if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") { echo "<html><head><title>View Page</title>"; IntrusionNotify("Bad parameters in filewindow.php"); echo "<script>window.close();</script></html>"; exit; } $cf = globalconf(); $fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]); $msg = ''; if (isset($_GET["msg"])) { $msg = rawurldecode($_GET["msg"]); } $p = myhash($_GET["oid"] . $fname . $msg . session_id() . $cf["key"]); if ($p != $_GET["check"]) { echo "<html><head><title>View Page</title>"; IntrusionNotify("Parameters modified in filewindow.php"); echo "<script>window.close();</script></html>"; exit; } require_once "db.php"; if ($_GET["oid"] >= 0) { $c = DBConnect(); DBExec($c, "begin work"); if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) { echo "<html><head><title>View Page</title>"; DBExec($c, "rollback work"); LOGError("Unable to download file (" . basename($fname) . ")"); MSGError("Unable to download file (" . basename($fname) . ")"); echo "<script>window.close();</script></html>"; exit; }
$param['maxfilesize'] = $_POST["maxfilesize"] * 1000; $param['active'] = 0; $param['mainsite'] = $_POST["mainsite"]; $param['mainsiteurl'] = $_POST["mainsiteurl"]; $param['unlockkey'] = $_POST["unlockkey"]; if (isset($_FILES["keyfile"]) && $_FILES["keyfile"]["name"] != "") { $type = myhtmlspecialchars($_FILES["keyfile"]["type"]); $size = myhtmlspecialchars($_FILES["keyfile"]["size"]); $name = myhtmlspecialchars($_FILES["keyfile"]["name"]); $temp = myhtmlspecialchars($_FILES["keyfile"]["tmp_name"]); if (!is_uploaded_file($temp)) { IntrusionNotify("file upload problem."); ForceLoad("../index.php"); } if (($ar = file($temp)) === false) { IntrusionNotify("Unable to open the uploaded file."); ForceLoad("user.php"); } $dd = 0; foreach ($ar as $val => $key) { $key = trim($key); if ($key == '') { unset($ar[$val]); continue; } if (substr($key, 10, 5) != '#####') { MSGError('Invalid key in the file -- not importing any keys'); $dd = 0; break; } if (isset($param['unlockkey']) && $param['unlockkey'] != '') {
if ($size > $ct["contestmaxfilesize"] || strlen($name) > 100 || strlen($name) < 1) { echo "\nRESULT: SUBMITTED FILE (OR NAME) TOO LARGE"; exit; } } else { $type = myhtmlspecialchars($_FILES["sourcefile"]["type"]); $size = myhtmlspecialchars($_FILES["sourcefile"]["size"]); $name = myhtmlspecialchars($_FILES["sourcefile"]["name"]); $temp = myhtmlspecialchars($_FILES["sourcefile"]["tmp_name"]); if ($size > $ct["contestmaxfilesize"]) { LOGLevel("User {$_SESSION["usertable"]["username"]} tried to submit file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1); MSGError("File size exceeds the limit allowed."); ForceLoad($runteam); } if (!is_uploaded_file($temp) || strlen($name) > 100) { IntrusionNotify("file upload problem."); ForceLoad("../index.php"); } } if (strpos($name, ' ') === true || strpos($temp, ' ') === true || strpos($name, '/') === true || strpos($temp, '/') === true || strpos($name, '`') === true || strpos($temp, '`') === true || strpos($name, '\'') === true || strpos($temp, '\'') === true || strpos($name, "\"") === true || strpos($temp, "\"") === true || strpos($name, '$') === true || strpos($temp, '$') === true) { if (isset($_POST['name']) && $_POST['name'] != '') { echo "\nRESULT: FILE NAME PROBLEM (EG CANNOT HAVE SPACES)"; exit; } MSGError("File name cannot contain spaces."); ForceLoad($runteam); } $ac = array('contest', 'site', 'user', 'problem', 'lang', 'filename', 'filepath'); $ac1 = array('runnumber', 'rundate', 'rundatediff', 'rundatediffans', 'runanswer', 'runstatus', 'runjudge', 'runjudgesite', 'runjudge1', 'runjudgesite1', 'runanswer1', 'runjudge2', 'runjudgesite2', 'runanswer2', 'autoip', 'autobegindate', 'autoenddate', 'autoanswer', 'autostdout', 'autostderr', 'updatetime'); $param = array('contest' => $_SESSION["usertable"]["contestnumber"], 'site' => $_SESSION["usertable"]["usersitenumber"], 'user' => $_SESSION["usertable"]["usernumber"], 'problem' => $prob, 'lang' => $lang, 'filename' => $name, 'filepath' => $temp); if (isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
ob_start(); header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: text/html; charset=utf-8"); session_start(); ob_end_flush(); if (isset($_SESSION["usertable"])) { $_SESSION["usertable"] = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]); } else { IntrusionNotify("scoretable1"); ForceLoad("index.php"); } if (!isset($_SESSION['usertable']['usertype']) || $_SESSION["usertable"]["usertype"] != "score" && $_SESSION["usertable"]["usertype"] != "site") { IntrusionNotify("scoretable2"); ForceLoad("index.php"); } } if (!ValidSession()) { InvalidSession("scoretable.php"); ForceLoad("index.php"); } $loc = $_SESSION["loc"]; if (!isset($detail)) { $detail = true; } if (!isset($final)) { $final = false; } $scoredelay["admin"] = 3;
header("Content-Type: text/html; charset=utf-8"); session_start(); ob_end_flush(); require_once '../version.php'; require_once "../globals.php"; require_once "../db.php"; echo "<html><head><title>System's Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; //echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("system/index.php"); ForceLoad("../index.php"); } if ($_SESSION["usertable"]["usertype"] != "system") { IntrusionNotify("system/index.php"); ForceLoad("../index.php"); } echo "</head><body><table border=1 width=\"100%\">\n"; echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>"; echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>"; echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n"; echo "Username: "******"usertable"]["userfullname"] . "<br>\n"; list($clockstr, $clocktype) = siteclock(); echo "</td><td bgcolor=\"#eeee00\" align=center nowrap> " . $clockstr . " </td></tr>\n"; echo "</table>\n"; echo "<table border=0 width=\"100%\" align=center>\n"; echo " <tr>\n"; echo " <td align=center><a class=menu style=\"font-weight:bold\" href=contest.php>Contest</a></td>\n"; echo " <td align=center><a class=menu style=\"font-weight:bold\" href=importxml.php>Import</a></td>\n";
<?php $loc = $locr = ".."; require_once "{$locr}/globals.php"; require_once "{$locr}/db.php"; if (!ValidSession()) { InvalidSession("webcast/index.php"); ForceLoad("{$loc}/index.php"); } if ($_SESSION["usertable"]["usertype"] != "admin") { IntrusionNotify("webcast/index.php"); ForceLoad("{$loc}/index.php"); } $contest = $_SESSION["usertable"]["contestnumber"]; $site = $_SESSION["usertable"]["usersitenumber"]; if (($ct = DBSiteInfo($contest, $site)) == null) { ForceLoad("../index.php"); } if (isset($_GET['full']) && $_GET['full'] > 0) { $freezeTime = $ct['siteduration']; } else { $freezeTime = $ct['sitelastmilescore']; }
} ForceLoad("task.php"); } if (isset($_FILES["filename"]) && isset($_POST["Submit"]) && $_FILES["filename"]["name"] != "") { if ($_POST["confirmation"] == "confirm") { $type = myhtmlspecialchars($_FILES["filename"]["type"]); $size = myhtmlspecialchars($_FILES["filename"]["size"]); $name = myhtmlspecialchars($_FILES["filename"]["name"]); $temp = myhtmlspecialchars($_FILES["filename"]["tmp_name"]); if ($size > $ct["contestmaxfilesize"]) { LOGLevel("User {$_SESSION["usertable"]["username"]} tried to print file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1); MSGError("File size exceeds the limit allowed."); ForceLoad("task.php"); } if (!is_uploaded_file($temp)) { IntrusionNotify("Printing file upload problem"); ForceLoad("../index.php"); } $param['contest'] = $_SESSION["usertable"]["contestnumber"]; $param['site'] = $_SESSION["usertable"]["usersitenumber"]; $param['user'] = $_SESSION["usertable"]["usernumber"]; $param['desc'] = "File to print"; $param['filename'] = $name; $param['filepath'] = $temp; DBNewTask($param); } ForceLoad("task.php"); } ?> <br> <table width="100%" border=1>
function DBLogInContest($name, $pass, $contest, $msg = true) { $b = DBGetRow("select * from contesttable where contestnumber={$contest}", 0, null, "DBLogIn(get active contest)"); if ($b == null) { LOGLevel("There is no contest {$contest}.", 0); if ($msg) { MSGError("There is no contest {$contest}, contact an admin."); } return false; } $d = DBSiteInfo($b["contestnumber"], $b["contestlocalsite"], null, false); if ($d == null) { if ($msg) { MSGError("There is no active site, contact an admin."); } return false; } $a = DBGetRow("select * from usertable where username='******' and contestnumber=" . $b["contestnumber"] . " and " . "usersitenumber=" . $b["contestlocalsite"], 0, null, "DBLogIn(get user)"); if ($a == null) { if ($msg) { LOGLevel("User {$name} tried to log in contest {$contest} but it does not exist.", 2); MSGError("User does not exist or incorrect password."); } return false; } $a = DBUserInfo($b["contestnumber"], $b["contestlocalsite"], $a['usernumber'], null, false); $_SESSION['usertable'] = $a; $p = myhash($a["userpassword"] . session_id()); $_SESSION['usertable']['userpassword'] = $p; if ($a["userpassword"] != "" && $p != $pass) { LOGLevel("User {$name} tried to log in contest {$contest} but password was incorrect.", 2); if ($msg) { MSGError("Incorrect password."); } unset($_SESSION["usertable"]); return false; } if ($d["sitepermitlogins"] == "f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") { LOGLevel("User {$name} tried to login contest {$contest} but logins are denied.", 2); if ($msg) { MSGError("Logins are not allowed."); } unset($_SESSION["usertable"]); return false; } if ($a["userenabled"] != "t") { LOGLevel("User {$name} tried to log in contest {$contest} but it is disabled.", 2); if ($msg) { MSGError("User disabled."); } unset($_SESSION["usertable"]); return false; } $gip = getIP(); if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") { LOGLevel("User {$name} is using two different IPs: " . $a["userip"] . "(" . dateconv($a["userlastlogin"]) . ") and " . $gip, 1); if ($msg && $a["usertype"] != "admin") { MSGError("You are using two distinct IPs. Admin notified."); } } if ($a["userpermitip"] != "") { $ips = explode(';', $a["userpermitip"]); $gips = explode(';', $gip); if (count($gips) < count($ips)) { IntrusionNotify("Invalid IP: " . $gip); ForceLoad("index.php"); } for ($ipss = 0; $ipss < count($ips); $ipss++) { $gipi = $gips[$ipss]; $ipi = $ips[$ipss]; if (!match_network($ipi, $gipi)) { IntrusionNotify("Invalid IP: " . $gip); ForceLoad("index.php"); } } } $c = DBConnect(); $t = time(); if ($a["usertype"] == "team" && $a["usermultilogin"] != "t" && $a["userpermitip"] == "") { $r = DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userpermitip='" . $gip . "'," . "userlastlogin={$t}, usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update session)"); } else { DBExec($c, "begin work"); $sql = "update usertable set usersessionextra='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"] . " and (usersessionextra='' or userip != '" . $gip . "' or userlastlogin<=" . ($t - 86400) . ")"; DBExec($c, $sql); DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userlastlogin={$t}, " . "usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update user)"); if ($name == 'admin') { list($clockstr, $clocktime) = siteclock(); if ($clocktime < -600) { DBExec($c, "update contesttable set contestunlockkey='' where contestnumber=" . $b["contestnumber"], "DBLogInContest(update contest)"); } } DBExec($c, "commit work"); } LOGLevel("User {$name} authenticated (" . $gip . ")", 2); return $a; }
require_once "../globals.php"; require_once "../db.php"; $runteam = 'team.php'; $runphp = "runchief.php"; $runeditphp = "runeditchief.php"; echo "<html><head><title>Judge's Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; //temporario!!!! //echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("judge/index.php"); ForceLoad("../index.php"); } if ($_SESSION["usertable"]["usertype"] != "judge") { IntrusionNotify("judge/index.php"); ForceLoad("../index.php"); } if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) { ForceLoad("../index.php"); } if ($s["sitechiefname"] == $_SESSION["usertable"]["username"]) { $cc = "338833"; } else { $cc = "77cc77"; } echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n"; echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n"; echo "<tr><td nowrap bgcolor=\"#{$cc}\" align=center>"; echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>";
} if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") { echo "<html><head><title>Download Page</title>"; IntrusionNotify("Bad parameters in filedownload.php"); ForceLoad("index.php"); } $cf = globalconf(); $fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]); if (isset($_GET["msg"])) { $p = myhash($_GET["oid"] . $fname . rawurldecode($_GET["msg"]) . session_id() . $cf["key"]); } else { $p = myhash($_GET["oid"] . $fname . session_id() . $cf["key"]); } if ($p != $_GET["check"]) { echo "<html><head><title>View Page</title>"; IntrusionNotify("Parameters modified in filedownload.php. "); ForceLoad("index.php"); } require_once "db.php"; if ($_GET["oid"] >= 0) { $c = DBConnect(); DBExec($c, "begin work"); if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) { echo "<html><head><title>Download Page</title>"; DBExec($c, "rollback work"); LOGError("Unable to download file (" . basename($fname) . ")"); MSGError("Unable to download file (" . basename($fname) . ")"); ForceLoad("index.php"); } header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
exit; } if (!isset($getx['check'])) { ob_end_flush(); echo "<!-- <ERROR2> " . session_id() . " " . session_id() . " -->\n"; exit; } } else { ob_end_flush(); LogLevel("Init connection by IP " . getIP(), 2); echo "<!-- <SESSION1> " . session_id() . " " . session_id() . " -->\n"; exit; } } if (!ValidSession()) { ob_end_flush(); InvalidSession("site/index.php"); ForceLoad("../index.php"); exit; } if (isset($getx['check']) && isset($getx["password"]) && $getx['check'] != myhash($getx["password"] . $_SESSION['usertable']['userpassword'])) { ob_end_flush(); echo "<!-- <SESSION2> " . session_id() . " " . $_SESSION['usertable']['usersessionextra'] . " -->\n"; exit; } if ($_SESSION["usertable"]["usertype"] != "site") { ob_end_flush(); IntrusionNotify("site/index.php"); ForceLoad("../index.php"); exit; }
$runeditphp = "runedit.php"; require_once "{$locr}/globals.php"; require_once "{$locr}/db.php"; if (!isset($_POST['noflush'])) { require_once "{$locr}/version.php"; echo "<html><head><title>Admin's Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"{$loc}/Css2.php\" type=\"text/css\">\n"; } //echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("admin/index.php"); ForceLoad("{$loc}/index.php"); } if ($_SESSION["usertable"]["usertype"] != "admin") { IntrusionNotify("admin/index.php"); ForceLoad("{$loc}/index.php"); } if (!isset($_POST['noflush'])) { echo "</head><body><table border=1 width=\"100%\">\n"; echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>"; echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>"; echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n"; echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n"; list($clockstr, $clocktype) = siteclock(); echo "</td><td bgcolor=\"#eeee00\" align=center nowrap> " . $clockstr . " </td></tr>\n"; echo "</table>\n"; echo "<table border=0 width=\"100%\" align=center>\n"; echo " <tr>\n"; echo " <td align=center><a class=menu style=\"font-weight:bold\" href=run.php>Runs</a></td>\n";
header("Content-Type: text/html; charset=utf-8"); session_start(); ob_end_flush(); require_once '../version.php'; require_once "../globals.php"; require_once "../db.php"; echo "<html><head><title>Score Board Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("score/index.php"); ForceLoad("../index.php"); } if ($_SESSION["usertable"]["usertype"] != "score") { IntrusionNotify("score/index.php"); ForceLoad("../index.php"); } echo "</head><body><table border=1 width=\"100%\">\n"; echo "<tr><td nowrap bgcolor=\"#cc9966\" align=center>"; echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>"; echo "</td><td bgcolor=\"#cc9966\" width=\"99%\">\n"; echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n"; //list($clockstr,$clocktype)=siteclock(); // THIS IS SLOW, WE NEED A BETTER OPTION $clockstr = ''; echo "</td><td bgcolor=\"#cc9966\" align=center nowrap> " . $clockstr . " </td></tr>\n"; echo "</table>\n"; if (!isset($_SESSION["scorenomenu"]) || !$_SESSION["scorenomenu"]) { echo "<table border=0 width=\"100%\" align=center>\n"; echo " <tr>\n";
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: text/html; charset=utf-8"); session_start(); ob_end_flush(); //$locr = $_SESSION['locr']; //$loc = $_SESSION['loc']; $loc = $locr = "../.."; require_once $locr . "/globals.php"; if (!ValidSession()) { InvalidSession($_SERVER['PHP_SELF']); ForceLoad($loc . "/index.php"); } if ($_SESSION["usertable"]["usertype"] != "admin") { IntrusionNotify($_SERVER['PHP_SELF']); ForceLoad($loc . "/index.php"); } require_once $locr . "/db.php"; require_once $locr . "/freport.php"; echo "<html><head><title>Report Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"{$loc}/Css.php\" type=\"text/css\">\n"; $contest = $_SESSION["usertable"]["contestnumber"]; if (($ct = DBContestInfo($contest)) == null) { ForceLoad($loc . "/index.php"); } $site = $_SESSION["usertable"]["usersitenumber"]; if (($st = DBSiteInfo($contest, $site)) == null) { ForceLoad($loc . "/index.php"); }
} if (isset($_POST["answer"]) && isset($_POST["Submit"]) && $_POST["Submit"] == "Judge" && is_numeric($_POST["answer"]) && isset($_POST["sitenumber"]) && isset($_POST["number"]) && is_numeric($_POST["sitenumber"]) && is_numeric($_POST["number"])) { // && isset($_POST["notifyuser"]) && isset($_POST["updatescore"])) { if ($_POST["confirmation"] == "confirm") { $answer = myhtmlspecialchars($_POST["answer"]); $sitenumber = myhtmlspecialchars($_POST["sitenumber"]); $number = myhtmlspecialchars($_POST["number"]); // $notuser = myhtmlspecialchars($_POST["notifyuser"]); // $updscore = myhtmlspecialchars($_POST["updatescore"]); DBUpdateRun($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $answer); //, $notuser, $updscore); } ForceLoad("run.php"); } if (!isset($_GET["runnumber"]) || !isset($_GET["runsitenumber"]) || !is_numeric($_GET["runnumber"]) || !is_numeric($_GET["runsitenumber"])) { IntrusionNotify("tried to open the judge/runedit.php with wrong parameters."); ForceLoad("run.php"); } $runsitenumber = myhtmlspecialchars($_GET["runsitenumber"]); $runnumber = myhtmlspecialchars($_GET["runnumber"]); if (($a = DBGetRunToAnswer($runnumber, $runsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) { MSGError("Another judge got it first."); ForceLoad("run.php"); } $b = DBGetProblemData($_SESSION["usertable"]["contestnumber"], $a["problemnumber"]); ?> <br><br><center><b>Use the following fields to judge the run: </b></center> <form name="form1" method="post" action="runedit.php"> <input type=hidden name="confirmation" value="noconfirm" /> <center>
header("Pragma: no-cache"); header("Content-Type: text/html; charset=utf-8"); session_start(); ob_end_flush(); require_once "../globals.php"; require_once "../db.php"; echo "<html><head><title>Staff's Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; //echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("staff/index.php"); ForceLoad("../index.php"); } if ($_SESSION["usertable"]["usertype"] != "staff" && $_SESSION["usertable"]["usertype"] != "admin") { IntrusionNotify("staff/index.php"); ForceLoad("../index.php"); } echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n"; echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n"; echo "<tr><td nowrap bgcolor=\"#ffa020\" align=center>"; echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>"; echo "</td><td bgcolor=\"#ffa020\" width=\"99%\">\n"; echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n"; list($clockstr, $clocktype) = siteclock(); echo "</td><td bgcolor=\"#ffa020\" align=center nowrap> " . $clockstr . " </td></tr>\n"; echo "</table>\n"; if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) { ForceLoad("../index.php"); }
echo "<html><head><title>Team's Page</title>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; ?> <!-- Latest compiled and minified CSS --> <link rel="stylesheet" href="/assets/bootstrap/css/bootstrap.min.css"> <!-- Latest compiled and minified JavaScript --> <script src="/assets/bootstrap/js/bootstrap.min.js"></script> <?php //echo "<meta http-equiv=\"refresh\" content=\"60\" />"; if (!ValidSession()) { InvalidSession("team/index.php"); ForceLoad("../index.php"); } if ($_SESSION["usertable"]["usertype"] != "team") { IntrusionNotify("team/index.php"); ForceLoad("../index.php"); } ?> <div class="container"> <!-- <nav class="navbar navbar-default"> <div class="container-fluid"> <div class="navbar-header"> <a class="navbar-brand" href="/team/index.php"> <span><img alt="BOCA" src="../images/smallballoontransp.png"> Boca</span> </a> </div> <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-4"> <p class="navbar-text navbar-right">
$type = 'site'; } else { $type = 'none'; } } if (trim($ans) == "") { DBClarGiveUp($number, $sitenumber, $_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usernumber"], $_SESSION["usertable"]["usersitenumber"]); MSGError("Clarification returned."); } else { DBChiefUpdateClar($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $ans, $type); } } ForceLoad("clar.php"); } if (!isset($_GET["clarnumber"]) || !isset($_GET["clarsitenumber"]) || !is_numeric($_GET["clarnumber"]) || !is_numeric($_GET["clarsitenumber"])) { IntrusionNotify("tried to open the admin/claredit.php with wrong parameters."); ForceLoad("clar.php"); } $clarsitenumber = myhtmlspecialchars($_GET["clarsitenumber"]); $clarnumber = myhtmlspecialchars($_GET["clarnumber"]); if (($a = DBChiefGetClarToAnswer($clarnumber, $clarsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) { MSGError("Another judge got it first."); ForceLoad("clar.php"); } ?> <br><br><center><b>Use the following fields to answer the clarification: </b></center> <form name="form1" method="post" action="claredit.php"> <input type=hidden name="confirmation" value="noconfirm" /> <center> <table border="0">