Пример #1
0
        }
    } else {
        $file_size = $_FILES['uploadedfile']['size'];
        if ($file_size > 2000000) {
            $errors[] = "File is too big. Maximum size is 1 KB. Make sure that " . "your zip file contains only your code files.";
        } else {
            $filename = basename($_FILES['uploadedfile']['name']);
            if (!ends_with($filename, ".zip") && !ends_with($filename, ".tgz") && !ends_with($filename, ".tar.gz")) {
                $errors[] = "Invalid file type. Must be zip, tgz, or tar.gz";
            }
        }
    }
    return $errors;
}
$submission_directory = "/home/contest/ai-contest/planet_wars/submissions/";
if (!logged_in_with_valid_credentials()) {
    header('Location: index.php');
    die;
}
$result = mysql_query("SELECT * FROM users WHERE user_id=" . current_user_id());
$userdata = mysql_fetch_assoc($result);
$sid = session_id();
$local_key = sha1($sid . $userdata['activation_code'] . $userdata['email']);
if ($local_key != $_POST['submit_key']) {
    die('Bad submission key found.');
}
// Uncomment the following line to turn off new submissions.
$errors[] = "Nuh-uh. The contest is over. No more submissions.";
if (count($errors) == 0) {
    if (has_recent_submission()) {
        $errors[] = "Sorry your last submission was too recent.";
Пример #2
0
<?php

include 'session.php';
function safe_str($str)
{
    return mysql_real_escape_string(stripslashes($str));
}
if (!(logged_in_with_valid_credentials() && logged_in_as_admin())) {
    die("Forget it, you must be logged in as admin.");
}
if (!isset($_POST['user_id']) || !isset($_POST['reason'])) {
    die("Did not receive user_id or reason");
}
$user_id = safe_str($_POST['user_id']);
$reason = $_POST['reason'];
$query = "SELECT * from users where user_id=" . $user_id;
$result = mysql_query($query);
if (!result || mysql_num_rows($result) != 1) {
    die("Could not find the user account");
}
$user = mysql_fetch_assoc($result);
if ($user['password'] == "") {
    die("This account is already disabled");
}
$admin = current_username();
$bio = safe_str($user['bio'] . " - " . $reason . " by " . $admin);
$email = safe_str($user['email'] . " disabled");
$query = "UPDATE users SET email='{$email}', bio = '{$bio}', password = ''\n    WHERE user_id={$user_id}";
mysql_query($query);
$query = "UPDATE submissions SET latest=0 WHERE user_id={$user_id}";
mysql_query($query);