コード例 #1
0
<?php

require '../../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'edit') {
        db_update('dynamic_pages', array('title' => $_POST['title'], 'body' => $_POST['body'], 'visibility' => $_POST['visibility'], 'min_user_class' => $_POST['min_user_class']), array('id' => $_POST['id']));
        invalidate_cache($_POST['id'], CONST_CACHE_DYNAMIC_PAGES_GROUP);
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_dynamic_page.php?id=' . $_POST['id'] . '&generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('dynamic_pages', array('id' => $_POST['id']));
            invalidate_cache($_POST['id'], CONST_CACHE_DYNAMIC_PAGES_GROUP);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_dynamic_pages.php?generic_success=1');
        }
    }
}
コード例 #2
0
ファイル: edit_news.php プロジェクト: jpnelson/mellivora
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST['xsrf_token']);
    if ($_POST['action'] == 'edit') {
        db_update('news', array('title' => $_POST['title'], 'body' => $_POST['body']), array('id' => $_POST['id']));
        invalidate_cache('home');
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_news.php?id=' . $_POST['id'] . '&generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('news', array('id' => $_POST['id']));
            invalidate_cache('home');
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_news.php?generic_success=1');
        }
    }
}
コード例 #3
0
ファイル: edit_news.php プロジェクト: dirvuk/mellivora
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'edit') {
        db_update('news', array('title' => $_POST['title'], 'body' => $_POST['body']), array('id' => $_POST['id']));
        invalidate_cache(CONST_CACHE_NAME_HOME);
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_news.php?id=' . $_POST['id'] . '&generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('news', array('id' => $_POST['id']));
            invalidate_cache(CONST_CACHE_NAME_HOME);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_news.php?generic_success=1');
        }
    }
}
コード例 #4
0
ファイル: new_hint.php プロジェクト: jpnelson/mellivora
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_xsrf_token($_POST['xsrf_token']);
    if ($_POST['action'] == 'new') {
        $id = db_insert('hints', array('added' => time(), 'added_by' => $_SESSION['id'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible'], 'body' => $_POST['body']));
        if ($id) {
            invalidate_cache('hints');
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . $id);
        } else {
            message_error('Could not insert new hint.');
        }
    }
}
コード例 #5
0
ファイル: new_hint.php プロジェクト: janglapuk/mellivora
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'new') {
        $id = db_insert('hints', array('added' => time(), 'added_by' => $_SESSION['id'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible'], 'body' => $_POST['body']));
        if ($id) {
            invalidate_cache(CONST_CACHE_NAME_HINTS);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . $id);
        } else {
            message_error('Could not insert new hint.');
        }
    }
}
コード例 #6
0
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'edit') {
        db_update('challenges', array('title' => $_POST['title'], 'description' => $_POST['description'], 'flag' => $_POST['flag'], 'automark' => $_POST['automark'], 'case_insensitive' => $_POST['case_insensitive'], 'points' => $_POST['points'], 'category' => $_POST['category'], 'exposed' => $_POST['exposed'], 'available_from' => strtotime($_POST['available_from']), 'available_until' => strtotime($_POST['available_until']), 'num_attempts_allowed' => $_POST['num_attempts_allowed'], 'min_seconds_between_submissions' => $_POST['min_seconds_between_submissions'], 'relies_on' => $_POST['relies_on']), array('id' => $_POST['id']));
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            delete_challenge_cascading($_POST['id']);
            invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
            invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $_POST['id']);
            redirect(CONFIG_SITE_ADMIN_RELPATH . '?generic_success=1');
        } else {
            if ($_POST['action'] == 'upload_file') {
                store_file($_POST['id'], $_FILES['file']);
                invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
                redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1');
            } else {
                if ($_POST['action'] == 'delete_file') {
                    delete_file($_POST['id']);
                    invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
                    redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['challenge_id'] . '&generic_success=1');
                }
            }
        }
    }
}
コード例 #7
0
ファイル: edit_user.php プロジェクト: azizjonm/ctf-engine
require '../../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'edit') {
        validate_email($_POST['email']);
        db_update('users', array('email' => $_POST['email'], 'team_name' => $_POST['team_name'], 'enabled' => $_POST['enabled'], 'competing' => $_POST['competing'], 'country_id' => $_POST['country']), array('id' => $_POST['id']));
        invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('users', array('id' => $_POST['id']));
            db_delete('submissions', array('user_id' => $_POST['id']));
            db_delete('ip_log', array('user_id' => $_POST['id']));
            db_delete('cookie_tokens', array('user_id' => $_POST['id']));
            invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
        } else {
            if ($_POST['action'] == 'reset_password') {
                $new_password = generate_random_string(8);
                $new_passhash = make_passhash($new_password);
                db_update('users', array('passhash' => $new_passhash), array('id' => $_POST['id']));
                message_generic('Success', 'Users new password is: ' . $new_password);
            }
        }
    }
}
コード例 #8
0
require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST['xsrf_token']);
    validateAuthority(1, $_GET['id']);
    if ($_POST['action'] == 'edit') {
        validate_email($_POST['email']);
        db_update('users', array('email' => $_POST['email'], 'team_name' => $_POST['team_name'], 'enabled' => $_POST['enabled'], 'competing' => $_POST['competing'], 'country_id' => $_POST['country'], 'remarks' => $_POST['remarks']), array('id' => $_POST['id']));
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('users', array('id' => $_POST['id']));
            db_delete('submissions', array('user_id' => $_POST['id']));
            db_delete('ip_log', array('user_id' => $_POST['id']));
            db_delete('cookie_tokens', array('user_id' => $_POST['id']));
            invalidate_cache('user_' . $_POST['id']);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
        } else {
            if ($_POST['action'] == 'reset_password') {
                $new_password = generate_random_string(8);
                $new_passhash = make_passhash($new_password);
                db_update('users', array('passhash' => $new_passhash), array('id' => $_POST['id']));
                message_generic('Success', 'Users new password is: ' . $new_password);
            }
        }
    }
}
コード例 #9
0
ファイル: edit_hint.php プロジェクト: dirvuk/mellivora
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    $challenge = db_select_one('hints', array('challenge AS id'), array('id' => $_POST['id']));
    if ($_POST['action'] == 'edit') {
        db_update('hints', array('body' => $_POST['body'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible']), array('id' => $_POST['id']));
        invalidate_cache(CONST_CACHE_NAME_HINTS);
        invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $challenge['id']);
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . htmlspecialchars($_POST['id']) . '&generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('hints', array('id' => $_POST['id']));
            invalidate_cache(CONST_CACHE_NAME_HINTS);
            invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $challenge['id']);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_hints.php?generic_success=1');
        }
    }
}