$r = db_query("SELECT * FROM {$table_domain} WHERE domain = 'ALL'");
if ($r['rows'] == 0) {
db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => ''));
// all other fields should default through the schema.
}
$values = array('username' => safepost('username'), 'password' => safepost('password'), 'password2' => safepost('password2'), 'superadmin' => 1, 'domains' => array(), 'active' => 1);
list($error, $setupMessage, $errormsg) = create_admin($values);
if ($error != 0) {
$tUsername = htmlentities($values['username']);
} else {
$setupMessage .= "<p>You are done with your basic setup. ";
$setupMessage .= "<p><b>You can now <a href='login.php'>login to PostfixAdmin</a> using the account you just created.</b>";
}
}
}
if ($setuppw == "" || $setuppw == "changeme" || safeget("lostpw") == 1 || $lostpw_error != 0) {
# show "create setup password" form
?>
<div class="standout"><?php
print $setupMessage;
?>
</div>
<div id="edit_form">
<form name="setuppw" method="post" action="setup.php">
<input type="hidden" name="form" value="setuppw" />
<table>
<td colspan="3"><h3>Change setup password</h3></td>
</tr>
<tr>
<td>Setup password</td>
$phone = safeget('phone');
if (!isset(sql("tacky", 0, "select * from users where phone = {$phone}")[0])) {
sql("tacky", 0, "insert into users (name, phone) values ('{$name}', {$phone})");
}
} else {
if ($what == "new") {
$from = safeget('from');
$to = safeget('to');
$title = safeget('title');
$fromKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$from}"))[0];
$toKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$to}"))[0];
sql("tacky", 0, "insert into tasks (who_from, who_to, name) values ({$fromKey}, {$toKey}, '{$title}')");
} else {
if ($what == "move") {
$id = safeget('id');
$comp = safeget('comp');
sql("tacky", 0, "update tasks set completion = {$comp} where id = {$id}");
}
}
}
}
}
}
}
}
header('Content-Type: application/json');
if (isset($data)) {
echo json_encode($data);
}
function safeget($key)
{
<?php
include "sql.php";
$score = safeget("score");
$whichgrade = safeget("grade");
if (strlen($score) == 0) {
header("Location: index.php");
die;
}
for ($i = 0; $i < strlen($score); $i++) {
if (!($score[$i] >= '0' && $score[$i] <= '9')) {
die("asshole.");
}
}
if (!isset(sql("mathclass", 1, "select * from grades where grade = '{$whichgrade}'")[0])) {
die("asshole.");
}
$qry = "create table if not exists {$whichgrade} (score int);";
sql("mathclass", 1, $qry);
$qry = "insert into {$whichgrade} values ({$score});";
sql("mathclass", 0, $qry);
$count = sizeof(sql("mathclass", 0, "select * from {$whichgrade}"));
$qry = "create table if not exists " . $whichgrade . "_max (m int)";
sql("mathclass", 0, $qry);
$maxresults = sql("mathclass", 0, "select * from " . $whichgrade . "_max");
if (isset($maxresults[0])) {
$max = $maxresults[0][0];
if ($count > $max) {
sql("mathclass", 0, "delete from " . $whichgrade . "_max where m = {$max}");
sql("mathclass", 0, "insert into " . $whichgrade . "_max values ({$count})");
}
* tInterval_time
*
* Form POST \ GET Variables:
*
* fUsername
* fDomain
* fCancel
* fChange
* fBack
* fActive
*/
require_once 'common.php';
// only allow admins to change someone else's 'stuff'
if (authentication_has_role('admin')) {
$Admin_role = 1;
$fUsername = safeget('username');
list(, $fDomain) = explode('@', $fUsername);
$Return_url = "list-virtual.php?domain=" . urlencode($fDomain);
# TODO: better check for valid username (check if mailbox exists)
# TODO: (should be done in VacationHandler)
if ($fDomain == '' || !check_owner(authentication_get_username(), $fDomain)) {
die("Invalid username!");
# TODO: better error message
}
} else {
$Admin_role = 0;
$Return_url = "main.php";
authentication_require_role('user');
$fUsername = authentication_get_username();
}
// is vacation support enabled in $CONF ?
<?php
include_once "../inc/global.inc.php";
require "../inc/user.inc.php";
/*
* 请求处理,如果没有相应的处理程序,发出错误信息
*/
if (!is_admins() && !is_manager()) {
error("Admin Only Operation");
}
$act = safeget('act');
$avail_functions = array('AddContestProblem', 'AddProblem', 'ContestEditProblem', 'CreateContest', 'EditContest', 'DeleteContest', 'IncContestProblem', 'DecContestProblem', 'EditContestProblem', 'DeleteProblem', 'DeleteContestProblem', 'EditProblem', 'ImportArchiveProblem', 'ExportProblem', 'ExportSource', 'ExportContest', 'RejudgeProblem', 'ResetContest', 'StartContest', 'CreateCourse', 'EditCourse', 'DeleteCourse', 'KickoutUser', 'StdSubmit');
if (in_array($act, $avail_functions) && function_exists($act)) {
if (strtoupper($_SERVER['REQUEST_METHOD']) == "GET") {
$arg =& $_GET;
} else {
$arg =& $_POST;
}
$act($arg);
} else {
error('Illegal Opeartions');
}
exit;
/*
* 上传rar和zip测试数据
*/
function ArchiveUpload(&$arg, $problem_prefix, $handle)
{
// extract files
$archive_file_name = $_FILES['arcfile']['tmp_name'];
// unrar
*
* fDomain
* fDisplay
* search
*/
require_once 'common.php';
authentication_require_role('admin');
$admin_username = authentication_get_username();
$list_domains = list_domains_for_admin($admin_username);
$page_size = $CONF['page_size'];
$fDomain = safepost('fDomain', safeget('domain', safesession('list-virtual:domain')));
if (safesession('list-virtual:domain') != $fDomain) {
unset($_SESSION['list-virtual:limit']);
}
$fDisplay = (int) safepost('limit', safeget('limit', safesession('list-virtual:limit')));
$search = safepost('search', safeget('search', array()));
# not remembered in the session
if (!is_array($search)) {
die(Config::Lang('invalid_parameter'));
}
if (count($list_domains) == 0) {
if (authentication_has_role('global-admin')) {
flash_error($PALANG['no_domains_exist']);
} else {
flash_error($PALANG['no_domains_for_this_admin']);
}
header("Location: list.php?table=domain");
# no domains (for this admin at least) - redirect to domain list
exit;
}
if (is_array($list_domains) and sizeof($list_domains) > 0) {
/**
* Replaces database specific parts in a query
* @param String sql query with placeholders
* @param int (optional) whether errors should be ignored (0=false)
* @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
* @return String sql query
*/
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
global $CONF;
if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
$replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => "tinyint(1) NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '/*!40100 CHARACTER SET utf8 */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN', '{MYISAM}' => 'ENGINE=MyISAM', '{INNODB}' => 'ENGINE=InnoDB', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', '{DATE}' => "timestamp NOT NULL default '2000-01-01'", '{DATECURRENT}' => 'timestamp NOT NULL default CURRENT_TIMESTAMP');
$sql = "{$sql} {$attach_mysql}";
} elseif ($CONF['database_type'] == 'pgsql') {
$replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => "BOOLEAN NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', '{MYISAM}' => '', '{INNODB}' => '', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int', '{DATE}' => "timestamp with time zone default '2000-01-01'", '{DATECURRENT}' => 'timestamp with time zone default now()');
} else {
echo "Sorry, unsupported database type " . $conf['database_type'];
exit;
}
$replace['{BOOL_TRUE}'] = db_get_boolean(True);
$replace['{BOOL_FALSE}'] = db_get_boolean(False);
$query = trim(str_replace(array_keys($replace), $replace, $sql));
if (safeget('debug') != "") {
printdebug($query);
}
$result = db_query($query, $ignore_errors);
if (safeget('debug') != "") {
print "<div style='color:#f00'>" . $result['error'] . "</div>";
}
return $result;
}
<?php
require "./navigation.php";
$cid = safeget('cid');
$contest = new ContestsTbl($cid);
$contest->Get() or error("No such contest");
if (isset($_POST['pwd'])) {
$pwd = safepost('pwd');
if ($contest->detail['authtype'] != 'password') {
error("No password is needed");
}
if ($contest->detail['pwd'] == $pwd) {
$_SESSION["access{$cid}"] = 1;
MsgAndRedirect("contest_detail.php?cid={$cid}");
} else {
$error_msg = "Password Incorrect";
}
}
if (isset($_SESSION["access{$cid}"]) && $_SESSION["access{$cid}"] == 1 || $contest->detail['authtype'] != 'password') {
// already auth
MsgAndRedirect("contest_detail.php?cid={$cid}");
}
?>
<div class="background_container">
<div class="ui-corner-all ui-widget-content">
<table width="900" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="300" height="100" bgcolor="#F0F0F0"><img src="images/register_01.jpg" width="300" height="100"></td>
* @license GNU GPL v2 or later.
*
* File: delete.php
* Used to delete admins, domains, mailboxes, aliases etc.
*
* Template File: none
*/
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('id');
$table = safeget('table');
$active = safeget('active');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
# validate $table
die("Invalid table name given!");
}
$handler = new $handlerclass(0, $username);
$formconf = $handler->webformConfig();
authentication_require_role($formconf['required_role']);
if ($handler->init($id)) {
# errors will be displayed as last step anyway, no need for duplicated code ;-)
if ($active != '0' && $active != '1') {
die(Config::Lang('invalid_parameter'));
}
if ($handler->set(array('active' => $active))) {
$handler->store();
*
* Template Variables: -none-
*
* Form POST \ GET Variables: -none-
*/
require_once 'common.php';
authentication_require_role('global-admin');
$CONF['backup'] == 'NO' ? header("Location: main.php") && exit : '1';
// TODO: make backup supported for postgres
if (db_pgsql()) {
flash_error('Sorry: Backup is currently not supported for your DBMS (' . $CONF['database_type'] . ').');
$smarty->assign('smarty_template', 'message');
$smarty->display('index.tpl');
die;
}
if (safeget('download') == "") {
$smarty->assign('smarty_template', 'backupwarning');
$smarty->display('index.tpl');
die;
}
# Still here? Then let's create the database dump...
/*
SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,adsrc
AS def FROM pg_attribute,pg_class,pg_type,pg_attrdef
WHERE pg_class.oid=attrelid AND pg_type.oid=atttypid
AND attnum>0 AND pg_class.oid=adrelid AND adnum=attnum AND atthasdef='t' AND lower(relname)='admin'
UNION SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,''
AS def FROM pg_attribute,pg_class,pg_type
WHERE pg_class.oid=attrelid
AND pg_type.oid=atttypid
AND attnum>0
}
$_SESSION["search_{$table}"] = $search;
$_SESSION["searchmode_{$table}"] = $searchmode;
if (count($search)) {
$handler->getList($search, $searchmode);
} else {
$handler->getList('');
}
$items = $handler->result();
if (count($handler->errormsg)) {
flash_error($handler->errormsg);
}
if (count($handler->infomsg)) {
flash_error($handler->infomsg);
}
if (safeget('output') == 'csv') {
$out = fopen('php://output', 'w');
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment;filename=' . $table . '.csv');
print "";
# utf8 byte-order to indicate the file is utf8 encoded
# print "sep=;"; # hint that ; is used as seperator - breaks the utf8 flag in excel import!
print "\n";
if (!defined('ENT_HTML401')) {
# for compability for PHP < 5.4.0
define('ENT_HTML401', 0);
}
# print column headers as csv
$header = array();
$columns = array();
foreach ($handler->getStruct() as $key => $field) {
$func = safeget($_REQUEST, "func", null, false);
$param = safeget($_REQUEST, "param", null, false);
if ($param != null) {
// Make sure we don't have escaped quotes
if (get_magic_quotes_gpc()) {
$param = stripslashes($param);
}
}
////////////////////////////////////////////////////////////////////////////
// Now, check if the call is correctly signed.
// Compare our own computed signature with the received signature
$REQUEST_IS_SIGNED = strcmp(md5($SIGNATURE_SECRET . $func . $param), $signature) == 0;
////////////////////////////////////////////////////////////////////////////
// Log the call
$now = date("Y-m-d H:i:s");
$logline = "[{$now}][" . basename(__FILE__) . "] Signed=" . $REQUEST_IS_SIGNED . " Func=" . safeget($_REQUEST, "func", null, false) . " Param=" . safeget($_REQUEST, "param", null, false);
$logline .= "\r\n";
$logname = "calllog_" . date("Y-m-d") . ".txt";
file_put_contents($logname, $logline, FILE_APPEND);
////////////////////////////////////////////////////////////////////////////
// Test the method name
if ($func === null) {
echo "No function name found!";
exit;
}
////////////////////////////////////////////////////////////////////////////
// Optionally, get the param
if ($param != null) {
// If we have a param, then try to convert it from json
$decode = json_decode($param, true);
if ($decode != NULL) {
*
* POST:
* - save
* - cancel
* - all editable form values, see $fm_struct
*/
require_once 'common.php';
authentication_require_role('admin');
$extra_options = 0;
if ($CONF['fetchmail_extra_options'] == 'YES') {
$extra_options = 1;
}
# import control GET/POST variables. Form values are imported below.
$new = (int) safeget("new") == 1 ? 1 : 0;
$edit = (int) safeget("edit");
$delete = (int) safeget("delete");
$save = safepost("save") != "" ? 1 : 0;
$cancel = safepost("cancel") != "" ? 1 : 0;
$display_status = 1;
if ($new || $edit) {
$display_status = 0;
}
$fm_struct = array("id" => array(0, 0, 'id'), "mailbox" => array(1, 1, 'enum'), "src_server" => array(1, 1, 'text'), "src_auth" => array(1, 1, 'enum'), "src_user" => array(1, 1, 'text'), "src_password" => array(1, 0, 'password'), "src_folder" => array(1, 1, 'text'), "poll_time" => array(1, 1, 'num'), "fetchall" => array(1, 1, 'bool'), "keep" => array(1, 1, 'bool'), "protocol" => array(1, 1, 'enum'), "extra_options" => array($extra_options, $extra_options, 'longtext'), "mda" => array($extra_options, $extra_options, 'longtext'), "date" => array(0, $display_status, 'text'), "returned_text" => array(0, $display_status, 'longtext'));
# labels and descriptions are taken from $PALANG['pFetchmail_field_xxx'] and $PALANG['pFetchmail_desc_xxx']
# TODO: After pressing save or cancel in edit form, date and returned text are not displayed in list view.
# TODO: Reason: $display_status is set before $new and $edit are reset to 0.
# TODO: Fix: split the "display field?" column into "display in list" and "display in edit mode".
$SESSID_USERNAME = authentication_get_username();
if (!$SESSID_USERNAME) {
exit;
}
* tMessage
*
* Form POST \ GET Variables:
*
* fTable
* fDelete
* fDomain
*/
require_once 'common.php';
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
$error = 0;
$fTable = escape_string(safeget('table'));
# see the if blocks below for valid values
$fDelete = escape_string(safeget('delete'));
$fDomain = escape_string(safeget('domain'));
$error = 0;
if ($fTable == "admin") {
authentication_require_role('global-admin');
$fWhere = 'username';
$result_admin = db_delete($table_admin, $fWhere, $fDelete);
$result_domain_admins = db_delete($table_domain_admins, $fWhere, $fDelete);
if (!($result_admin == 1) and $result_domain_admins >= 0) {
$error = 1;
$tMessage = $PALANG['pAdminDelete_admin_error'];
} else {
$url = "list-admin.php";
header("Location: {$url}");
}
} elseif ($fTable == "domain") {
authentication_require_role('global-admin');
/**
* Replaces database specific parts in a query
* @param String sql query with placeholders
* @param int (optional) whether errors should be ignored (0=false)
* @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
* @return String sql query
*/
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
global $CONF;
if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
$replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => 'tinyint(1) NOT NULL', '{UTF-8}' => '/*!40100 CHARACTER SET utf8 COLLATE utf8_unicode_ci */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 COLLATE latin1_swedish_ci */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN');
$sql = "{$sql} {$attach_mysql}";
} elseif ($CONF['database_type'] == 'pgsql') {
$replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => 'BOOLEAN NOT NULL', '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int');
} else {
echo "Sorry, unsupported database type " . $conf['database_type'];
exit;
}
$replace['{BOOL_TRUE}'] = db_get_boolean(True);
$replace['{BOOL_FALSE}'] = db_get_boolean(False);
$query = trim(str_replace(array_keys($replace), $replace, $sql));
if (safeget('debug') != "") {
print "<p style='color:#999'>{$query}";
}
$result = db_query($query, $ignore_errors);
if (safeget('debug') != "") {
print "<div style='color:#f00'>" . $result['error'] . "</div>";
}
return $result;
}
<?php
require "./navigation.php";
$cid = safeget("cid");
$contest = new ContestsTbl($cid);
if (!$contest->Get()) {
error("No such contest");
}
?>
<h1> Import User list for <?php
echo $contest->detail['title'];
?>
</h1>
<h2> Example format of csv </h2>
<table class="ui-widget">
<thead class="ui-widget-header">
<tr><th>username</th><th>password</th><th>email</th><th>nickname</th><th>signature</th></tr>
</thead>
<tbody class="ui-widget-content tr_odd">
<tr><td>hovey</td><td>123456</td><td>hoveychen@soj.me</td><td>Hovey Chen</td><td>A lazy boy</td></tr>
<tr><td>more</td><td>and</td><td>more@fun</td><td>more</td><td>fun</td></tr>
</tbody>
</table>
<p>Notice that the csv file should be encoded as gbk( i.e. from windows excel)</p>
<p>If the password field is left emtpy, automatic generated password will be filled up.</p>
<table class="ui-widget">
<thead class="ui-widget-header"> <tr><td> options </td> <td> values </td> </tr></thead>
<tbody class="ui-widget-content tr_odd">
<form id="importuser" name="importuser" action="<?php
echo $_SERVER['PHP_SELF'];
* Template File: admin_list-domain.php
*
* Template Variables:
*
* -none-
*
* Form POST \ GET Variables:
*
* fUsername
*/
require_once 'common.php';
authentication_require_role('admin');
if (authentication_has_role('global-admin')) {
$list_admins = list_admins();
$is_superadmin = 1;
$fUsername = safepost('fUsername', safeget('username'));
# prefer POST over GET variable
if ($fUsername != "") {
$admin_properties = get_admin_properties($fUsername);
}
} else {
$list_admins = array(authentication_get_username());
$is_superadmin = 0;
$fUsername = "";
}
if (isset($admin_properties) && $admin_properties['domain_count'] == 'ALL') {
# list all domains for superadmins
$list_domains = list_domains();
} elseif (!empty($fUsername)) {
$list_domains = list_domains_for_admin($fUsername);
} elseif ($is_superadmin) {
# should never happen and indicates a bug in $handler->init()
flash_error($handlerclass . "->init() failed, but didn't set any error message");
}
flash_error($handler->errormsg);
header("Location: " . $formconf['listview']);
exit;
}
}
$form_fields = $handler->getStruct();
$id_field = $handler->getId_field();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
if ($new) {
# new - prefill fields from URL parameters if allowed in $formconf['prefill']
if (isset($formconf['prefill'])) {
foreach ($formconf['prefill'] as $field) {
$prefillvalue = safeget($field, safesession("prefill:{$table}:{$field}"));
if ($prefillvalue != '') {
$form_fields[$field]['default'] = $prefillvalue;
$handler->prefill($field, $prefillvalue);
}
}
}
$form_fields = $handler->getStruct();
# refresh $form_fields - a prefill field might have changed something
} else {
# edit mode - read values from database
if (!$handler->view()) {
flash_error($handler->errormsg);
header("Location: " . $formconf['listview']);
exit;
} else {
<?php
require "./navigation.php";
$course_id = safeget("course_id");
$courseTbl = new CourseTbl($course_id);
if (!$courseTbl->Get()) {
error("Course not found");
}
$course = $courseTbl->detail;
if ($course['require_cinfo'] && !is_info_complete()) {
MsgAndRedirect("profile_edit.php", "Your information is not complete.");
}
if ($course['require_bound'] && !is_authorized()) {
MsgAndRedirect("netid_bind.php", "You need to bind your netid with your account first.");
}
if (is_course_registered($course_id)) {
MsgAndRedirect("course_detail.php?course_id={$course_id}");
}
$now = time();
?>
<table class="ui-widget tblcontainer ui-widget-content ui-corner-all" width="100%">
<caption> Course Detail </caption>
<thead>
<tr class="ui-widget-header">
<th width="50">ID</th>
<th width="200">Name</th>
<th width="200">Teacher</th>
<th>Statistics</th>
</tr>
* @version $Id: delete.php 1733 2014-11-02 23:06:13Z christian_boltz $
* @license GNU GPL v2 or later.
*
* File: delete.php
* Used to delete admins, domains, mailboxes, aliases etc.
*
* Template File: none
*/
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('delete');
$table = safeget('table');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
# validate $table
die("Invalid table name given!");
}
$is_admin = authentication_has_role('admin');
$handler = new $handlerclass(0, $username, $is_admin);
$formconf = $handler->webformConfig();
if ($is_admin) {
authentication_require_role($formconf['required_role']);
} else {
if (empty($formconf['user_hardcoded_field'])) {
die($handlerclass . ' is not available for users');
}
}
<?php
require "./navigation.php";
$pid = safeget('pid');
$cid = 0;
$problem = new ProblemTbl($pid);
$problem->Get() or error("Invalid Problem ID");
$problem = $problem->detail;
$cid = 0;
$status_vals = array("", "Accepted", "Wrong Answer", "Compile Error", "Runtime Error", "Time Limit Exceeded", "Memory Limit Exceeded", "Output Limit Exceeded", "Presentation Error", "Restrict Function", "Running", "Other", "Waiting");
$display_status = array("", _("Accepted "), _("Wrong Answer"), _("Compile Error"), _("Runtime Error"), _("Time Limit Exceeded"), _("Memory Limit Exceeded"), _("Output Limit Exceeded"), _("Presentation Error"), _("Restrict Function"), _("Running"), _("Other"), _("Waiting"));
?>
<script language="javascript" type="text/javascript" src="../js/edit_area/edit_area_compressor.php"></script>
<link type="text/css" rel="stylesheet" href="../css/submit.css"/>
<script type="text/javascript">
function initEditor() {
var langName = ["c", "cpp", "pas"];
editAreaLoader.init({
id : "source" // textarea id
,
syntax: langName[lang-1] // syntax to be uses for highgliting
,
start_highlight: true // to display with highlight mode on start-up
,
replace_tab_by_spaces: 4
,
allow_toggle: false
,
allow_resize: false
,
public function second_teacher()
{
eval(ADMIN);
$userId = xassert(safeget("show"), Error("get"));
$list = DBModel::getByFields('second_teacher', array('id' => $userId));
$this->assign('list', $list[0]);
eval(NDSP);
}