<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'new') {
$id = db_insert('categories', array('added' => time(), 'added_by' => $_SESSION['id'], 'title' => $_POST['title'], 'description' => $_POST['description'], 'available_from' => strtotime($_POST['available_from']), 'available_until' => strtotime($_POST['available_until'])));
if ($id) {
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_category.php?id=' . $id);
} else {
message_error('Could not insert new category.');
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
validateAuthority(3, $_GET['id']);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST['xsrf_token']);
if ($_POST['action'] == 'delete') {
db_delete('submissions', array('id' => $_POST['id']));
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1');
} else {
if ($_POST['action'] == 'mark_incorrect') {
db_update('submissions', array('correct' => 0, 'marked' => 1), array('id' => $_POST['id']));
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1');
} else {
if ($_POST['action'] == 'mark_correct') {
db_update('submissions', array('correct' => 1, 'marked' => 1), array('id' => $_POST['id']));
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1');
}
}
}
}
<?php require '../../include/ctf.inc.php'; enforce_authentication(); validate_xsrf_token(array_get($_POST, CONST_XSRF_TOKEN_KEY)); logout();
