$t = util::getGet('t');
$token = $challenge->getToken();
echo "t={$t};token={$token}";
if (true === ($t == $token)) {
$challenge->mark();
util::forward(WEBROOT . "/index.php");
}
} else {
if (isset($_POST['action'])) {
$token = util::getPost('token');
$validtoken = $challenge->getToken();
if ($validToken === $token || in_array($token, $otherTokens)) {
$output = "valid token";
// token is valid
//$row = $result->fetch();
$user = util::getSession('player');
$sql = "INSERT INTO scoreboard SELECT id,'{$token}',now()+0 FROM players WHERE name='{$user}'";
//$sql = "INSERT INTO scoreboard VALUES($user,'$token',now()+1)";
$result = $db->query($sql);
} else {
$output = "not valid";
}
}
}
} else {
$_SESSION['referrer'] = $_SERVER['REQUEST_URI'];
header("Location:login.php");
}
if ($output != "") {
CTF::message($output);
}
}
} else {
switch ($button) {
case 'logoff':
unset($_SESSION[Challenge::PLAYER]);
$output = showLogin("");
$output[] = "You have been logged off";
break;
case 'login':
extract($_POST);
if (($id = CTF::login($name, $password)) != false) {
$_SESSION[Challenge::PLAYER] = $name;
$output = showLogin("", isset($_SESSION[Challenge::PLAYER]));
//$output[] = "You are logged in";
if (isset($_SESSION['referrer'])) {
$location = util::getSession('referrer');
unset($_SESSION['referrer']);
header("Location:" . $location);
}
} else {
$output = showLogin("Unknown user", isset($_SESSION[Challenge::PLAYER]));
}
break;
case 'doregister':
$output = showRegister('');
break;
case 'register':
if (util::getPost('password1') === false) {
$output = showRegister('');
} else {
extract($_POST);
function getDictionaryWord()
{
$array = util::getSession(Challenge::WORD);
if (!isset($array[$this->challenge])) {
$words = file(DICTIONARY);
shuffle($words);
$word = $words[0];
$array[$this->challenge] = trim($word);
$_SESSION[Challenge::WORD] = $array;
}
return $array[$this->challenge];
}