<?php require '../../include/mellivora.inc.php'; enforce_authentication(CONFIG_UC_MODERATOR); $rule = db_select_one('instances', array('*'), array('id' => $_SESSION['IID'])); head('Site management'); menu_management(); section_subhead('Edit Instance Settings'); form_start(CONFIG_SITE_ADMIN_RELPATH . 'actions/edit_settings'); echo '<div class="form-group"> <label class="col-sm-2 control-label" for="rule">Registration Token</label> <div class="col-sm-10"> <input id="rule" readonly name="rule" class="form-control" placeholder="Registration Token" value="', $rule['registrationToken'] != 0 ? $rule['registrationToken'] : 'Registration Tokens are not enabled.', '" type="text"> </div> </div>'; form_hidden('action', 'edit'); echo $rule['registrationToken'] == 0 ? form_button_submit('Enable Registration Token') : form_button_submit('Disable Registration Token'); form_end(); foot();
<?php require '../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_MODERATOR); head('Site management'); menu_management(); section_subhead('New hint'); form_start(CONFIG_SITE_ADMIN_RELPATH . 'actions/new_hint'); form_textarea('Body'); $opts = db_query_fetch_all(' SELECT ch.id, ch.title, ca.title AS category FROM challenges AS ch LEFT JOIN categories AS ca ON ca.id = ch.category ORDER BY ca.title, ch.title'); form_select($opts, 'Challenge', 'id', array_get($_GET, 'id', 0), 'title', 'category'); form_input_checkbox('Visible'); form_hidden('action', 'new'); form_button_submit('Create hint'); form_end(); foot();
<?php require '../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_USER, true); $time = time(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]); if (CONFIG_RECAPTCHA_ENABLE_PRIVATE) { validate_captcha(); } if ($_POST['action'] == 'submit_flag') { validate_id($_POST['challenge']); if (empty($_POST['flag'])) { message_error('Did you really mean to submit an empty flag?'); } $submissions = db_select_all('submissions', array('correct', 'added'), array('user_id' => $_SESSION['id'], 'challenge' => $_POST['challenge'])); // make sure user isn't "accidentally" submitting a correct flag twice $latest_submission_attempt = 0; $num_attempts = 0; foreach ($submissions as $submission) { $latest_submission_attempt = max($submission['added'], $latest_submission_attempt); if ($submission['correct']) { message_error('You may only submit a correct flag once.'); } $num_attempts++; } // get challenge information $challenge = db_select_one('challenges', array('flag', 'category', 'case_insensitive', 'automark', 'available_from', 'available_until', 'num_attempts_allowed', 'min_seconds_between_submissions'), array('id' => $_POST['challenge'])); $seconds_since_submission = $time - $latest_submission_attempt; if ($seconds_since_submission < $challenge['min_seconds_between_submissions']) { message_generic('Sorry', 'You may not submit another solution for this challenge for another ' . seconds_to_pretty_time($challenge['min_seconds_between_submissions'] - $seconds_since_submission));
<?php require '../include/mellivora.inc.php'; require CONST_PATH_THIRDPARTY . 'nbbc/nbbc.php'; enforce_authentication(); $time = time(); $bbc = new BBCode(); $bbc->SetEnableSmileys(false); head('Challenges'); if (isset($_GET['status'])) { if ($_GET['status'] == 'correct') { message_dialog('Congratulations! You got the flag!', 'Correct flag', 'Yay!', 'challenge-attempt correct on-page-load'); } else { if ($_GET['status'] == 'incorrect') { message_dialog('Sorry! That wasn\'t correct', 'Incorrect flag', 'Ok', 'challenge-attempt incorrect on-page-load'); } else { if ($_GET['status'] == 'manual') { message_inline_blue('<h1>Your submission is awaiting manual marking.</h1>', false); } } } } $categories = db_select_all('categories', array('id', 'title', 'description', 'available_from', 'available_until'), array('exposed' => 1), 'title ASC'); // determine which category to display if (isset($_GET['category'])) { validate_id($_GET['category']); $current_category = array_search_matching_key($_GET['category'], $categories, 'id'); if (!$current_category) { message_error(lang_get('no_category_for_id'), false); } } else {
<?php require '../include/mellivora.inc.php'; login_session_refresh(); if (!isset($_GET['show'])) { message_error(lang_get('please_request_page')); } $menu_data = db_select_one('dynamic_menu', array('internal_page'), array('permalink' => $_GET['show'])); if (!is_valid_id($menu_data['internal_page'])) { message_error(lang_get('not_a_valid_link')); } $content = db_select_one('dynamic_pages', array('id', 'title', 'body', 'visibility', 'min_user_class'), array('id' => $menu_data['internal_page'])); if ($content['visibility'] == 'private') { enforce_authentication($content['min_user_class']); } head($content['title']); if (cache_start($content['id'], CONFIG_CACHE_TIME_DYNAMIC, CONST_CACHE_DYNAMIC_PAGES_GROUP)) { section_head($content['title']); require CONST_PATH_THIRDPARTY . 'nbbc/nbbc.php'; $bbc = new BBCode(); $bbc->SetEnableSmileys(false); echo $bbc->parse($content['body']); cache_end($content['id'], CONST_CACHE_DYNAMIC_PAGES_GROUP); } foot();