function formSolutionboxValidate(WC_Challenge $chall) { $form = formSolutionboxForm($chall); if (false !== ($error = $form->validate(Module_WeChall::instance()))) { return $error; } return false; }
private function templateToken() { $user = GWF_Session::getUser(); $token = WC_WarToken::genWarToken($user->getID()); $host = Module_WeChall::instance()->cfgWarboxURL(); $ip = gethostbyname(Common::getHostname($host)); $port = Module_WeChall::instance()->cfgWarboxPort(); $tVars = array('epoch' => $this->getEpochUser(), 'warboxes' => $this->getWarboxes(true), 'token' => $token, 'port' => $port, 'host' => $host, 'netcat_cmd' => sprintf('(echo -e "%s\\n%s"; cat) | nc %s %s', $user->displayUsername(), $token, $ip, $port)); return $this->module->templatePHP('wartoken.php', $tVars); }
private function getTableTitle($for_userid, $from_userid, $tag, $challcount) { $module = Module_WeChall::instance(); $dtag = GWF_HTML::display($tag); if ($for_userid != 0) { return $module->lang('tt_challs_for', array($dtag, GWF_User::getByIDOrGuest($for_userid)->displayUsername())); } else { if ($from_userid != 0) { return $module->lang('tt_challs_from', array($challcount, $dtag, GWF_User::getByIDOrGuest($from_userid)->displayUsername())); } else { return $module->lang('tt_challs', array($dtag)); } } }
private function onRecalcEverything() { require_once GWF_CORE_PATH . 'module/WeChall/WC_RegAt.php'; $wc = Module_WeChall::instance(); $wc->includeClass('WC_Warflag'); $wc->includeClass('WC_Warflags'); foreach (WC_Warbox::getAllBoxes() as $box) { $box instanceof WC_Warbox; $box->recalcPlayersAndScore(); $box->recalcChallcounts(); } WC_Site::recalcAllSites(); WC_RegAt::calcTotalscores(); return $this->templateAdmin(); }
<?php if (WC_HTML::$HEADER === false) { return; } $module = Module_WeChall::instance(); $logo_url = $module->cfgLogoURL(); $style = ' min-height: 140px; max-height: 140px; display: block; float: left; '; echo '<header id="wc_head">' . PHP_EOL . '<a href="' . $logo_url . '" style="' . $style . '" title="WeChall"><img src="/favicon.png" style="' . $style . '" alt="HACKITO, ERGO SUM!" /></a>' . PHP_EOL . '<div id="wc_head_stats">' . PHP_EOL . WC_HTML::displayHeaderLogin($module) . PHP_EOL . WC_HTML::displayHeaderOnline($module) . PHP_EOL . '</div>' . PHP_EOL . '</header>' . PHP_EOL . '<div class="cb"></div>' . PHP_EOL;
<?php $is_admin = GWF_User::isAdminS(); $wc = Module_WeChall::instance(); echo $tVars['page_menu']; if ($tVars['page'] === 1) { echo $wc->showBirthdayNews(); echo $wc->showChallengeNews(); echo $wc->showSiteMasterNews(); echo $wc->showAccountLinkNews(); } ?> <div class="gwf_newsbox"> <?php foreach ($tVars['news'] as $newsid => $news) { $t = $news->getTranslation(); $news instanceof GWF_News; $newsid = $news->getID(); ?> <div class="gwf_newsbox_item"> <div class="gwf_newsbox_head"> <span class="gwf_newsbox_title"><?php echo $news->displayTitle(); ?> </span> <span class="gwf_newsbox_date"><?php echo $news->displayDate(); ?> </span> <span class="gwf_newsbox_author"><?php
public function showChallengeNews() { # Logged in? if (false === ($user = GWF_Session::getUser())) { return ''; } $userid = $user->getID(); $sites = GWF_TABLE_PREFIX . 'wc_site'; $regat = GWF_TABLE_PREFIX . 'wc_regat'; $query = "SELECT site_name, regat_challcount, site_challcount, site_url FROM {$regat} JOIN {$sites} ON site_id=regat_sid WHERE regat_challcount != site_challcount AND regat_uid={$userid}"; $db = gdo_db(); if (false === ($result = $db->queryRead($query))) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } if ($db->numRows($result) === 0) { $db->free($result); return ''; } $href = '/index.php?mo=WeChall&me=ChallNewsRead'; $title = $this->lang('cnews_title'); $text = $this->lang('cnews_body', array($href)) . PHP_EOL . PHP_EOL; while (false !== ($row = $db->fetchRow($result))) { $mark = intval($row[1]); $total = intval($row[2]); $anchor = sprintf('[url=%s]%s[/url]', htmlspecialchars($row[3]), htmlspecialchars($row[0])); $text .= $this->lang('cnews_item', array($total - $mark, $anchor, $total)) . PHP_EOL; } $db->free($result); if (false === ($thm = Module_WeChall::instance()->cfgWeChallUser())) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $english = GWF_Language::getEnglish(); $news = GWF_News::newNews(GWF_Time::getDate(GWF_Date::LEN_SECOND), 0, $thm->getID(), $english->getID(), $title, $text, true); return Module_News::displayItem($news); }
private function onEdit(WC_Challenge $chall) { $form = $this->getForm($chall); if (false !== ($error = $form->validate($this->module))) { return $error; } $msgs = ''; $wc = WC_Site::getWeChall(); # Solution $is_case_i = isset($_POST['case_i']); if ('' !== ($solution = Common::getPostString('solution', ''))) { if (false === $chall->saveVar('chall_solution', $chall->hashSolution($solution, $is_case_i))) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } } # CASE_I $case_i = WC_Challenge::CHALL_CASE_I; if ($chall->isOptionEnabled($case_i) !== $is_case_i) { if (false === $chall->saveOption($case_i, $is_case_i)) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } } # Save score $new_score = $form->getVar('score'); $old_score = $chall->getVar('chall_score'); if ($new_score !== $old_score) { if (!WC_Challenge::isValidScore($new_score)) { $msgs .= $this->module->error('err_chall_score', array($new_score, WC_Challenge::MIN_SCORE, WC_Challenge::MAX_SCORE)); } if (false === $chall->saveVar('chall_score', $new_score)) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } if (false === $wc->saveVar('site_maxscore', WC_Challenge::getMaxScore())) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } $wc->recalcSite(); } # URL+Title (dangerous) if (false === $chall->saveVars(array('chall_url' => $form->getVar('url'), 'chall_title' => $form->getVar('title')))) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } # Creator: if (false === $chall->updateCreators($form->getVar('creators'))) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } # Tags: if (false === $chall->saveVar('chall_tags', trim($form->getVar('tags'), ' ,'))) { $msgs .= GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); } Module_WeChall::instance()->cacheChallTags(); # Done return $msgs . $this->module->message('msg_chall_edited'); }
public static function accountButtons() { return Module_WeChall::instance()->templatePHP('wcaccountbuttons.php'); }
<?php $wechall = Module_WeChall::instance(); $wechall->includeClass('WC_RegAt'); $wechall->includeClass('WC_SiteFavorites'); $wechall->includeClass('WC_SiteDescr'); require_once GWF_WWW_PATH . 'tpl/wc4/module/Profile/_profile_funcs.php'; $u = $tVars['user']; $u instanceof GWF_User; $p = $tVars['profile']; $p instanceof GWF_Profile; $user = GWF_User::getStaticOrGuest(); $by = Common::getGet('by', 'regat_solved'); $dir = Common::getGet('dir', 'DESC'); $orderby = GDO::table('WC_Regat')->getMultiOrderby($by, $dir); $is_admin = $user->isAdmin(); $data = $u->getUserData(); $priv = isset($data['WC_PRIV_HIST']) && !$is_admin; # Head $buttons = ''; if ($tVars['jquery']) { $onclick = "wcjsHideJQueryAll(); return false;"; $buttons .= GWF_Button::delete('#', WC_HTML::lang('btn_close'), '', $onclick); $buttons .= GWF_Button::link($u->getProfileHREF(), WC_HTML::lang('btn_view_profile')); } echo '<h1>' . $buttons . $tLang->lang('pt_profile', array($u->displayUsername())) . '</h1>'; # Permission if ($p->isHidden($user)) { echo '<h2>' . $tLang->lang('err_hidden') . '</h2>'; return; }
public function onAdd(WC_Challenge $chall) { $module = Module_WeChall::instance(); $form = $this->getForm($chall); if (false !== ($error = $form->validate($module))) { return $error; } $pattern = $form->getVar('pattern'); $path = $form->getVar('filename'); // if (!preg_match('/^[\x00-\x7f]+$/D', $pattern)) // { // return GWF_HTML::error('Smile Pattern', array($chall->lang('err_ascii'))); // } if (!preg_match('/^[\\x00-\\x7f]+$/D', $path)) { return GWF_HTML::error('Smile Path', array($chall->lang('err_ascii'))); } # Show a sample output for the new smiley :) if (!LIVIN_Smile::testSmiley($chall, $pattern, $path)) { return GWF_HTML::error('Smile', array($chall->lang('err_test'))); } # If it looks valid we even add it globally :) if (!LIVIN_Smile::looksHarmless($path)) { return GWF_HTML::error('Smile', array($chall->lang('err_xss'))); } if (!LIVIN_Smile::imageExists($path)) { return GWF_HTML::error('Smile', array($chall->lang('err_path'))); } # Like this :) LIVIN_Smile::onAddSmiley($pattern, $path); return GWF_HTML::message('Smile', array($chall->lang('msg_rule_added'))); }
{ public function validate_text($m, $v) { return false; } } $validator = new NootherForm(); $form = the_form($chall, $validator); # Your sourcecode if (isset($_GET['source'])) { $code = file_get_contents('challenge/noother/preg_evasion/index.php'); echo GWF_Message::display('[code lang=php title=preg_evasion]' . $code . '[/code]'); } # Your trigger if (isset($_POST['hackit']) && isset($_POST['text']) && is_string($_POST['text'])) { if (false !== ($error = $form->validate(Module_WeChall::instance()))) { echo $error; } else { # Let's examine your POST $text = $_POST['text']; # Not Evil? if (the_preg_match($chall, $text)) { #But Evil? if (the_strpos($chall, $text)) { # Try to get here! $chall->onChallengeSolved(GWF_Session::getUserID()); } } } } # Your mission
private function onEdit(WC_Warbox $box) { $form = $this->formEdit($box); if (false !== ($error = $form->validate($this->module))) { return $error . $this->templateEdit($box); } $options = 0; $options |= isset($_POST['warbox']) ? WC_Warbox::WARBOX : 0; $options |= isset($_POST['multi']) ? WC_Warbox::MULTI_SOLVE : 0; if (!$box->saveVars(array('wb_name' => $form->getVar('name'), 'wb_port' => $form->getVar('port'), 'wb_host' => $form->getVar('host'), 'wb_user' => $form->getVar('user'), 'wb_pass' => $form->getVar('pass'), 'wb_status' => $form->getVar('status'), 'wb_weburl' => $form->getVar('url'), 'wb_ip' => gethostbyname($form->getVar('host')), 'wb_whitelist' => $form->getVar('wlist'), 'wb_blacklist' => $form->getVar('blist'), 'wb_launched_at' => $form->getVar('launch'), 'wb_updated_at' => GWF_Time::getDate(14), 'wb_options' => $options))) { return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateEdit($box); } Module_WeChall::instance()->flushWarboxConfig(); return $this->module->message('msg_warbox_edited') . $this->templateOverview(); }
<?php $l = $tVars['join']; echo GWF_Button::wrapStart(); echo GWF_Button::generic($l->lang('btn_join'), GWF_WEB_ROOT . 'join_us'); echo GWF_Button::generic($l->lang('btn_join_war'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=warbox', 'generic', '', true); echo GWF_Button::generic($l->lang('btn_join_opt'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=optional'); echo GWF_Button::generic($l->lang('btn_api'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=wechall_api'); echo GWF_Button::wrapEnd(); $url = Module_WeChall::instance()->cfgWarboxURL(); $port = Module_WeChall::instance()->cfgWarboxPort(); echo GWF_Box::box($l->lang('war_1b', array($url, $port)), $l->lang('war_1t')); echo GWF_Box::box($l->lang('war_4b', array($url, $port)), $l->lang('war_4t')); $box = ""; $box .= $l->lang('war_2b') . "\n<br/>\n"; foreach ($l->lang('war_2b_os') as $os => $code) { $box .= $os . "<br/>\n"; $box .= $code . "\n"; } $box .= "<br/>\n"; echo GWF_Box::box($box, $l->lang('war_2t')); echo GWF_Box::box($l->lang('war_3b', array($url, $port)), $l->lang('war_3t')); echo GWF_Button::wrapStart(); echo GWF_Button::generic($l->lang('btn_join'), GWF_WEB_ROOT . 'join_us'); echo GWF_Button::generic($l->lang('btn_join_war'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=warbox', 'generic', '', true); echo GWF_Button::generic($l->lang('btn_join_opt'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=optional'); echo GWF_Button::generic($l->lang('btn_api'), GWF_WEB_ROOT . 'index.php?mo=WeChall&me=JoinUs§ion=wechall_api'); echo GWF_Button::wrapEnd();
/** * Recalc the score for this site. * @return boolean */ private function recalcScore() { if ($this->isLinear()) { $wc = Module_WeChall::instance(); $wc->includeClass('WC_Warbox'); $wc->includeClass('WC_Warflag'); $basescore = WC_Warflag::getTotalscoreForSite($this); if ($this->isNoV1()) { // WC_RegAt::calcTotalscores() } } else { $basescore = $this->getBasescore(); $average = $this->getAverage(); $challcnt = $this->getChallcount(); $spc = $this->getVar('site_spc'); $basescore += $spc * $challcnt; $basescore += $basescore - $average * $basescore; $basescore = intval(round($basescore)); } if ($basescore !== $this->getVar('site_score')) { require_once 'WC_HistorySite.php'; if (false === WC_HistorySite::insertEntry($this->getID(), $this->getScore(), $this->getUsercount(), $this->getChallcount())) { echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); return false; } return $this->saveVar('site_score', $basescore); } return true; }