function score_special() { // Scoring for the last probelem set, where a score // is calculated by algorithm or based on other peoples' // answers if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) { trigger_error('XSRF code incorrect', E_USER_ERROR); } if ($_POST['set'] != 12) { trigger_error('Invalid set?!', E_USER_ERROR); } $row = DB::queryFirstRow('SELECT guts_ans_a, guts_ans_b, guts_ans_c FROM teams WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '"'); if (!is_null($row['guts_ans_a']) || !is_null($row['guts_ans_b']) || !is_null($row['guts_ans_c'])) { show_duplicate_scores_warning(); } $ans_34 = $_POST['ans34']; $ans_35 = $_POST['ans35']; $ans_36 = $_POST['ans36']; if (strlen($ans_34) > 100 || strlen($ans_35) > 100 || strlen($ans_36) > 100) { trigger_error('Answers too long!', E_USER_ERROR); } $ans_34 = prescreen_guts(34, $ans_34); $ans_35 = prescreen_guts(35, $ans_35); $ans_36 = prescreen_guts(36, $ans_36); if (is_null($ans_34)) { $ans_34 = 'NULL'; } else { $ans_34 = '"' . mysqli_real_escape_string(DB::get(), $ans_34) . '"'; } if (is_null($ans_35)) { $ans_35 = 'NULL'; } else { $ans_35 = '"' . mysqli_real_escape_string(DB::get(), $ans_35) . '"'; } if (is_null($ans_36)) { $ans_36 = 'NULL'; } else { $ans_36 = '"' . mysqli_real_escape_string(DB::get(), $ans_36) . '"'; } DB::queryRaw('UPDATE teams SET guts_ans_a=' . $ans_34 . ', guts_ans_b=' . $ans_35 . ', guts_ans_c=' . $ans_36 . ' WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1'); show_scoring_page(); }
function process_special_form() { if (isset($_POST['guts_full_update_a'])) { $problem = 34; $field = 'guts_ans_a'; $has_value = $_POST['aHasValue'] == 'Yes'; $prev = $_POST['previous_value_a']; $new = $_POST['a']; } else { if (isset($_POST['guts_full_update_b'])) { $problem = 35; $field = 'guts_ans_b'; $has_value = $_POST['bHasValue'] == 'Yes'; $prev = $_POST['previous_value_b']; $new = $_POST['b']; } else { if (isset($_POST['guts_full_update_c'])) { $problem = 36; $field = 'guts_ans_c'; $has_value = $_POST['cHasValue'] == 'Yes'; $prev = $_POST['previous_value_c']; $new = $_POST['c']; } else { trigger_error('None of the three special answer fields clicked?!', E_USER_ERROR); } } } if ($has_value) { if (strlen($new) > 100) { trigger_error('Answers too long!', E_USER_ERROR); } $new = prescreen_guts($problem, $new); } else { $new = null; } if (is_null($new)) { $new = 'NULL'; } else { $new = '"' . mysqli_real_escape_string(DB::get(), $new) . '"'; } DB::queryRaw('UPDATE teams SET ' . mysqli_real_escape_string(DB::get(), $field) . '=' . $new . ' WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1'); alert('The score for problem ' . $problem . ' has been updated', 1); header('Location: ' . $_SERVER['REQUEST_URI']); die; }