function file_store_encrypted($data, $access = 0, $blocked = 0)
{
file_check_tables();
for (;;) {
$t = md5(time() . '#SEPARATOR#' . time());
if (db_count('files', "`name`=\"{$t}\"") == 0) {
break;
}
}
$d = config_get('storage-enc');
$t2 = $t;
$t = $t . '.php';
$fn = $d . '/' . $t;
@($f = fopen($fn, 'wb'));
if (!$f) {
return -1;
}
fwrite($f, "<?php\n /**\n * Gate - Wiki engine and web-interface for WebTester Server\n *\n * Copyright (c) 2008-2009 Sergey I. Sharybin <*****@*****.**>\n *\n * This program can be distributed under the terms of the GNU GPL.\n * See the file COPYING.\n */\n\n include '../../globals.php';\n include \$DOCUMENT_ROOT.'/inc/include.php';\n function _die(\$msg='') { header ('content-type: text/html;'); print ((\$msg!='')?(\$msg):('HACKERS?')); die; }\n session_start ();\n db_connect ();\n security_initialize ();\n \$fn=filename (\$PHP_SELF);\n \$d=db_row_value ('files', '`name`=\"'.\$fn.'\"');\n if (\$d['id']=='') _die ();\n if (\$d['access']>user_access ()) _die ('Access denied');\n if (\$d['blocked'] && !\$_SESSION['file_encrypted_allowed']) _die ('Content is blocked');\n header ('Content-Type: application/octet-stream');\n header ('Content-Disposition: attachment; filename=' . \$d['orig_name']);\n \$fp = fopen(__FILE__, 'r');\n fseek (\$fp, __COMPILER_HALT_OFFSET__);\n print (stream_get_contents (\$fp));\n __halt_compiler();");
$f2 = fopen($data['tmp_name'], 'rb');
if ($f2) {
$n = filesize($data['tmp_name']);
for ($i = 0; $i < $n; $i++) {
$ch = fgetc($f2);
fwrite($f, $ch);
}
fclose($f2);
}
fclose($f);
db_insert('files', array('name' => db_string($t), 'orig_name' => db_string($data['name']), 'access' => $access, 'blocked' => $blocked));
return db_last_insert();
}
function user_create($login, $name, $passwd, $email, $authorized = false, $access = 1, $groups = array())
{
// Check da values
if (!user_check_fields($login, $name, $passwd, $email)) {
return false;
}
// Checking has been passed
db_insert('user', array('name' => '"' . htmlspecialchars(addslashes($name)) . '"', 'login' => '"' . addslashes($login) . '"', 'password' => 'MD5("' . addslashes(user_password_hash($login, $passwd)) . '")', 'access' => $access, 'email' => '"' . addslashes($email) . '"', 'authorized' => $authorized ? '1' : '0', 'settings' => '""', 'timestamp' => time()));
$uid = db_last_insert();
user_add_to_default_groups($uid);
user_add_to_groups($uid, $groups);
return true;
}
function AddTagToProblem($problem_id, $tag)
{
$tag_id = db_field_value('tester_tags_dict', 'id', '`tag`="' . addslashes($tag) . '"');
if (!isnumber($tag_id)) {
db_insert('tester_tags_dict', array('tag' => db_string($tag)));
$tag_id = db_last_insert();
}
if (db_count('tester_problem_tags', "`problem_id`={$problem_id} AND `tag_id`={$tag_id}") == 0) {
db_insert('tester_problem_tags', array('problem_id' => $problem_id, 'tag_id' => $tag_id));
return true;
} else {
return false;
}
}
function AppendCatFromDataset($name, $dataset)
{
if ($dataset == nil) {
return false;
}
if (trim($name) == '') {
add_info('Название подкаталога не может быть пустым.');
return false;
}
$fields = array('pid' => 'INT', 'uid' => 'INT', 'order' => 'INT');
$arr = $dataset->GenCreateFields();
foreach ($arr as $k => $v) {
$fields[$k] = $v;
}
db_insert($this->settings['content'], array('name' => db_html_string($name), 'dataset' => $dataset->GetID(), 'timestamp' => time(), 'user_id' => user_id(), 'ip' => db_html_string(get_real_ip())));
$cat_id = db_last_insert();
$this->settings['cat_' . $cat_id . '_dsset'] = $dataset->settings;
content_create_support_table($this->content_id, $dataset->GetID(), $fields, $cat_id);
$dataset->Ref();
$this->SaveSettings();
return true;
}
function Editor_Save($formname = '', $receive = true)
{
global $redirect;
if (!$this->GetAllowed('ADDINFO')) {
return;
}
if ($receive) {
$this->dataset->ReceiveData($formname);
}
$arr = $this->dataset->GetFieldValues(true);
$clause = '';
if ($this->IsDated()) {
$clause = '`date`="' . $this->dataset->FieldValue('date') . '"';
}
$arr['order'] = db_next_order($this->settings['content'], $clause);
$arr['timestamp'] = time();
$arr['user_id'] = '"' . user_id() . '"';
$arr['ip'] = '"' . get_real_ip() . '"';
db_insert($this->settings['content'], $arr);
$uid = db_last_insert();
db_update($this->settings['content'], array('uid' => $uid), '`id`=' . $uid);
$this->dataset->FreeValues();
$this->ReceiveContent();
if ($redirect != '') {
redirect();
}
}
function Problems_Create($contest_id, $catid)
{
global $anstype, $anscount;
if (!$this->GetAllowed('CONTEST.MANAGE')) {
return;
}
if ($contest_id < 0) {
$contest_id = $_SESSION['WT_contest_id'];
}
$name = stripslashes(FormPOSTValue('name', 'ProblemSettings'));
$desc = iframe_accept_content('desc', '');
$s = array();
$s['anstype'] = $anstype;
$s['anscount'] = $anscount;
$ans = array();
for ($i = 0; $i < $anscount; $i++) {
$ans[$i] = array('text' => htmlspecialchars(stripslashes($_POST['ans_text_' . $i])), 'correct' => $_POST['ans_correct_' . $i] ? 1 : 0, 'static' => $_POST['ans_static_' . $i] ? 1 : 0);
}
$s['ans'] = $ans;
db_insert('tester_problems', array('lid' => 1, 'name' => db_string($name), 'description' => db_string($desc), 'settings' => db_string(serialize($s)), 'uploaded' => true));
$pid = db_last_insert();
db_insert('tester_tasks', array('contest_id' => $contest_id, 'problem_id' => $pid, 'catid' => $catid));
}
function SpawnEntry($user_id = -1)
{
if ($this->id < 0) {
return -1;
}
db_insert('storage_volume_' . $this->id, array('file' => '""', 'user_id' => $user_id, 'timestamp' => time(), 'params' => '""'));
if (db_error() != '') {
return -1;
}
return db_last_insert();
}
function Create()
{
db_insert('templates', array('name' => '"' . addslashes($this->GetName()) . '"', 'text' => '"' . addslashes($this->GetText()) . '"'));
$this->id = db_last_insert();
manage_register_template($this->id, $this->GetName());
}
