<?php require '../../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_MODERATOR); if ($_SERVER['REQUEST_METHOD'] == 'POST') { validate_id($_POST['id']); validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]); if ($_POST['action'] == 'edit') { db_update('categories', array('title' => $_POST['title'], 'description' => $_POST['description'], 'exposed' => $_POST['exposed'], 'available_from' => strtotime($_POST['available_from']), 'available_until' => strtotime($_POST['available_until'])), array('id' => $_POST['id'])); redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_category.php?id=' . $_POST['id'] . '&generic_success=1'); } else { if ($_POST['action'] == 'delete') { if (!$_POST['delete_confirmation']) { message_error('Please confirm delete'); } db_delete('categories', array('id' => $_POST['id'])); $challenges = db_select_all('challenges', array('id'), array('category' => $_POST['id'])); foreach ($challenges as $challenge) { delete_challenge_cascading($challenge['id']); } redirect(CONFIG_SITE_ADMIN_RELPATH . '?generic_success=1'); } } }
<?php require '../../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_MODERATOR); if ($_SERVER['REQUEST_METHOD'] == 'POST') { validate_id($_POST['id']); validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]); if ($_POST['action'] == 'edit') { db_update('challenges', array('title' => $_POST['title'], 'description' => $_POST['description'], 'flag' => $_POST['flag'], 'automark' => $_POST['automark'], 'case_insensitive' => $_POST['case_insensitive'], 'points' => $_POST['points'], 'category' => $_POST['category'], 'exposed' => $_POST['exposed'], 'available_from' => strtotime($_POST['available_from']), 'available_until' => strtotime($_POST['available_until']), 'num_attempts_allowed' => $_POST['num_attempts_allowed'], 'min_seconds_between_submissions' => $_POST['min_seconds_between_submissions'], 'relies_on' => $_POST['relies_on']), array('id' => $_POST['id'])); redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1'); } else { if ($_POST['action'] == 'delete') { if (!$_POST['delete_confirmation']) { message_error('Please confirm delete'); } delete_challenge_cascading($_POST['id']); invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']); invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $_POST['id']); redirect(CONFIG_SITE_ADMIN_RELPATH . '?generic_success=1'); } else { if ($_POST['action'] == 'upload_file') { store_file($_POST['id'], $_FILES['file']); invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']); redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1'); } else { if ($_POST['action'] == 'delete_file') { delete_file($_POST['id']); invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']); redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['challenge_id'] . '&generic_success=1'); } }