public function edit($id = null)
{
$header['title'] = 'Thêm môn học';
$data = array();
if ($this->input->post()) {
$id = $this->input->post('id', 0);
$data['subjects_name'] = sanitizeText($this->input->post('subjects_name'));
$isValid = $this->subjectlib->validate($data);
if ($isValid) {
if (!$id) {
// save into subject table
$this->subject_model->create($data);
} else {
$this->subject_model->update_by_pkey($id, $data);
}
unset($data);
// remove cache after create/update
$this->lphcache->cleanCacheByFunction($this->subject_model->table_name, 'getAll');
redirect(BACKEND_V2_TMPL_PATH . 'subject/lists');
}
}
if ($id) {
$header['title'] = 'Chỉnh sửa môn học';
$data['subject'] = $this->subject_model->find_by_pkey($id);
$data['id'] = $id;
}
$data['title'] = $header['title'];
$content = $this->load->view(BACKEND_V2_TMPL_PATH . 'subject/edit', $data, true);
$this->loadTemnplateBackend($header, $content);
}
/**
* Method to send notification
*
* @param int $toUserid
* @param array $details
* @param int $userid
* @param bool $withPrivacy
* @param string $privacyId
* @param \App\\Models\\User $privacyUser
* @return boolean
*/
public function send($toUserid, $details = [], $userid = null, $withPrivacy = false, $privacyId = null, $privacyUser = null)
{
$userid = empty($userid) ? \Auth::user()->id : $userid;
if ($withPrivacy) {
//check if the notification receiver has disabled receiving from this notification type
if (!$privacyUser->present()->privacy($privacyId, 1)) {
return false;
}
}
$expectedDetails = ['title' => '', 'content' => '', 'seen' => 0, 'data' => []];
/**
* @var $title
* @var $content
* @var $seen
* @var $data
*/
extract($allDetails = array_merge($expectedDetails, $details));
$notification = $this->model->newInstance();
$notification->user_id = $userid;
$notification->to_user_id = $toUserid;
$notification->title = sanitizeText($title);
$notification->content = $content;
$notification->data = empty($details) ? '' : perfectSerialize($details);
$notification->save();
$this->realTimeRepository->add($toUserid, 'notification');
$this->event->fire('notification.send', [$notification, $details]);
return $notification;
}
public function edit($id = null)
{
$header['title'] = 'Thêm hình thức thi';
$data = array();
if ($this->input->post()) {
$id = intval($this->input->post('id'));
$data['title'] = sanitizeText($this->input->post('title'));
$data['time'] = intval($this->input->post('time'));
$isValid = $this->examlib->validate($data);
if ($isValid) {
if (!$id) {
// save into exam table
$this->exam_model->create_ignore($data);
} else {
$this->exam_model->update_by_pkey($id, $data);
}
unset($data);
// remove cache after create/update
$this->lphcache->cleanCacheByFunction($this->exam_model->table_name, 'getAll');
redirect(BACKEND_V2_TMPL_PATH . 'exam/lists');
}
}
if ($id) {
$header['title'] = 'Chỉnh sửa hình thức thi';
$data['exam'] = $this->exam_model->find_by_pkey($id);
$data['id'] = $id;
}
$data['title'] = $header['title'];
$content = $this->load->view(BACKEND_V2_TMPL_PATH . 'exam/edit', $data, TRUE);
$this->loadTemnplateBackend($header, $content);
}
public function edit($id = null)
{
$header['title'] = 'Thêm lớp';
$data = array();
if ($this->input->post()) {
$id = $this->input->post('id', 0);
$data['class_name'] = strtoupper(sanitizeText($this->input->post('class_name')));
$data['block_id'] = intval($this->input->post('block_id'));
$isValid = $this->clazzlib->validate($data);
if ($isValid) {
if (!$id) {
// save into academic table
$this->class_model->create($data);
} else {
$this->class_model->update_by_pkey($id, $data);
}
unset($data);
// remove cache after create/update
$this->lphcache->cleanCacheByFunction($this->class_model->table_name, 'getAll');
redirect(BACKEND_V2_TMPL_PATH . 'clazz/lists');
}
}
if ($id) {
$header['title'] = 'Chỉnh sửa lớp';
$data['clazz'] = $this->class_model->find_by_pkey($id);
$data['id'] = $id;
}
$data['title'] = $header['title'];
$data['blocks'] = $this->block_model->getAll();
$content = $this->load->view(BACKEND_V2_TMPL_PATH . 'clazz/edit', $data, true);
$this->loadTemnplateBackend($header, $content);
}
function escape($item)
{
if (get_magic_quotes_gpc()) {
$item = stripcslashes($item);
}
return sanitizeText($item);
}
public function save($val, $page)
{
$expected = ['title' => '', 'keywords' => '', 'description' => '', 'tags' => '', 'privacy' => 0, 'comments' => 1, 'likes' => 1, 'active' => 1, 'show_menu' => 1, 'content' => ''];
/**
* @var $title
* @var $keywords
* @var $description
* @var $tags
* @var $privacy
* @var $comments
* @var $likes
* @var $active
* @var $show_menu
* @var $content
*/
extract(array_merge($expected, $val));
$page->title = $title;
$page->description = sanitizeText($description);
$page->keywords = sanitizeText($keywords);
$page->tags = $tags;
$page->privacy = $privacy;
$page->show_menu = $show_menu;
$page->content = lawedContent($content);
$page->show_comments = $comments;
$page->show_likes = $likes;
$page->content = $content;
$page->active = $active;
$page->save();
return true;
}
public function save($title, $album)
{
$album->title = sanitizeText($title);
$slug = toAscii($title);
$album->slug = $album->id . (!empty($slug) ? '-' . $slug : '');
$album->save();
return $album;
}
public function validate($title)
{
$oldTitle = $title;
$title = sanitizeText($title);
$this->CI->form_validation->set_data(array('title' => $title));
$config = array(array('field' => 'title', 'label' => 'Tên kho', 'rules' => 'required|min_length[6]|max_length[255]'));
$this->CI->form_validation->set_message('required', 'Tên kho [' . htmlentities($oldTitle) . '] không hợp lệ');
$this->CI->form_validation->set_message('min_length', 'Tên kho ít nhất phải có {param} ký tự');
$this->CI->form_validation->set_message('max_length', 'Tên kho phải nhỏ hơn {param} ký tự');
$this->CI->form_validation->set_rules($config);
return $this->CI->form_validation->run();
}
public function block($userid, $byUserid)
{
if (!$this->hasBlock($byUserid, $userid)) {
$block = $this->model->newInstance();
$block->user_id = sanitizeText($byUserid);
$block->block_id = sanitizeText($userid);
$block->save();
$this->cache->forget('blocked_users_' . $byUserid);
return true;
}
return false;
}
/**
* Method to add category
*
* @param int $id
* @param string $title
* @return boolean
*/
public function add($id, $title)
{
if (!is_numeric($id)) {
return false;
}
if (!$this->exists($id, $title)) {
$category = $this->model->newInstance();
$category->community_id = $id;
$category->title = sanitizeText($title, 100);
$category->slug = hash('crc32', $title . time());
$category->save();
$this->cache->forget('community-categoies-' . $id);
return $category;
}
return false;
}
public function save($val, $category)
{
$expected = ['title', 'description'];
/**
* @var $title
* @var $description
*/
extract(array_merge($expected, $val));
if (!empty($title) and !$this->seperateExists($title, $category->id)) {
$category->title = sanitizeText($title, 130);
$category->slug = \Str::slug($title);
$category->description = sanitizeText($description);
$category->save();
return true;
}
return true;
}
/**
* Method to add hashtag into database
*
* @param string $hash
* @param boolean $increament
* @return bool
*/
public function add($hash, $increament = true)
{
$hash = trim($hash);
if ($this->exists($hash)) {
/**
* Update the use count for this hashtag
*/
$this->model->where('hash', '=', $hash)->increment('count');
} else {
if ($increament) {
$hashtag = $this->model->newInstance();
$hashtag->hash = sanitizeText($hash);
$hashtag->count = 1;
$hashtag->save();
}
}
return true;
}
/**
* Method to add languages
*
* @param array $val
* @return boolean
*/
public function add($val)
{
$expected = ['var' => '', 'name' => ''];
/**
* @var $var
* @var $name
*/
extract(array_merge($expected, $val));
/**Check for existence**/
if ($this->exists($var)) {
return false;
}
$model = $this->model->newInstance();
$model->var = sanitizeText($var, 10);
$model->name = sanitizeText($name, 100);
$model->save();
$this->cache->forget('languages');
$this->event->fire("language.added", $val);
return true;
}
/**
* Method to add a report
*
* @param array $val
* @return boolean
*/
public function add($val)
{
$expected = ['type' => '', 'url' => '', 'reason' => ''];
/**
* @var $type
* @var $url
* @var $reason
*/
extract($val = array_merge($expected, $val));
if (empty($reason)) {
return false;
}
$report = $this->model->newInstance();
$report->url = sanitizeText($url);
$report->user_id = \Auth::user()->id;
$report->type = sanitizeText($type, 50);
$report->reason = \Hook::fire('filter-text', sanitizeText($reason));
$report->save();
return true;
}
/**
* MEthod to add member to a community
*
* @param int $id
* @param int $userid
* @return boolean
*/
public function add($id, $userid = null)
{
if (!\Auth::check() and empty($userid)) {
return false;
}
$userid = empty($userid) ? \Auth::user()->id : $userid;
if (!$this->exists($id, $userid)) {
$member = $this->model->newInstance();
$member->community_id = sanitizeText($id);
$member->user_id = sanitizeText($userid);
$member->save();
$this->cache->forget('community-members-' . $id);
$this->cache->forget('user-communities' . $userid);
$this->cache->forget('community-suggestions-' . $userid);
//lets send a notification to the owner of this community
$community = app('App\\Repositories\\CommunityRepository')->get($id);
$this->notification->send($community->user_id, ['path' => 'notification.community.join', 'community' => $community], $userid);
return true;
}
return true;
}
/**
* Method to send newsletter
*
* @param array $val
* @return bool
*/
public function send($val)
{
$expected = ['subject', 'content', 'to', 'selected'];
/**
* @var $subject
* @var $content
* @var $to
* @var $selected
*/
extract(array_merge($expected, $val));
if (empty($subject) or empty($content)) {
return false;
}
//first add the newsletter to the table
$newsletter = $this->model->newInstance();
$newsletter->subject = sanitizeText($subject);
$newsletter->content = $content;
$newsletter->to = $to == 'all' ? 'all' : $selected;
$newsletter->save();
return $this->sendIt($newsletter);
}
/**
* Method to send message to a user
*
* @param int $userid
* @param string $text
* @param string $image
* @param int $fromUserid
* @return bool
*/
public function send($userid, $text, $image = null, $fromUserid = null)
{
$fromUserid = $fromUserid ? $fromUserid : \Auth::user()->id;
if (!$this->canSendEachOther($userid, $fromUserid)) {
return false;
}
$conversation = $this->conversationRepository->ensureConnection($userid, $fromUserid);
$photo = '';
if ($image) {
$photo = $this->photoRepository->upload($image, ['path' => 'users/' . $fromUserid, 'slug' => 'messages', 'userid' => $fromUserid]);
}
$message = $this->model->newInstance();
$message->text = \Hook::fire('filter-text', sanitizeText($text));
$message->sender = sanitizeText($fromUserid);
$message->receiver = sanitizeText($userid);
$message->image = $photo;
$message->conversation_id = $conversation->id;
$message->save();
$this->event->fire('message.send', [$message]);
$this->realTimeRepository->add($userid, 'message');
return $message;
}
/**
* Method to add like
*
* @param string $type
* @param int $id
* @param int $userid
* @return int
*/
public function add($type, $id, $userid = null)
{
$type = sanitizeText($type);
$id = sanitizeText($id);
$userid = sanitizeText($userid);
if (!is_numeric($id)) {
return false;
}
$userid = empty($userid) ? \Auth::user()->id : $userid;
if ($this->hasLiked($type, $id, $userid)) {
return $this->count($type, $id);
}
$like = $this->model->newInstance();
$like->user_id = $userid;
$like->type = $type;
$like->type_id = $id;
$like->save();
$this->event->fire('like.add', [$userid, $type, $id]);
$this->cache->forget('likes-' . $type . $id);
$this->cache->forget($type . '-likes-' . $userid);
return $this->count($type, $id);
}
public function edit($id = null)
{
$titleHeader = 'Thêm kho chứa mới';
$data = array();
if ($this->input->post()) {
$id = (int) $this->input->post('storage_id', 0);
$title = $this->input->post('title');
$isValid = $this->storagelib->validate($title);
if ($isValid) {
$value['title'] = sanitizeText($title);
$subjects_id = $this->getUserInfo()->subjects_id;
if ($subjects_id) {
$value['subjects_id'] = $subjects_id;
} else {
$value['subjects_id'] = (int) $this->input->post('subjects_id');
}
if (!$id) {
$this->storage_model->create($value);
} else {
$this->storage_model->update_by_pkey($id, $value);
}
unset($value);
redirect(BACKEND_V2_TMPL_PATH . 'storage/lists');
}
}
if ($id) {
$title = 'Chỉnh sửa kho chứa';
$data['storage'] = $this->storage_model->find_by_pkey($id);
$data['id'] = $id;
}
$header['title'] = $titleHeader;
$data['title'] = $titleHeader;
$data['user'] = $this->getUserInfo();
$data['subjects'] = $this->subject_model->getAll();
$content = $this->load->view(BACKEND_V2_TMPL_PATH . 'storage/edit', $data, TRUE);
$this->loadTemnplateBackend($header, $content);
}
/**
* Method to save custom field
*
* @param array $val
* @param int $id
* @return boolean
*/
public function save($val, $id)
{
$expected = ['name' => '', 'type' => 'profile', 'description' => '', 'field_type' => '', 'options' => []];
/**
* @var $name
* @var $type
* @var $description
* @var $field_type
* @var $options
*/
extract(array_merge($expected, $val));
$field = $this->get($id);
if (!empty($field)) {
$field->name = sanitizeText($name, 100);
$field->description = sanitizeText($description);
$field->type = $type;
$field->field_type = $field_type;
$field->data = serialize($options);
$field->save();
$this->cache->forget($this->cacheName . $type);
return true;
}
return true;
}
public function updateCover($id, $image)
{
return $this->model->where('id', '=', $id)->update(['cover' => sanitizeText($image)]);
}
function DBNewRun($param, $c = null)
{
if (isset($param['contestnumber']) && !isset($param['contest'])) {
$param['contest'] = $param['contestnumber'];
}
if (isset($param['sitenumber']) && !isset($param['site'])) {
$param['site'] = $param['sitenumber'];
}
if (isset($param['usernumber']) && !isset($param['user'])) {
$param['user'] = $param['usernumber'];
}
if (isset($param['number']) && !isset($param['runnumber'])) {
$param['runnumber'] = $param['number'];
}
if (isset($param['runlangnumber']) && !isset($param['lang'])) {
$param['lang'] = $param['runlangnumber'];
}
if (isset($param['runproblem']) && !isset($param['problem'])) {
$param['problem'] = $param['runproblem'];
}
$ac = array('contest', 'site', 'user', 'problem', 'lang', 'filename', 'filepath');
$ac1 = array('runnumber', 'rundate', 'rundatediff', 'rundatediffans', 'runanswer', 'runstatus', 'runjudge', 'runjudgesite', 'runjudge1', 'runjudgesite1', 'runanswer1', 'runjudge2', 'runjudgesite2', 'runanswer2', 'autoip', 'autobegindate', 'autoenddate', 'autoanswer', 'autostdout', 'autostderr', 'updatetime');
$type['contest'] = 1;
$type['autobegindate'] = 1;
$type['autoenddate'] = 1;
$type['problem'] = 1;
$type['updatetime'] = 1;
$type['site'] = 1;
$type['user'] = 1;
$type['runnumber'] = 1;
$type['rundatediffans'] = 1;
$type['rundatediff'] = 1;
$type['rundate'] = 1;
$type['runanswer'] = 1;
$type['runjudge'] = 1;
$type['runjudgesite'] = 1;
$type['runjudge1'] = 1;
$type['runjudgesite1'] = 1;
$type['runanswer1'] = 1;
$type['runjudge2'] = 1;
$type['runjudgesite2'] = 1;
$type['runanswer2'] = 1;
foreach ($ac as $key) {
if (!isset($param[$key]) || $param[$key] == "") {
MSGError("DBNewRun param error: {$key} not found");
return false;
}
if (isset($type[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewRun param error: {$key} is not numeric");
return false;
}
${$key} = sanitizeText($param[$key]);
}
$t = time();
$autoip = '';
$autobegindate = 'NULL';
$autoenddate = 'NULL';
$autoanswer = '';
$autostdout = '';
$autostderr = '';
$runjudge = 'NULL';
$runjudgesite = 'NULL';
$runjudge1 = 'NULL';
$runjudgesite1 = 'NULL';
$runanswer1 = 0;
$runjudge2 = 'NULL';
$runjudgesite2 = 'NULL';
$runanswer2 = 0;
$runnumber = -1;
$updatetime = -1;
$rundatediff = -1;
$rundate = $t;
$runanswer = 0;
$rundatediffans = 999999999;
$runstatus = 'openrun';
foreach ($ac1 as $key) {
if (isset($param[$key])) {
${$key} = sanitizeText($param[$key]);
if (isset($type[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewRun param error: {$key} is not numeric");
return false;
}
}
}
if ($updatetime < 0) {
$updatetime = $t;
}
$cw = false;
if ($c == null) {
$cw = true;
$c = DBConnect();
DBExec($c, "begin work", "DBNewRun(transaction)");
}
$insert = true;
$oid1 = '';
$oid2 = '';
$oldold1 = '';
$oldold2 = '';
$sql = "select sitenextrun as nextrun from " . "sitetable where sitenumber={$site} and contestnumber={$contest} for update";
$r = DBExec($c, $sql, "DBNewRun(get site for update)");
if (DBnlines($r) != 1) {
DBExec($c, "rollback work", "DBNewRun(rollback-site)");
LOGError("Unable to find a unique site/contest in the database. SQL=(" . $sql . ")");
MSGError("Unable to find a unique site/contest in the database.");
return false;
}
$a = DBRow($r, 0);
$n = $a["nextrun"] + 1;
if ($runnumber > 0) {
$sql = "select * from runtable as t where t.contestnumber={$contest} and " . "t.runsitenumber={$site} and t.runnumber={$runnumber}";
$r = DBExec($c, $sql . " for update", "DBNewRun(get run for update)");
$n = DBnlines($r);
if ($n > 0) {
$insert = false;
$lr = DBRow($r, 0);
$t = $lr['updatetime'];
if (isset($lr['autostdout'])) {
$oid1 = $lr['autostdout'];
}
if (isset($lr['autostderr'])) {
$oid2 = $lr['autostderr'];
}
}
$n = $runnumber;
} else {
$runnumber = $n;
}
if ($rundatediff < 0) {
$b = DBSiteInfo($contest, $site, $c);
$dif = $b["currenttime"];
$rundatediff = $dif;
if ($dif < 0) {
if (!isset($param['allowneg'])) {
DBExec($c, "rollback work", "DBNewRun(rollback-started)");
LOGError("Tried to submit a run but the contest is not started. SQL=(" . $sql . ")");
MSGError("The contest is not started yet!");
return 0;
}
}
if (!$b["siterunning"]) {
DBExec($c, "rollback work", "DBNewRun(rollback-over)");
LOGError("Tried to submit a run but the contest is over. SQL=(" . $sql . ")");
MSGError("The contest is over!");
return 0;
}
} else {
$dif = $rundatediff;
}
if ($updatetime > $t || $insert) {
DBExec($c, "update sitetable set sitenextrun={$runnumber}, updatetime=" . $t . " where sitenumber={$site} and contestnumber={$contest} and sitenextrun<{$runnumber}", "DBNewRun(update site)");
// LOGError($autostdout);
if (substr($autostdout, 0, 7) == "base64:") {
$autostdout = base64_decode(substr($autostdout, 7));
$oldoid1 = $oid1;
if (($oid1 = DB_lo_import_text($c, $autostdout)) == null) {
DBExec($c, "rollback work", "DBNewRun(rollback-import stdout)");
LOGError("Unable to create a large object for file stdout (run={$runnumber},site={$site},contest={$contest}).");
MSGError("problem importing stdout to database. Contact an admin now!");
return false;
}
} else {
if ($autostdout != '') {
DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
LOGError("Unable to create a large object for file stdout that is not BASE64 (run={$runnumber},site={$site},contest={$contest}).");
MSGError("problem importing stdout (not BASE64) to database. Contact an admin now!");
return false;
}
$oid1 = 'NULL';
}
if (substr($autostderr, 0, 7) == "base64:") {
// LOGError($autostderr);
$autostderr = base64_decode(substr($autostderr, 7));
$oldoid2 = $oid2;
if (($oid2 = DB_lo_import_text($c, $autostderr)) == null) {
DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
LOGError("Unable to create a large object for file stderr (run={$runnumber},site={$site},contest={$contest}).");
MSGError("problem importing stderr to database. Contact an admin now!");
return false;
}
} else {
if ($autostderr != '') {
DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
LOGError("Unable to create a large object for file stderr that is not BASE64 (run={$runnumber},site={$site},contest={$contest}).");
MSGError("problem importing stderr (not BASE64) to database. Contact an admin now!");
return false;
}
$oid2 = 'NULL';
}
}
$ret = 1;
if ($insert) {
if (substr($filepath, 0, 7) != "base64:") {
if (($oid = DB_lo_import($c, $filepath)) === false) {
DBExec($c, "rollback work", "DBNewRun(rollback-import)");
LOGError("DBNewRun: Unable to create a large object for file {$filepath}.");
MSGError("problem importing file {$filepath} to database. Contact an admin now!");
return false;
}
} else {
$filepath = base64_decode(substr($filepath, 7));
if (($oid = DB_lo_import_text($c, $filepath)) == null) {
DBExec($c, "rollback work", "DBNewRun(rollback-import)");
LOGError("DBNewRun: Unable to create a large object for file.");
MSGError("problem importing file to database. Contact an admin now!");
return false;
}
}
DBExec($c, "INSERT INTO runtable (contestnumber, runsitenumber, runnumber, usernumber, rundate, " . "rundatediff, rundatediffans, runproblem, runfilename, rundata, runanswer, runstatus, runlangnumber, " . "runjudge, runjudgesite, runanswer1, runjudge1, runjudgesite1, runanswer2, runjudge2, runjudgesite2, " . "autoip, autobegindate, autoenddate, autoanswer, autostdout, autostderr, updatetime) " . "VALUES ({$contest}, {$site}, {$n}, {$user}, {$rundate}, {$rundatediff}, {$rundatediffans}, {$problem}, '{$filename}', {$oid}, {$runanswer}, " . "'{$runstatus}', {$lang}, {$runjudge}, {$runjudgesite}, {$runanswer1}, {$runjudge1}, {$runjudgesite1}, {$runanswer2}, {$runjudge2}, " . "{$runjudgesite2}, '{$autoip}', {$autobegindate}, {$autoenddate}, '{$autoanswer}', {$oid1}, {$oid2}, {$updatetime})", "DBNewRun(insert run)");
if ($cw) {
DBExec($c, "commit work", "DBNewRun(commit)");
LOGLevel("User {$user} submitted a run (#{$n}) on site #{$site} " . "(problem={$problem},filename={$filename},lang={$lang},contest={$contest},date={$t},datedif={$dif},oid={$oid}).", 2);
}
$ret = 2;
} else {
if ($updatetime > $t) {
$ret = 2;
DBExec($c, "update runtable set rundate={$rundate}, rundatediff={$rundatediff}, " . "rundatediffans={$rundatediffans}, runanswer={$runanswer}, runanswer1={$runanswer1}, runanswer2={$runanswer2}, runstatus='{$runstatus}', " . "runjudge1={$runjudge1}, runjudgesite1={$runjudgesite1}, runjudge2={$runjudge2}, runjudgesite2={$runjudgesite2}, " . "runjudge={$runjudge}, runjudgesite={$runjudgesite}, updatetime={$updatetime}, " . "autoip='{$autoip}', autobegindate={$autobegindate}, autoenddate={$autoenddate}, autoanswer='{$autoanswer}', " . "autostdout={$oid1}, autostderr={$oid2} " . "where runnumber={$runnumber} and contestnumber={$contest} and runsitenumber={$site}", "DBNewRun(update run)");
if (is_numeric($oldoid1)) {
DB_lo_unlink($c, $oldoid1);
}
if (is_numeric($oldoid2)) {
DB_lo_unlink($c, $oldoid2);
}
}
if ($cw) {
DBExec($c, "commit work", "DBNewRun(commit-update)");
}
}
return $ret;
/* // isso gera problemas de portabilidade e de seguranca (quando outros usuarios tambem tem shell
// no servidor e podem construir paginas web. Eles podem usar essas paginas para acessar esses arquivos,
// pois os mesmos ficaram com dono apache/www-data/etc)
umask(0077);
@mkdir("/tmp/boca");
if (!move_uploaded_file ($filepath,
"/tmp/boca/contest${contest}.site${site}.run${n}.user${user}.problem${problem}.time${t}.${filename}"))
LOGLevel("Run not saved as file (run=$n,site=$site,contest=$contest", 1);
*/
}
function importFromXML($ar, $acr, $contest = 0, $localsite = 0)
{
$data = implode("", explode("\n", $ar));
$parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 1);
xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
xml_parse_into_struct($parser, $data, $values, $tags);
xml_parser_free($parser);
// print_r($tags);
// print_r($values);
$orderkeys = array('CONTESTREC', 'SITETIME', 'SITEREC', 'USERREC', 'ANSWERREC', 'LANGUAGEREC', 'PROBLEMREC', 'CLARREC', 'RUNREC', 'TASKREC');
$norderkeys = 10;
$nc = 0;
unset($sitetime);
unset($nsitetime);
$conn = DBConnect();
if ($conn == null) {
return false;
}
// DBExec($conn,"begin work","importFromXML(begin)");
// DBExec($conn,"lock","importFromXML(lock)");
if ($contest != 0) {
$r = DBExec($conn, "select * from contesttable where contestnumber={$contest}");
if (DBnLines($r) == 0) {
echo "Unable to find the contest {$contest} in the database.\n";
DBExec($conn, "rollback work");
return false;
}
$ct = DBRow($r, 0);
if ($localsite == 0) {
$localsite = $ct["contestlocalsite"];
}
} else {
if ($localsite == 0) {
$localsite = 1;
}
}
// $mainsite = $ct["contestmainsite"];
DBClose($conn);
$conn = null;
for ($keyindex = 0; $keyindex < $norderkeys; $keyindex++) {
foreach ($tags as $key => $val) {
if ($values[$val[0]]['type'] != 'open') {
continue;
}
if ($key == "XML") {
continue;
}
if ($key != $orderkeys[$keyindex]) {
continue;
}
if (isset($acr[$key])) {
$ac = $acr[$key];
} else {
continue;
}
foreach ($val as $k => $v) {
if ($values[$v]['type'] != 'open') {
continue;
}
if (count($val) > $k + 1) {
$param = array();
if (isset($ac['site'])) {
for ($i = $v; $i < $val[$k + 1]; $i++) {
$p = strtolower($values[$i]["tag"]);
if ($p == 'site') {
if ($values[$i]["type"] == "complete" && isset($values[$i]["value"])) {
$tmp = sanitizeText(trim(implode('', explode('\\n', $values[$i]["value"]))));
if (is_array($ac['site']) && in_array($tmp, $ac['site'])) {
$param['site'] = $tmp;
} else {
if ($ac['site'] == -1 || $ac['site'] == -2 && $tmp == $localsite || $ac['site'] == -3 && $tmp != $localsite || $ac['site'] > 0 && $ac['site'] == $tmp) {
$param['site'] = $tmp;
}
}
}
}
}
}
for ($i = $v; $i < $val[$k + 1]; $i++) {
$p = strtolower($values[$i]["tag"]);
if (isset($ac[$p]) && $p != 'site') {
if ($values[$i]["type"] == "complete" && isset($values[$i]["value"])) {
if (is_string($ac[$p])) {
$param[$p] = $ac[$p];
} else {
$tmp = sanitizeText(trim(implode('', explode('\\n', $values[$i]["value"]))));
if (is_array($ac[$p]) && in_array($tmp, $ac[$p])) {
$param[$p] = $tmp;
} else {
if ($ac[$p] == -1 || $ac[$p] == -2 && $tmp == $localsite || $ac[$p] == -3 && $tmp != $localsite || $ac[$p] == 0 && isset($param['site']) || $ac[$p] > 0 && $ac[$p] == $tmp) {
$param[$p] = $tmp;
}
}
}
}
}
}
// echo "\nKEY KEY KEY\n";
// print_r($key);
// echo "\nVAL VAL VAL\n";
// print_r($val);
// echo "\n";
// print_r($param);
$param['contestnumber'] = $contest;
if ($key == "CONTESTREC") {
$param['number'] = $contest;
if ($contest == 0) {
$nc = 1;
$contest = DBNewContest($param, $conn);
if ($contest > 0) {
echo "<br><u>Contest {$contest} created</u> (not active by default)<br>";
} else {
echo "<br>Error creating contest<br>";
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
$param['number'] = $contest;
$param['contestnumber'] = $contest;
if ($ret = DBUpdateContest($param, $conn)) {
if ($ret == 2) {
echo "<br>Contest {$contest} updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if (!isset($param['number']) || count($param) < 2) {
continue;
}
if ($key == "SITEREC") {
if (!DBNewSite($contest, $conn, $param)) {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
if ($ret = DBUpdateSite($param, $conn)) {
if ($ret == 2) {
echo "Site " . $param["number"] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
if (isset($nsitetime[$param["number"]])) {
if ($qtd = DBRenewSiteTime($sitetime[$param["number"]], $conn)) {
if ($qtd == 2) {
echo "Time for site " . $param["number"] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
}
if ($key == "SITETIME") {
if (isset($param['site']) && is_numeric($param['site'])) {
$s = $param['site'];
if (!isset($nsitetime[$s])) {
$nsitetime[$s] = 0;
}
$sitetime[$s][$nsitetime[$s]] = $param;
$nsitetime[$s]++;
}
}
if ($key == "USERREC") {
if ($ret = DBNewUser($param, $conn)) {
if ($ret == 2) {
echo "User " . $param["number"] . "/" . $param['site'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "ANSWERREC") {
if ($ret = DBNewAnswer($contest, $param, $conn)) {
if ($ret == 2) {
echo "Answer " . $param["number"] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "LANGUAGEREC") {
if ($ret = DBNewLanguage($contest, $param, $conn)) {
if ($ret == 2) {
echo "Language " . $param['number'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "PROBLEMREC") {
if ($ret = DBNewProblem($contest, $param, $conn)) {
if ($ret == 2) {
echo "Problem " . $param['number'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "TASKREC") {
if ($ret = DBNewTask($param, $conn)) {
if ($ret == 2) {
echo "Task " . $param['number'] . "/" . $param['site'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "CLARREC") {
if ($ret = DBNewClar($param, $conn)) {
if ($ret == 2) {
echo "Clarification " . $param['number'] . "/" . $param['site'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
if ($key == "RUNREC") {
if ($ret = DBNewRun($param, $conn)) {
if ($ret == 2) {
echo "Run " . $param['number'] . "/" . $param['site'] . " updated<br>";
}
} else {
if ($conn != null) {
DBExec($conn, "rollback work");
}
return false;
}
}
}
}
}
}
// DBExec($conn,"commit work","importFromXML(commit)");
return true;
}
function DBNewUser($param, $c = null)
{
if (isset($param['contestnumber']) && !isset($param['contest'])) {
$param['contest'] = $param['contestnumber'];
}
if (isset($param['sitenumber']) && !isset($param['site'])) {
$param['site'] = $param['sitenumber'];
}
if (isset($param['usernumber']) && !isset($param['user'])) {
$param['user'] = $param['usernumber'];
}
if (isset($param['number']) && !isset($param['user'])) {
$param['user'] = $param['number'];
}
$ac = array('contest', 'site', 'user');
$ac1 = array('updatetime', 'username', 'usericpcid', 'userfull', 'userdesc', 'type', 'enabled', 'multilogin', 'pass', 'permitip', 'changepass', 'userip', 'userlastlogin', 'userlastlogout', 'usersession', 'usersessionextra');
$typei['contest'] = 1;
$typei['updatetime'] = 1;
$typei['site'] = 1;
$typei['user'] = 1;
foreach ($ac as $key) {
if (!isset($param[$key]) || $param[$key] == "") {
MSGError("DBNewUser param error: {$key} not found");
return false;
}
if (isset($typei[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewUser param error: {$key} is not numeric");
return false;
}
${$key} = sanitizeText($param[$key]);
}
$username = "******" . $user;
$updatetime = -1;
$pass = null;
$usericpcid = '';
$userfull = '';
$userdesc = '';
$type = 'team';
$enabled = 'f';
$changepass = '******';
$multilogin = '******';
$permitip = '';
$usersession = null;
$usersessionextra = null;
$userip = null;
$userlastlogin = null;
$userlastlogout = null;
foreach ($ac1 as $key) {
if (isset($param[$key])) {
${$key} = sanitizeText($param[$key]);
if (isset($typei[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewUser param error: {$key} is not numeric");
return false;
}
}
}
$t = time();
if ($updatetime <= 0) {
$updatetime = $t;
}
if ($type != "chief" && $type != "judge" && $type != "admin" && $type != "score" && $type != "staff" && $type != "site") {
$type = "team";
}
if ($type == "admin") {
$changepass = "******";
}
if ($enabled != "f") {
$enabled = "t";
}
if ($multilogin != "t") {
$multilogin = "******";
}
if ($changepass != "t") {
$changepass = "******";
}
$cw = false;
if ($c == null) {
$cw = true;
$c = DBConnect();
DBExec($c, "begin work", "DBNewUser(begin)");
}
DBExec($c, "lock table usertable", "DBNewUser(lock)");
$r = DBExec($c, "select * from sitetable where sitenumber={$site} and contestnumber={$contest}", "DBNewUser(get site)");
$n = DBnlines($r);
if ($n == 0) {
DBExec($c, "rollback work", "DBNewUser(no-site)");
MSGError("DBNewUser param error: site {$site} does not exist");
return false;
}
if ($pass != myhash("") && $type != "admin" && $changepass != "t") {
$pass = '******' . $pass;
}
$r = DBExec($c, "select * from usertable where username='******' and usernumber!={$user} and " . "usersitenumber={$site} and contestnumber={$contest}", "DBNewUser(get user)");
$n = DBnlines($r);
$ret = 1;
if ($n == 0) {
$sql = "select * from usertable where usernumber={$user} and usersitenumber={$site} and " . "contestnumber={$contest}";
$a = DBGetRow($sql, 0, $c);
if ($a == null) {
$ret = 2;
$sql = "select * from sitetable where sitenumber={$site} and contestnumber={$contest}";
$aa = DBGetRow($sql, 0);
if ($aa == null) {
DBExec($c, "rollback work");
MSGError("Site {$site} does not exist");
return false;
}
$sql = "insert into usertable (contestnumber, usersitenumber, usernumber, username, usericpcid, userfullname, " . "userdesc, usertype, userenabled, usermultilogin, userpassword, userpermitip) values " . "({$contest}, {$site}, {$user}, '{$username}', '{$usericpcid}', '{$userfull}', '{$userdesc}', '{$type}', '{$enabled}', " . "'{$multilogin}', '{$pass}', '{$permitip}')";
DBExec($c, $sql, "DBNewUser(insert)");
if ($cw) {
DBExec($c, "commit work");
}
LOGLevel("User {$user} (site={$site},contest={$contest}) included.", 2);
} else {
if ($updatetime > $a['updatetime']) {
$ret = 2;
$sql = "update usertable set username='******', usericpcid='{$usericpcid}', userdesc='{$userdesc}', updatetime={$updatetime}, " . "userfullname='{$userfull}', usertype='{$type}', userpermitip='{$permitip}', ";
if ($pass != null && $pass != myhash("")) {
$sql .= "userpassword='******', ";
}
if ($usersession != null) {
$sql .= "usersession='{$usersession}', ";
}
if ($usersessionextra != null) {
$sql .= "usersessionextra='{$usersessionextra}', ";
}
if ($userip != null) {
$sql .= "userip='{$userip}', ";
}
if ($userlastlogin != null) {
$sql .= "userlastlogin='******', ";
}
if ($userlastlogout != null) {
$sql .= "userlastlogout='{$userlastlogout}', ";
}
$sql .= "userenabled='{$enabled}', usermultilogin='******'";
$sql .= " where usernumber={$user} and usersitenumber={$site} and contestnumber={$contest}";
$r = DBExec($c, $sql, "DBNewUser(update)");
if ($cw) {
DBExec($c, "commit work");
}
LOGLevel("User {$user} (username={$username},site={$site},contest={$contest}) updated.", 2);
}
}
} else {
DBExec($c, "rollback work");
LOGLevel("Update problem for user {$user} (site={$site},contest={$contest}) (maybe username already in use).", 1);
MSGError("Update problem for user {$user}, site {$site} (maybe username already in use).");
return false;
}
return $ret;
}
function sanitizeUserInfo($info)
{
//we also need to clean each info provided alsoe
$newInfo = [];
foreach ($info as $key => $value) {
$newInfo[$key] = sanitizeText($value);
}
return $newInfo;
}
<th>Câu hỏi</th>
<th>Tên kho</th>
<th>Thời gian tạo</th>
<th>Xử lý</th>
</tr>
</thead>
<tbody>
<?php
$i = 1;
foreach ($lists as $key => $value) :
?>
<tr class="gradeX" data-id="<?php echo $value->storage_question_id; ?>">
<td><?php echo $i++; ?></td>
<td>
<a class="sq-ajax-modal" href="<?php echo site_url(BACKEND_V2_TMPL_PATH . 'storage-question/view/' . $value->storage_question_id); ?>">
<?php echo word_limiter(sanitizeText($value->question_name), 6); ?>
</a>
<td><?php echo $value->title; ?></td>
<td><?php echo setDate($value->updated_time, 'time'); ?></td>
<td class="actions">
<a href="#" class="on-default edit-row"><i class="fa fa-pencil"></i></a>
<a href="#" class="on-default remove-row"><i class="fa fa-trash-o"></i></a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</section>
<?php echo $this->load->view(BACKEND_V2_TMPL_PATH . 'dialogs/dialog_delete', null, true); ?>
<!-- Specific Page Vendor -->
function LOGLevel($msg, $level, $dodb = true)
{
$msga = sanitizeText(str_replace("\n", " ", $msg));
$msg = now() . ": ";
if (!get_cfg_var('define_syslog_variables')) {
if (function_exists('define_syslog_variables')) {
define_syslog_variables();
}
}
$prior = LOG_CRIT;
switch ($level) {
case 0:
$msg .= "ERROR: ";
$type = "error";
$prior = LOG_ERR;
break;
case 1:
$msg .= "WARN: ";
$type = "warn";
$prior = LOG_WARNING;
break;
case 2:
$msg .= "INFO: ";
$type = "info";
$prior = LOG_INFO;
break;
case 3:
$msg .= "DEBUG: ";
$type = "debug";
$prior = LOG_DEBUG;
break;
}
$msg .= getIPHost() . ": " . $msga;
openlog("BOCA", LOG_ODELAY, LOG_USER);
syslog($prior, $msg);
closelog();
if ($dodb && isset($_SESSION["usertable"])) {
DBNewLog($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $type, getIP(), $msga, "");
}
}
/**
* Admincp update a user
*
* @param array $val
* @param \App\Models\User $user
* @return boolean
*/
public function adminUpdate($val, $user)
{
//if (\Auth::user()->id != 1) return false;
$expected = ['fullname' => '', 'username' => '', 'email' => '', 'genre' => '', 'verified' => '', 'activated' => '', 'admin' => 0, 'password' => ''];
/**
* @var $fullname
* @var $username
* @var $email
* @var $genre
* @var $verified
* @var $activated
* @var $admin
* @var $password
*/
extract($val = array_merge($expected, $val));
$user->email_address = $email;
$user->fullname = sanitizeText($fullname, 100);
$user->username = sanitizeText($username);
$user->genre = $genre;
$user->verified = $verified;
$user->activated = $activated;
if ($password) {
$user->password = \Hash::make($password);
}
if ($activated) {
$user->active = 1;
$this->mustAvoidUserRepository->remove($user->id);
}
$user->admin = $admin;
$user->save();
return true;
}
echo "Failed to unzip the package file -- please check the problem package (maybe it is encrypted?)\n";
DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (1)");
cleardir($dir . $ds . "problemdata");
continue;
}
if (($info = @parse_ini_file($dir . $ds . "problemdata" . $ds . "description" . $ds . 'problem.info')) === false) {
echo "Problem content missing (description/problem.info) -- please check the problem package\n";
DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (2)");
cleardir($dir . $ds . "problemdata");
continue;
}
if (isset($info['descfile'])) {
$descfile = trim(sanitizeText($info['descfile']));
}
$basename = trim(sanitizeText($info['basename']));
$fullname = trim(sanitizeText($info['fullname']));
if ($basename == '') {
echo "Problem content missing (description/problem.info) -- please check the problem package\n";
DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (3)");
cleardir($dir . $ds . "problemdata");
continue;
}
$basenames[$run['inputoid'] . "." . $run["inputname"]] = $basename;
if (!is_dir($dir . $ds . "problemdata" . $ds . "limits")) {
echo "Problem content missing (limits) -- please check the problem package\n";
DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (4)");
cleardir($dir . $ds . "problemdata");
continue;
}
chdir($dir . $ds . "problemdata" . $ds . "limits");
$limits[$basename] = array();
function DBNewLanguage($contestnumber, $param, $c = null)
{
if (isset($param["action"]) && $param["action"] == "delete") {
return DBDeleteLanguage($contestnumber, $param, $c);
}
$ac = array('number', 'name');
$ac1 = array('updatetime', 'extension');
$type['number'] = 1;
$type['updatetime'] = 1;
$extension = '';
foreach ($ac as $key) {
if (!isset($param[$key]) || $param[$key] == "") {
MSGError("DBNewLanguage param error: {$key} not found");
return false;
}
if (isset($type[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewLanguage param error: {$key} is not numeric");
return false;
}
${$key} = sanitizeText($param[$key]);
}
$updatetime = -1;
foreach ($ac1 as $key) {
if (isset($param[$key])) {
${$key} = sanitizeText($param[$key]);
if (isset($type[$key]) && !is_numeric($param[$key])) {
MSGError("DBNewLanguage param error: {$key} is not numeric");
return false;
}
}
}
$t = time();
if ($updatetime <= 0) {
$updatetime = $t;
}
$cw = false;
if ($c == null) {
$cw = true;
$c = DBConnect();
DBExec($c, "begin work", "DBNewLanguage(transaction)");
}
$sql2 = "select * from langtable where contestnumber={$contestnumber} and langnumber={$number}";
$r = DBExec($c, $sql2 . " for update", "DBNewLanguage(get lang)");
$n = DBnlines($r);
$ret = 1;
if ($n == 0) {
DBExec($c, "insert into langtable (contestnumber,langnumber, langname,langextension) values " . "({$contestnumber}, {$number}, '{$name}','{$extension}')", "DBNewLanguage(insert lang)");
$s = "created";
} else {
$lr = DBRow($r, 0);
$t = $lr['updatetime'];
if ($updatetime > $t) {
if ($name != "") {
DBExec($c, "update langtable set langname='{$name}', updatetime={$updatetime} where contestnumber={$contestnumber} " . "and langnumber={$number}", "DBNewLanguage(update lang)");
}
if ($extension != "") {
DBExec($c, "update langtable set langextension='{$extension}', updatetime={$updatetime} where contestnumber={$contestnumber} " . "and langnumber={$number}", "DBNewLanguage(update lang)");
}
}
$s = "updated";
}
if ($cw) {
DBExec($c, "commit work", "DBNewLanguage(commit)");
}
if ($s == "created" || $updatetime > $t) {
LOGLevel("Language {$number} updated (user="******"usertable"]["usernumber"] . ",site=" . $_SESSION["usertable"]["usersitenumber"] . ",contest={$contestnumber})", 2);
$ret = 2;
}
return $ret;
}