Exemple #1
0
            $r = db_query("SELECT * FROM {$table_domain} WHERE domain = 'ALL'");
            if ($r['rows'] == 0) {
                db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => ''));
                // all other fields should default through the schema.
            }
            $values = array('username' => safepost('username'), 'password' => safepost('password'), 'password2' => safepost('password2'), 'superadmin' => 1, 'domains' => array(), 'active' => 1);
            list($error, $setupMessage, $errormsg) = create_admin($values);
            if ($error != 0) {
                $tUsername = htmlentities($values['username']);
            } else {
                $setupMessage .= "<p>You are done with your basic setup. ";
                $setupMessage .= "<p><b>You can now <a href='login.php'>login to PostfixAdmin</a> using the account you just created.</b>";
            }
        }
    }
    if ($setuppw == "" || $setuppw == "changeme" || safeget("lostpw") == 1 || $lostpw_error != 0) {
        # show "create setup password" form
        ?>

<div class="standout"><?php 
        print $setupMessage;
        ?>
</div>
<div id="edit_form">
<form name="setuppw" method="post" action="setup.php">
<input type="hidden" name="form" value="setuppw" />
<table>
      <td colspan="3"><h3>Change setup password</h3></td>
   </tr>
   <tr>
      <td>Setup password</td>
Exemple #2
0
                        $phone = safeget('phone');
                        if (!isset(sql("tacky", 0, "select * from users where phone = {$phone}")[0])) {
                            sql("tacky", 0, "insert into users (name, phone) values ('{$name}', {$phone})");
                        }
                    } else {
                        if ($what == "new") {
                            $from = safeget('from');
                            $to = safeget('to');
                            $title = safeget('title');
                            $fromKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$from}"))[0];
                            $toKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$to}"))[0];
                            sql("tacky", 0, "insert into tasks (who_from, who_to, name) values ({$fromKey}, {$toKey}, '{$title}')");
                        } else {
                            if ($what == "move") {
                                $id = safeget('id');
                                $comp = safeget('comp');
                                sql("tacky", 0, "update tasks set completion = {$comp} where id = {$id}");
                            }
                        }
                    }
                }
            }
        }
    }
}
header('Content-Type: application/json');
if (isset($data)) {
    echo json_encode($data);
}
function safeget($key)
{
Exemple #3
0
<?php

include "sql.php";
$score = safeget("score");
$whichgrade = safeget("grade");
if (strlen($score) == 0) {
    header("Location: index.php");
    die;
}
for ($i = 0; $i < strlen($score); $i++) {
    if (!($score[$i] >= '0' && $score[$i] <= '9')) {
        die("asshole.");
    }
}
if (!isset(sql("mathclass", 1, "select * from grades where grade = '{$whichgrade}'")[0])) {
    die("asshole.");
}
$qry = "create table if not exists {$whichgrade} (score int);";
sql("mathclass", 1, $qry);
$qry = "insert into {$whichgrade} values ({$score});";
sql("mathclass", 0, $qry);
$count = sizeof(sql("mathclass", 0, "select * from {$whichgrade}"));
$qry = "create table if not exists " . $whichgrade . "_max (m int)";
sql("mathclass", 0, $qry);
$maxresults = sql("mathclass", 0, "select * from " . $whichgrade . "_max");
if (isset($maxresults[0])) {
    $max = $maxresults[0][0];
    if ($count > $max) {
        sql("mathclass", 0, "delete from " . $whichgrade . "_max where m = {$max}");
        sql("mathclass", 0, "insert into " . $whichgrade . "_max values ({$count})");
    }
 * tInterval_time
 *
 * Form POST \ GET Variables:
 *
 * fUsername
 * fDomain
 * fCancel
 * fChange
 * fBack
 * fActive
 */
require_once 'common.php';
// only allow admins to change someone else's 'stuff'
if (authentication_has_role('admin')) {
    $Admin_role = 1;
    $fUsername = safeget('username');
    list(, $fDomain) = explode('@', $fUsername);
    $Return_url = "list-virtual.php?domain=" . urlencode($fDomain);
    # TODO: better check for valid username (check if mailbox exists)
    # TODO: (should be done in VacationHandler)
    if ($fDomain == '' || !check_owner(authentication_get_username(), $fDomain)) {
        die("Invalid username!");
        # TODO: better error message
    }
} else {
    $Admin_role = 0;
    $Return_url = "main.php";
    authentication_require_role('user');
    $fUsername = authentication_get_username();
}
// is vacation support enabled in $CONF ?
Exemple #5
0
<?php

include_once "../inc/global.inc.php";
require "../inc/user.inc.php";
/*
 * 请求处理,如果没有相应的处理程序,发出错误信息
 */
if (!is_admins() && !is_manager()) {
    error("Admin Only Operation");
}
$act = safeget('act');
$avail_functions = array('AddContestProblem', 'AddProblem', 'ContestEditProblem', 'CreateContest', 'EditContest', 'DeleteContest', 'IncContestProblem', 'DecContestProblem', 'EditContestProblem', 'DeleteProblem', 'DeleteContestProblem', 'EditProblem', 'ImportArchiveProblem', 'ExportProblem', 'ExportSource', 'ExportContest', 'RejudgeProblem', 'ResetContest', 'StartContest', 'CreateCourse', 'EditCourse', 'DeleteCourse', 'KickoutUser', 'StdSubmit');
if (in_array($act, $avail_functions) && function_exists($act)) {
    if (strtoupper($_SERVER['REQUEST_METHOD']) == "GET") {
        $arg =& $_GET;
    } else {
        $arg =& $_POST;
    }
    $act($arg);
} else {
    error('Illegal Opeartions');
}
exit;
/*
 * 上传rar和zip测试数据
 */
function ArchiveUpload(&$arg, $problem_prefix, $handle)
{
    // extract files
    $archive_file_name = $_FILES['arcfile']['tmp_name'];
    // unrar
Exemple #6
0
 *
 * fDomain
 * fDisplay
 * search
 */
require_once 'common.php';
authentication_require_role('admin');
$admin_username = authentication_get_username();
$list_domains = list_domains_for_admin($admin_username);
$page_size = $CONF['page_size'];
$fDomain = safepost('fDomain', safeget('domain', safesession('list-virtual:domain')));
if (safesession('list-virtual:domain') != $fDomain) {
    unset($_SESSION['list-virtual:limit']);
}
$fDisplay = (int) safepost('limit', safeget('limit', safesession('list-virtual:limit')));
$search = safepost('search', safeget('search', array()));
# not remembered in the session
if (!is_array($search)) {
    die(Config::Lang('invalid_parameter'));
}
if (count($list_domains) == 0) {
    if (authentication_has_role('global-admin')) {
        flash_error($PALANG['no_domains_exist']);
    } else {
        flash_error($PALANG['no_domains_for_this_admin']);
    }
    header("Location: list.php?table=domain");
    # no domains (for this admin at least) - redirect to domain list
    exit;
}
if (is_array($list_domains) and sizeof($list_domains) > 0) {
Exemple #7
0
/**
 * Replaces database specific parts in a query
 * @param String sql query with placeholders
 * @param int (optional) whether errors should be ignored (0=false)
 * @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
 * @return String sql query
 */
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
    global $CONF;
    if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
        $replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => "tinyint(1) NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '/*!40100 CHARACTER SET utf8 */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN', '{MYISAM}' => 'ENGINE=MyISAM', '{INNODB}' => 'ENGINE=InnoDB', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', '{DATE}' => "timestamp NOT NULL default '2000-01-01'", '{DATECURRENT}' => 'timestamp NOT NULL default CURRENT_TIMESTAMP');
        $sql = "{$sql} {$attach_mysql}";
    } elseif ($CONF['database_type'] == 'pgsql') {
        $replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => "BOOLEAN NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', '{MYISAM}' => '', '{INNODB}' => '', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int', '{DATE}' => "timestamp with time zone default '2000-01-01'", '{DATECURRENT}' => 'timestamp with time zone default now()');
    } else {
        echo "Sorry, unsupported database type " . $conf['database_type'];
        exit;
    }
    $replace['{BOOL_TRUE}'] = db_get_boolean(True);
    $replace['{BOOL_FALSE}'] = db_get_boolean(False);
    $query = trim(str_replace(array_keys($replace), $replace, $sql));
    if (safeget('debug') != "") {
        printdebug($query);
    }
    $result = db_query($query, $ignore_errors);
    if (safeget('debug') != "") {
        print "<div style='color:#f00'>" . $result['error'] . "</div>";
    }
    return $result;
}
Exemple #8
0
<?php

require "./navigation.php";
$cid = safeget('cid');
$contest = new ContestsTbl($cid);
$contest->Get() or error("No such contest");
if (isset($_POST['pwd'])) {
    $pwd = safepost('pwd');
    if ($contest->detail['authtype'] != 'password') {
        error("No password is needed");
    }
    if ($contest->detail['pwd'] == $pwd) {
        $_SESSION["access{$cid}"] = 1;
        MsgAndRedirect("contest_detail.php?cid={$cid}");
    } else {
        $error_msg = "Password Incorrect";
    }
}
if (isset($_SESSION["access{$cid}"]) && $_SESSION["access{$cid}"] == 1 || $contest->detail['authtype'] != 'password') {
    // already auth
    MsgAndRedirect("contest_detail.php?cid={$cid}");
}
?>

<div class="background_container">
    <div class="ui-corner-all ui-widget-content">


        <table width="900" border="0" cellspacing="0" cellpadding="0">
            <tr> 
                <td width="300" height="100" bgcolor="#F0F0F0"><img src="images/register_01.jpg" width="300" height="100"></td>
Exemple #9
0
 * @license GNU GPL v2 or later.
 *
 * File: delete.php
 * Used to delete admins, domains, mailboxes, aliases etc.
 *
 * Template File: none
 */
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
    die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('id');
$table = safeget('table');
$active = safeget('active');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
    # validate $table
    die("Invalid table name given!");
}
$handler = new $handlerclass(0, $username);
$formconf = $handler->webformConfig();
authentication_require_role($formconf['required_role']);
if ($handler->init($id)) {
    # errors will be displayed as last step anyway, no need for duplicated code ;-)
    if ($active != '0' && $active != '1') {
        die(Config::Lang('invalid_parameter'));
    }
    if ($handler->set(array('active' => $active))) {
        $handler->store();
Exemple #10
0
 *
 * Template Variables: -none-
 *
 * Form POST \ GET Variables: -none-
 */
require_once 'common.php';
authentication_require_role('global-admin');
$CONF['backup'] == 'NO' ? header("Location: main.php") && exit : '1';
// TODO: make backup supported for postgres
if (db_pgsql()) {
    flash_error('Sorry: Backup is currently not supported for your DBMS (' . $CONF['database_type'] . ').');
    $smarty->assign('smarty_template', 'message');
    $smarty->display('index.tpl');
    die;
}
if (safeget('download') == "") {
    $smarty->assign('smarty_template', 'backupwarning');
    $smarty->display('index.tpl');
    die;
}
# Still here? Then let's create the database dump...
/*
	SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,adsrc
	AS def FROM pg_attribute,pg_class,pg_type,pg_attrdef
	WHERE pg_class.oid=attrelid AND pg_type.oid=atttypid
	AND attnum>0 AND pg_class.oid=adrelid AND adnum=attnum AND atthasdef='t' AND lower(relname)='admin'
	UNION SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,''
	AS def FROM pg_attribute,pg_class,pg_type
	WHERE pg_class.oid=attrelid
	AND pg_type.oid=atttypid
	AND attnum>0
Exemple #11
0
}
$_SESSION["search_{$table}"] = $search;
$_SESSION["searchmode_{$table}"] = $searchmode;
if (count($search)) {
    $handler->getList($search, $searchmode);
} else {
    $handler->getList('');
}
$items = $handler->result();
if (count($handler->errormsg)) {
    flash_error($handler->errormsg);
}
if (count($handler->infomsg)) {
    flash_error($handler->infomsg);
}
if (safeget('output') == 'csv') {
    $out = fopen('php://output', 'w');
    header('Content-Type: text/csv; charset=utf-8');
    header('Content-Disposition: attachment;filename=' . $table . '.csv');
    print "";
    # utf8 byte-order to indicate the file is utf8 encoded
    # print "sep=;"; # hint that ; is used as seperator - breaks the utf8 flag in excel import!
    print "\n";
    if (!defined('ENT_HTML401')) {
        # for compability for PHP < 5.4.0
        define('ENT_HTML401', 0);
    }
    # print column headers as csv
    $header = array();
    $columns = array();
    foreach ($handler->getStruct() as $key => $field) {
Exemple #12
0
$func = safeget($_REQUEST, "func", null, false);
$param = safeget($_REQUEST, "param", null, false);
if ($param != null) {
    // Make sure we don't have escaped quotes
    if (get_magic_quotes_gpc()) {
        $param = stripslashes($param);
    }
}
////////////////////////////////////////////////////////////////////////////
// Now, check if the call is correctly signed.
// Compare our own computed signature with the received signature
$REQUEST_IS_SIGNED = strcmp(md5($SIGNATURE_SECRET . $func . $param), $signature) == 0;
////////////////////////////////////////////////////////////////////////////
// Log the call
$now = date("Y-m-d H:i:s");
$logline = "[{$now}][" . basename(__FILE__) . "] Signed=" . $REQUEST_IS_SIGNED . " Func=" . safeget($_REQUEST, "func", null, false) . "   Param=" . safeget($_REQUEST, "param", null, false);
$logline .= "\r\n";
$logname = "calllog_" . date("Y-m-d") . ".txt";
file_put_contents($logname, $logline, FILE_APPEND);
////////////////////////////////////////////////////////////////////////////
// Test the method name
if ($func === null) {
    echo "No function name found!";
    exit;
}
////////////////////////////////////////////////////////////////////////////
// Optionally, get the param
if ($param != null) {
    // If we have a param, then try to convert it from json
    $decode = json_decode($param, true);
    if ($decode != NULL) {
 *
 * POST:
 * - save
 * - cancel
 * - all editable form values, see $fm_struct
 */
require_once 'common.php';
authentication_require_role('admin');
$extra_options = 0;
if ($CONF['fetchmail_extra_options'] == 'YES') {
    $extra_options = 1;
}
# import control GET/POST variables. Form values are imported below.
$new = (int) safeget("new") == 1 ? 1 : 0;
$edit = (int) safeget("edit");
$delete = (int) safeget("delete");
$save = safepost("save") != "" ? 1 : 0;
$cancel = safepost("cancel") != "" ? 1 : 0;
$display_status = 1;
if ($new || $edit) {
    $display_status = 0;
}
$fm_struct = array("id" => array(0, 0, 'id'), "mailbox" => array(1, 1, 'enum'), "src_server" => array(1, 1, 'text'), "src_auth" => array(1, 1, 'enum'), "src_user" => array(1, 1, 'text'), "src_password" => array(1, 0, 'password'), "src_folder" => array(1, 1, 'text'), "poll_time" => array(1, 1, 'num'), "fetchall" => array(1, 1, 'bool'), "keep" => array(1, 1, 'bool'), "protocol" => array(1, 1, 'enum'), "extra_options" => array($extra_options, $extra_options, 'longtext'), "mda" => array($extra_options, $extra_options, 'longtext'), "date" => array(0, $display_status, 'text'), "returned_text" => array(0, $display_status, 'longtext'));
# labels and descriptions are taken from $PALANG['pFetchmail_field_xxx'] and $PALANG['pFetchmail_desc_xxx']
# TODO: After pressing save or cancel in edit form, date and returned text are not displayed in list view.
# TODO: Reason: $display_status is set before $new and $edit are reset to 0.
# TODO: Fix: split the "display field?" column into "display in list" and "display in edit mode".
$SESSID_USERNAME = authentication_get_username();
if (!$SESSID_USERNAME) {
    exit;
}
Exemple #14
0
 * tMessage
 *
 * Form POST \ GET Variables:
 *
 * fTable
 * fDelete
 * fDomain
 */
require_once 'common.php';
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
$error = 0;
$fTable = escape_string(safeget('table'));
# see the if blocks below for valid values
$fDelete = escape_string(safeget('delete'));
$fDomain = escape_string(safeget('domain'));
$error = 0;
if ($fTable == "admin") {
    authentication_require_role('global-admin');
    $fWhere = 'username';
    $result_admin = db_delete($table_admin, $fWhere, $fDelete);
    $result_domain_admins = db_delete($table_domain_admins, $fWhere, $fDelete);
    if (!($result_admin == 1) and $result_domain_admins >= 0) {
        $error = 1;
        $tMessage = $PALANG['pAdminDelete_admin_error'];
    } else {
        $url = "list-admin.php";
        header("Location: {$url}");
    }
} elseif ($fTable == "domain") {
    authentication_require_role('global-admin');
/**
 * Replaces database specific parts in a query
 * @param String sql query with placeholders
 * @param int (optional) whether errors should be ignored (0=false)
 * @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
 * @return String sql query
 */
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
    global $CONF;
    if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
        $replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => 'tinyint(1) NOT NULL', '{UTF-8}' => '/*!40100 CHARACTER SET utf8 COLLATE utf8_unicode_ci */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 COLLATE latin1_swedish_ci */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN');
        $sql = "{$sql} {$attach_mysql}";
    } elseif ($CONF['database_type'] == 'pgsql') {
        $replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => 'BOOLEAN NOT NULL', '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int');
    } else {
        echo "Sorry, unsupported database type " . $conf['database_type'];
        exit;
    }
    $replace['{BOOL_TRUE}'] = db_get_boolean(True);
    $replace['{BOOL_FALSE}'] = db_get_boolean(False);
    $query = trim(str_replace(array_keys($replace), $replace, $sql));
    if (safeget('debug') != "") {
        print "<p style='color:#999'>{$query}";
    }
    $result = db_query($query, $ignore_errors);
    if (safeget('debug') != "") {
        print "<div style='color:#f00'>" . $result['error'] . "</div>";
    }
    return $result;
}
Exemple #16
0
<?php

require "./navigation.php";
$cid = safeget("cid");
$contest = new ContestsTbl($cid);
if (!$contest->Get()) {
    error("No such contest");
}
?>

<h1> Import User list for <?php 
echo $contest->detail['title'];
?>
 </h1>
<h2> Example format of csv </h2>
<table class="ui-widget">
    <thead class="ui-widget-header">
        <tr><th>username</th><th>password</th><th>email</th><th>nickname</th><th>signature</th></tr>
    </thead>
    <tbody class="ui-widget-content tr_odd">
        <tr><td>hovey</td><td>123456</td><td>hoveychen@soj.me</td><td>Hovey Chen</td><td>A lazy boy</td></tr>
        <tr><td>more</td><td>and</td><td>more@fun</td><td>more</td><td>fun</td></tr>
    </tbody>
</table>
<p>Notice that the csv file should be encoded as gbk( i.e. from windows excel)</p>
<p>If the password field is left emtpy, automatic generated password will be filled up.</p>
<table class="ui-widget">
    <thead class="ui-widget-header"> <tr><td> options </td> <td> values </td> </tr></thead>
    <tbody class="ui-widget-content tr_odd">
	<form id="importuser" name="importuser" action="<?php 
echo $_SERVER['PHP_SELF'];
 * Template File: admin_list-domain.php
 *
 * Template Variables:
 *
 * -none-
 *
 * Form POST \ GET Variables:
 *
 * fUsername
 */
require_once 'common.php';
authentication_require_role('admin');
if (authentication_has_role('global-admin')) {
    $list_admins = list_admins();
    $is_superadmin = 1;
    $fUsername = safepost('fUsername', safeget('username'));
    # prefer POST over GET variable
    if ($fUsername != "") {
        $admin_properties = get_admin_properties($fUsername);
    }
} else {
    $list_admins = array(authentication_get_username());
    $is_superadmin = 0;
    $fUsername = "";
}
if (isset($admin_properties) && $admin_properties['domain_count'] == 'ALL') {
    # list all domains for superadmins
    $list_domains = list_domains();
} elseif (!empty($fUsername)) {
    $list_domains = list_domains_for_admin($fUsername);
} elseif ($is_superadmin) {
Exemple #18
0
            # should never happen and indicates a bug in $handler->init()
            flash_error($handlerclass . "->init() failed, but didn't set any error message");
        }
        flash_error($handler->errormsg);
        header("Location: " . $formconf['listview']);
        exit;
    }
}
$form_fields = $handler->getStruct();
$id_field = $handler->getId_field();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
    if ($new) {
        # new - prefill fields from URL parameters if allowed in $formconf['prefill']
        if (isset($formconf['prefill'])) {
            foreach ($formconf['prefill'] as $field) {
                $prefillvalue = safeget($field, safesession("prefill:{$table}:{$field}"));
                if ($prefillvalue != '') {
                    $form_fields[$field]['default'] = $prefillvalue;
                    $handler->prefill($field, $prefillvalue);
                }
            }
        }
        $form_fields = $handler->getStruct();
        # refresh $form_fields - a prefill field might have changed something
    } else {
        # edit mode - read values from database
        if (!$handler->view()) {
            flash_error($handler->errormsg);
            header("Location: " . $formconf['listview']);
            exit;
        } else {
Exemple #19
0
<?php

require "./navigation.php";
$course_id = safeget("course_id");
$courseTbl = new CourseTbl($course_id);
if (!$courseTbl->Get()) {
    error("Course not found");
}
$course = $courseTbl->detail;
if ($course['require_cinfo'] && !is_info_complete()) {
    MsgAndRedirect("profile_edit.php", "Your information is not complete.");
}
if ($course['require_bound'] && !is_authorized()) {
    MsgAndRedirect("netid_bind.php", "You need to bind your netid with your account first.");
}
if (is_course_registered($course_id)) {
    MsgAndRedirect("course_detail.php?course_id={$course_id}");
}
$now = time();
?>

<table class="ui-widget tblcontainer ui-widget-content ui-corner-all" width="100%">
    <caption> Course Detail </caption>

    <thead>
        <tr  class="ui-widget-header">
            <th width="50">ID</th>
            <th width="200">Name</th>
            <th width="200">Teacher</th>
            <th>Statistics</th>
        </tr>
Exemple #20
0
 * @version $Id: delete.php 1733 2014-11-02 23:06:13Z christian_boltz $ 
 * @license GNU GPL v2 or later. 
 * 
 * File: delete.php
 * Used to delete admins, domains, mailboxes, aliases etc.
 *
 * Template File: none
 */
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
    die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('delete');
$table = safeget('table');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
    # validate $table
    die("Invalid table name given!");
}
$is_admin = authentication_has_role('admin');
$handler = new $handlerclass(0, $username, $is_admin);
$formconf = $handler->webformConfig();
if ($is_admin) {
    authentication_require_role($formconf['required_role']);
} else {
    if (empty($formconf['user_hardcoded_field'])) {
        die($handlerclass . ' is not available for users');
    }
}
Exemple #21
0
<?php

require "./navigation.php";
$pid = safeget('pid');
$cid = 0;
$problem = new ProblemTbl($pid);
$problem->Get() or error("Invalid Problem ID");
$problem = $problem->detail;
$cid = 0;
$status_vals = array("", "Accepted", "Wrong Answer", "Compile Error", "Runtime Error", "Time Limit Exceeded", "Memory Limit Exceeded", "Output Limit Exceeded", "Presentation Error", "Restrict Function", "Running", "Other", "Waiting");
$display_status = array("", _("Accepted "), _("Wrong Answer"), _("Compile Error"), _("Runtime Error"), _("Time Limit Exceeded"), _("Memory Limit Exceeded"), _("Output Limit Exceeded"), _("Presentation Error"), _("Restrict Function"), _("Running"), _("Other"), _("Waiting"));
?>

<script language="javascript" type="text/javascript" src="../js/edit_area/edit_area_compressor.php"></script>
<link type="text/css" rel="stylesheet" href="../css/submit.css"/>
<script type="text/javascript">
    function initEditor() {
        var langName = ["c", "cpp", "pas"];
        editAreaLoader.init({
            id : "source"        // textarea id
            ,
            syntax: langName[lang-1]            // syntax to be uses for highgliting
            ,
            start_highlight: true        // to display with highlight mode on start-up
            ,
            replace_tab_by_spaces: 4
            ,
            allow_toggle: false
            ,
            allow_resize: false
            ,
Exemple #22
0
 public function second_teacher()
 {
     eval(ADMIN);
     $userId = xassert(safeget("show"), Error("get"));
     $list = DBModel::getByFields('second_teacher', array('id' => $userId));
     $this->assign('list', $list[0]);
     eval(NDSP);
 }