function processCreateDataBaseRequest($request)
{
//test if creation is necessary
if (in_array(DB_PREFIX . "user", Data::getTables())) {
throwBusinessLogicError(13);
}
//read queries from file
$lines = @file_get_contents("utils/dces-create-db.sql") or throwServerProblem(64);
//remove # comments
$lines = preg_replace("/^\\s*#.*\$/m", "", $lines);
//remove /*! ... */ comments
$lines = preg_replace('/\\/\\*!\\d+.*\\*\\//', "", $lines);
//replace PREFIX_ with real prefix
$lines = preg_replace('/PREFIX_/', DB_PREFIX, $lines);
//split requests by ;
$requests = preg_split('/\\s*;\\s*$/m', $lines);
foreach ($requests as $r) {
if (trim($r) !== "") {
Data::submitModificationQuery($r);
}
}
$col_value = array('login' => $request->login, 'password' => $request->password, 'user_data' => serialize(array()), 'contest_id' => 0, 'user_type' => 'SuperAdmin');
Data::submitModificationQuery(Data::composeInsertQuery('user', $col_value));
return new AcceptedResponse();
}
function processAdjustPluginRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
//authorize
if ($user_row['user_type'] !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
//test plugin alias
if (preg_match('/^[\\p{L}0-9 ]+$/', $request->pluginAlias) === 0) {
throwBusinessLogicError(238);
}
$plugin_type = $request->side === 'Client' ? 'client' : 'server';
//test if there already is such plugin
$where_clause = sprintf("alias=%s", Data::quote_smart($request->pluginAlias));
$plugin_row = Data::getRow("SELECT * FROM {$prfx}{$plugin_type}_plugin WHERE {$where_clause}");
if ($plugin_row) {
$modify = true;
} else {
$modify = false;
}
//test all parameters specified
if (!$modify && is_null($request->description)) {
$request->description = "";
}
if (!$modify && (is_null($request->pluginData) || is_null($request->description))) {
throwBusinessLogicError(1);
}
//TODO test pluginAlias to be secure
if ($plugin_type === 'client') {
$ext = '.jar';
} else {
$ext = '.php';
}
//set file data
if (!is_null($request->pluginData)) {
file_put_contents($GLOBALS["dces_dir_{$plugin_type}_plugins"] . '/' . $request->pluginAlias . $ext, $request->pluginData);
}
//prepare set plugin description
$col_value = array();
if (!is_null($request->description)) {
$col_value['description'] = $request->description;
}
if ($modify) {
$query = Data::composeUpdateQuery("{$plugin_type}_plugin", $col_value, $where_clause);
} else {
$col_value['alias'] = $request->pluginAlias;
$query = Data::composeInsertQuery("{$plugin_type}_plugin", $col_value);
}
Data::submitModificationQuery($query);
return new AcceptedResponse();
}
function processCreateContestRequest($request)
{
//get user_id or die, if session is invalid
$user_row = RequestUtils::testSession($request->sessionID);
//authorize user for this operation
$user_type = $user_row['user_type'];
if ($user_type !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
unset($request->contest->contestID);
RequestUtils::assertContestSettingsIntegrity($request->contest);
$col_value = array('settings' => serialize($request->contest));
Data::submitModificationQuery(Data::composeInsertQuery('contest', $col_value));
Data::execPendingQueries();
$id = Data::getInsertedID();
$ccr = new CreateContestResponse();
$ccr->createdContestID = $id;
return $ccr;
}
function processSubmitSolutionRequest($request)
{
$prfx = DB_PREFIX;
//get user_id or die, if session is invalid
$userRow = RequestUtils::testSession($request->sessionID);
$user_id = $userRow['id'];
//authorize user for this operation
// get contest ID
$user_type = $userRow['user_type'];
//get problem row
$problem_row = Data::getRow(sprintf("SELECT * FROM {$prfx}problem WHERE id=%s", Data::quote_smart($request->problemID)));
if (!$problem_row) {
throwBusinessLogicError(4);
}
//get contest id of a problem
$problem_contest_id = $problem_row['contest_id'];
//test if we have rights to submit solution for the contest
$contest_id = RequestUtils::getRequestedContest($problem_contest_id, $userRow['contest_id'], $user_type);
if ($contest_id < 0) {
throwBusinessLogicError(0);
}
//get all settings
$contest_settings = Data::_unserialize($userRow['settings']);
//test submission time
$cur_time = getCurrentContestTime($contest_settings, DateMySQLToPHP($userRow['contest_start']), DateMySQLToPHP($userRow['contest_finish']));
if ($cur_time['interval'] === 'before') {
throwBusinessLogicError(19);
}
if ($cur_time['interval'] === 'after') {
throwBusinessLogicError(20);
}
$problem_settings = Data::_unserialize($problem_row['contest_settings']);
//test that not all submission attempts were used
$hist = Data::getRow(sprintf("SELECT COUNT(*) AS cnt FROM {$prfx}submission_history WHERE (problem_id=%s) AND (user_id=%s)", Data::quote_smart($request->problemID), Data::quote_smart($user_id)));
if ($hist >= getSetting($contest_settings->problemsDefaultSettings->sendCount, $problem_settings->sendCount)) {
throwBusinessLogicError(21);
}
//save submission result in history
$cur_php_time = getdate();
$col_value = array();
$col_value['problem_id'] = $request->problemID;
$col_value['user_id'] = $user_id;
$col_value['submission'] = serialize($request->problemResult);
$col_value['result'] = null;
//serialize($check_result);
$col_value['submission_time'] = DatePHPToMySQL($cur_php_time[0]);
//TODO implement asynchronous plugin
//get problem and create plugin
$problem = new Problem(getProblemFile($request->problemID));
$plugin_alias = $problem->getServerPlugin();
require_once getServerPluginFile();
require_once getServerPluginFile($plugin_alias);
$plugin = new $plugin_alias($problem);
//check solution
$last_result = $plugin->checkSolution(Data::getInsertedID(), $request->problemResult);
$col_value['result'] = serialize($last_result);
Data::submitModificationQuery(Data::composeInsertQuery('submission_history', $col_value));
//get result for result table and store in user
$all_results = Data::_unserialize($userRow['results']);
$user_result = ResultUtils::getUserResults($user_id, $request->problemID, getSetting($contest_settings->problemsDefaultSettings->tableResultChoice, $problem_settings->tableResultChoice), getSetting($contest_settings->problemsDefaultSettings->resultTransition, $problem_settings->resultTransition), $plugin, $last_result);
//update user result for results table
$all_results[$request->problemID] = $user_result;
Data::submitModificationQuery(Data::composeUpdateQuery('user', array('results' => serialize($all_results)), 'id=' . Data::quote_smart($user_id)));
//return submission result
$res = new AcceptedResponse();
return $res;
}
/**
* creates queries to change problem set
* @param $problems new problems
* @param $contest_id contest id
* @return array() list of temporary files. NULL if the existing file was used
*/
function queriesToAdjustProblems($problems, $contest_id)
{
$prfx = DB_PREFIX;
$changed_probs = array();
//problems that will be changed by request
$temp_probs = array();
//find all contest problems
$prob2settings = array();
$res = Data::getRows(sprintf("SELECT * FROM {$prfx}problem WHERE contest_id=%s", Data::quote_smart($contest_id)));
while ($row = Data::getNextRow($res)) {
$prob2settings[$row['id']] = Data::_unserialize($row['contest_settings']);
}
$contest_pos = 1;
foreach ($problems as $p) {
$col_value = array();
//new problem must have 1) data 2) settings
//set contest id
$col_value['contest_id'] = $contest_id;
$col_value['contest_pos'] = $contest_pos++;
if ($p->id != -1 && !isset($prob2settings[$p->id])) {
throwBusinessLogicError(4);
}
//find problem file or make temporary if a new problem was sent
if ($p->problem) {
$problem_file = getTemporaryProblemFile();
@file_put_contents($problem_file, $p->problem) or throwServerProblem(200, 'failed to write problem file: ' . $problem_file);
$temp_probs[] = $problem_file;
} else {
if ($p->id < 0) {
throwBusinessLogicError(1);
}
$problem_file = getProblemFile($p->id);
$temp_probs[] = NULL;
}
$problem = new Problem($problem_file);
//get server plugin
//TODO improve security here
$plugin_alias = $problem->getServerPlugin();
require_once getServerPluginFile($plugin_alias);
$plugin = new $plugin_alias($problem);
//TODO consider calling updaters here instead of manual insertion of values
//TODO recheck all values if new plugin specified
$col_value['checker_columns'] = serialize($plugin->getColumnNames());
$col_value['result_columns'] = serialize(array());
//copy per contest settings
if ($p->settings) {
if ($p->id != -1) {
$new_settings = $prob2settings[$p->id];
copyValues($p->settings, $new_settings);
} else {
$new_settings = $p->settings;
}
$col_value['contest_settings'] = serialize($new_settings);
} else {
if ($p->id < 0) {
throwBusinessLogicError(1);
}
}
//query depends on whether we add or change a problem
if ($p->id == -1) {
Data::submitModificationQuery(Data::composeInsertQuery('problem', $col_value));
} else {
Data::submitModificationQuery(Data::composeUpdateQuery('problem', $col_value, "id='{$p->id}'"));
$changed_probs[$p->id] = 1;
}
}
//delete extra problems
foreach (array_keys($prob2settings) as $id) {
if (!isset($changed_probs[$id])) {
Data::submitModificationQuery("DELETE FROM {$prfx}problem WHERE id='{$id}'");
}
}
return $temp_probs;
}
function processRegisterToContestRequest($request)
{
$prfx = DB_PREFIX;
//get user_id or die, if session is invalid
if (is_null($request->sessionID)) {
if (!is_numeric($request->contestID)) {
throwBusinessLogicError(14);
}
$contest_id = (int) $request->contestID;
$request_user_type = '__Anonymous';
} else {
$userRow = RequestUtils::testSession($request->sessionID);
$request_user_id = $userRow['id'];
$request_user_type = $userRow['user_type'];
$contest_id = RequestUtils::getRequestedContest($request->contestID, $userRow['contest_id'], $request_user_type);
//make possible for superadmin to register users of zero-contest
if ($request_user_type == 'SuperAdmin' && ($request->contestID == 0 || $request->contestID == -1)) {
$contest_id = 0;
}
if ($contest_id == -1) {
throwBusinessLogicError(0);
}
}
//test permissions
if ($contest_id != 0) {
$contest_row = Data::getRow(sprintf("SELECT * FROM {$prfx}contest WHERE id=%s", Data::quote_smart($contest_id))) or throwBusinessLogicError(14);
//test if this contest gets users only by admins
$contest_settings = @unserialize($contest_row['settings']);
if ($contest_settings->registrationType === 'ByAdmins') {
if ($request_user_type !== "ContestAdmin" && $request_user_type !== "SuperAdmin") {
throwBusinessLogicError(0);
}
}
} else {
if ($request_user_type !== "ContestAdmin") {
throwBusinessLogicError(0);
}
}
//get user from request
$u = $request->user;
//test that superadmins are registered only for 0 contest
if ($u->userType === 'SuperAdmin' && $contest_id != 0) {
throwBusinessLogicError(18);
}
//test that there is no user with the same login in this contest
if (Data::hasRows(sprintf("SELECT * FROM {$prfx}user WHERE contest_id=%s AND login=%s", Data::quote_smart($contest_id), Data::quote_smart($u->login)))) {
throwBusinessLogicError(14);
}
//not participants may be added only by admins
if ($u->userType !== "Participant") {
if ($request_user_type !== "ContestAdmin" && $request_user_type !== "SuperAdmin") {
throwBusinessLogicError(0);
}
}
//add user finally
$col_value = array();
$col_value['login'] = $u->login;
$col_value['password'] = $u->password;
$col_value['user_data'] = @serialize($u->dataValue);
$col_value['contest_id'] = $contest_id;
$col_value['user_type'] = $u->userType;
$col_value['results'] = @serialize(array());
if (strlen($u->login) == 0) {
throwBusinessLogicError(22);
}
if (week_password($u->password)) {
throwBusinessLogicError(23);
}
Data::submitModificationQuery(Data::composeInsertQuery('user', $col_value));
return new AcceptedResponse();
}
