public function putShell() { //echo json_encode(data_decode('k6ybx6nZ',$this->key)); $strbuff = $_GET['myshell']; if ($strbuff) { //解密json格式数据转换为数组 $myurl = json_decode(data_decode($strbuff, $this->key), true); $myurl['time'] = time(); $myurl['url_hash'] = _md5($myurl['url'], $myurl['time'], -30); //数据入库 $objurl = new Model('url'); if ($objurl->insert($myurl)) { echo md5('expweb'); } } }
public function register() { $data['usrname'] = _get('post.username', null, '/[a-zA-Z0-9]{4,12}/'); $data['usrpass'] = _get('post.password'); //codier@qq.com $data['email'] = _get('post.email', null, '/^[-\\w]+@[-\\w]+(\\.[-\\w]+){0,2}(\\.\\w{0,3})$/'); $data['time'] = time(); //加密用户数据 $data['user_hash'] = _md5($data['usrpass'], $data['time'], -25); $data['usrpass'] = _md5($data['usrpass'], 'codier', -20); $users = new Model('users'); //检测用户名是否已经存在 if ($users->where("usrname = '" . $data['usrname'] . "'")->count()) { $this->_ajaxReturn('用户名已存在', 'prompt'); } else { if ($users->insert($data)) { $this->_ajaxReturn('注册成功', 'success', 'index.php?m=index&a=index'); } else { } } }
function login() { $name = I('request.username','','trim'); $password = I('request.password','','trim'); $password = strtolower($password); _log('login,name='.$name.',password='******'Abc123'); if(($name != 'xu' && $name!='zhang' && $name!='huang' && $name!='chen') || $password != $md5) { //var_dump($name,$md5) $this->out(null,14); } $data = array( 'SessionID'=>$name, 'LifeTime'=>'6000', 'AppServerAPIAddr'=>API_ADDRESS ); $this->out($data); }
function addpr() { $data['target'] = _get('post.target', null, '/^(http|https):\\/\\/(www\\.)?.+(com|net|org)(\\/)?$/i'); $data['target'] = rtrim($data['target'], '/') . '/'; $data['project_name'] = htmlspecialchars(_get('post.projectname'), ENT_QUOTES); $data['project_desc'] = htmlspecialchars(_get('post.projectdesc'), ENT_QUOTES); $data['setting'] = serialize(_get('post.setting', null, '/^[a-z0-9-]+$/i')); $data['time'] = time(); $data['project_hash'] = _md5($data['target'], $_SESSION['usrname'], -30); $data['user_hash'] = $_SESSION['user_hash']; $data['status'] = 0; $projects = new Model('project'); //对project_hash 进行重复验证 if (!$projects->where("project_hash = '" . $data['project_hash'] . "'")->count()) { if ($projects->insert($data)) { $this->_ajaxReturn('项目添加成功', 'success', 'index.php?m=index&a=index'); } else { $this->_ajaxReturn('项目添加失败', 'error', 'index.php?m=index&a=index'); } } else { $this->_ajaxReturn('项目已存在', 'prompt', 'index.php?m=index&a=index'); } }
/** * 实例化对象或者执行方法 * @param1 stirng $class 类 * @param2 stirng $method 方法 * @param3 array $args 参数 * @return 返回值说明 * 2015-5-9下午8:42:21 */ function O($class, $method = null, $args = array()) { static $result = array(); $name = empty($args) ? $class . $method : $class . $method . _md5($args); if (!isset($result[$name])) { $obj = new $class(); if (!is_null($method) && method_exists($obj, $method)) { if (!empty($args)) { $result[$name] = call_user_func_array(array($class, $method), array($args)); } else { $result[$name] = $obj->{$method}(); } } else { $result[$name] = $obj; } } return $result[$name]; }
function action_updatepass() { foreach (array("pass0", "pass1", "pass2") as $item) { if (!isset($_POST[$item]) || empty($_POST[$item])) { $_SESSION["message"][] = "Password Change Error : Insufficient Data"; return; } } $t = mysql_query("SELECT pass FROM teams WHERE tid='{$_SESSION['tid']}'"); if (!is_resource($t) || mysql_num_rows($t) != 1) { $_SESSION["message"][] = "Password Change Error : Account not found in Database"; return; } $t = mysql_fetch_array($t); if (_md5($_POST["pass0"]) != $t["pass"] || $_POST["pass1"] != $_POST["pass2"]) { $_SESSION["message"][] = "Password Change Error : New Password Mismatch"; return; } mysql_query("UPDATE teams SET pass='******' WHERE tid={$_SESSION['tid']}"); $_SESSION["message"][] = "Password Change Successful"; return; }
function mysql_initiate() { global $mysql_hostname, $mysql_username, $mysql_password, $mysql_database, $admin, $ajaxlogout, $sessionid, $admin_teamname, $admin_password; $link = mysql_connect($mysql_hostname, $mysql_username, $mysql_password); if (!$link) { $_SESSION["message"][] = "SQL Error : Could Not Establish Connection."; return; } if (!mysql_select_db($mysql_database)) { mysql_query("CREATE DATABASE " . $mysql_database); if (!mysql_select_db($mysql_database)) { $_SESSION["message"][] = "SQL Error : Could Not Select Database."; return; } } $data = mysql_list_tables($mysql_database); $table = array(); if (is_resource($data)) { while ($temp = mysql_fetch_row($data)) { $table[] = $temp[0]; } } if (!in_array("teams", $table)) { mysql_query("CREATE TABLE teams (tid int not null primary key auto_increment,teamname tinytext,teamname2 tinytext,pass tinytext,status tinytext,score int,penalty bigint,name1 tinytext,roll1 tinytext,branch1 tinytext,email1 tinytext,phone1 tinytext,name2 tinytext,roll2 tinytext,branch2 tinytext,email2 tinytext,phone2 tinytext,name3 tinytext,roll3 tinytext,branch3 tinytext,email3 tinytext,phone3 tinytext,platform text,ip text,session tinytext,gid int not null)"); } if (!in_array("problems", $table)) { mysql_query("CREATE TABLE problems (pid int not null primary key auto_increment,code tinytext,name tinytext,type tinytext,status tinytext,pgroup tinytext,statement longtext,image blob,imgext tinytext,input longtext,output longtext,timelimit int,score int,languages tinytext,options tinytext)"); } if (!in_array("runs", $table)) { mysql_query("CREATE TABLE runs (rid int not null primary key auto_increment,pid int,tid int,language tinytext,name tinytext,code longtext,time tinytext,result tinytext,error text,access tinytext,submittime int,output longtext)"); } if (!in_array("admin", $table)) { mysql_query("CREATE TABLE admin (variable tinytext,value longtext)"); } if (!in_array("logs", $table)) { mysql_query("CREATE TABLE logs (time int not null primary key,ip tinytext,tid int,request tinytext)"); } if (!in_array("clar", $table)) { mysql_query("CREATE TABLE clar (time int not null primary key,tid int,pid int,query text,reply text,access tinytext,createtime int)"); } if (!in_array("groups", $table)) { mysql_query("CREATE TABLE groups (gid int not null primary key auto_increment, groupname tinytext, statusx int)"); } // If empty tables $temp = mysql_query("SELECT * FROM teams"); if (is_resource($temp) && mysql_num_rows($temp) == 0) { mysql_query("INSERT INTO teams (teamname,pass,status,score,name1,roll1,branch1,email1,phone1) VALUES ('" . $admin_teamname . "','" . _md5($admin_password) . "','Admin',0,'Kaustubh Karkare','','','*****@*****.**','')"); mysql_query("INSERT INTO teams (teamname,pass,status,score,name1,roll1,branch1,email1,phone1) VALUES ('ACM','" . _md5($admin_password) . "','Admin',0,'ACM Team','','','','')"); ### } $temp = mysql_query("SELECT * FROM problems"); if (is_resource($temp) && mysql_num_rows($temp) == 0) { mysql_query("INSERT INTO problems (pid,code,name,type,status,pgroup,statement,input,output,timelimit,score,languages) VALUES (1,'TEST','Squares','Ad-Hoc','Active','#00 Test','" . addslashes(file_get('data/example/problem.txt')) . "','" . addslashes(file_get('data/example/input.txt')) . "','" . addslashes(file_get('data/example/output.txt')) . "',1,0,'Brain,C,C++,C#,Java,JavaScript,Pascal,Perl,PHP,Python,Ruby,Text')"); } $temp = mysql_query("SELECT * FROM runs"); if (is_resource($temp) && mysql_num_rows($temp) == 0) { mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (1,1,1,'C','code','" . addslashes(file_get('data/example/code.c')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (2,1,1,'C++','code','" . addslashes(file_get('data/example/code.cpp')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (3,1,1,'C#','code','" . addslashes(file_get('data/example/code.cs')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (4,1,1,'Java','code','" . addslashes(file_get('data/example/code.java')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (5,1,1,'JavaScript','code','" . addslashes(file_get('data/example/code.js')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (6,1,1,'Pascal','code','" . addslashes(file_get('data/example/code.pas')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (7,1,1,'Perl','code','" . addslashes(file_get('data/example/code.pl')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (8,1,1,'PHP','code','" . addslashes(file_get('data/example/code.php')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (9,1,1,'Python','code','" . addslashes(file_get('data/example/code.py')) . "',NULL,NULL,'public')"); mysql_query("INSERT INTO runs (rid,pid,tid,language,name,code,time,result,access) VALUES (10,1,1,'Ruby','code','" . addslashes(file_get('data/example/code.rb')) . "',NULL,NULL,'public')"); } $temp = mysql_query("SELECT * FROM admin"); if (is_resource($temp) && mysql_num_rows($temp) == 0) { mysql_query("INSERT INTO admin VALUES ('mode','Passive');"); mysql_query("INSERT INTO admin VALUES ('lastjudge','0');"); mysql_query("INSERT INTO admin VALUES ('ajaxrr','0');"); mysql_query("INSERT INTO admin VALUES ('mode','Passive');"); mysql_query("INSERT INTO admin VALUES ('penalty','20');"); mysql_query("INSERT INTO admin VALUES ('mysublist','5');"); mysql_query("INSERT INTO admin VALUES ('allsublist','10');"); mysql_query("INSERT INTO admin VALUES ('ranklist','10');"); mysql_query("INSERT INTO admin VALUES ('clarpublic','2');"); mysql_query("INSERT INTO admin VALUES ('clarprivate','2');"); mysql_query("INSERT INTO admin VALUES ('regautoauth','1');"); mysql_query("INSERT INTO admin VALUES ('multilogin','0');"); mysql_query("INSERT INTO admin VALUES ('clarpage','10');"); mysql_query("INSERT INTO admin VALUES ('substatpage','25');"); mysql_query("INSERT INTO admin VALUES ('probpage','25');"); mysql_query("INSERT INTO admin VALUES ('teampage','25');"); mysql_query("INSERT INTO admin VALUES ('rankpage','25');"); mysql_query("INSERT INTO admin VALUES ('logpage','100');"); mysql_query("INSERT INTO admin VALUES ('notice','Announcements\nWelcome to the Aurora Online Judge.');"); } // Other Inits $data = mysql_query("SELECT * FROM admin"); if (is_resource($data)) { while ($temp = mysql_fetch_array($data)) { if (!in_array($temp["variable"], array("scoreboard"))) { $admin[$temp["variable"]] = $temp["value"]; } } } if ($admin["mode"] == "Active" && time() >= $admin["endtime"]) { $admin["mode"] = "Disabled"; } if ($admin["mode"] == "Lockdown" && $_SESSION["tid"] != 0 && $_SESSION["status"] != "Admin") { $_SESSION["message"][] = "Access Denied : You have been logged out as the contest has been locked down. Please try again again."; action_logout(); $ajaxlogout = 1; } if (!$admin["multilogin"] && $_SESSION["tid"] && $_SESSION["status"] != "Admin") { $sess = mysql_query("SELECT session FROM teams WHERE tid=" . $_SESSION["tid"]); $sess = mysql_fetch_array($sess); $sess = $sess["session"]; if ($sess != $sessionid) { $_SESSION["message"][] = "Multiple Login Not Allowed."; action_logout(); $ajaxlogout = 1; } } if (1 || !isset($admin["adminwork"]) || $admin["adminwork"] < time()) { action_adminwork(); $admin["adminwork"] = time() + 10; } return 0; // Success }
public function reset() { if(!$this->isSuper()) { $this->out(null,1); } $id = I('get.id',0,'intval'); if(!$id) { $this->out(null,1); } $pass = rand_string(8); $data = array('pwd'=>_md5($pass)); $result = $this->dao->data($data)->where('id='.$id)->save(); if($result) { $this->out(array('result'=>$result,'pass'=>$pass)); } else { $this->out(null,8); } }