function view()
{
$user_id = $this->params[0];
if (empty($user_id)) {
error_out('Check user ID in address bar');
}
$this->user = get_first("SELECT * FROM user WHERE user_id = '{$user_id}'");
}
function exec_query($sql)
{
static $conn = null;
if ($conn == null) {
$conn = get_db_connection();
}
if (mysql_query($sql, $conn) === FALSE) {
error_out(500, "MySQL Error: " . mysql_error($conn) . "; running query: {$sql}");
}
}
function checkPostRedirect($client)
{
global $passed;
line_out("Checking to see if there was a POST redirect to a GET");
$method = $client->getRequest()->getMethod();
if ($method == "get") {
$passed++;
} else {
error_out('Expecting POST to Redirect to GET - found ' . $method);
}
}
function main($server_cfg)
{
$game = "";
if (isset($_GET["game"])) {
$game = $_GET["game"];
$candidate_path = sprintf($server_cfg["xhprof_ip_list"], $game);
error_log($candidate_path . "\n");
if (file_exists($candidate_path)) {
header($_SERVER["SERVER_PROTOCOL"] . " 200 Ok");
header("Content-type: text/plain");
echo file_get_contents($candidate_path);
return;
} else {
error_out("{$game} maybe invalid, path {$candidate_path} does not exist.");
}
} else {
error_out("No game name passed");
}
}
function connect_db()
{
global $con;
@($con = new mysqli(DATABASE_HOSTNAME, DATABASE_USERNAME, DATABASE_PASSWORD));
if ($connection_error = mysqli_connect_error()) {
$errors[] = 'There was an error trying to connect to database at ' . DATABASE_HOSTNAME . ':<br><b>' . $connection_error . '</b>';
require 'templates/error_template.php';
die;
}
mysqli_select_db($con, DATABASE_DATABASE) or error_out('<b>Error:</b><i> ' . mysqli_error($con) . '</i><br>
This usually means that MySQL does not have a database called <b>' . DATABASE_DATABASE . '</b>.<br><br>
Create that database and import some structure into it from <b>doc/database.sql</b> file:<br>
<ol>
<li>Open database.sql</li>
<li>Copy all the SQL code</li>
<li>Go to phpMyAdmin</li>
<li>Create a database called <b>' . DATABASE_DATABASE . '</b></li>
<li>Open it and go to <b>SQL</b> tab</li>
<li>Paste the copied SQL code</li>
<li>Hit <b>Go</b></li>
</ol>');
mysqli_query($con, "SET NAMES utf8");
mysqli_query($con, "SET CHARACTER utf8");
}
} else {
error_out("Not found");
}
// Good guess
$u = $url . "?guess=42";
line_out("Retrieving " . htmlent_utf8($u));
$crawler = $client->request('GET', $u);
$html = $crawler->html();
$OUTPUT->togglePre("Show retrieved page", $html);
line_out("Looking for 'Congratulations - You are right'");
if (stripos($html, 'congratulations') > 0) {
$passed++;
} else {
error_out("Not found");
}
} catch (Exception $ex) {
error_out("The autograder did not find something it was looking for in your HTML - test ended.");
error_log($ex->getMessage());
error_log($ex->getTraceAsString());
$detail = "This indicates the source code line where the test stopped.\n" . "It may not make any sense without looking at the source code for the test.\n" . 'Caught exception: ' . $ex->getMessage() . "\n" . $ex->getTraceAsString() . "\n";
$OUTPUT->togglePre("Internal error detail.", $detail);
}
$perfect = 10;
$score = webauto_compute_effective_score($perfect, $passed, $penalty);
if (!$titlefound) {
error_out("These pages do not have proper titles so this grade was not sent");
return;
}
if ($score > 0.0) {
webauto_test_passed($score, $url);
}
*/
function error_out($reason = '')
{
$error = array('status' => 'failure');
if ($reason !== '') {
$error['reason'] = $reason;
}
print $error;
die;
}
if (!empty($LoggedUser['DisableForums'])) {
error_out('You do not have access to the forums!');
}
$UserID = empty($_GET['userid']) ? $LoggedUser['ID'] : $_GET['userid'];
if (!is_number($UserID)) {
error_out('User does not exist!');
}
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
$PerPage = POSTS_PER_PAGE;
}
list($Page, $Limit) = Format::page_limit($PerPage);
$UserInfo = Users::user_info($UserID);
extract(array_intersect_key($UserInfo, array_flip(array('Username', 'Enabled', 'Title', 'Avatar', 'Donor', 'Warned'))));
$ViewingOwn = $UserID === $LoggedUser['ID'];
$ShowUnread = $ViewingOwn && (!isset($_GET['showunread']) || !!$_GET['showunread']);
$ShowGrouped = $ViewingOwn && (!isset($_GET['group']) || !!$_GET['group']);
if ($ShowGrouped) {
$SQL = '
SELECT
private function load_config()
{
// Load config file or bail out
if (file_exists('config.php')) {
require 'config.php';
} else {
error_out('No config.php. Please make a copy of config.sample.php and name it config.php and configure it.');
}
}
require_once "config.inc.php";
// 2. check _POST
$_inp = $_POST;
if (!isset($_inp['mid'])) {
error_out(print_r($_POST, true) . " requires mid");
}
// 3. 檢查 user 是否能刪除此檔
$map = map_get_single($_inp['mid']);
if ($map == null) {
error_out("no such map" . $_inp['mid']);
}
if ($map['uid'] != $_SESSION['uid']) {
error_out("you are not the owner");
}
// 3.1 正在搬移資料結構, 或重新整理
$block_msg = map_blocked($out_root, $_SESSION['uid']);
if ($block_msg != null) {
error_out($block_msg);
}
// 4. 真的刪除/回收
if ($_inp['op'] && $_inp['op'] == 'recycle') {
$ok = map_expire($_inp['mid']);
} else {
$ok = map_del($_inp['mid']);
}
if ($ok === FALSE) {
error_out("delete/expire fail");
}
sleep(1);
$mid = $_inp['mid'];
ok_out("{$mid} deleted", $mid);
<li <?php
echo $controller == 'users' ? 'class="active"' : '';
?>
><a href="users">Users</a></li>
</ul>
</div>
<!--/.nav-collapse -->
</div>
</div>
<div class="container">
<!-- Main component for a primary marketing message or call to action -->
<? if (!file_exists("views/$controller/{$controller}_$action.php")) error_out('The view <i>views/' . $controller . '/' . $controller . '_' . $action . '.php</i> does not exist. Create that file.'); ?>
<? @require "views/$controller/{$controller}_$action.php"; ?>
</div>
<!-- /container -->
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="vendor/components/jquery/jquery.min.js"></script>
<script src="vendor/components/bootstrap/js/bootstrap.min.js"></script>
<script src="https://mottie.github.io/tablesorter/js/jquery.tablesorter.js"></script>
</body>
</html>
$passed = 0;
$titlefound = false;
try {
$h1 = $crawler->filter('h1')->text();
line_out("Found h1 tag...");
} catch (Exception $ex) {
error_out("Did not find h1 tag");
$h1 = "";
}
if (stripos($h1, 'Hello') !== false) {
success_out("Found 'Hello' in the h1 tag");
$passed += 1;
} else {
error_out("Did not find 'Hello' in the h1 tag");
}
if ($USER->displayname && stripos($h1, $USER->displayname) !== false) {
success_out("Found ({$USER->displayname}) in the h1 tag");
$passed += 1;
} else {
if ($USER->displayname) {
error_out("Did not find {$USER->displayname} in the h1 tag");
error_out("No score sent");
return;
}
}
$perfect = 2;
$score = webauto_compute_effective_score($perfect, $passed, $penalty);
// Send grade
if ($score > 0.0) {
webauto_test_passed($score, $url);
}
exec($cmd, $output, $ret);
if ($ret != 0) {
foreach ($output as $line) {
if (strstr($line, "err:")) {
$errline .= substr($line, 4) . "\n";
}
}
error_out($errline);
}
// before register, check count again
if (map_full($_SESSION['uid'], $user['limit'], $recreate_flag)) {
$files = map_files($outimage);
foreach ($files as $f) {
@unlink($f);
}
error_out("已經達到數量限制" . $user['limit']);
}
$type = determine_type($shiftx, $shifty);
$outx = ceil($shiftx / $tiles[$type]['x']);
$outy = ceil($shifty / $tiles[$type]['y']);
if (file_exists(str_replace(".tag.png", ".gpx", $outimage))) {
$save_gpx = 1;
}
$mid = map_add($_SESSION['uid'], $title, $xx, $yy, $shiftx, $shifty, $outx, $outy, $_SERVER['REMOTE_ADDR'], $outimage, map_size($outimage), $version, $save_gpx);
// 最後搬移到正確目錄
map_migrate($out_root, $_SESSION['uid'], $mid);
// 如果有 gpx 就 import 到 gis 的 database 中
//if ($svg_params != "") {
// import_gpx($mid);
//}
$okmsg = msglog("done");
private function load_config()
{
// Load config file or bail out
if (file_exists(dirname(__FILE__) . '/../../config.php')) {
include dirname(__FILE__) . '/../../config.php';
} else {
error_out('No config.php. Please make a copy of config.sample.php and name it config.php and configure it.');
}
}
$url = false;
line_out("Looking for Logout Anchor Tag.");
$link = $crawler->selectLink('Logout')->link();
$url = $link->getURI();
}
line_out("Retrieving " . htmlent_utf8($url) . "...");
$crawler = $client->request('GET', $url);
$html = $crawler->html();
$OUTPUT->togglePre("Show retrieved page", $html);
$passed++;
line_out("Looking for login link.");
$link = $crawler->selectLink('Log In')->link();
$url = $link->getURI();
$passed++;
} catch (Exception $ex) {
error_out("The autograder did not find something it was looking for in your HTML - test ended.");
error_log($ex->getMessage());
error_log($ex->getTraceAsString());
$detail = "This indicates the source code line where the test stopped.\n" . "It may not make any sense without looking at the source code for the test.\n" . 'Caught exception: ' . $ex->getMessage() . "\n" . $ex->getTraceAsString() . "\n";
$OUTPUT->togglePre("Internal error detail.", $detail);
}
// There is a maximum of 20 passes for this test
$perfect = 20;
$score = webauto_compute_effective_score($perfect, $passed, $penalty);
if (!$titlefound) {
error_out("These pages do not have proper titles so this grade is not official");
return;
}
if ($score > 0.0) {
webauto_test_passed($score, $url);
}
$grade = 0.0;
if (strpos($h1, "Dr. Chuck") !== false) {
$failure = "You need to put your own name in the h1 tag - assignment not complete!";
} else {
if (strpos($h1, 'Hello') !== false) {
$success = "Found 'Hello' in the h1 tag - assignment correct!";
$grade = 1.0;
} else {
$failure = "Did not find 'Hello' in the h1 tag - assignment not complete!";
}
}
if (strlen($success) > 0) {
success_out($success);
error_log($success);
} else {
if (strlen($failure) > 0) {
error_out($failure);
error_log($failure);
exit;
} else {
error_log("No status");
exit;
}
}
// Send grade
if ($penalty !== false) {
$grade = $grade * (1.0 - $penalty);
}
if ($grade > 0.0) {
webauto_test_passed($grade, $url);
}
public function getTableColumns($create = true)
{
global $db;
// Make sure we have a table set
if ($this->table == "") {
error_out("No table set.");
return false;
}
$sql = new SQLQuery($this->table);
$sql->international = $this->international;
$columns = $sql->get_columns();
if (!empty($columns)) {
// Table exists -- return the columns
$this->tablecolumns = $columns;
// If table exists and create is set, add any additional columns
if ($create) {
$formcolumns = $this->formToTableColumns(false);
$newcolumns = array_diff(array_keys($formcolumns), array_keys($columns));
if (!empty($newcolumns)) {
$tablename = $this->table;
if ($this->schema != "") {
$tablename = $this->schema . "." . $this->table;
}
$alter_table_column_string = "";
foreach ($newcolumns as $colname) {
if ($alter_table_column_string != "") {
$alter_table_column_string .= ",";
}
$alter_table_column_string .= $colname . " " . $formcolumns[$colname];
$this->tablecolumns[$colname] = $formcolumns[$colname];
}
$alter_table_query = "ALTER TABLE " . $tablename . " ADD(" . $alter_table_column_string . ")";
$ret = $db->execute($alter_table_query);
}
}
return $this->tablecolumns;
} else {
if ($create) {
// Table doesn't exist -- create it from form
$this->tablecolumns = $this->formToTableColumns();
$sql_create = new SQLCreate($this->table, $this->tablecolumns);
$sql_create->international = $this->international;
$sql_create->execute();
return $this->tablecolumns;
} else {
// Table doesn't exist, 'create' set to false: return false
error_out("Table doesn't exist.");
return false;
}
}
}
error_out("Did not find '{$displayname}' in title tag");
$success = false;
break;
}
}
$matches = array();
preg_match('/Your Play=([^ ]*) Computer Play=([^ ]*) Result=(.*)/', $html, $matches);
if (count($matches) != 4) {
error_out('Could not find properly formatted line starting with "Your Play="');
continue;
}
line_out('Found:' . $matches[0]);
if (check($matches)) {
success_out('Correct play');
} else {
error_out('Incorrect play');
$success = false;
}
}
if (!$success) {
error_out('Please fix and re-test.');
exit;
}
// Send a grade if requested
$grade = 1.0;
if ($penalty !== false) {
$grade = $grade * (1.0 - $penalty);
}
if ($grade > 0.0) {
webauto_test_passed($grade, $url);
}
$where2 .= "`a`.`group` = '{$grp}'";
$where2 .= $where3;
$x++;
}
}
$where2 .= "AND `a`.`type` = 1";
$query = "SELECT * FROM `{$GLOBALS['mysql_prefix']}assigns` `as`\n\t\tLEFT JOIN `{$GLOBALS['mysql_prefix']}ticket` `t` ON `as`.`ticket_id` = `t`.`id`\n\t\tLEFT JOIN `{$GLOBALS['mysql_prefix']}allocates` `a` ON `t`.`id` = `a`.`resource_id`\t\t\n\t\tWHERE `as`.`user_id` != {$me} {$where2} ORDER BY `as`.`as_of` DESC LIMIT 1";
// get most recent
$result = mysql_query($query) or error_out(basename(__FILE__) . "@" . __LINE__);
// 2/10/12
$assign_row = mysql_affected_rows() > 0 ? stripslashes_deep(mysql_fetch_assoc($result)) : FALSE;
// 2/25/12 - AS
$query = "SELECT `updated` FROM `{$GLOBALS['mysql_prefix']}action` WHERE `updated` = ( SELECT MAX(`updated`) FROM `{$GLOBALS['mysql_prefix']}action` ) LIMIT 1";
$result = mysql_query($query) or error_out(basename(__FILE__) . "@" . __LINE__);
// 2/10/12
$act_row = mysql_affected_rows() > 0 ? stripslashes_deep(mysql_fetch_assoc($result)) : FALSE;
$query = "SELECT `updated` FROM `{$GLOBALS['mysql_prefix']}patient` WHERE `updated` = ( SELECT MAX(`updated`) FROM `{$GLOBALS['mysql_prefix']}patient` ) LIMIT 1";
$result = mysql_query($query) or error_out(basename(__FILE__) . "@" . __LINE__);
// 2/10/12
$pat_row = mysql_affected_rows() > 0 ? stripslashes_deep(mysql_fetch_assoc($result)) : FALSE;
$the_act_id = $act_row ? $act_row['updated'] : "0";
// action item
$the_pat_id = $pat_row ? $pat_row['updated'] : "0";
// patient item
$the_unit_id = $row ? $row['id'] : "0";
$the_updated = $row ? $row['updated'] : "0";
$the_dispatch_change = $assign_row ? $assign_row['as_of'] : "";
$the_hash = md5($the_chat_id . $the_tick_id . $the_unit_id . $the_updated . $the_dispatch_change . $the_act_id . $the_pat_id);
$ret_arr = array($the_chat_id, $the_tick_id, $the_unit_id, $the_updated, $the_dispatch_change, $the_act_id, $the_pat_id, $the_hash);
print json_encode($ret_arr);
// 1/6/11
function __autoload($className)
{
(include 'system/classes/' . $className . '.php') or (include 'classes/' . $className . '.php') or error_out("Autoload of class {$className} failed.");
debug("Autoloaded " . $className);
}
if (isset($_REQUEST[$field])) {
$update->add_value($field, $_REQUEST[$field]);
}
}
if (isset($_REQUEST["password1"]) && $_REQUEST["password1"] != "") {
if (!isset($_REQUEST["password2"]) && $_REQUEST["password2"] != "") {
error_out("Please retype password.");
} else {
if ($_REQUEST["password1"] != $_REQUEST["password2"]) {
error_out("Passwords do not match.");
} else {
$hash = db_hash_password($_REQUEST['password1']);
if ($hash) {
$update->add_value("pass", $hash);
} else {
error_out("Problem hashing password. Please retry.");
}
}
}
} else {
if (isset($_REQUEST["password2"]) && $_REQUEST["password2"] != "") {
error_out("Please type password in both fields.");
}
}
$update->execute();
$user->dbGet();
$rjo->query = $update->query;
$rjo->status = "success";
$rjo->successMessage = "Saved user settings.";
}
echo $rjo->printjson();
?>
><a href="users">Users</a></li>
</ul>
</div>
<!--/.nav-collapse -->
</div>
</div>
<div class="container">
<!-- Main component for a primary marketing message or call to action -->
<?php
if (!file_exists("views/{$controller}/{$controller}_{$action}.php")) {
error_out('The view <i>views/' . $controller . '/' . $controller . '_' . $action . '.php</i> does not exist. Create that file.');
}
?>
<?php
@(require "views/{$controller}/{$controller}_{$action}.php");
?>
</div>
<!-- /container -->
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="vendor/components/jquery/jquery.min.js"></script>
<script src="vendor/components/bootstrap/js/bootstrap.min.js"></script>
this page serves as a wrapper for the cortado java applet
*/
//load the http GETS:
// set the parent domain if provided
// needed before error_out can be called
$parent_domain = isset( $_GET['parent_domain'] ) ? wfEscapeJsString( $_GET['parent_domain'] ) : false;
$error='';
if(!function_exists('filter_input')){
error_out('you version of php lacks <b>filter_input()</b> function</br>');
}
//default to null media in not provided:
$media_url = isset( $_GET['media_url'] ) ? htmlspecialchars( $_GET['media_url'] ) : false;
if( is_null($media_url) || $media_url===false || $media_url==''){
error_out('not valid or missing media url');
}
//default duration to 30 seconds if not provided. (ideally cortado would read this from the video file)
//$duration = (isset($_GET['duration']))?$_GET['duration']:0;
$duration = filter_input(INPUT_GET, 'duration', FILTER_SANITIZE_NUMBER_INT);
if( is_null($duration) || $duration===false){
$duration=0;
}
//id (set to random if none provided)
//$id = (isset($_GET['id']))?$_GET['id']:'vid_'.rand('10000000');
$id = isset($_GET['id']) ? htmlspecialchars( $_GET['id'] ) : false;
if( is_null($id) || $id===false){
$id = 'vid_'.rand(0,10000000);
}
function __autoload($className)
{
@(include dirname(__FILE__) . '/classes/' . $className . '.php') or (include dirname(__FILE__) . '/../classes/' . $className . '.php') or error_out("Autoload of class {$className} failed.");
debug("Autoloaded " . $className);
}
function webauto_test_passed($grade, $url)
{
global $displayname;
global $OUTPUT;
success_out("Test passed - congratulations");
if ($displayname === false || !isset($_SESSION['lti'])) {
line_out('Not setup to return a grade..');
exit;
}
if (!isset($_GET['grade'])) {
line_out('Dry run - grade of (' . intval($grade * 100) . '%) was not sent.');
exit;
}
gradeUpdateJson(json_encode(array("url" => $url)));
$debug_log = array();
$retval = LTIX::gradeSend($grade, false, $debug_log);
$OUTPUT->dumpDebugArray($debug_log);
if ($retval == true) {
$success = "Grade sent to server (" . intval($grade * 100) . "%)";
} else {
if (is_string($retval)) {
$failure = "Grade not sent: " . $retval;
} else {
echo "<pre>\n";
var_dump($retval);
echo "</pre>\n";
$failure = "Internal error";
}
}
if (strlen($success) > 0) {
success_out($success);
error_log($success);
} else {
if (strlen($failure) > 0) {
error_out($failure);
error_log($failure);
} else {
error_log("No status");
}
}
}
public function query($query, $params = array())
{
global $conn;
set_error_handler(function ($errno, $errstr, $errfile, $errline, array $errcontext) {
// error was suppressed with the @-operator
if (0 === error_reporting()) {
return false;
}
throw new ErrorException($errstr, 0, $errno, $errfile, $errline);
});
try {
$ret = sqlsrv_query($conn, $query);
if (!$ret) {
error_out(var_export(sqlsrv_errors(), true));
}
return $ret;
} catch (Exception $e) {
//
}
restore_error_handler();
}
function get_db_connection()
{
$dbconfig = $GLOBALS['config']['database'];
//Validate the database configuration settings
$required_keys = array('host', 'name', 'user', 'pass', 'port');
if ($missing_keys = array_diff_key(array_flip($required_keys), $dbconfig)) {
$missing_key_msg = implode(', ', array_keys($diff));
error_out(500, "Section [database] missing keys: {$missing_key_msg}");
}
$host = $dbconfig['host'];
$name = $dbconfig['name'];
$user = $dbconfig['user'];
$pass = $dbconfig['pass'];
$port = $dbconfig['port'];
if (!($conn = mysql_connect("{$host}:{$port}", $user, $pass))) {
error_out(500, "Could not connect to: {$user}:{$pass}@{$host}:{$port}");
}
if (!mysql_select_db($name, $conn)) {
error_out(500, "Database '{$name}' could not be selected.");
}
return $conn;
}
