function DB_unlock($contest, $str, $c = null) { if ($contest <= 0) { return false; } if (($ct = DBContestInfo($contest, $c)) == null) { return false; } if (strlen($ct['contestunlockkey']) > 1) { $ar = explode(',', $ct['contestkeys']); foreach ($ar as $key) { if (substr($key, 0, 10) == substr($str, 0, 10)) { $pass = decryptData(substr($key, 15), $ct['contestunlockkey'], 'db_unlock'); if (substr($pass, 0, 5) != '#####') { continue; } $str2 = decryptData($str, $pass, 'db_unlock2'); if ($str2 == '') { continue; } return $str2; } } } return false; }
function scoretransfer($putname, $localsite) { $ds = DIRECTORY_SEPARATOR; if ($ds == "") { $ds = "/"; } if (is_readable('/etc/boca.conf')) { $pif = parse_ini_file('/etc/boca.conf'); $bocaproxy = @trim($pif['proxy']); if (substr($bocaproxy, 0, 6) != 'tcp://') { $bocaproxy = 'tcp://' . $bocaproxy; } $bocaproxylogin = @trim($pif['proxylogin']); $bocaproxypass = @trim($pif['proxypassword']); if ($bocaproxylogin != "") { $bocaproxypass = base64_encode($bocaproxylogin . ":" . $bocaproxypass); } } else { $bocaproxy = ""; $bocaproxypass = ""; } $privatedir = $_SESSION['locr'] . $ds . "private"; if (!is_readable($privatedir . $ds . 'remotescores' . $ds . "otherservers")) { return; } $localfile = "score_site" . $localsite . "_" . $localsite . "_x.dat"; $remotesite = @file($privatedir . $ds . 'remotescores' . $ds . "otherservers"); $contest = $_SESSION["usertable"]["contestnumber"]; if ($contest != '' && ($ct = DBContestInfo($contest)) != null) { if (trim($ct['contestmainsiteurl']) != '') { $tmp = explode(' ', $ct['contestmainsiteurl']); if (count($tmp) == 3) { $remotesite[count($remotesite)] = $ct['contestmainsiteurl']; } } } for ($i = 0; $i < count($remotesite); $i++) { $sitedata = explode(' ', $remotesite[$i]); if (count($sitedata) < 3) { continue; } $siteurl = $sitedata[0]; if (strpos($siteurl, '#') !== false) { continue; } LOGError("scoretransfer: found site {$siteurl}"); if (substr($siteurl, 0, 7) != 'http://') { $siteurl = 'http://' . $siteurl; } $urldiv = '/'; if (substr($siteurl, strlen($siteurl) - 1, 1) == '/') { $urldiv = ''; } // LOGError("url=" .$siteurl . $urldiv . "index.php?getsessionid=1"); $sess = @file_get_contents($siteurl . $urldiv . "index.php?getsessionid=1"); // LOGError("sess=$sess pass="******" hash=" . myhash(trim($sitedata[2]))); $user = trim($sitedata[1]); $res = myhash(myhash(trim($sitedata[2])) . $sess); // LOGError("url=" . $siteurl . $urldiv . "index.php?name=${user}&password=${res}&action=scoretransfer"); $opts = array('http' => array('method' => 'GET', 'request_fulluri' => true, 'header' => 'Cookie: PHPSESSID=' . $sess)); if ($bocaproxy != "") { $opts['http']['proxy'] = $bocaproxy; } if ($bocapass != "") { $opts['http']['header'] .= "\r\nProxy-Authorization: Basic " . $bocapass; } $context = stream_context_create($opts); $ok = @file_get_contents($siteurl . $urldiv . "index.php?name={$user}&password={$res}&action=scoretransfer", 0, $context); // LOGError("ok=" . $ok); if (substr($ok, strlen($ok) - strlen('SCORETRANSFER OK'), strlen('SCORETRANSFER OK')) == 'SCORETRANSFER OK') { $res = @file_get_contents($siteurl . $urldiv . "scoretable.php?remote=-42", 0, $context); @file_put_contents($privatedir . $ds . 'remotescores' . $ds . 'tmp.zip', $res); if (is_readable($privatedir . $ds . 'remotescores' . $ds . 'tmp.zip')) { $zip = new ZipArchive(); if ($zip->open($privatedir . $ds . 'remotescores' . $ds . 'tmp.zip') === true) { cleardir($privatedir . $ds . 'remotescores' . $ds . 'tmp'); @mkdir($privatedir . $ds . 'remotescores' . $ds . 'tmp'); $zip->extractTo($privatedir . $ds . 'remotescores' . $ds . 'tmp'); foreach (glob($privatedir . $ds . 'remotescores' . $ds . 'tmp' . $ds . '*.dat') as $file) { @chown($file, "www-data"); @chmod($file, 0660); $bn = basename($file); if ($bn == $localfile) { @rename($file, $privatedir . $ds . 'remotescores' . $ds . "score_site" . $localsite . "__y.dat"); } else { @rename($file, $privatedir . $ds . 'remotescores' . $ds . basename($file)); } } $zip->close(); LOGError("scoretransfer: download OK"); } else { LOGError("scoretransfer: download failed (2)"); } cleardir($privatedir . $ds . 'remotescores' . $ds . 'tmp'); @unlink($privatedir . $ds . 'remotescores' . $ds . 'tmp.zip'); } else { LOGError("scoretransfer: download failed (3)"); } } else { LOGError("scoretransfer: download failed (1)"); } if (is_readable($putname)) { $data = @file_get_contents($putname); $data_url = http_build_query(array('data' => $data)); $opts = array('http' => array('method' => 'POST', 'request_fulluri' => true, 'header' => 'Cookie: PHPSESSID=' . $sess . "\r\nContent-Type: application/x-www-form-urlencoded", 'content' => $data_url)); if ($bocaproxy != "") { $opts['http']['proxy'] = $bocaproxy; } if ($bocapass != "") { $opts['http']['header'] .= "\r\nProxy-Authorization: Basic " . $bocapass; } $context = stream_context_create($opts); $s = @file_get_contents($siteurl . $urldiv . "site/putfile.php", 0, $context); if (strpos($s, 'SCORE UPLOADED OK') !== false) { LOGError("scoretransfer: upload OK"); } else { LOGError("scoretransfer: upload failed (" . $s . ")"); } } break; } }
'); document.form1.name.value = ''; document.form1.password.value = ' '; document.location = 'index.php?name='+userHASH+'&password='******'action']) && $_GET['action'] == 'scoretransfer') { echo "SCORETRANSFER OK"; } else { if ($main && $_SESSION["usertable"]["usertype"] == 'site') { MSGError('Direct login of this user is not allowed'); unset($_SESSION["usertable"]); ForceLoad("index.php"); exit;
function DBNewSite($contest, $c = null, $param = array()) { $cw = false; if ($c == null) { $cw = true; $c = DBConnect(); DBExec($c, "begin work"); } $ct = DBContestInfo($contest, $c); if ($ct == null) { return false; } if (isset($param['sitenumber']) && !isset($param['number'])) { $param['number'] = $param['sitenumber']; } $ac = array('number', 'siteip', 'sitename', 'sitescorelevel', 'updatetime', 'startdate', 'duration'); $type = array(); $type['startdate'] = 1; $type['duration'] = 1; $type['number'] = 1; $type['sitescorelevel'] = 1; $type['updatetime'] = 1; foreach ($ac as $key) { if (isset($param[$key]) && (!isset($type[$key]) || is_numeric($param[$key]))) { ${$key} = sanitizeText($param[$key]); } else { ${$key} = ""; } } if ($number == "") { $a = DBGetRow("select max(sitenumber) as site from sitetable where contestnumber={$contest}", 0, $c); if ($a == null) { $n = 1; } else { $n = $a["site"] + 1; } $number = $n; } else { $a = DBGetRow("select * from sitetable where contestnumber={$contest} and sitenumber={$number}", 0, $c); if ($a != null) { return 1; } } if ($duration == '') { $duration = $ct["contestduration"]; } if ($startdate == '') { $startdate = $ct["conteststartdate"]; } if ($siteip == "") { $siteip = "127.0.0.1/boca"; } if ($sitename == "") { $sitename = "Site"; } if ($sitescorelevel == "") { $sitescorelevel = 3; } $t = time(); if ($updatetime == "") { $updatetime = $t; } DBExec($c, "insert into sitetable (contestnumber, sitenumber, siteip, sitename, siteactive, sitepermitlogins, " . "sitelastmileanswer, sitelastmilescore, siteduration, siteautoend, sitejudging, sitetasking, " . "siteglobalscore, sitescorelevel, " . "sitenextuser, sitenextclar, sitenextrun, sitenexttask, sitemaxtask, updatetime) values " . "({$contest}, {$number}, '{$siteip}', '{$sitename}', 't', 't', " . $ct["contestlastmileanswer"] . "," . $ct["contestlastmilescore"] . ", {$duration}, 't', '{$number}', '{$number}', '{$number}', {$sitescorelevel}, 0, 0, 0, 0, 10, {$updatetime})"); $cf = globalconf(); $admpass = myhash($cf["basepass"]); DBExec($c, "insert into usertable " . "(contestnumber, usersitenumber, usernumber, username, userfullname, " . "userdesc, usertype, userenabled, usermultilogin, userpassword, userip, userlastlogin, " . "usersession, usersessionextra, userlastlogout, userpermitip, updatetime) values " . "({$contest}, {$number}, 1000, 'admin', 'Administrator', NULL, 'admin', " . "'t', 't', '{$admpass}', NULL, NULL, '', '', NULL, NULL, {$updatetime})"); $param = array(); $param['contest'] = $contest; $param['site'] = $number; $param['start'] = $startdate; DBRenewSiteTime($param, $c); if ($cw) { DBExec($c, "commit work"); } LOGLevel("User " . $_SESSION["usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . " created site {$number} on contest {$contest}.", 2); return 2; }
<?php require '../../db.php'; require '../config.php'; header('Content-type: text/plain; encoding=utf-8'); $ct = DBContestInfo($contest); echo $ct['contestname'] . "\n"; echo $ct['contestduration'] / 60 . '' . $ct['contestlastmileanswer'] / 60 . '' . $ct['contestlastmilescore'] / 60 . '' . $ct['contestpenalty'] / 60 . "\n"; $c = DBConnect(); $r = DBExec($c, 'SELECT problemnumber FROM problemtable' . ' WHERE contestnumber = ' . $contest . ' AND problemnumber > 0'); $numProblems = DBnlines($r); $r = DBExec($c, 'SELECT username, userfullname FROM usertable' . ' WHERE contestnumber = ' . $contest . ' AND userenabled = \'t\' AND usersitenumber = ' . $site . ' AND usertype = \'team\''); $numTeams = DBnlines($r); echo $numTeams . '' . $numProblems . "\n"; for ($i = 0; $i < $numTeams; $i++) { $a = DBRow($r, $i); $teamID = $a['username']; if (isset($a['usershortname'])) { $teamName = $a['usershortname']; } else { $teamName = $a['userfullname']; } if (isset($a['usershortinstitution'])) { $teamUni = $a['usershortinstitution']; } else { $teamUni = $teamName; } echo $teamID . '' . $teamUni . '' . $teamName . "\n"; } echo '1' . '' . '1' . "\n"; echo $numProblems . '' . 'Y' . "\n";
// This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. //////////////////////////////////////////////////////////////////////////////// // Last modified 21/jul/2012 by cassio@ime.usp.br require 'header.php'; $contest = $_SESSION["usertable"]["contestnumber"]; if (($ct = DBContestInfo($contest)) == null) { ForceLoad("{$loc}/index.php"); } if ($ct["contestlocalsite"] == $ct["contestmainsite"]) { $main = true; } else { $main = false; } if (isset($_POST["Submit3"]) && isset($_POST["penalty"]) && is_numeric($_POST["penalty"]) && isset($_POST["maxfilesize"]) && isset($_POST["mainsite"]) && isset($_POST["name"]) && $_POST["name"] != "" && isset($_POST["lastmileanswer"]) && is_numeric($_POST["lastmileanswer"]) && is_numeric($_POST["mainsite"]) && isset($_POST["lastmilescore"]) && is_numeric($_POST["lastmilescore"]) && isset($_POST["duration"]) && is_numeric($_POST["duration"]) && isset($_POST['localsite']) && isset($_POST["startdateh"]) && $_POST["startdateh"] >= 0 && $_POST["startdateh"] <= 23 && isset($_POST["startdatemin"]) && $_POST["startdatemin"] >= 0 && $_POST["startdatemin"] <= 59 && isset($_POST["startdated"]) && isset($_POST["startdatem"]) && isset($_POST["startdatey"]) && checkdate($_POST["startdatem"], $_POST["startdated"], $_POST["startdatey"])) { if ($_POST["confirmation"] == "confirm") { $param['number'] = $contest; if ($_POST["Submit3"] == "Become Main Site") { $param['mainsite'] = $ct["contestlocalsite"]; } else { $at = false; if (!is_numeric($_POST['localsite']) || $_POST['localsite'] <= 0) {
function DBScoreSite($contest, $site, $verifylastmile, $hor = -1, $data = null) { if (($blocal = DBSiteInfo($contest, $_SESSION["usertable"]["usersitenumber"])) == null) { exit; } if (($b = DBSiteInfo($contest, $site, null, false)) == null) { $b = $blocal; } if (($ct = DBContestInfo($contest)) == null) { exit; } $t = time(); $ta = $blocal["currenttime"]; if ($hor >= 0) { $ta = $hor; } if ($verifylastmile) { $tf = $b["sitelastmilescore"]; } else { $tf = $b["siteduration"]; } if ($data != null && is_numeric($data)) { if ($data < $ta) { $ta = $data; } $data = null; } $data0 = array(); if ($data == null) { $c = DBConnect(); $resp = array(); $r = DBExec($c, "select * from usertable where contestnumber={$contest} and usersitenumber={$site} and " . "usertype='team' and userlastlogin is not null and userenabled='t'", "DBScoreSite(get users)"); $n = DBnlines($r); for ($i = 0; $i < $n; $i++) { $a = DBRow($r, $i); $resp[$a["usernumber"]]["user"] = $a["usernumber"]; $resp[$a["usernumber"]]["site"] = $a["usersitenumber"]; $resp[$a["usernumber"]]["username"] = $a["username"]; $resp[$a["usernumber"]]["usertype"] = $a["usertype"]; $resp[$a["usernumber"]]["userfullname"] = $a["userfullname"]; $resp[$a["usernumber"]]["totaltime"] = 0; $resp[$a["usernumber"]]["totalcount"] = 0; $resp[$a["usernumber"]]["problem"] = array(); } $r = DBExec($c, "select r.usernumber as user, p.problemname as problemname, r.runproblem as problem, " . "p.problemcolor as color, p.problemcolorname as colorname, " . "r.rundatediff as time, r.rundatediffans as anstime, a.yes as yes, r.runanswer as answer from " . "runtable as r, answertable as a, problemtable as p where r.runanswer=a.answernumber and " . "a.contestnumber={$contest} and p.problemnumber=r.runproblem and p.contestnumber={$contest} and " . "r.contestnumber={$contest} and r.runsitenumber={$site} and (r.runstatus ~ 'judged' or r.runstatus ~ 'judged+') and " . "r.rundatediff>=0 and r.rundatediff<={$tf} and r.rundatediffans<={$ta} " . "order by r.usernumber, r.runproblem, r.rundatediff", "DBScoreSite(get runs)"); $n = DBnlines($r); $a = array(); for ($i = 0; $i < $n; $i++) { $a[$i] = DBRow($r, $i); } $data0['n'] = $n; $data0['resp'] = $resp; $data0['a'] = $a; $data0['site'] = $site; } else { $resp = $data['resp']; $n = $data['n']; $a = $data['a']; } $i = 0; while ($i < $n) { if ($a[$i]["anstime"] > $ta) { $i++; continue; } $user = $a[$i]["user"]; $problem = $a[$i]["problem"]; $time = 0; $k = 0; if (!isset($resp[$user])) { $i++; continue; } $resp[$user]["user"] = $user; $resp[$user]["site"] = $site; $resp[$user]["problem"][$problem]["name"] = $a[$i]["problemname"]; $resp[$user]["problem"][$problem]["color"] = $a[$i]["color"]; $resp[$user]["problem"][$problem]["colorname"] = $a[$i]["colorname"]; $resp[$user]["problem"][$problem]["solved"] = false; $resp[$user]["problem"][$problem]["judging"] = false; $resp[$user]["problem"][$problem]["time"] = 0; $resp[$user]["problem"][$problem]["penalty"] = 0; $resp[$user]["problem"][$problem]["count"] = 0; while ($i < $n && $a[$i]["anstime"] <= $ta && $a[$i]["user"] == $user && $a[$i]["problem"] == $problem && $a[$i]["yes"] != 't') { $time += (int) ($ct["contestpenalty"] / 60); $k++; $i++; } $resp[$user]["problem"][$problem]["count"] = $k; if ($i >= $n) { break; } if ($a[$i]["anstime"] <= $ta && $a[$i]["user"] == $user && $a[$i]["problem"] == $problem && $a[$i]["yes"] == 't') { $timet = (int) ($a[$i]["time"] / 60); if (!isset($resp[$user]["first"]) || $timet < $resp[$user]["first"]) { $resp[$user]["first"] = $timet; } $time += $timet; $resp[$user]["problem"][$problem]["time"] = $timet; $resp[$user]["problem"][$problem]["penalty"] = $time; $resp[$user]["problem"][$problem]["solved"] = true; $resp[$user]["problem"][$problem]["count"]++; $resp[$user]["totaltime"] += $time; $resp[$user]["totalcount"]++; } while ($i < $n && $a[$i]["user"] == $user && $a[$i]["problem"] == $problem) { $i++; } } if ($data == null) { $aa = DBRecentNews($contest, $site, $verifylastmile, $ta); $data0['aa'] = $aa; } else { $aa = $data['aa']; } for ($i = 0; $i < count($aa); $i++) { if ($aa[$i]["fut"] == 't') { $resp[$aa[$i]["usernumber"]]["problem"][$aa[$i]["problemnumber"]]["judging"] = true; } } if (($result = ordena($resp)) === false) { LOGError("Error while sorting scores (contest={$contest}, site={$site})."); MSGError("Error while sorting scores. Contact an admin now!"); } return array($result, $data0); }