID])) {
mkdir($_SESSION[ID]);
chmod($_SESSION[ID], 0775);
}
chdir($_SESSION[ID]);
if (file_exists($fname)) {
unlink($fname);
}
move_uploaded_file($_FILES['file']['tmp_name'], $fname);
chmod($fname, 0775);
if (!file_exists($fname)) {
异常("比赛提交代码文件 {$fname} 失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}"));
}
$p = new DataAccess();
$sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}";
$cnt = $p->dosql($sql);
if ($cnt) {
$sql = "update compscore set subtime=" . time() . ",lang={$nlang} where ctid={$_POST[ctid]} and uid={$_SESSION[ID]} and pid={$_POST[pid]}";
$p->dosql($sql);
} else {
$sql = "insert into compscore(ctid,uid,pid,subtime,lang) values({$_POST[ctid]},{$_SESSION[ID]},{$_POST[pid]}," . time() . ",{$nlang})";
$p->dosql($sql);
}
$sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}";
$cnt = $p->dosql($sql);
if ($cnt) {
$d = $p->rtnrlt(0);
提示("比赛提交代码成功!", 取路径("contest/code.php?csid={$d['csid']}"));
} else {
异常("比赛提交代码失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}"));
}
<?php
require_once "../include/header.php";
gethead(8, "修改用户", "");
$p = new DataAccess();
过滤();
if ($_GET[action] == "del") {
$sql = "select admin,uid from userinfo where uid={$_GET[uid]}";
$cnt = $p->dosql($sql);
if (!$cnt) {
异常("无此用户!", 取路径("user/index.php"));
}
$d = $p->rtnrlt(0);
$sql = "delete from userinfo where uid={$_GET[uid]}";
$p->dosql($sql);
提示("删除用户成功!", 取路径("user/index.php"));
} else {
if ($_GET[action] == "edit") {
$tt = "";
$sql = "update userinfo set nickname='{$_POST[nickname]}' ,readforce={$_POST[readforce]} ,email='{$_POST[email]}',memo='{$_POST[memo]}',realname='{$_POST[realname]}',gbelong={$_POST[gbelong]} where uid={$_GET[uid]}";
$p->dosql($sql);
if ($_POST['reset'] == "reset") {
$sql = "update userinfo set pwdhash='" . encode("") . "' where uid={$_GET[uid]}";
$p->dosql($sql);
$ttt = "并且重置密码为空。";
}
提示("编辑用户成功!{$ttt}", 取路径("user/detail.php?uid={$_GET['uid']}"));
}
}
} else {
异常("旧密码不正确!", 取路径("user/panel.php"));
}
} else {
异常("两次输入的密码不匹配!", 取路径("user/panel.php"));
}
} else {
if ($_POST[action] == "editpwdans") {
$p = new DataAccess();
$sql = "select pwdhash,nickname from userinfo where uid={$_GET[uid]}";
$p->dosql($sql);
$d = $p->rtnrlt(0);
$uid = (int) $_GET['uid'];
if ($d['pwdhash'] == encode($_POST['opwd'])) {
if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) {
异常("提示问题长度必须在[0,64]中。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) {
异常("提示问题答案长度必须在[0,64]中。", $regpage);
}
$que = htmlspecialchars($_POST['qus']);
$ans = encode($_POST['ans']);
$sql = "update userinfo set pwdtipques='{$que}',pwdtipanshash='{$ans}' where uid={$uid}";
$p->dosql($sql);
提示("用户 {$nickname} 的密码提示问题修改成功!", 取路径("user/panel.php"));
} else {
异常("旧密码不正确!", 取路径("user/panel.php"));
}
}
}
}
}
}
$sql = "update problem set probname='{$_POST['probname']}',filename='{$_POST[filename]}',readforce={$rf},submitable={$sub},datacnt={$_POST[datacnt]},timelimit={$_POST[timelimit]},memorylimit={$_POST[memorylimit]},detail='" . $_POST['detail'] . "',difficulty={$_POST[difficulty]},plugin='{$_POST['plugin']}',`group`='{$_POST['group']}' where pid={$_REQUEST['pid']}";
$p->dosql($sql);
foreach ($_POST[cate] as $k => $v) {
$sql = "select tid from tag where caid={$k} and pid={$_REQUEST[pid]}";
$cnt = $p->dosql($sql);
if (!$cnt) {
if ($v) {
$sql = "insert into tag(pid,caid) values({$_REQUEST[pid]},{$k})";
}
} else {
if (!$v) {
$sql = "delete from tag where pid={$_REQUEST[pid]} and caid={$k}";
}
}
$p->dosql($sql);
}
$pid = $_REQUEST[pid];
提示("{$ff} 修改题目 {$pid} 成功!", 取路径("problem/problem.php?pid={$pid}"), 60);
}
}
/* else if ($_REQUEST[action]=='del') {
if(!有此权限("修改题目"))
异常("没有修改权限!", 取路径("problem/index.php"));
$p=new DataAccess();
$sql="delete from problem where pid={$_REQUEST['pid']}";
$p->dosql($sql);
$pid=0;
提示("删除题目 $pid 成功!", 取路径("problem/index.php"));
}*/
$p = new DataAccess();
$sql = "update grader set address='{$_POST['address']}',priority='{$_POST['priority']}',enabled='{$enabled}',memo='{$_POST['memo']}' where grid={$_REQUEST[grid]}";
$p->dosql($sql);
提示("修改评测机 {$_POST['address']} 成功!", 取路径("submit/graderlist.php"));
}
if ($_REQUEST['action'] == 'start') {
$p = new DataAccess();
$sql = "select address from grader where grid={$_GET[grid]}";
$cnt = $p->dosql($sql);
$d = $p->rtnrlt(0);
$s['action'] = "start";
httpsocket($d['address'], $s);
if ($s['state'] == "successful") {
提示("启动评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php"));
} else {
异常("启动评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php"));
}
}
if ($_REQUEST['action'] == 'stop') {
$p = new DataAccess();
$sql = "select address from grader where grid={$_GET[grid]}";
$cnt = $p->dosql($sql);
$d = $p->rtnrlt(0);
$s['action'] = "shutdown";
httpsocket($d['address'], $s);
if ($s['state'] == "successful") {
提示("关闭评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php"));
} else {
异常("关闭评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php"));
}
}
<?php
require_once "../include/header.php";
gethead(8, "分组管理", "");
过滤();
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$sql = "insert into groups(gname,memo,adminuid,parent) values('{$_POST[gname]}','{$_POST[memo]}','{$_POST['adminuid']}','{$_POST['parent']}')";
$p->dosql($sql);
提示("添加分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$sql = "update groups set gname='{$_POST[gname]}',memo='{$_POST[memo]}',adminuid='{$_POST['adminuid']}',parent='{$_POST['parent']}' where gid={$_REQUEST[gid]}";
$p->dosql($sql);
提示("修改分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php"));
}
require_once "../include/header.php";
gethead(8, "修改页面", "");
过滤();
//date_default_timezone_set("Asia/Shanghai");
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$sql = "insert into page(title,`force`,`text`,`time`,etime,uid,`group`) values('{$_POST[title]}','{$_POST[force]}','" . $_POST[text] . "','" . time() . "','" . time() . "','{$_SESSION[ID]}','{$_POST['group']}')";
$p->dosql($sql);
$d = $p->rtnrlt(0);
$aid = $d['aid'];
提示("新建页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}"));
} else {
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$sql = "update page set title='{$_POST[title]}',`force`={$_POST[force]}, etime=" . time() . ",`text`='" . $_POST[text] . "',`group`='{$_POST['group']}' where aid={$_REQUEST[aid]}";
$p->dosql($sql);
$aid = $_REQUEST[aid];
提示("修改页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}"));
} else {
if ($_REQUEST[action] == 'del') {
$p = new DataAccess();
$sql = "delete from page where aid={$_REQUEST[aid]}";
$p->dosql($sql);
$aid = 0;
异常("删除页面 {$_REQUEST[aid]} 成功", 取路径("page/index.php"));
}
}
}
?>
<?php
require_once "../include/header.php";
gethead(8, "普通用户", "");
$txt = "";
$path = 路径("images/gravatar") . '/';
$email = $_GET['email'];
for ($i = 0; $i <= 200; $i++) {
$file = $path . $email . "s{$i}";
if (file_exists($file)) {
unlink($file);
$txt .= "<p>清除 " . $file . " 中... </p>";
}
}
提示($txt . "重建头像缓存完成!", 取路径("user/panel.php"));
gethead(8, "sess", "");
$p = new DataAccess();
$scd = (int) $_POST['showcode'];
$uid = (int) $_SESSION['ID'];
$pid = (int) $_POST['pid'];
$aid = (int) $_POST['aid'];
$cid = (int) $_POST['cid'];
$detail = mysql_real_escape_string($_POST['detail']);
$showcode = (int) $_POST['showcode'];
$tm = time();
if ($cid) {
$sql = "update comments set detail='{$detail}', stime={$tm} ,showcode={$showcode} where cid={$cid}";
} else {
if ($pid) {
$sql = "insert into comments(pid,uid,detail,stime,showcode) values({$pid},{$uid},'{$detail}',{$tm} ,{$showcode})";
} else {
if ($aid) {
$sql = "insert into comments(aid,uid,detail,stime,showcode) values({$aid},{$uid},'{$detail}',{$tm} ,{$showcode})";
} else {
异常("发表评论失败!", 取路径("problem/comments.php"));
}
}
}
$cnt = $p->dosql($sql);
if ($pid) {
提示("发表评论成功!", 取路径("problem/comments.php?pid={$pid}"));
} else {
if ($aid) {
提示("发表评论成功!", 取路径("problem/comments.php?aid={$aid}"));
}
}
function i提示($msg = "提示", $id = "", $jp = 0)
{
gethead(8, "", "");
global $SET;
if (!$jp) {
$jp = $SET['style_jumptime'];
}
提示($msg, $id, $jp);
}
<?php
require_once "../include/header.php";
gethead(8, "修改比赛", "");
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
@($cons = implode(":", $_POST[cons]));
$sql = "insert into compbase(cname,contains,ouid) values('{$_POST[cname]}','{$cons}',{$_SESSION[ID]})";
$p->dosql($sql);
提示("添加比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
@($cons = implode(":", $_POST[cons]));
$sql = "update compbase set cname='{$_POST[cname]}',contains='{$cons}' where cbid={$_REQUEST[cbid]}";
$p->dosql($sql);
提示("修改比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php"));
}
<?php
require_once "../include/header.php";
gethead(8, "修改比赛", "");
过滤();
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]);
$endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]);
$sc = 0;
if ($_POST[showscore]) {
$sc = 1;
}
$sql = "insert into comptime(cbid,intro,starttime,endtime,showscore,`group`) values('{$_POST[cbid]}','{$_POST[intro]}',{$starttime},{$endtime},{$sc},'{$_POST['group']}')";
$p->dosql($sql);
提示("添加比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]);
$endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]);
$sc = 0;
if ($_POST[showscore]) {
$sc = 1;
}
$sql = "update comptime set cbid='{$_POST[cbid]}',intro='{$_POST[intro]}',starttime={$starttime},endtime={$endtime},showscore={$sc},`group`={$_POST['group']} where ctid={$_REQUEST[ctid]}";
$p->dosql($sql);
提示("修改比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php"));
}
$d = $p->rtnrlt(0);
echo "{$d[pwdtipques]}?";
?>
</span></p>
<p>上面问题的答案
<input name="ans" type="text" id="ans" />
</p>
<p>
<button type="submit" class='btn'>下一步</button>
<input name="User" type="hidden" id="User" value="<?php
echo $_POST['User'];
?>
" />
</p>
</form>
<?php
}
} else {
$sql = "select pwdtipanshash from userinfo where usr='******'User'] . "'";
$p->dosql($sql);
$d = $p->rtnrlt(0);
if ($d[pwdtipanshash] == encode($_POST[ans])) {
$sql = "update userinfo set pwdhash='" . encode("") . "' where usr='******'User'] . "'";
$p->dosql($sql);
提示("密码已经被清空,请立刻登录并修改密码!");
} else {
异常("密码提示问题的答案不正确!", 取路径("user/lost.php"));
}
}
}
include_once "../include/footer.php";
<?php
require_once "../include/header.php";
gethead(8, "分类管理", "");
过滤();
if ($_REQUEST['action'] == 'add') {
$p = new DataAccess();
$sql = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')";
$p->dosql($sql);
提示("添加分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php"));
}
if ($_REQUEST['action'] == 'edit') {
$p = new DataAccess();
$sql = "update category set cname='{$_POST['cname']}',memo='{$_POST['memo']}' where caid={$_REQUEST['caid']}";
$p->dosql($sql);
提示("编辑分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php"));
}