Exemplo n.º 1
0
 public function edit($id = null)
 {
     $header['title'] = 'Thêm môn học';
     $data = array();
     if ($this->input->post()) {
         $id = $this->input->post('id', 0);
         $data['subjects_name'] = sanitizeText($this->input->post('subjects_name'));
         $isValid = $this->subjectlib->validate($data);
         if ($isValid) {
             if (!$id) {
                 // save into subject table
                 $this->subject_model->create($data);
             } else {
                 $this->subject_model->update_by_pkey($id, $data);
             }
             unset($data);
             // remove cache after create/update
             $this->lphcache->cleanCacheByFunction($this->subject_model->table_name, 'getAll');
             redirect(BACKEND_V2_TMPL_PATH . 'subject/lists');
         }
     }
     if ($id) {
         $header['title'] = 'Chỉnh sửa môn học';
         $data['subject'] = $this->subject_model->find_by_pkey($id);
         $data['id'] = $id;
     }
     $data['title'] = $header['title'];
     $content = $this->load->view(BACKEND_V2_TMPL_PATH . 'subject/edit', $data, true);
     $this->loadTemnplateBackend($header, $content);
 }
 /**
  * Method to send notification
  *
  * @param int $toUserid
  * @param array $details
  * @param int $userid
  * @param bool $withPrivacy
  * @param string $privacyId
  * @param \App\\Models\\User $privacyUser
  * @return boolean
  */
 public function send($toUserid, $details = [], $userid = null, $withPrivacy = false, $privacyId = null, $privacyUser = null)
 {
     $userid = empty($userid) ? \Auth::user()->id : $userid;
     if ($withPrivacy) {
         //check if the notification receiver has disabled receiving from this notification type
         if (!$privacyUser->present()->privacy($privacyId, 1)) {
             return false;
         }
     }
     $expectedDetails = ['title' => '', 'content' => '', 'seen' => 0, 'data' => []];
     /**
      * @var $title
      * @var $content
      * @var $seen
      * @var $data
      */
     extract($allDetails = array_merge($expectedDetails, $details));
     $notification = $this->model->newInstance();
     $notification->user_id = $userid;
     $notification->to_user_id = $toUserid;
     $notification->title = sanitizeText($title);
     $notification->content = $content;
     $notification->data = empty($details) ? '' : perfectSerialize($details);
     $notification->save();
     $this->realTimeRepository->add($toUserid, 'notification');
     $this->event->fire('notification.send', [$notification, $details]);
     return $notification;
 }
Exemplo n.º 3
0
 public function edit($id = null)
 {
     $header['title'] = 'Thêm hình thức thi';
     $data = array();
     if ($this->input->post()) {
         $id = intval($this->input->post('id'));
         $data['title'] = sanitizeText($this->input->post('title'));
         $data['time'] = intval($this->input->post('time'));
         $isValid = $this->examlib->validate($data);
         if ($isValid) {
             if (!$id) {
                 // save into exam table
                 $this->exam_model->create_ignore($data);
             } else {
                 $this->exam_model->update_by_pkey($id, $data);
             }
             unset($data);
             // remove cache after create/update
             $this->lphcache->cleanCacheByFunction($this->exam_model->table_name, 'getAll');
             redirect(BACKEND_V2_TMPL_PATH . 'exam/lists');
         }
     }
     if ($id) {
         $header['title'] = 'Chỉnh sửa hình thức thi';
         $data['exam'] = $this->exam_model->find_by_pkey($id);
         $data['id'] = $id;
     }
     $data['title'] = $header['title'];
     $content = $this->load->view(BACKEND_V2_TMPL_PATH . 'exam/edit', $data, TRUE);
     $this->loadTemnplateBackend($header, $content);
 }
Exemplo n.º 4
0
 public function edit($id = null)
 {
     $header['title'] = 'Thêm lớp';
     $data = array();
     if ($this->input->post()) {
         $id = $this->input->post('id', 0);
         $data['class_name'] = strtoupper(sanitizeText($this->input->post('class_name')));
         $data['block_id'] = intval($this->input->post('block_id'));
         $isValid = $this->clazzlib->validate($data);
         if ($isValid) {
             if (!$id) {
                 // save into academic table
                 $this->class_model->create($data);
             } else {
                 $this->class_model->update_by_pkey($id, $data);
             }
             unset($data);
             // remove cache after create/update
             $this->lphcache->cleanCacheByFunction($this->class_model->table_name, 'getAll');
             redirect(BACKEND_V2_TMPL_PATH . 'clazz/lists');
         }
     }
     if ($id) {
         $header['title'] = 'Chỉnh sửa lớp';
         $data['clazz'] = $this->class_model->find_by_pkey($id);
         $data['id'] = $id;
     }
     $data['title'] = $header['title'];
     $data['blocks'] = $this->block_model->getAll();
     $content = $this->load->view(BACKEND_V2_TMPL_PATH . 'clazz/edit', $data, true);
     $this->loadTemnplateBackend($header, $content);
 }
Exemplo n.º 5
0
function escape($item)
{
    if (get_magic_quotes_gpc()) {
        $item = stripcslashes($item);
    }
    return sanitizeText($item);
}
Exemplo n.º 6
0
 public function save($val, $page)
 {
     $expected = ['title' => '', 'keywords' => '', 'description' => '', 'tags' => '', 'privacy' => 0, 'comments' => 1, 'likes' => 1, 'active' => 1, 'show_menu' => 1, 'content' => ''];
     /**
      * @var $title
      * @var $keywords
      * @var $description
      * @var $tags
      * @var $privacy
      * @var $comments
      * @var $likes
      * @var $active
      * @var $show_menu
      * @var $content
      */
     extract(array_merge($expected, $val));
     $page->title = $title;
     $page->description = sanitizeText($description);
     $page->keywords = sanitizeText($keywords);
     $page->tags = $tags;
     $page->privacy = $privacy;
     $page->show_menu = $show_menu;
     $page->content = lawedContent($content);
     $page->show_comments = $comments;
     $page->show_likes = $likes;
     $page->content = $content;
     $page->active = $active;
     $page->save();
     return true;
 }
 public function save($title, $album)
 {
     $album->title = sanitizeText($title);
     $slug = toAscii($title);
     $album->slug = $album->id . (!empty($slug) ? '-' . $slug : '');
     $album->save();
     return $album;
 }
Exemplo n.º 8
0
 public function validate($title)
 {
     $oldTitle = $title;
     $title = sanitizeText($title);
     $this->CI->form_validation->set_data(array('title' => $title));
     $config = array(array('field' => 'title', 'label' => 'Tên kho', 'rules' => 'required|min_length[6]|max_length[255]'));
     $this->CI->form_validation->set_message('required', 'Tên kho [' . htmlentities($oldTitle) . ']  không hợp lệ');
     $this->CI->form_validation->set_message('min_length', 'Tên kho ít nhất phải có {param} ký tự');
     $this->CI->form_validation->set_message('max_length', 'Tên kho phải nhỏ hơn {param} ký tự');
     $this->CI->form_validation->set_rules($config);
     return $this->CI->form_validation->run();
 }
Exemplo n.º 9
0
 public function block($userid, $byUserid)
 {
     if (!$this->hasBlock($byUserid, $userid)) {
         $block = $this->model->newInstance();
         $block->user_id = sanitizeText($byUserid);
         $block->block_id = sanitizeText($userid);
         $block->save();
         $this->cache->forget('blocked_users_' . $byUserid);
         return true;
     }
     return false;
 }
 /**
  * Method to add category
  *
  * @param int $id
  * @param string $title
  * @return boolean
  */
 public function add($id, $title)
 {
     if (!is_numeric($id)) {
         return false;
     }
     if (!$this->exists($id, $title)) {
         $category = $this->model->newInstance();
         $category->community_id = $id;
         $category->title = sanitizeText($title, 100);
         $category->slug = hash('crc32', $title . time());
         $category->save();
         $this->cache->forget('community-categoies-' . $id);
         return $category;
     }
     return false;
 }
Exemplo n.º 11
0
 public function save($val, $category)
 {
     $expected = ['title', 'description'];
     /**
      * @var $title
      * @var $description
      */
     extract(array_merge($expected, $val));
     if (!empty($title) and !$this->seperateExists($title, $category->id)) {
         $category->title = sanitizeText($title, 130);
         $category->slug = \Str::slug($title);
         $category->description = sanitizeText($description);
         $category->save();
         return true;
     }
     return true;
 }
Exemplo n.º 12
0
 /**
  * Method to add hashtag into database
  *
  * @param string $hash
  * @param boolean $increament
  * @return bool
  */
 public function add($hash, $increament = true)
 {
     $hash = trim($hash);
     if ($this->exists($hash)) {
         /**
          * Update the use count for this hashtag
          */
         $this->model->where('hash', '=', $hash)->increment('count');
     } else {
         if ($increament) {
             $hashtag = $this->model->newInstance();
             $hashtag->hash = sanitizeText($hash);
             $hashtag->count = 1;
             $hashtag->save();
         }
     }
     return true;
 }
Exemplo n.º 13
0
 /**
  * Method to add languages
  *
  * @param array $val
  * @return boolean
  */
 public function add($val)
 {
     $expected = ['var' => '', 'name' => ''];
     /**
      * @var $var
      * @var $name
      */
     extract(array_merge($expected, $val));
     /**Check for existence**/
     if ($this->exists($var)) {
         return false;
     }
     $model = $this->model->newInstance();
     $model->var = sanitizeText($var, 10);
     $model->name = sanitizeText($name, 100);
     $model->save();
     $this->cache->forget('languages');
     $this->event->fire("language.added", $val);
     return true;
 }
Exemplo n.º 14
0
 /**
  * Method to add a report
  *
  * @param array $val
  * @return boolean
  */
 public function add($val)
 {
     $expected = ['type' => '', 'url' => '', 'reason' => ''];
     /**
      * @var $type
      * @var $url
      * @var $reason
      */
     extract($val = array_merge($expected, $val));
     if (empty($reason)) {
         return false;
     }
     $report = $this->model->newInstance();
     $report->url = sanitizeText($url);
     $report->user_id = \Auth::user()->id;
     $report->type = sanitizeText($type, 50);
     $report->reason = \Hook::fire('filter-text', sanitizeText($reason));
     $report->save();
     return true;
 }
Exemplo n.º 15
0
 /**
  * MEthod to add member to a community
  *
  * @param int $id
  * @param int $userid
  * @return boolean
  */
 public function add($id, $userid = null)
 {
     if (!\Auth::check() and empty($userid)) {
         return false;
     }
     $userid = empty($userid) ? \Auth::user()->id : $userid;
     if (!$this->exists($id, $userid)) {
         $member = $this->model->newInstance();
         $member->community_id = sanitizeText($id);
         $member->user_id = sanitizeText($userid);
         $member->save();
         $this->cache->forget('community-members-' . $id);
         $this->cache->forget('user-communities' . $userid);
         $this->cache->forget('community-suggestions-' . $userid);
         //lets send a notification to the owner of this community
         $community = app('App\\Repositories\\CommunityRepository')->get($id);
         $this->notification->send($community->user_id, ['path' => 'notification.community.join', 'community' => $community], $userid);
         return true;
     }
     return true;
 }
Exemplo n.º 16
0
 /**
  * Method to send newsletter
  *
  * @param array $val
  * @return bool
  */
 public function send($val)
 {
     $expected = ['subject', 'content', 'to', 'selected'];
     /**
      * @var $subject
      * @var $content
      * @var $to
      * @var $selected
      */
     extract(array_merge($expected, $val));
     if (empty($subject) or empty($content)) {
         return false;
     }
     //first add the newsletter to the table
     $newsletter = $this->model->newInstance();
     $newsletter->subject = sanitizeText($subject);
     $newsletter->content = $content;
     $newsletter->to = $to == 'all' ? 'all' : $selected;
     $newsletter->save();
     return $this->sendIt($newsletter);
 }
Exemplo n.º 17
0
 /**
  * Method to send message to a user
  *
  * @param int $userid
  * @param string $text
  * @param string $image
  * @param int $fromUserid
  * @return bool
  */
 public function send($userid, $text, $image = null, $fromUserid = null)
 {
     $fromUserid = $fromUserid ? $fromUserid : \Auth::user()->id;
     if (!$this->canSendEachOther($userid, $fromUserid)) {
         return false;
     }
     $conversation = $this->conversationRepository->ensureConnection($userid, $fromUserid);
     $photo = '';
     if ($image) {
         $photo = $this->photoRepository->upload($image, ['path' => 'users/' . $fromUserid, 'slug' => 'messages', 'userid' => $fromUserid]);
     }
     $message = $this->model->newInstance();
     $message->text = \Hook::fire('filter-text', sanitizeText($text));
     $message->sender = sanitizeText($fromUserid);
     $message->receiver = sanitizeText($userid);
     $message->image = $photo;
     $message->conversation_id = $conversation->id;
     $message->save();
     $this->event->fire('message.send', [$message]);
     $this->realTimeRepository->add($userid, 'message');
     return $message;
 }
Exemplo n.º 18
0
 /**
  * Method to add like
  *
  * @param string $type
  * @param int $id
  * @param int $userid
  * @return int
  */
 public function add($type, $id, $userid = null)
 {
     $type = sanitizeText($type);
     $id = sanitizeText($id);
     $userid = sanitizeText($userid);
     if (!is_numeric($id)) {
         return false;
     }
     $userid = empty($userid) ? \Auth::user()->id : $userid;
     if ($this->hasLiked($type, $id, $userid)) {
         return $this->count($type, $id);
     }
     $like = $this->model->newInstance();
     $like->user_id = $userid;
     $like->type = $type;
     $like->type_id = $id;
     $like->save();
     $this->event->fire('like.add', [$userid, $type, $id]);
     $this->cache->forget('likes-' . $type . $id);
     $this->cache->forget($type . '-likes-' . $userid);
     return $this->count($type, $id);
 }
Exemplo n.º 19
0
 public function edit($id = null)
 {
     $titleHeader = 'Thêm kho chứa mới';
     $data = array();
     if ($this->input->post()) {
         $id = (int) $this->input->post('storage_id', 0);
         $title = $this->input->post('title');
         $isValid = $this->storagelib->validate($title);
         if ($isValid) {
             $value['title'] = sanitizeText($title);
             $subjects_id = $this->getUserInfo()->subjects_id;
             if ($subjects_id) {
                 $value['subjects_id'] = $subjects_id;
             } else {
                 $value['subjects_id'] = (int) $this->input->post('subjects_id');
             }
             if (!$id) {
                 $this->storage_model->create($value);
             } else {
                 $this->storage_model->update_by_pkey($id, $value);
             }
             unset($value);
             redirect(BACKEND_V2_TMPL_PATH . 'storage/lists');
         }
     }
     if ($id) {
         $title = 'Chỉnh sửa kho chứa';
         $data['storage'] = $this->storage_model->find_by_pkey($id);
         $data['id'] = $id;
     }
     $header['title'] = $titleHeader;
     $data['title'] = $titleHeader;
     $data['user'] = $this->getUserInfo();
     $data['subjects'] = $this->subject_model->getAll();
     $content = $this->load->view(BACKEND_V2_TMPL_PATH . 'storage/edit', $data, TRUE);
     $this->loadTemnplateBackend($header, $content);
 }
Exemplo n.º 20
0
 /**
  * Method to save custom field
  *
  * @param array $val
  * @param int $id
  * @return boolean
  */
 public function save($val, $id)
 {
     $expected = ['name' => '', 'type' => 'profile', 'description' => '', 'field_type' => '', 'options' => []];
     /**
      * @var $name
      * @var $type
      * @var $description
      * @var $field_type
      * @var $options
      */
     extract(array_merge($expected, $val));
     $field = $this->get($id);
     if (!empty($field)) {
         $field->name = sanitizeText($name, 100);
         $field->description = sanitizeText($description);
         $field->type = $type;
         $field->field_type = $field_type;
         $field->data = serialize($options);
         $field->save();
         $this->cache->forget($this->cacheName . $type);
         return true;
     }
     return true;
 }
Exemplo n.º 21
0
 public function updateCover($id, $image)
 {
     return $this->model->where('id', '=', $id)->update(['cover' => sanitizeText($image)]);
 }
Exemplo n.º 22
0
function DBNewRun($param, $c = null)
{
    if (isset($param['contestnumber']) && !isset($param['contest'])) {
        $param['contest'] = $param['contestnumber'];
    }
    if (isset($param['sitenumber']) && !isset($param['site'])) {
        $param['site'] = $param['sitenumber'];
    }
    if (isset($param['usernumber']) && !isset($param['user'])) {
        $param['user'] = $param['usernumber'];
    }
    if (isset($param['number']) && !isset($param['runnumber'])) {
        $param['runnumber'] = $param['number'];
    }
    if (isset($param['runlangnumber']) && !isset($param['lang'])) {
        $param['lang'] = $param['runlangnumber'];
    }
    if (isset($param['runproblem']) && !isset($param['problem'])) {
        $param['problem'] = $param['runproblem'];
    }
    $ac = array('contest', 'site', 'user', 'problem', 'lang', 'filename', 'filepath');
    $ac1 = array('runnumber', 'rundate', 'rundatediff', 'rundatediffans', 'runanswer', 'runstatus', 'runjudge', 'runjudgesite', 'runjudge1', 'runjudgesite1', 'runanswer1', 'runjudge2', 'runjudgesite2', 'runanswer2', 'autoip', 'autobegindate', 'autoenddate', 'autoanswer', 'autostdout', 'autostderr', 'updatetime');
    $type['contest'] = 1;
    $type['autobegindate'] = 1;
    $type['autoenddate'] = 1;
    $type['problem'] = 1;
    $type['updatetime'] = 1;
    $type['site'] = 1;
    $type['user'] = 1;
    $type['runnumber'] = 1;
    $type['rundatediffans'] = 1;
    $type['rundatediff'] = 1;
    $type['rundate'] = 1;
    $type['runanswer'] = 1;
    $type['runjudge'] = 1;
    $type['runjudgesite'] = 1;
    $type['runjudge1'] = 1;
    $type['runjudgesite1'] = 1;
    $type['runanswer1'] = 1;
    $type['runjudge2'] = 1;
    $type['runjudgesite2'] = 1;
    $type['runanswer2'] = 1;
    foreach ($ac as $key) {
        if (!isset($param[$key]) || $param[$key] == "") {
            MSGError("DBNewRun param error: {$key} not found");
            return false;
        }
        if (isset($type[$key]) && !is_numeric($param[$key])) {
            MSGError("DBNewRun param error: {$key} is not numeric");
            return false;
        }
        ${$key} = sanitizeText($param[$key]);
    }
    $t = time();
    $autoip = '';
    $autobegindate = 'NULL';
    $autoenddate = 'NULL';
    $autoanswer = '';
    $autostdout = '';
    $autostderr = '';
    $runjudge = 'NULL';
    $runjudgesite = 'NULL';
    $runjudge1 = 'NULL';
    $runjudgesite1 = 'NULL';
    $runanswer1 = 0;
    $runjudge2 = 'NULL';
    $runjudgesite2 = 'NULL';
    $runanswer2 = 0;
    $runnumber = -1;
    $updatetime = -1;
    $rundatediff = -1;
    $rundate = $t;
    $runanswer = 0;
    $rundatediffans = 999999999;
    $runstatus = 'openrun';
    foreach ($ac1 as $key) {
        if (isset($param[$key])) {
            ${$key} = sanitizeText($param[$key]);
            if (isset($type[$key]) && !is_numeric($param[$key])) {
                MSGError("DBNewRun param error: {$key} is not numeric");
                return false;
            }
        }
    }
    if ($updatetime < 0) {
        $updatetime = $t;
    }
    $cw = false;
    if ($c == null) {
        $cw = true;
        $c = DBConnect();
        DBExec($c, "begin work", "DBNewRun(transaction)");
    }
    $insert = true;
    $oid1 = '';
    $oid2 = '';
    $oldold1 = '';
    $oldold2 = '';
    $sql = "select sitenextrun as nextrun from " . "sitetable where sitenumber={$site} and contestnumber={$contest} for update";
    $r = DBExec($c, $sql, "DBNewRun(get site for update)");
    if (DBnlines($r) != 1) {
        DBExec($c, "rollback work", "DBNewRun(rollback-site)");
        LOGError("Unable to find a unique site/contest in the database. SQL=(" . $sql . ")");
        MSGError("Unable to find a unique site/contest in the database.");
        return false;
    }
    $a = DBRow($r, 0);
    $n = $a["nextrun"] + 1;
    if ($runnumber > 0) {
        $sql = "select * from runtable as t where t.contestnumber={$contest} and " . "t.runsitenumber={$site} and t.runnumber={$runnumber}";
        $r = DBExec($c, $sql . " for update", "DBNewRun(get run for update)");
        $n = DBnlines($r);
        if ($n > 0) {
            $insert = false;
            $lr = DBRow($r, 0);
            $t = $lr['updatetime'];
            if (isset($lr['autostdout'])) {
                $oid1 = $lr['autostdout'];
            }
            if (isset($lr['autostderr'])) {
                $oid2 = $lr['autostderr'];
            }
        }
        $n = $runnumber;
    } else {
        $runnumber = $n;
    }
    if ($rundatediff < 0) {
        $b = DBSiteInfo($contest, $site, $c);
        $dif = $b["currenttime"];
        $rundatediff = $dif;
        if ($dif < 0) {
            if (!isset($param['allowneg'])) {
                DBExec($c, "rollback work", "DBNewRun(rollback-started)");
                LOGError("Tried to submit a run but the contest is not started. SQL=(" . $sql . ")");
                MSGError("The contest is not started yet!");
                return 0;
            }
        }
        if (!$b["siterunning"]) {
            DBExec($c, "rollback work", "DBNewRun(rollback-over)");
            LOGError("Tried to submit a run but the contest is over. SQL=(" . $sql . ")");
            MSGError("The contest is over!");
            return 0;
        }
    } else {
        $dif = $rundatediff;
    }
    if ($updatetime > $t || $insert) {
        DBExec($c, "update sitetable set sitenextrun={$runnumber}, updatetime=" . $t . " where sitenumber={$site} and contestnumber={$contest} and sitenextrun<{$runnumber}", "DBNewRun(update site)");
        //	LOGError($autostdout);
        if (substr($autostdout, 0, 7) == "base64:") {
            $autostdout = base64_decode(substr($autostdout, 7));
            $oldoid1 = $oid1;
            if (($oid1 = DB_lo_import_text($c, $autostdout)) == null) {
                DBExec($c, "rollback work", "DBNewRun(rollback-import stdout)");
                LOGError("Unable to create a large object for file stdout (run={$runnumber},site={$site},contest={$contest}).");
                MSGError("problem importing stdout to database. Contact an admin now!");
                return false;
            }
        } else {
            if ($autostdout != '') {
                DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
                LOGError("Unable to create a large object for file stdout that is not BASE64 (run={$runnumber},site={$site},contest={$contest}).");
                MSGError("problem importing stdout (not BASE64) to database. Contact an admin now!");
                return false;
            }
            $oid1 = 'NULL';
        }
        if (substr($autostderr, 0, 7) == "base64:") {
            //		LOGError($autostderr);
            $autostderr = base64_decode(substr($autostderr, 7));
            $oldoid2 = $oid2;
            if (($oid2 = DB_lo_import_text($c, $autostderr)) == null) {
                DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
                LOGError("Unable to create a large object for file stderr (run={$runnumber},site={$site},contest={$contest}).");
                MSGError("problem importing stderr to database. Contact an admin now!");
                return false;
            }
        } else {
            if ($autostderr != '') {
                DBExec($c, "rollback work", "DBNewRun(rollback-import stderr)");
                LOGError("Unable to create a large object for file stderr that is not BASE64 (run={$runnumber},site={$site},contest={$contest}).");
                MSGError("problem importing stderr (not BASE64) to database. Contact an admin now!");
                return false;
            }
            $oid2 = 'NULL';
        }
    }
    $ret = 1;
    if ($insert) {
        if (substr($filepath, 0, 7) != "base64:") {
            if (($oid = DB_lo_import($c, $filepath)) === false) {
                DBExec($c, "rollback work", "DBNewRun(rollback-import)");
                LOGError("DBNewRun: Unable to create a large object for file {$filepath}.");
                MSGError("problem importing file {$filepath} to database. Contact an admin now!");
                return false;
            }
        } else {
            $filepath = base64_decode(substr($filepath, 7));
            if (($oid = DB_lo_import_text($c, $filepath)) == null) {
                DBExec($c, "rollback work", "DBNewRun(rollback-import)");
                LOGError("DBNewRun: Unable to create a large object for file.");
                MSGError("problem importing file to database. Contact an admin now!");
                return false;
            }
        }
        DBExec($c, "INSERT INTO runtable (contestnumber, runsitenumber, runnumber, usernumber, rundate, " . "rundatediff, rundatediffans, runproblem, runfilename, rundata, runanswer, runstatus, runlangnumber, " . "runjudge, runjudgesite, runanswer1, runjudge1, runjudgesite1, runanswer2, runjudge2, runjudgesite2, " . "autoip, autobegindate, autoenddate, autoanswer, autostdout, autostderr, updatetime) " . "VALUES ({$contest}, {$site}, {$n}, {$user}, {$rundate}, {$rundatediff}, {$rundatediffans}, {$problem}, '{$filename}', {$oid}, {$runanswer}, " . "'{$runstatus}', {$lang}, {$runjudge}, {$runjudgesite}, {$runanswer1}, {$runjudge1}, {$runjudgesite1}, {$runanswer2}, {$runjudge2}, " . "{$runjudgesite2}, '{$autoip}', {$autobegindate}, {$autoenddate}, '{$autoanswer}', {$oid1}, {$oid2}, {$updatetime})", "DBNewRun(insert run)");
        if ($cw) {
            DBExec($c, "commit work", "DBNewRun(commit)");
            LOGLevel("User {$user} submitted a run (#{$n}) on site #{$site} " . "(problem={$problem},filename={$filename},lang={$lang},contest={$contest},date={$t},datedif={$dif},oid={$oid}).", 2);
        }
        $ret = 2;
    } else {
        if ($updatetime > $t) {
            $ret = 2;
            DBExec($c, "update runtable set rundate={$rundate}, rundatediff={$rundatediff}, " . "rundatediffans={$rundatediffans}, runanswer={$runanswer}, runanswer1={$runanswer1}, runanswer2={$runanswer2}, runstatus='{$runstatus}', " . "runjudge1={$runjudge1}, runjudgesite1={$runjudgesite1}, runjudge2={$runjudge2}, runjudgesite2={$runjudgesite2}, " . "runjudge={$runjudge}, runjudgesite={$runjudgesite}, updatetime={$updatetime}, " . "autoip='{$autoip}', autobegindate={$autobegindate}, autoenddate={$autoenddate}, autoanswer='{$autoanswer}', " . "autostdout={$oid1}, autostderr={$oid2} " . "where runnumber={$runnumber} and contestnumber={$contest} and runsitenumber={$site}", "DBNewRun(update run)");
            if (is_numeric($oldoid1)) {
                DB_lo_unlink($c, $oldoid1);
            }
            if (is_numeric($oldoid2)) {
                DB_lo_unlink($c, $oldoid2);
            }
        }
        if ($cw) {
            DBExec($c, "commit work", "DBNewRun(commit-update)");
        }
    }
    return $ret;
    /* // isso gera problemas de portabilidade e de seguranca (quando outros usuarios tambem tem shell
       // no servidor e podem construir paginas web. Eles podem usar essas paginas para acessar esses arquivos,
       // pois os mesmos ficaram com dono apache/www-data/etc)
       umask(0077);
       @mkdir("/tmp/boca");
       if (!move_uploaded_file ($filepath,
       "/tmp/boca/contest${contest}.site${site}.run${n}.user${user}.problem${problem}.time${t}.${filename}"))
       LOGLevel("Run not saved as file (run=$n,site=$site,contest=$contest", 1);
    */
}
Exemplo n.º 23
0
function importFromXML($ar, $acr, $contest = 0, $localsite = 0)
{
    $data = implode("", explode("\n", $ar));
    $parser = xml_parser_create();
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 1);
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
    xml_parse_into_struct($parser, $data, $values, $tags);
    xml_parser_free($parser);
    //	print_r($tags);
    //	print_r($values);
    $orderkeys = array('CONTESTREC', 'SITETIME', 'SITEREC', 'USERREC', 'ANSWERREC', 'LANGUAGEREC', 'PROBLEMREC', 'CLARREC', 'RUNREC', 'TASKREC');
    $norderkeys = 10;
    $nc = 0;
    unset($sitetime);
    unset($nsitetime);
    $conn = DBConnect();
    if ($conn == null) {
        return false;
    }
    //	DBExec($conn,"begin work","importFromXML(begin)");
    //	DBExec($conn,"lock","importFromXML(lock)");
    if ($contest != 0) {
        $r = DBExec($conn, "select * from contesttable where contestnumber={$contest}");
        if (DBnLines($r) == 0) {
            echo "Unable to find the contest {$contest} in the database.\n";
            DBExec($conn, "rollback work");
            return false;
        }
        $ct = DBRow($r, 0);
        if ($localsite == 0) {
            $localsite = $ct["contestlocalsite"];
        }
    } else {
        if ($localsite == 0) {
            $localsite = 1;
        }
    }
    //	$mainsite = $ct["contestmainsite"];
    DBClose($conn);
    $conn = null;
    for ($keyindex = 0; $keyindex < $norderkeys; $keyindex++) {
        foreach ($tags as $key => $val) {
            if ($values[$val[0]]['type'] != 'open') {
                continue;
            }
            if ($key == "XML") {
                continue;
            }
            if ($key != $orderkeys[$keyindex]) {
                continue;
            }
            if (isset($acr[$key])) {
                $ac = $acr[$key];
            } else {
                continue;
            }
            foreach ($val as $k => $v) {
                if ($values[$v]['type'] != 'open') {
                    continue;
                }
                if (count($val) > $k + 1) {
                    $param = array();
                    if (isset($ac['site'])) {
                        for ($i = $v; $i < $val[$k + 1]; $i++) {
                            $p = strtolower($values[$i]["tag"]);
                            if ($p == 'site') {
                                if ($values[$i]["type"] == "complete" && isset($values[$i]["value"])) {
                                    $tmp = sanitizeText(trim(implode('', explode('\\n', $values[$i]["value"]))));
                                    if (is_array($ac['site']) && in_array($tmp, $ac['site'])) {
                                        $param['site'] = $tmp;
                                    } else {
                                        if ($ac['site'] == -1 || $ac['site'] == -2 && $tmp == $localsite || $ac['site'] == -3 && $tmp != $localsite || $ac['site'] > 0 && $ac['site'] == $tmp) {
                                            $param['site'] = $tmp;
                                        }
                                    }
                                }
                            }
                        }
                    }
                    for ($i = $v; $i < $val[$k + 1]; $i++) {
                        $p = strtolower($values[$i]["tag"]);
                        if (isset($ac[$p]) && $p != 'site') {
                            if ($values[$i]["type"] == "complete" && isset($values[$i]["value"])) {
                                if (is_string($ac[$p])) {
                                    $param[$p] = $ac[$p];
                                } else {
                                    $tmp = sanitizeText(trim(implode('', explode('\\n', $values[$i]["value"]))));
                                    if (is_array($ac[$p]) && in_array($tmp, $ac[$p])) {
                                        $param[$p] = $tmp;
                                    } else {
                                        if ($ac[$p] == -1 || $ac[$p] == -2 && $tmp == $localsite || $ac[$p] == -3 && $tmp != $localsite || $ac[$p] == 0 && isset($param['site']) || $ac[$p] > 0 && $ac[$p] == $tmp) {
                                            $param[$p] = $tmp;
                                        }
                                    }
                                }
                            }
                        }
                    }
                    //		  echo "\nKEY KEY KEY\n";
                    //		  print_r($key);
                    //		  echo "\nVAL VAL VAL\n";
                    //		  print_r($val);
                    //		  echo "\n";
                    //				print_r($param);
                    $param['contestnumber'] = $contest;
                    if ($key == "CONTESTREC") {
                        $param['number'] = $contest;
                        if ($contest == 0) {
                            $nc = 1;
                            $contest = DBNewContest($param, $conn);
                            if ($contest > 0) {
                                echo "<br><u>Contest {$contest} created</u> (not active by default)<br>";
                            } else {
                                echo "<br>Error creating contest<br>";
                                if ($conn != null) {
                                    DBExec($conn, "rollback work");
                                }
                                return false;
                            }
                        }
                        $param['number'] = $contest;
                        $param['contestnumber'] = $contest;
                        if ($ret = DBUpdateContest($param, $conn)) {
                            if ($ret == 2) {
                                echo "<br>Contest {$contest} updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if (!isset($param['number']) || count($param) < 2) {
                        continue;
                    }
                    if ($key == "SITEREC") {
                        if (!DBNewSite($contest, $conn, $param)) {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                        if ($ret = DBUpdateSite($param, $conn)) {
                            if ($ret == 2) {
                                echo "Site " . $param["number"] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                        if (isset($nsitetime[$param["number"]])) {
                            if ($qtd = DBRenewSiteTime($sitetime[$param["number"]], $conn)) {
                                if ($qtd == 2) {
                                    echo "Time for site " . $param["number"] . " updated<br>";
                                }
                            } else {
                                if ($conn != null) {
                                    DBExec($conn, "rollback work");
                                }
                                return false;
                            }
                        }
                    }
                    if ($key == "SITETIME") {
                        if (isset($param['site']) && is_numeric($param['site'])) {
                            $s = $param['site'];
                            if (!isset($nsitetime[$s])) {
                                $nsitetime[$s] = 0;
                            }
                            $sitetime[$s][$nsitetime[$s]] = $param;
                            $nsitetime[$s]++;
                        }
                    }
                    if ($key == "USERREC") {
                        if ($ret = DBNewUser($param, $conn)) {
                            if ($ret == 2) {
                                echo "User " . $param["number"] . "/" . $param['site'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "ANSWERREC") {
                        if ($ret = DBNewAnswer($contest, $param, $conn)) {
                            if ($ret == 2) {
                                echo "Answer " . $param["number"] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "LANGUAGEREC") {
                        if ($ret = DBNewLanguage($contest, $param, $conn)) {
                            if ($ret == 2) {
                                echo "Language " . $param['number'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "PROBLEMREC") {
                        if ($ret = DBNewProblem($contest, $param, $conn)) {
                            if ($ret == 2) {
                                echo "Problem " . $param['number'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "TASKREC") {
                        if ($ret = DBNewTask($param, $conn)) {
                            if ($ret == 2) {
                                echo "Task " . $param['number'] . "/" . $param['site'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "CLARREC") {
                        if ($ret = DBNewClar($param, $conn)) {
                            if ($ret == 2) {
                                echo "Clarification " . $param['number'] . "/" . $param['site'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                    if ($key == "RUNREC") {
                        if ($ret = DBNewRun($param, $conn)) {
                            if ($ret == 2) {
                                echo "Run " . $param['number'] . "/" . $param['site'] . " updated<br>";
                            }
                        } else {
                            if ($conn != null) {
                                DBExec($conn, "rollback work");
                            }
                            return false;
                        }
                    }
                }
            }
        }
    }
    //	DBExec($conn,"commit work","importFromXML(commit)");
    return true;
}
Exemplo n.º 24
0
function DBNewUser($param, $c = null)
{
    if (isset($param['contestnumber']) && !isset($param['contest'])) {
        $param['contest'] = $param['contestnumber'];
    }
    if (isset($param['sitenumber']) && !isset($param['site'])) {
        $param['site'] = $param['sitenumber'];
    }
    if (isset($param['usernumber']) && !isset($param['user'])) {
        $param['user'] = $param['usernumber'];
    }
    if (isset($param['number']) && !isset($param['user'])) {
        $param['user'] = $param['number'];
    }
    $ac = array('contest', 'site', 'user');
    $ac1 = array('updatetime', 'username', 'usericpcid', 'userfull', 'userdesc', 'type', 'enabled', 'multilogin', 'pass', 'permitip', 'changepass', 'userip', 'userlastlogin', 'userlastlogout', 'usersession', 'usersessionextra');
    $typei['contest'] = 1;
    $typei['updatetime'] = 1;
    $typei['site'] = 1;
    $typei['user'] = 1;
    foreach ($ac as $key) {
        if (!isset($param[$key]) || $param[$key] == "") {
            MSGError("DBNewUser param error: {$key} not found");
            return false;
        }
        if (isset($typei[$key]) && !is_numeric($param[$key])) {
            MSGError("DBNewUser param error: {$key} is not numeric");
            return false;
        }
        ${$key} = sanitizeText($param[$key]);
    }
    $username = "******" . $user;
    $updatetime = -1;
    $pass = null;
    $usericpcid = '';
    $userfull = '';
    $userdesc = '';
    $type = 'team';
    $enabled = 'f';
    $changepass = '******';
    $multilogin = '******';
    $permitip = '';
    $usersession = null;
    $usersessionextra = null;
    $userip = null;
    $userlastlogin = null;
    $userlastlogout = null;
    foreach ($ac1 as $key) {
        if (isset($param[$key])) {
            ${$key} = sanitizeText($param[$key]);
            if (isset($typei[$key]) && !is_numeric($param[$key])) {
                MSGError("DBNewUser param error: {$key} is not numeric");
                return false;
            }
        }
    }
    $t = time();
    if ($updatetime <= 0) {
        $updatetime = $t;
    }
    if ($type != "chief" && $type != "judge" && $type != "admin" && $type != "score" && $type != "staff" && $type != "site") {
        $type = "team";
    }
    if ($type == "admin") {
        $changepass = "******";
    }
    if ($enabled != "f") {
        $enabled = "t";
    }
    if ($multilogin != "t") {
        $multilogin = "******";
    }
    if ($changepass != "t") {
        $changepass = "******";
    }
    $cw = false;
    if ($c == null) {
        $cw = true;
        $c = DBConnect();
        DBExec($c, "begin work", "DBNewUser(begin)");
    }
    DBExec($c, "lock table usertable", "DBNewUser(lock)");
    $r = DBExec($c, "select * from sitetable where sitenumber={$site} and contestnumber={$contest}", "DBNewUser(get site)");
    $n = DBnlines($r);
    if ($n == 0) {
        DBExec($c, "rollback work", "DBNewUser(no-site)");
        MSGError("DBNewUser param error: site {$site} does not exist");
        return false;
    }
    if ($pass != myhash("") && $type != "admin" && $changepass != "t") {
        $pass = '******' . $pass;
    }
    $r = DBExec($c, "select * from usertable where username='******' and usernumber!={$user} and " . "usersitenumber={$site} and contestnumber={$contest}", "DBNewUser(get user)");
    $n = DBnlines($r);
    $ret = 1;
    if ($n == 0) {
        $sql = "select * from usertable where usernumber={$user} and usersitenumber={$site} and " . "contestnumber={$contest}";
        $a = DBGetRow($sql, 0, $c);
        if ($a == null) {
            $ret = 2;
            $sql = "select * from sitetable where sitenumber={$site} and contestnumber={$contest}";
            $aa = DBGetRow($sql, 0);
            if ($aa == null) {
                DBExec($c, "rollback work");
                MSGError("Site {$site} does not exist");
                return false;
            }
            $sql = "insert into usertable (contestnumber, usersitenumber, usernumber, username, usericpcid, userfullname, " . "userdesc, usertype, userenabled, usermultilogin, userpassword, userpermitip) values " . "({$contest}, {$site}, {$user}, '{$username}', '{$usericpcid}', '{$userfull}', '{$userdesc}', '{$type}', '{$enabled}', " . "'{$multilogin}', '{$pass}', '{$permitip}')";
            DBExec($c, $sql, "DBNewUser(insert)");
            if ($cw) {
                DBExec($c, "commit work");
            }
            LOGLevel("User {$user} (site={$site},contest={$contest}) included.", 2);
        } else {
            if ($updatetime > $a['updatetime']) {
                $ret = 2;
                $sql = "update usertable set username='******', usericpcid='{$usericpcid}', userdesc='{$userdesc}', updatetime={$updatetime}, " . "userfullname='{$userfull}', usertype='{$type}', userpermitip='{$permitip}', ";
                if ($pass != null && $pass != myhash("")) {
                    $sql .= "userpassword='******', ";
                }
                if ($usersession != null) {
                    $sql .= "usersession='{$usersession}', ";
                }
                if ($usersessionextra != null) {
                    $sql .= "usersessionextra='{$usersessionextra}', ";
                }
                if ($userip != null) {
                    $sql .= "userip='{$userip}', ";
                }
                if ($userlastlogin != null) {
                    $sql .= "userlastlogin='******', ";
                }
                if ($userlastlogout != null) {
                    $sql .= "userlastlogout='{$userlastlogout}', ";
                }
                $sql .= "userenabled='{$enabled}', usermultilogin='******'";
                $sql .= " where usernumber={$user} and usersitenumber={$site} and contestnumber={$contest}";
                $r = DBExec($c, $sql, "DBNewUser(update)");
                if ($cw) {
                    DBExec($c, "commit work");
                }
                LOGLevel("User {$user} (username={$username},site={$site},contest={$contest}) updated.", 2);
            }
        }
    } else {
        DBExec($c, "rollback work");
        LOGLevel("Update problem for user {$user} (site={$site},contest={$contest}) (maybe username already in use).", 1);
        MSGError("Update problem for user {$user}, site {$site} (maybe username already in use).");
        return false;
    }
    return $ret;
}
Exemplo n.º 25
0
function sanitizeUserInfo($info)
{
    //we also need to clean each info provided alsoe
    $newInfo = [];
    foreach ($info as $key => $value) {
        $newInfo[$key] = sanitizeText($value);
    }
    return $newInfo;
}
Exemplo n.º 26
0
					<th>Câu hỏi</th>
					<th>Tên kho</th>
					<th>Thời gian tạo</th>
					<th>Xử lý</th>
				</tr>
			</thead>
			<tbody>
				<?php
                    $i = 1;
                    foreach ($lists as $key => $value) :
                ?>
				<tr class="gradeX" data-id="<?php echo $value->storage_question_id; ?>">
					<td><?php echo $i++; ?></td>
					<td>
    					<a class="sq-ajax-modal" href="<?php echo site_url(BACKEND_V2_TMPL_PATH . 'storage-question/view/' . $value->storage_question_id); ?>">
    					<?php echo word_limiter(sanitizeText($value->question_name), 6); ?>
    					</a>
					<td><?php echo $value->title; ?></td>
					<td><?php echo setDate($value->updated_time, 'time'); ?></td>
					<td class="actions">
						<a href="#" class="on-default edit-row"><i class="fa fa-pencil"></i></a>
						<a href="#" class="on-default remove-row"><i class="fa fa-trash-o"></i></a>
					</td>
				</tr>
				<?php endforeach; ?>
			</tbody>
		</table>
	</div>
</section>
<?php echo $this->load->view(BACKEND_V2_TMPL_PATH . 'dialogs/dialog_delete', null, true); ?>
<!-- Specific Page Vendor -->
Exemplo n.º 27
0
function LOGLevel($msg, $level, $dodb = true)
{
    $msga = sanitizeText(str_replace("\n", " ", $msg));
    $msg = now() . ": ";
    if (!get_cfg_var('define_syslog_variables')) {
        if (function_exists('define_syslog_variables')) {
            define_syslog_variables();
        }
    }
    $prior = LOG_CRIT;
    switch ($level) {
        case 0:
            $msg .= "ERROR: ";
            $type = "error";
            $prior = LOG_ERR;
            break;
        case 1:
            $msg .= "WARN: ";
            $type = "warn";
            $prior = LOG_WARNING;
            break;
        case 2:
            $msg .= "INFO: ";
            $type = "info";
            $prior = LOG_INFO;
            break;
        case 3:
            $msg .= "DEBUG: ";
            $type = "debug";
            $prior = LOG_DEBUG;
            break;
    }
    $msg .= getIPHost() . ": " . $msga;
    openlog("BOCA", LOG_ODELAY, LOG_USER);
    syslog($prior, $msg);
    closelog();
    if ($dodb && isset($_SESSION["usertable"])) {
        DBNewLog($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $type, getIP(), $msga, "");
    }
}
Exemplo n.º 28
0
 /**
  * Admincp update a user
  *
  * @param array $val
  * @param \App\Models\User $user
  * @return boolean
  */
 public function adminUpdate($val, $user)
 {
     //if (\Auth::user()->id != 1) return false;
     $expected = ['fullname' => '', 'username' => '', 'email' => '', 'genre' => '', 'verified' => '', 'activated' => '', 'admin' => 0, 'password' => ''];
     /**
      * @var $fullname
      * @var $username
      * @var $email
      * @var $genre
      * @var $verified
      * @var $activated
      * @var $admin
      * @var $password
      */
     extract($val = array_merge($expected, $val));
     $user->email_address = $email;
     $user->fullname = sanitizeText($fullname, 100);
     $user->username = sanitizeText($username);
     $user->genre = $genre;
     $user->verified = $verified;
     $user->activated = $activated;
     if ($password) {
         $user->password = \Hash::make($password);
     }
     if ($activated) {
         $user->active = 1;
         $this->mustAvoidUserRepository->remove($user->id);
     }
     $user->admin = $admin;
     $user->save();
     return true;
 }
Exemplo n.º 29
0
     echo "Failed to unzip the package file -- please check the problem package (maybe it is encrypted?)\n";
     DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (1)");
     cleardir($dir . $ds . "problemdata");
     continue;
 }
 if (($info = @parse_ini_file($dir . $ds . "problemdata" . $ds . "description" . $ds . 'problem.info')) === false) {
     echo "Problem content missing (description/problem.info) -- please check the problem package\n";
     DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (2)");
     cleardir($dir . $ds . "problemdata");
     continue;
 }
 if (isset($info['descfile'])) {
     $descfile = trim(sanitizeText($info['descfile']));
 }
 $basename = trim(sanitizeText($info['basename']));
 $fullname = trim(sanitizeText($info['fullname']));
 if ($basename == '') {
     echo "Problem content missing (description/problem.info) -- please check the problem package\n";
     DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (3)");
     cleardir($dir . $ds . "problemdata");
     continue;
 }
 $basenames[$run['inputoid'] . "." . $run["inputname"]] = $basename;
 if (!is_dir($dir . $ds . "problemdata" . $ds . "limits")) {
     echo "Problem content missing (limits) -- please check the problem package\n";
     DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: problem package file is invalid (4)");
     cleardir($dir . $ds . "problemdata");
     continue;
 }
 chdir($dir . $ds . "problemdata" . $ds . "limits");
 $limits[$basename] = array();
Exemplo n.º 30
0
function DBNewLanguage($contestnumber, $param, $c = null)
{
    if (isset($param["action"]) && $param["action"] == "delete") {
        return DBDeleteLanguage($contestnumber, $param, $c);
    }
    $ac = array('number', 'name');
    $ac1 = array('updatetime', 'extension');
    $type['number'] = 1;
    $type['updatetime'] = 1;
    $extension = '';
    foreach ($ac as $key) {
        if (!isset($param[$key]) || $param[$key] == "") {
            MSGError("DBNewLanguage param error: {$key} not found");
            return false;
        }
        if (isset($type[$key]) && !is_numeric($param[$key])) {
            MSGError("DBNewLanguage param error: {$key} is not numeric");
            return false;
        }
        ${$key} = sanitizeText($param[$key]);
    }
    $updatetime = -1;
    foreach ($ac1 as $key) {
        if (isset($param[$key])) {
            ${$key} = sanitizeText($param[$key]);
            if (isset($type[$key]) && !is_numeric($param[$key])) {
                MSGError("DBNewLanguage param error: {$key} is not numeric");
                return false;
            }
        }
    }
    $t = time();
    if ($updatetime <= 0) {
        $updatetime = $t;
    }
    $cw = false;
    if ($c == null) {
        $cw = true;
        $c = DBConnect();
        DBExec($c, "begin work", "DBNewLanguage(transaction)");
    }
    $sql2 = "select * from langtable where contestnumber={$contestnumber} and langnumber={$number}";
    $r = DBExec($c, $sql2 . " for update", "DBNewLanguage(get lang)");
    $n = DBnlines($r);
    $ret = 1;
    if ($n == 0) {
        DBExec($c, "insert into langtable (contestnumber,langnumber, langname,langextension) values " . "({$contestnumber}, {$number}, '{$name}','{$extension}')", "DBNewLanguage(insert lang)");
        $s = "created";
    } else {
        $lr = DBRow($r, 0);
        $t = $lr['updatetime'];
        if ($updatetime > $t) {
            if ($name != "") {
                DBExec($c, "update langtable set langname='{$name}', updatetime={$updatetime} where contestnumber={$contestnumber} " . "and langnumber={$number}", "DBNewLanguage(update lang)");
            }
            if ($extension != "") {
                DBExec($c, "update langtable set langextension='{$extension}', updatetime={$updatetime} where contestnumber={$contestnumber} " . "and langnumber={$number}", "DBNewLanguage(update lang)");
            }
        }
        $s = "updated";
    }
    if ($cw) {
        DBExec($c, "commit work", "DBNewLanguage(commit)");
    }
    if ($s == "created" || $updatetime > $t) {
        LOGLevel("Language {$number} updated (user="******"usertable"]["usernumber"] . ",site=" . $_SESSION["usertable"]["usersitenumber"] . ",contest={$contestnumber})", 2);
        $ret = 2;
    }
    return $ret;
}