function check_question()
{
global $_POST;
if (isset($_POST["answer"])) {
return check_answer($_POST["answer"]);
} else {
return NULL;
}
}
<?php
include '../core/init.php';
$answer = $_REQUEST["answer"];
if (!empty($_REQUEST)) {
if (check_answer($answer, $user_data['level'])) {
level_update($user_data['level'], $user_data['serial']);
}
header("Location: ../index.php");
}
function do_action(&$env, $action)
{
global $RAW_ID;
global $ERROR;
if (is_array($action)) {
foreach ($action as $sub) {
if (!do_action($env, $sub)) {
return false;
}
if (@$env["HAS_FORKED"] || @$env["DO_BREAK"]) {
return true;
}
}
return true;
}
if (!$action) {
return true;
}
//echo "ACTION: $action\n";
$oldlevel = $env["LEVEL"];
$env["LEVEL"]++;
$ok = false;
if (!$action) {
$ok = true;
} elseif (preg_match("/\\A(script|url)\\s+(.*)/", $action, $matches)) {
$op = $matches[1];
$cmd = $matches[2];
if ($op == "url") {
$cmd = "wget -O - '{$cmd}'";
}
$cmd = subst_macros($env, $cmd);
$ok = run_script($env, $cmd);
} else {
if (preg_match("/\\A(insert|update|delete)\\s+(?:({$RAW_ID})\\s+)?({$RAW_ID}\\s*=.*)/", $action, $matches)) {
$mode = $matches[1];
$table = $env["TABLE"];
if (@$matches[2]) {
$table = $matches[2];
}
$rest = $matches[3];
$data = array();
//echo "MODE: $mode\n";
if ($mode == "update" || $mode == "delete") {
$primary = _db_primary($table);
foreach (split(",", $primary) as $pri) {
if (isset($env[$pri])) {
$data[0][$pri] = $env[$pri];
}
}
}
while (preg_match("/\\A\\s*({$RAW_ID})\\s*=\\s*'((?:[^\\']|\\.)*)'(.*)/", $rest, $matches)) {
$field = $matches[1];
$value = $matches[2];
$rest = $matches[3];
$data[0][$field] = subst_macros($env, $value, "'", "\\'");
}
echo_rule($env);
echo "{$mode} {$table}:";
foreach ($data[0] as $field => $value) {
echo " {$field} = '{$value}'";
}
echo "\n";
if ($mode == "delete") {
$ok = db_delete($table, $data) && !$ERROR;
check_answer($env, "DELETE {$ok}");
} elseif ($mode == "update") {
$ok = db_update($table, $data) && !$ERROR;
check_answer($env, "UPDATE {$ok}");
} else {
$ok = db_insert($table, $data) && !$ERROR;
check_answer($env, "INSERT {$ok}");
}
if (!$ok) {
check_answer($env, "DB_ERROR {$mode} ({$ERROR})");
}
} else {
if (preg_match("/\\Aquery\\s+({$RAW_ID})\\s+({$RAW_ID})\\s+({$RAW_ID}\\s*=.*)/", $action, $matches)) {
$var = $matches[1];
$table = $matches[2];
$rest = $matches[3];
$cond = array();
while (preg_match("/\\A\\s*({$RAW_ID})\\s*=\\s*'((?:[^\\']|\\.)*)'(.*)/", $rest, $matches)) {
$field = $matches[1];
$value = $matches[2];
$rest = $matches[3];
$cond[$field] = subst_macros($env, $value, "'", "\\'");
}
$data = db_read($table, null, $cond, null, 0, 0);
//echo "got....."; print_r($data); echo "\n";
$env[$var] = $data;
$ok = true;
} else {
if (preg_match("/\\Avar\\s+({$RAW_ID}(?:->{$RAW_ID})*)\\s*=\\s*'((?:[^\\']|\\.)*)'/", $action, $matches)) {
$var = $matches[1];
$expr = $matches[2];
$lvalue =& $env;
while (preg_match("/\\A(?:->)?({$RAW_ID})(.*)/", $var, $matches)) {
$field = $matches[1];
$var = $matches[2];
$lvalue =& $lvalue[$field];
}
if ($var) {
engine_error("cannot assign to variable '{$var}'");
} else {
$lvalue = subst_macros($env, $expr, "'", "\\'");
$ok = true;
}
} else {
if (preg_match("/\\A(call|start)\\s+({$RAW_ID})(.*)/", $action, $matches)) {
$ok = false;
$mode = $matches[1];
$call = $matches[2];
$rest = $matches[3];
$cond = array("bp_name" => $call);
$data = db_read("bps", null, $cond);
if (!$data || $ERROR) {
check_answer($env, "DB_ERROR read ({$ERROR})");
} else {
$newenv = array();
while (preg_match("/\\A\\s*({$RAW_ID})\\s*=\\s*'((?:[^\\']|\\.)*)'(.*)/", $rest, $matches)) {
$field = $matches[1];
$value = $matches[2];
$rest = $matches[3];
$newenv[$field] = subst_macros($env, $value, "'", "\\'");
}
if ($rest) {
engine_error("bad call '{$call}', syntax rest '{$rest}'");
} else {
$statefield = $data[0]["bp_statefield"];
$newrec = array();
$newrec["state_id"] = null;
$newrec["bp_name"] = $call;
if ($mode == "start") {
// asynchronous call: make "return" later a nop
$newenv["NO_RETURN"] = true;
}
$newrec["state_env"] = db_data_to_code($newenv);
if (@$newenv["state_value"]) {
$newrec["state_value"] = $newenv["state_value"];
}
$table = $env["TABLE"];
$primary = _db_primary($table);
$field = $env["FIELD"];
$newrec["state_returnfield"] = "{$table}.{$field}";
$id_rec = array();
foreach (split(",", $primary) as $pri) {
$id_rec[$pri] = $env[$pri];
}
$newrec["state_returnid"] = db_data_to_code($id_rec);
$ok = db_insert("states", array($newrec)) && !$ERROR;
if ($ok) {
if (true) {
echo_rule($env);
echo "call {$table}.{$field} to states\n";
}
// decide whether to finish the caller or not
if ($mode == "call") {
//echo "SHOULD_BREAK....\n";
$env["DO_BREAK"] = true;
} else {
}
} else {
check_answer($env, "DB_ERROR insert ({$ERROR})");
}
}
}
} else {
if (preg_match("/\\Areturn\\s+'((?:[^\\']|\\.)*)'(.*)/", $action, $matches)) {
$returnvalue = subst_macros($env, $matches[1], "'", "\\'");
$rest = $matches[2];
if (@$env["NO_RETURN"]) {
// original call was asynchronous: ignore return statement
check_answer($env, "NO_RETURN");
if (true) {
$table = $env["TABLE"];
$field = $env["FIELD"];
echo_rule($env);
echo "done asynchronous call {$table}.{$field}\n";
}
$ok = true;
} else {
// advance the caller's state
$split = split("\\.", $env["state_returnfield"]);
$tablename = $split[0];
$fieldname = $split[1];
$oldrec = eval("return " . $env["state_returnid"] . ";");
$data = db_read($tablename, null, $oldrec);
if (!$data || $ERROR) {
engine_error("cannot re-read caller's data from table {$tablename}");
} else {
if ($test = @$data[0]["state_env"]) {
// original caller had an environment
$oldenv = eval("return {$test};");
while (preg_match("/\\A\\s*({$RAW_ID})\\s*=\\s*'((?:[^\\']|\\.)*)'(.*)/", $rest, $matches)) {
$field = $matches[1];
$value = $matches[2];
$rest = $matches[3];
$oldenv[$field] = subst_macros($env, $value, "'", "\\'");
}
if ($rest) {
engine_warn("return statement has unparsable rest '{$rest}'");
}
$oldrec["state_env"] = db_data_to_code($oldenv);
}
$oldrec[$fieldname] = $returnvalue;
if (true) {
echo_rule($env);
echo "return to {$tablename}.{$fieldname} = '{$returnvalue}'\n";
}
$ok = db_update($tablename, array($oldrec)) && !$ERROR;
//echo "RETURN $tablename $fieldname='$returnvalue' ok='$ok' ERROR='$ERROR'\n";
if (!$ok) {
check_answer($env, "DB_ERROR update ({$ERROR})");
}
}
}
} else {
engine_error("cannot parse action '{$action}'. correct your rules!");
}
}
}
}
}
}
if ($ok) {
$env["HIT_FLAG"] = true;
}
$env["LEVEL"] = $oldlevel;
return $ok;
}
$vraagid = 101;
break;
case 3:
$vraagid = 201;
break;
default:
$vraagid = 1;
break;
}
} else {
$vraagid = 1;
}
}
// Controleer antwoord en geef feedback //
if (isset($_GET['antwoord'])) {
$result = check_answer($vraagid, $_GET['antwoord']);
// Volgende vraag (statische volgorde)
$next = $vraagid + 1;
if ($result) {
// Geef punten //
$_SESSION['punten'] = $_SESSION['punten'] + 5;
?>
<div style="height: 100%; width: 100%; background-color: darkgreen;">
<div class="result">
GOED
</div>
</div>
<?php
} else {
?>
<div style="height: 100%; width: 100%; background-color: darkred;">
<?php
session_start();
$nb_steps = get_steps();
/* Token generation and initialization of the current step */
if (empty($_SESSION['step'])) {
$_SESSION['step'] = 1;
$_SESSION["token"] = generate_random_string();
} else {
if ($_SESSION['step'] > $nb_steps) {
$_SESSION['step'] = 1;
$_SESSION["token"] = generate_random_string();
}
}
/* If some datas have been submited, we go to the next step */
if (!empty($_POST) && $_SESSION['step'] <= $nb_steps) {
$id_answer = trim($_POST["id_answer"]);
$token = $_SESSION["token"];
$step = $_SESSION["step"];
if (check_answer($id_answer, $step)) {
$_SESSION["step"]++;
add_user_answer($token, $id_answer);
if ($_SESSION['step'] > $nb_steps) {
header("Location:result.php");
}
}
}
$progress = $_SESSION['step'] / $nb_steps * 100;
$question = get_question($_SESSION['step']);
$answers = get_answers($_SESSION['step']);
*/
include 'database_info.php';
session_start();
if (!isset($_SESSION['stu_id'])) {
header("location: studentLogin.php");
}
define("DB_NAME", $_SESSION["modCode"]);
$link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("Couldn't make connection.");
$db = mysql_select_db(DB_NAME, $link) or die("Couldn't select database");
$allCorrect = true;
// If the question has been answered
if (isset($_POST["submit"])) {
$hints = array();
foreach ($_POST as $key => $value) {
if ($key != "submit") {
if (!check_answer($value, $key)) {
$allCorrect = false;
$hints[$key] = getHint($key);
}
}
}
}
function scramble_answers($array)
{
if (!is_array($array)) {
return $array;
}
$keys = array_keys($array);
shuffle($keys);
$random = array();
foreach ($keys as $key) {
}
//为防止恶意注册,跨站攻击
check_code($_POST['code'], $_SESSION['code']);
//引入验证文件
include ROOT_PATH . 'includes/check.func.php';
//创建空数组,用来存放提交的合法数据
$clean = array();
//可以通过唯一标识符来防止恶意注册,伪装表单跨站攻击等。
//唯一标识符第二个作用,登录cookie验证
$clean['uniqid'] = check_uniqid($_POST['uniqid'], $_SESSION['uniqid']);
//active也是唯一标识符,用来给刚注册的用户做激活处理用,不然也不能登录
$clean['active'] = sha1_uniqid();
$clean['username'] = check_username($_POST['username'], 2, 20);
$clean['password'] = check_password($_POST['password'], $_POST['aginePassword'], 6);
$clean['question'] = check_question($_POST['question'], 2, 20);
$clean['answer'] = check_answer($_POST['question'], $_POST['answer'], 2, 20);
$clean['sex'] = check_sex($_POST['sex']);
$clean['photo'] = check_photo($_POST['photo']);
$clean['email'] = check_email($_POST['email'], 6, 40);
$clean['qq'] = check_qq($_POST['qq']);
$clean['url'] = check_url($_POST['url'], 40);
//新增用户之前,判断用户名是否重复
is_repeat("SELECT bbs_username FROM bbs_users WHERE bbs_username='******'username']}' LIMIT 1", '对不起,该用户名已被注册');
//新增用户
//在双引号里面直接方变量可以$username,但如果是数组,就必须加一个花括号
query("INSERT INTO bbs_users (\n bbs_uniqid,\n bbs_active,\n bbs_username,\n bbs_password,\n bbs_question,\n bbs_answer,\n bbs_sex,\n bbs_photo,\n bbs_email,\n bbs_qq,\n bbs_url,\n bbs_reg_time,\n bbs_last_time,\n bbs_last_ip\n ) \n VALUES (\n '{$clean['uniqid']}',\n '{$clean['active']}',\n '{$clean['username']}',\n '{$clean['password']}',\n '{$clean['question']}',\n '{$clean['answer']}',\n '{$clean['sex']}',\n '{$clean['photo']}',\n '{$clean['email']}',\n '{$clean['qq']}',\n '{$clean['url']}',\n NOW(),\n NOW(),\n '{$_SERVER["REMOTE_ADDR"]}'\n )");
if (affected_rows() == 1) {
//获取刚刚新增的id
$clean['id'] = mysql_insert_id();
//关闭数据库
close();
<?php require_once "functions.php"; check_answer();
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Online Judge</title>
</head>
<body>
<p>
<?php
$fresult = check_answer($_FILES['upfile']['tmp_name'], "./test.txt");
if ($fresult == 1) {
printf("SUBMIT FILE READ ERROR<br>");
}
if ($fresult == 2) {
printf("ANSWER FILE READ ERROR<br>");
}
if ($fresult == 3) {
printf("ACCEPTED<br>");
}
if ($fresult >= 4) {
printf("WRONG ANSWER<br>");
}
function check_answer($submitfile, $answerfile)
{
$result = 1;
$submitfile_fp = fopen($submitfile, "r");
if (!$submitfile_fp) {
return $result;
}
$result = 2;
