public function check() { $this->setView('reclaim/index'); if (Session::isLoggedIn()) { return Error::set('You\'re logged in!'); } $this->view['valid'] = true; $this->view['publicKey'] = Config::get('recaptcha:publicKey'); if (empty($_POST['recaptcha_challenge_field']) || empty($_POST['recaptcha_response_field'])) { return Error::set('We could not find the captcha validation fields!'); } $recaptcha = Recaptcha::check($_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']); if (is_string($recaptcha)) { return Error::set(Recaptcha::$errors[$recaptcha]); } if (empty($_POST['username']) || empty($_POST['password'])) { return Error::set('All forms are required.'); } $reclaims = new reclaims(ConnectionFactory::get('mongo')); $good = $reclaims->authenticate($_POST['username'], $_POST['password']); if (!$good) { return Error::set('Invalid username/password.'); } $reclaims->import($_POST['username'], $_POST['password']); $users = new users(ConnectionFactory::get('mongo')); $users->authenticate($_POST['username'], $_POST['password']); header('Location: ' . Url::format('/')); }
public function delete($arguments) { if (!CheckAcl::can('deleteNotices')) { return Error::set('You are not allowed to delete notices!'); } if (empty($arguments[0])) { return Error::set('No notice id was found!'); } $notices = new notices(ConnectionFactory::get('redis')); $return = $notices->delete($arguments[0]); if (is_string($return)) { return Error::set($return); } header('Location: ' . Url::format('/notice/')); }
public function vote($arguments) { if (!CheckAcl::can('voteOnNews')) { return Error::set('You can not vote on news posts.'); } if (empty($arguments[0]) || empty($arguments[1])) { return Error::set('Vote or news id not found.'); } $news = new news(ConnectionFactory::get('mongo')); $result = $news->castVote($arguments[0], $arguments[1]); $post = $news->get($arguments[0], false, true); if (is_string($result)) { return Error::set($result, false, array('Back' => Url::format('/news/view/' . Id::create($post, 'news')))); } Error::set('Vote cast!', true, array('Back' => Url::format('/news/view/' . Id::create($post, 'news')))); }
public static function handler($data = null) { Session::init(); $key = Cache::PREFIX . 'sessionReq_' . Session::getId(); if (apc_exists($key)) { Session::setBatchVars(apc_fetch($key)); apc_delete($key); } $ip = Session::getVar('ip'); if (Session::isLoggedIn() && Session::getVar('lockToIP') && $ip != null && $ip != $_SERVER['REMOTE_ADDR']) { Session::destroy(); header('Location: ' . Url::format('/')); die; } Session::setVar('ip', $_SERVER['REMOTE_ADDR']); $twitter = new twitter(ConnectionFactory::get('redis')); Layout::set('tweets', $twitter->getOfficialTweets()); self::slowBan(); self::errorBan(); }
<?php if (!empty($valid) && $valid) { ?> <center> <?php foreach ($missions as $mission) { ?> <div class="well"> <center> <h3><a href="<?php echo Url::format('missions/' . strtolower($mission['name'])); ?> "><?php echo ucwords($mission['name']); ?> Missions</a></h3> <p><?php echo $mission['description']; ?> </p> </center> </div> <?php } ?> </center> <?php }
<?php if (!empty($valid) && $valid) { ?> <u><h2>Your Certificate:</h2></u> <pre> <?php echo $certificate; ?> </pre><br /> <i>Save this to file so your browser can use it!</i><br /> <a href="<?php echo Url::format('pages/info/keyauthentication'); ?> ">Read More...</a> <?php }
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Post News</h1></div> <form class="well form-veritcal" action="<?php echo Url::format('/news/post/save'); ?> " method="post"> <label>Title: </label> <input type="text" name="title" /><br /> <label>Department: </label> <input type="text" name="department" /><br /> <label>Text: </label> <textarea style="width: 100%" rows="10" name="body"></textarea><br /> <label>Tags: </label> <input type="text" name="tags" /> <span class="help-inline">(Comma seperated list of tags)</span><br /> <label class="checkbox"><input type="checkbox" name="commentable" value="yes" /> Commentable</label> <label class="checkbox"><input type="checkbox" name="shortNews" value="yes" /> Short News</label> <input type="submit" class="btn btn-info" name="preview" value="Preview" /> <input type="submit" class="btn btn-primary" name="post" value="Post News" /> </form> <?php } elseif (!empty($valid) && !$valid) { ?> <a href="<?php echo Url::format('/news/view/' . Id::create($info, 'news')); ?> ">Read</a> <?php }
echo $description; ?> </blockquote> <?php } ?> <p><?php echo BBCode::parse($body); ?> </p> <?php if (!empty($mlt)) { ?> <p><h4>More Like This:</h4> <?php foreach ($mlt as $fetched) { echo '<a href="' . Url::format('article/view/' . Id::create($fetched, 'news')) . '">' . $fetched['title'] . '</a><br />'; } ?> </p> <?php } if ($published && empty($revision) && empty($preview)) { $data = array('_id' => $_id, 'rating' => $rating, 'type' => 'Articles', 'where' => 'article'); echo Partial::render('like', $data); } ?> </div>
<?php if (!empty($valid) && $valid) { ?> <form class="form-inline" action="<?php echo Url::format('/lost/access'); ?> " method="post"> <label>Your username:</label> <input type="text" name="username" /> <input type="submit" value="Go" class="btn btn-primary" /> </form> <?php }
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Register</h1></div> <form class="well form-vertical" action="<?php echo Url::format('/user/register/save'); ?> " method="post"> <label>Username</label> <input type="text" name="username" required /><br /> <label>Password</label> <input type="text" name="password" required /><br /> <label>Email</label> <input type="text" name="email" required /><br /> <label class="checkbox"> <input type="checkbox" name="hideEmail" value="true" /> Hide Your Email? </label> <div class="control-group"> <script type="text/javascript"> var RecaptchaOptions = { theme : 'white' }; </script> <script type="text/javascript"src="https://www.google.com/recaptcha/api/challenge?k=<?php echo $publicKey;
, <em><?php echo $name; ?> </em> </div> <div class="hero-unit"> <h1>Congratulations!</h1><br /> <p><?php echo call_user_func(array($basic, 'explainMission' . $num)); ?> <br /></p> <?php if ($next) { ?> <p> <a class="btn btn-large btn-success pull-right" href="<?php echo Url::format('missions/basic/' . ($num + 1)); ?> "> Next Mission! </a> </p> <?php } ?> </div> <?php }
public function delete($arguments) { $model = new $this->model(ConnectionFactory::get($this->db)); if (empty($arguments[0])) { return Error::set('No ' . $this->name . ' id was found!'); } if (!method_exists($model, 'authChange') && !CheckAcl::can('delete' . $this->permission)) { return Error::set('You are not allowed to delete ' . $this->pluralize($this->name) . '!'); } if (method_exists($model, 'authChange')) { $entry = $model->get($arguments[0], false, true); if (!(method_exists($model, 'authChange') && $model->authChange('delete', $entry))) { return Error::set('You are not allowed to delete this ' . $this->name . '!'); } } $return = call_user_func_array(array($model, 'delete'), array($arguments[0])); if (is_string($return)) { return Error::set($return); } Error::set(ucwords($this->name) . ' deleted!', true); if (!isset($this->dnr) || isset($this->dnr) && !$this->dnr) { header('Location: ' . Url::format($this->location)); } Log::activity('Deleted: ' . $this->name . ' (' . $arguments[0] . ')', null); }
<div class="well"> <h3><a href="<?php echo Url::format('article/view/' . Id::create(array('date' => $date, 'title' => $title), 'news')); ?> "><?php echo $title; ?> </a></h3> <p><?php echo $description; ?> </p> </div>
$page -- Current page number. $url -- Where to redirect. */ $pages = ceil($total / $perPage); ?> <center> <div class="pagination"> <ul> <?php for ($i = 1; $i <= $pages; ++$i) { ?> <li<?php if ($page == $i) { ?> class="active"<?php } ?> ><a href="<?php echo Url::format($url . $i) . (!empty($where) ? '#' . $where : ''); ?> "><?php echo $i; ?> </a></li> <?php } ?> </ul> </div></center> <br />
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Edit Comment</h1></div> <form class="well" action="<?php echo Url::format('/comment/edit/' . $post['_id'] . '/save'); ?> " method="post"> <input type="hidden" name="contentId" value="<?php echo $post['contentId']; ?> " /> <textarea name="text" rows="10" style="width: 100%"><?php echo $post['text']; ?> </textarea><br /> <input type="submit" value="Post Comment" class="btn btn-primary" /> </form> <?php }
public function view() { header('Location: ' . Url::format('/lecture')); }
<a href="<?php echo Url::format(empty($_SERVER['HTTP_REFERER']) ? '/' : $_SERVER['HTTP_REFERER']); ?> ">Go Back</a>
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Post Lecture</h1></div> <form class="form-vertical well" action="<?php echo Url::format('lecture/post/save'); ?> " method="post"> <label>Title: </label> <input type="text" name="title" /><br /> <label>Lecturer: </label> <input type="text" name="lecturer" /><br /> <label>Description:</label> <textarea name="description"></textarea><br /> <label>Date: </label> <input type="text" name="date" /> <span class="help-inline">(Culturally acceptable date format: this Saturday, 12:30am)</span><br /> <label>Expected Duration: </label> <input type="text" name="duration" /> <span class="help-inline">(Duration in units: 3 hours, 30 minutes)</span><br /> <input type="submit" value="Post Lecture" class="btn btn-primary" /> </form> <?php }
Contribute your thoughts. Volunteer to beta test some of the new projects. Get used to working with other members of the site. We're here for you, get in contact with us! </p> <h2 id="contact">Contact</h2> <h3>Hack This Site IRC</h3> <p>The best way of getting answers to general questions about the site, and the quickest way of getting involved with the community.</p> <p>irc.hackthissite.org port 7000 (no ssl 6667)<br /> <ul> <li>#hackthissite (general chat)</li> <li>#help (challenges and other help)</li> <li>#team (Staff discussion channel)</li> </ul> <h3>Forums</h3> <p> <a href="<?php echo Url::format('/forums'); ?> ">Hack This Site Forums</a>: The best way of getting help with the hacking challenges; also a hotbed for discussion. </p> <h3>E-mail</h3> <p>We can't always respond, but we do read everything we are sent, so have your voices heard:</p> <ul> <li>HTS staff: staff (at) hackthissite.org</li> <li>Senior Developer: comperr (at) hackthissite.org</li> <li>IRC staff: irc (at) hackthissite.org</li> </ul>
echo $notice, '<br />'; } echo '</div><br />'; } $errors = Error::getAllErrors(); if (Error::has() && !empty($errors)) { echo '<div class="alert alert-error">'; foreach ($errors as $error) { echo $error, '<br />'; } echo '</div><br />'; } ?> <?php echo $content; ?> </div> <!-- End content --> </div></div> <script src="<?php echo Url::format('themes/jquery.js', true); ?> "></script> <script src="<?php echo Url::format('themes/bootstrap/js/bootstrap.min.js', true); ?> "></script> </body> </html>
public function admin_note() { if (!CheckAcl::can('postNotes')) { return Error::set('You are not allowed to post notes.'); } if (empty($_POST['userId'])) { return Error::set('No user id was found.'); } if (empty($_POST['note'])) { return Error::set('No note text was found.'); } $users = new users(ConnectionFactory::get('mongo')); $return = $users->addNote($_POST['userId'], $_POST['note']); if (is_string($return)) { return Error::set($return); } Error::set('Note posted.', true); if (!empty($_SERVER['HTTP_REFERER'])) { header('Location: ' . Url::format($_SERVER['HTTP_REFERER'])); } }
if (!is_array($tags)) { $tags = explode(',', clean($tags)); } $category = clean($category); ?> <div class="page-header"><h1><?php echo ucwords($method); ?> Article</h1></div> <?php if (!empty($preview) && $preview && !is_string($info)) { echo Partial::render('articleFull', $info); } ?> <form class="form-vertical well" action="<?php echo Url::format('/article/' . $method . (empty($_id) ? '' : '/' . $_id) . '/save'); ?> " method="post"> <label>Title: </label> <input type="text" name="title" value="<?php echo clean($title); ?> " /><br /> <label>Category: </label> <select name="category"> <?php foreach (articles::$categories as $short => $rCategory) { ?> <option value="<?php echo $short; ?> "<?php
Your password has been reset. Check your email for a link. <?php if (!$mail) { ?> <br /><br /> Mail is down so <a href="<?php echo Url::format('/lost/confirm/' . $id . '/password'); ?> ">click here</a>. <?php }
<?php if (!empty($valid) && $valid) { ?> <?php } if (CheckAcl::can('haveConnections')) { ?> <form class="form-horizontal well" action="<?php echo Url::format('/user/connections'); ?> " method="post"> <legend>Manage Connections</legend> <div class="control-group"> <label class="control-label">GitHub Username</label> <div class="controls"> <input type="text" name="github"<?php echo !empty($github) ? 'value="' . $github . '"' : ''; ?> /> </div> </div> <input type="submit" value="Save" class="btn btn-primary" /> </form> <?php }
You finished <?php echo $current; ?> !<br /> <?php if (!empty($next)) { ?> <a href="<?php echo Url::format('missions/' . $next); ?> ">Next</a><?php } ?> <?php Mission::finishMission($handle, $id);
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Account Reclamation</h1></div> <p>Fill out the form below to have your old HackThisSite account converted into the new format.</p> <center><form action="<?php echo Url::format('/reclaim/check'); ?> " method="post"> Username: <input type="text" name="username" /><br /> Password: <input type="password" name="password" /><br /> <div class="control-group"> <script type="text/javascript"src="http://www.google.com/recaptcha/api/challenge?k=<?php echo $publicKey; ?> "></script> <noscript> <iframe src="http://www.google.com/recaptcha/api/noscript?k=<?php echo $publicKey; ?> " height="300" width="500" frameborder="0"></iframe><br> <textarea name="recaptcha_challenge_field" rows="3" cols="40"> </textarea> <input type="hidden" name="recaptcha_response_field" value="manual_challenge"> </noscript>
foreach ($news as $post) { echo Partial::render('newsShort', $post); } ?> <br /> <div class="well"> <strong>Most Recent Users:</strong><br /> <?php $links = array(); foreach ($onlineUsers as $user) { array_push($links, '<a href="' . Url::format('/user/view/' . $user) . '">' . $user . '</a>'); } echo implode(' - ', $links); ?> <br /> <strong>Users on IRC: (<?php echo $ircOnline['unknown']; ?> unknown users)</strong><br /> <?php $links = array(); if (!empty($ircOnline['usernames'])) { foreach ($ircOnline['usernames'] as $user) { array_push($links, '<a href="' . Url::format('/user/view/' . $user) . '">' . $user . '</a>'); } } echo implode(' - ', $links); ?> </div>
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>View Bug</h1></div> <form class="form-inline well pull-right" action="<?php echo Url::format('bugs/changeStatus'); ?> " method="post"> <label>Change Status:</label> <select name="status"> <?php foreach (bugs::$status as $status) { ?> <option value="<?php echo $status; ?> "><?php echo ucwords($status); ?> </option> <?php } ?> <option value="public">Public</option> <option value="private">Private</option> <option value="delete">Delete</option> </select>
</td> </tr> <tr> <td class="light-td"> We are a non-profit organization that strives to protect a good security culture and learning atmosphere. </td> </tr> <tr> <td class="light-td"> 1. Higher rankings on the top scores page does not entitle anyone to special privileges nor does s/he achieve any sort of 'nobility'. We are all friends here, all on the same team. Let us not waste our energies battling ourselves, instead let's work with each other towards common goals. However we do encourage users to compete (within reason) purely in the interest of improving their skills. The hacker emblem is an honor and a privilege - not a right. If you use the emblem to show your superiority it will be taken away from you. </td> </tr> <tr> <td class="light-td"> 2. Users are allowed to explore Hack This Site in search of security holes, bugs, etc. provided that they do not exploit them for destructive purposes. We encourage people to 'hack this site' but we ask that they leave the website up for others to benefit and learn from. More information about hacking this site available <a href="<?php echo Url::format('/pages/info/hackthissite'); ?> ">here</a>. We ask that you submit a bug report if you do find one. </td> </tr> <tr> <td class="light-td"> 3. User information (such as IP, ISP, or email address) will not be distributed to any third party or individual. Private messages will remain private, and upon deletion, will remain deleted. </td> </tr> <tr> <td class="light-td"> 4. Moderators roles include: Verifying articles are correct and haven't been plagiarized, checking that links work, keeping HackThisSite out of legal trouble (e.g live links to current hacks), deleting spam, resolving issues between users and general staff functions. Decisions are made at staff member's discretion. </td> </tr> <tr>
<?php if (!empty($valid) && $valid) { ?> <div class="page-header"><h1>Post Article</h1></div> <form class="form-vertical well" action="<?php echo Url::format('/article/post/save'); ?> " method="post"> <label>Title: </label> <input type="text" name="title" /><br /> <label>Category: </label> <select name="category"> <?php foreach (articles::$categories as $short => $category) { ?> <option value="<?php echo $short; ?> "><?php echo $category; ?> </option> <?php } ?> </select> <label>Description:</label> <textarea rows="5" style="width: 100%" name="description"></textarea><br /> <label>Text: </label> <textarea rows="20" style="width: 100%" name="body"></textarea><br />