/
submit.php
156 lines (137 loc) · 6.72 KB
/
submit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?php
require_once('./config/require.php');
// todo: check usecase when only one contest and it's not started
// todo: check updating attempts after successful submit
// todo: check auto-completing the fields after login was performed
//ïðîâåðÿåì ïàðàìåòð contest
if (!isset($contest)) { $contest = $curcontest; }
//ïðîâåðÿåì, ñóùåñòâóåò ëè çàïðàøèâàåìûé òóðíèð
$q = $mysqli_->prepare('SELECT ContestID, Name, Contest_Kind FROM cntest WHERE ContestID=? and start<NOW() and finish>NOW()');
$q->bind_param('i', $contest);
$q->bind_result($requested_id, $requested_contest_name, $kind);
if (!$q->execute()) { fail(_error_mysql_query_error_code); } // auto-close query
if (!$q->fetch()) { fail(_error_requested_contest_is_not_available_code); } // auto-close query
$q->close();
// êîíåö çàãðóçêè èíôîðìàöèè î òóðíèðå
// íàæàòà êíîïêà submit
if (isset($btn_submit) && (!isset($changeLang) || 'true' !== $changeLang)) {
// çàøûòà îò ñïàìà
if (time() - $submit_lastaccess < antiSpamTimeOut) {
$msg = 'Â öåëÿõ çàùèòû îò ñïàìà íå ðàçðåøàåòñÿ äåëàòü ïîïûòêè ñ èíòåðâàëîì ìåæäó íèìè ìåíåå '.antiSpamTimeOut.' ñåêóíä. Ïîïðîáóéòå ïîâòîðèòü çàïðîñ ïîçæå.';
} else {
$submit_lastaccess = time();
} // êîíåö çàøûòû îò ñïàìà
// ïðîâåðÿåì required-ïàðàìåòðû
if (!isset($msg)) {
// contest is always set
if (!isset($problem) || !$problem) { $msg = 'Íå çàäàíû âñå íåîáõîäèìûå ïàðàìåòðû.'; }
if (!isset($lang) || !$lang) { $msg = 'Íå çàäàíû âñå íåîáõîäèìûå ïàðàìåòðû.'; }
if (!isset($login) || !$login) { $msg = 'Íå çàäàíû âñå íåîáõîäèìûå ïàðàìåòðû.'; }
if (!isset($pass) || !$pass) { $msg = 'Íå çàäàíû âñå íåîáõîäèìûå ïàðàìåòðû.'; }
} // êîíåö ïðîâåðêè íà required-ïàðàìåòðû
// ïûòàåìñÿ äîñòàòü èíôó ïî çàäà÷å
if (!isset($msg)) {
$q = $mysqli_->prepare('SELECT TaskID, Division FROM volume WHERE ProblemID=? AND ContestID=?');
$q->bind_param('si', $problem, $contest);
$q->bind_result($_, $division);
if (!$q->execute()) { fail(_error_mysql_query_error_code); } // auto-close query
if (!$q->fetch()) { fail(_error_no_task_found_code); } // auto-close query
$q->close();
} // êîíåö èíôû ïî çàäà÷å
// ïûòàåìñÿ äîñòàòü èíôó î ÿçûêå
// todo: foreign keys
if (!isset($msg)) {
$q = $mysqli_->prepare('SELECT COUNT(*) FROM Lang WHERE LangID=? AND invisible=0');
$q->bind_param('i', $lang);
$q->bind_result($tmp_lang);
if (!$q->execute()) { fail(_error_mysql_query_error_code); } // auto-close query
if (!$q->fetch()) { fail(_error_no_lang_found_code); } // auto-close query
$q->close();
} // êîíåö äîáû÷è èíôû î ÿçûêå
// äîáûâàåì èíôîðìàöèþ î ïîëüçîâàòåëå
if (!isset($msg)) {
$q = $mysqli_->prepare('SELECT id, division FROM `user` WHERE login=? AND `password`=password(?)');
$q->bind_param('ss', $login, $pass);
$q->bind_result($user, $userDivision);
if (!$q->execute()) { fail(_error_mysql_query_error_code); } // auto-close query
if (!$q->fetch()) { fail(_error_no_user_found_code); } // auto-close query
$q->close();
} // êîíåö äîáû÷è èíôîðìàöèè î ïîëüçîâàòåëå
if (!isset($msg) && $userDivision != '' && $division != '' && $userDivision != $division) {
fail(_error_submit_cannot_perform_on_other_division);
}
// ïðîâåðêà íà ðàçìåð ôàéëà
if (!isset($msg) && strlen($solve) > 65536) {
$msg = 'Ðàçìåð èñõîäíîãî ôàéëà ïðåâûøàåò 64KB.';
}
// ïûòàåìñÿ ïîñëàòü
if (!isset($msg)) {
// ïûòàåìñÿ äîñòàòü íîìåð ïîïûòêè
$q = $mysqli_->prepare('SELECT MAX(Attempt) AS `Attempt` FROM submit WHERE UserID=? AND ProblemID=? AND ContestID=?');
$q->bind_param('isi', $user, $problem, $contest);
$q->bind_result($attempt);
if (!$q->execute()) { fail(_error_mysql_query_error_code); } // auto-close query
$attempt = $q->fetch() ? $attempt + 1 : 1;
$q->close();
$forward = getenv('HTTP_X_FROWARDED_FROM') ? getenv('HTTP_X_FROWARDED_FROM') : 'no HTTP_X_FROWARDED_FROM';
$ip = getenv('REMOTE_ADDR');
$q = $mysqli_->prepare('INSERT INTO'
.' submit(ProblemID, ContestID, UserID, Attempt, SubmitTime, LangID, Source, Forwarded, IP, Detached)'
.' VALUES(?, ?, ?, ?, NOW(), ?, ?, ?, ?, ?)');
// todo: check if s for source?
$solve = get_magic_quotes_gpc() ? stripslashes($solve) : $solve;
// detached flag
$detached = isset($_POST['detached']);
$q->bind_param('siiiisssi', $problem, $contest, $user, $attempt, $lang,
$solve,
$forward, $ip,
$detached);
if ($q->execute() && 1 == $q->affected_rows) {
$q->close();
$submitId = $mysqli_->insert_id;
$q = $mysqli_->prepare('INSERT INTO'
.' testing(submitId, scheduled)'
.' VALUES(?, NOW())');
$q->bind_param('i', $submitId);
if ($q->execute() && 1 == $q->affected_rows) {
$q->close();
$msg = 'Ôàéë óñïåøíî îòïðàâëåí íà ïðîâåðêó! Âûáåðèòå ïóíêò ìåíþ <a href="status.php?contest='.$contest.'">ñòàòóñ ïîñûëîê</a> äëÿ ïðîñìîòðà ðåçóëüòàòîâ.';
} else {
$msg = 'Ïîñûëêà ðåøåíèÿ íå óäàëàñü. Ïîïðîáóéòå åùå ðàç.';
$q->close();
}
} else {
$msg = 'Ïîñûëêà ðåøåíèÿ íå óäàëàñü. Ïîïðîáóéòå åùå ðàç.';
$q->close();
} // end of checking for submit
} // end of checking of senderror
} else if (isset($authorized) && $authorized == 1) {
$login = $curlogin;
$pass = $curpass;
}
data('msg', isset($msg) ? $msg : '');
data('login', isset($login) ? $login : '');
data('pass', isset($pass) ? $pass : '');
data('lang', isset($lang) ? $lang : '');
data('contest', isset($contest) ? $contest : '');
data('problem', isset($problem) ? $problem : '');
data('solve', isset($solve) ? $solve : '');
// èíôà î äîñòóïíûõ êîíòåñòàõ
$r = $mysqli_->query('SELECT ContestID, Name FROM cntest WHERE NOW()>=Start AND NOW()<=Finish order by ContestID');
if (!$r) { fail(_error_mysql_query_error_code); } // auto-close query
$contests = array();
while ($f = $r->fetch_object()) { array_push($contests, $f); }
$r->close();
data('contests', $contests);
// êîíåö çàïðîñà èíôû î äîñòóïíûõ êîíòåñòàõ
// çàïðîñ èíôû î äîñòóïíûõ ÿçûêàõ
$r = $mysqli_->query('SELECT L.LangID, L.Desc, L.Ext FROM lang L where invisible=0 order by LangID');
//$r = $mysqli_->query('SELECT L.LangID, L.Desc, L.Ext FROM lang L order by LangID');
if (!$r) { fail(_error_mysql_query_error_code); } // auto-close query
$langs = array();
while ($f = $r->fetch_object()) { array_push($langs, $f); }
$r->close();
data('langs', $langs);
// êîíåö çàïðîñà èíôû î äîñòóïíûõ ÿçûêàõ
template('submit', $data);
?>