public static function testStrongPassword($s_Password)
{
// Setting max passwd length to 72 to avoid DoS attacks
Validators::isStringOfMinLength($s_Password, "password", 8);
Validators::isStringOfMaxLength($s_Password, "password", 72);
return true;
}
/**
* Validate problem Details API
*
* @param Request $r
* @throws ApiException
* @throws InvalidDatabaseOperationException
* @throws NotFoundException
* @throws ForbiddenAccessException
*/
private static function validateDetails(Request $r)
{
Validators::isStringNonEmpty($r['contest_alias'], 'contest_alias', false);
Validators::isStringNonEmpty($r['problem_alias'], 'problem_alias');
// Lang is optional. Default is user's preferred.
if (!is_null($r['lang'])) {
Validators::isStringOfMaxLength($r['lang'], 'lang', 2);
} else {
$r['lang'] = UserController::getPreferredLanguage($r);
}
try {
$r['problem'] = ProblemsDAO::getByAlias($r['problem_alias']);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (is_null($r['problem'])) {
throw new NotFoundException('problemNotFound');
}
if (isset($r['statement_type']) && !in_array($r['statement_type'], array('html', 'markdown'))) {
throw new NotFoundException('invalidStatementType');
}
// If we request a problem inside a contest
if (!is_null($r['contest_alias'])) {
// Is the combination contest_id and problem_id valid?
try {
$r['contest'] = ContestsDAO::getByAlias($r['contest_alias']);
if (is_null($r['contest'])) {
throw new NotFoundException('contestNotFound');
}
if (is_null(ContestProblemsDAO::getByPK($r['contest']->getContestId(), $r['problem']->getProblemId()))) {
throw new NotFoundException('problemNotFoundInContest');
}
} catch (ApiException $apiException) {
throw $apiException;
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
// If the contest is private, verify that our user is invited
$contest_admin = Authorization::IsContestAdmin($r['current_user_id'], $r['contest']);
if ($r['contest']->public != '1') {
if (is_null(ContestsUsersDAO::getByPK($r['current_user_id'], $r['contest']->contest_id)) && !$contest_admin) {
throw new ForbiddenAccessException();
}
}
// If the contest has not started, user should not see it, unless
// it is admin
if (!ContestsDAO::hasStarted($r['contest']) && !$contest_admin) {
throw new ForbiddenAccessException('contestNotStarted');
}
} else {
if (!Authorization::CanEditProblem($r['current_user_id'], $r['problem'])) {
// If the problem is requested outside a contest, we need to
// check that it is not private
if ($r['problem']->public != '1') {
throw new ForbiddenAccessException('problemIsPrivate');
}
}
}
}
/**
* Validate problem Details API
*
* @param Request $r
* @throws ApiException
* @throws InvalidDatabaseOperationException
* @throws NotFoundException
* @throws ForbiddenAccessException
*/
private static function validateDetails(Request $r)
{
Validators::isStringNonEmpty($r["contest_alias"], "contest_alias", false);
Validators::isStringNonEmpty($r["problem_alias"], "problem_alias");
// Lang is optional. Default is user's preferred.
if (!is_null($r["lang"])) {
Validators::isStringOfMaxLength($r["lang"], "lang", 2);
} else {
$r['lang'] = UserController::getPreferredLanguage($r);
}
try {
$r["problem"] = ProblemsDAO::getByAlias($r["problem_alias"]);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (is_null($r["problem"])) {
throw new NotFoundException("problemNotFound");
}
if (isset($r["statement_type"]) && !in_array($r["statement_type"], array("html", "markdown"))) {
throw new NotFoundException("invalidStatementType");
}
// If we request a problem inside a contest
if (!is_null($r["contest_alias"])) {
// Is the combination contest_id and problem_id valid?
try {
$r["contest"] = ContestsDAO::getByAlias($r["contest_alias"]);
if (is_null($r["contest"])) {
throw new NotFoundException("contestNotFound");
}
if (is_null(ContestProblemsDAO::getByPK($r["contest"]->getContestId(), $r["problem"]->getProblemId()))) {
throw new NotFoundException("problemNotFoundInContest");
}
} catch (ApiException $apiException) {
throw $apiException;
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
// If the contest is private, verify that our user is invited
if ($r["contest"]->getPublic() === 0) {
if (is_null(ContestsUsersDAO::getByPK($r["current_user_id"], $r["contest"]->getContestId())) && !Authorization::IsContestAdmin($r["current_user_id"], $r["contest"])) {
throw new ForbiddenAccessException();
}
}
// If the contest has not started, user should not see it, unless it is admin
if (!ContestsDAO::hasStarted($r["contest"]) && !Authorization::IsContestAdmin($r["current_user_id"], $r["contest"])) {
throw new ForbiddenAccessException("contestNotStarted");
}
} else {
if (!Authorization::CanEditProblem($r["current_user_id"], $r["problem"])) {
// If the problem is requested outside a contest, we need to check that it is not private
if ($r["problem"]->getPublic() == "0") {
throw new ForbiddenAccessException("problemIsPrivate");
}
}
}
}