function cscircles_administrator()
{
    if (userIsAdmin()) {
        add_menu_page('CS Circles', 'CS Circles', 'edit_plugins', 'cscircles-options', 'cscircles_options_page', UFILES . 'checked16.png', 73);
        add_submenu_page('cscircles-options', "Rebuild Databases", "Rebuild Databases", "edit_plugins", "cscircles-makedb", "cscircles_makedb_page");
    }
}
function dbProblemHistory($limit, $sortname, $sortorder, $req = NULL)
{
    global $db_query_info;
    $db_query_info = array();
    if ($req == NULL) {
        $req = $_REQUEST;
    }
    $db_query_info['type'] = 'problem-history';
    $problemname = getSoft($req, "p", "");
    //which problem?
    $user = getSoft($req, "user", "");
    if ($problemname == "") {
        return __t("You must enter a non-empty problem name.");
    }
    $db_query_info['problem'] = $problemname;
    $resultdesc = array('y' => __t('Did not crash.'), 'Y' => __t('Correct!'), 'N' => __t('Incorrect.'), 'E' => __t('Internal error.'), 'S' => __t('Saved.'), 's' => __t('Saved.'));
    if (!is_user_logged_in()) {
        return __t("You must log in to view past submissions.");
    }
    if ((userIsAdmin() || userIsAssistant()) && $user != "") {
        $u = get_userdata($user);
        if ($u === false) {
            return sprintf(__t("User number %s not found."), $u);
        }
        $db_query_info['viewuser'] = $user;
    } else {
        $u = wp_get_current_user();
    }
    $uid = $u->ID;
    $uname = $u->user_login;
    global $wpdb;
    $table_name = $wpdb->prefix . "pb_submissions";
    $counts = $wpdb->get_results($wpdb->prepare("SELECT COUNT(1), COUNT(userinput) from {$table_name}\nWHERE userid = %d AND problem = %s", $uid, $problemname), ARRAY_N);
    $count = $counts[0][0];
    $showInputColumn = $counts[0][1] > 0;
    if ($count == 0) {
        return sprintf(__t('We do not have record of any submissions from user %1$s for problem %2$s.'), $uname . ' (#' . $uid . ')', $problemname);
    }
    $knownFields = array(__t("time & ID") => "beginstamp", __t("user code") => "usercode", __t("user input") => "userinput", __t("result") => "result");
    if (array_key_exists($sortname, $knownFields)) {
        $sortString = $knownFields[$sortname] . " " . $sortorder . ", ";
    } else {
        $sortString = "";
    }
    $prep = $wpdb->prepare("SELECT ID, beginstamp, usercode, userinput, result from {$table_name}\nWHERE userid = %d AND problem = %s ORDER BY {$sortString} ID DESC" . $limit, $uid, $problemname);
    $flexirows = array();
    foreach ($wpdb->get_results($prep, ARRAY_A) as $r) {
        $cell = array();
        $cell[__t('user code')] = preBox($r['usercode'], -1, -1);
        if ($showInputColumn) {
            $cell[__t('user input')] = $r['userinput'] === NULL ? '<i>' . __t('n/a') . '</i>' : preBox($r['userinput'], -1, 100000);
        }
        if ($problemname != "visualizer") {
            $cell[__t('result')] = getSoft($resultdesc, $r['result'], $r['result']);
        }
        $cell[__t('time &amp; ID')] = str_replace(' ', '<br/>', $r['beginstamp']) . '<br/>#' . $r['ID'];
        $flexirows[] = array('id' => $r['ID'], 'cell' => $cell);
    }
    return array('total' => $count, 'rows' => $flexirows);
}
function dbProblemSummary($limit, $sortname, $sortorder, $req = NULL)
{
    global $db_query_info;
    $db_query_info = array();
    if ($req == NULL) {
        $req = $_REQUEST;
    }
    $db_query_info['type'] = 'problem-summary';
    if (!is_user_logged_in()) {
        return __t("You must log in to view past submissions.");
    }
    $problemslug = getSoft($req, "p", "");
    //which problem?
    if ($problemslug == "") {
        return __t("You must enter a non-empty problem name.");
    }
    global $wpdb;
    $problem_table = $wpdb->prefix . "pb_problems";
    $problemname = $wpdb->get_var($wpdb->prepare("SELECT publicname FROM {$problem_table} WHERE lang = '%s' AND slug = '%s'", pll_current_language(), $problemslug));
    if ($problemname == null) {
        return sprintf(__t("Problem %s not found (at least in current language)"), $problemslug);
    }
    $db_query_info['problem'] = $problemslug;
    $u = wp_get_current_user();
    $uid = $u->ID;
    $db_query_info['viewuser'] = $uid;
    $ulogin = $u->user_login;
    $submit_table = $wpdb->prefix . "pb_submissions";
    $usermeta_table = $wpdb->prefix . "usermeta";
    $user_table = $wpdb->prefix . "users";
    $complete_table = $wpdb->prefix . "pb_completed";
    $count = $wpdb->get_var(userIsAdmin() ? "SELECT count(1) FROM {$user_table}" : $wpdb->prepare("SELECT count(1) FROM {$usermeta_table} WHERE meta_key=%s AND meta_value=%s", 'pbguru', $ulogin));
    $students = $wpdb->get_results(userIsAdmin() ? "SELECT ID FROM {$user_table} {$limit}" : $wpdb->prepare("SELECT user_id AS ID FROM {$usermeta_table} WHERE meta_key=%s AND meta_value=%s {$limit}", 'pbguru', $ulogin));
    // no sorting allowed due to weird nature of query
    $flexirows = array();
    foreach ($students as $r) {
        $sid = $r->ID;
        $sdata = $wpdb->get_row($wpdb->prepare("SELECT usercode, beginstamp FROM {$submit_table} \n                        WHERE userid={$sid} and problem='%s' and result='Y'\n                        ORDER BY beginstamp DESC limit 1", $problemslug));
        $s = get_userdata($sid);
        $cell = array();
        $cell['ID'] = $sid;
        $cell['info'] = userString($sid);
        if ($sdata != null) {
            $cell[__t('latest correct')] = prebox($sdata->usercode);
            $cell[__t('last time')] = $sdata->beginstamp;
            $cell[__t('first time')] = $wpdb->get_var($wpdb->prepare("SELECT time FROM {$complete_table} WHERE userid={$sid} and problem='%s'", $problemslug));
        } else {
            $cell[__t('latest correct')] = '<i>n/a</i>';
            $cell[__t('last time')] = '<i>n/a</i>';
            $cell[__t('first time')] = '<i>n/a</i>';
        }
        $flexirows[] = array('id' => $sid, 'cell' => $cell);
    }
    return array('total' => $count, 'rows' => $flexirows);
}
function adminuserlist($options, $content)
{
    if (!userIsAdmin()) {
        return;
    }
    //resendEmails();
    global $wpdb;
    $rows = $wpdb->get_results('select id, user_login, user_email from ' . $wpdb->prefix . 'users');
    $r = '<table><tr><th>id</th><th>login</th><th>email</th></tr>';
    foreach ($rows as $row) {
        $r .= sprintf("<tr><td>%s</td><td>%s</td><td>%s</td></tr>", $row->id, $row->user_login, $row->user_email);
    }
    $r .= '</table>';
    return $r;
}
function send($problem_info, $from, $to, $student, $slug, $body, $noreply)
{
    global $wpdb, $current_user, $lang;
    $unanswered = getUserID() == $student ? 1 : 0;
    if (getUserID() != $student) {
        $wpdb->update($wpdb->prefix . 'pb_mail', array('unanswered' => 0), array('unanswered' => 1, 'ustudent' => $student, 'problem' => $slug));
    }
    if ($noreply != 'false') {
        // don't redirect
        return "#";
    }
    $insert_to = $to;
    if ($to == 0 && $lang != 'en') {
        $insert_to = getSoft(unserialize(CSCIRCLES_ASST_ID_MAP), $lang, $insert_to);
    }
    $wpdb->insert($wpdb->prefix . 'pb_mail', array('ufrom' => $from, 'uto' => $insert_to, 'ustudent' => $student, 'problem' => $slug, 'body' => $body, 'unanswered' => $unanswered), array('%d', '%d', '%d', '%s', '%s', '%d'));
    $mailref = $wpdb->insert_id;
    if (userIsAdmin() || userIsAssistant()) {
        $mFrom = '"' . __t("CS Circles Assistant") . '" <' . CSCIRCLES_BOUNCE_EMAIL . '>';
    } else {
        $mFrom = '"' . $current_user->user_login . '" <' . $current_user->user_email . '>';
    }
    $subject = __t('CS Circles') . ' - ' . __t('message about') . ' ' . $problem_info['publicname'];
    $contents = $body . "\n===\n";
    $contents .= __t("To send a reply message, please visit") . "\n";
    $contents .= cscurl('mail') . "?who={$student}&what={$slug}&which={$mailref}#m\n";
    $contents .= __t("Problem URL:") . " " . $problem_info['url'] . "\n";
    $contents .= "[" . __t("Sent by CS Circles") . " " . cscurl("homepage") . "]";
    if ($to == 0) {
        // same fallback as admin-options.php
        $to_emailaddr = get_option('cscircles_asst_email', get_userdata(1)->user_email);
        $tmp = getSoft(unserialize(CSCIRCLES_ASST_ID_MAP), $lang, -1);
        if ($lang != 'en' && $tmp != -1) {
            $to_emailaddr = get_user_by('id', $tmp)->user_email;
        }
    } else {
        $to_emailaddr = get_user_by('id', $to)->user_email;
    }
    //pyboxlog($mFrom . " " . $to_emailaddr . " " . $subject . " " . $contents);
    pb_mail($mFrom, $to_emailaddr, $subject, $contents);
    if (get_the_author_meta('pbnocc', getUserID()) != 'true') {
        $to_desc = $to == 0 ? "the CS Circles Assistant" : get_user_by('id', $to)->user_login;
        pb_mail($mFrom, $current_user->user_email, __t("SENT:") . " " . $subject, sprintf(__t("THIS IS A COPY of a message you sent to %s."), $to_desc) . "\n\n" . $contents);
    }
    return $mailref;
}
Пример #6
0
function postMaxMenteesPerMentor($newMax)
{
    global $_USER;
    if (!userIsAdmin($_USER['uid'])) {
        $GLOBALS["_PLATFORM"]->sandboxHeader("HTTP/1.1 401 Unauthorized");
        return;
    }
    if (!ctype_digit($newMax)) {
        $GLOBALS["_PLATFORM"]->sandboxHeader("HTTP/1.1 404 Bad Request");
        return;
    }
    $minMaxMenteesPerMentor = calcMinMaxMenteesPerMentor();
    if ($newMax < $minMaxMenteesPerMentor) {
        $GLOBALS["_PLATFORM"]->sandboxHeader("HTTP/1.1 409 Conflict");
        print "The new maximum must be greater than {$minMaxMenteesPerMentor}.";
        return;
    }
    print setMaxMenteesPerMentor($newMax);
}
Пример #7
0
function welcome()
{
    global $_USER;
    //$userid = array('username' => $_USER['uid']);
    //echo var_dump($_USER);
    $userInfo = array('username' => $_USER['uid']);
    $userType = "None";
    $dbQuery = sprintf("SELECT first_name, last_name FROM USER WHERE username = '******'", $_USER['uid']);
    $result = getDBResultsArray($dbQuery);
    if (!empty($result)) {
        $userType = "User";
        $userInfo["firstName"] = $result["0"]["first_name"];
        $userInfo["lastName"] = $result["0"]["last_name"];
    }
    if (!empty($result)) {
        $dbQuery = sprintf("SELECT username FROM Mentee WHERE username = '******'", $_USER['uid']);
        $result = getDBResultsArray($dbQuery);
        if (!empty($result)) {
            $userType = "Mentee";
        }
    }
    if (empty($result)) {
        $dbQuery = sprintf("SELECT username FROM Mentor WHERE username = '******'", $_USER['uid']);
        $result = getDBResultsArray($dbQuery);
        if (!empty($result)) {
            $userType = "Mentor";
        }
    }
    if (empty($result) && userIsAdmin()) {
        $userType = "Admin";
    }
    // echo $userType;
    // array_push($result, $userType);
    $userInfo["userType"] = $userType;
    // echo var_dump($_User);
    // echo $result["0"]["UserType"];
    $GLOBALS["_PLATFORM"]->sandboxHeader("Content-type: application/json");
    //echo var_dump($userinfo);
    echo json_encode($userInfo);
}
function nicefiedUsername($uid, $short = TRUE)
{
    if ($uid == 0 && userIsAdmin() || $uid == getUserID()) {
        return __t('me');
    } elseif ($uid == 0 || in_array($uid, unserialize(CSCIRCLES_ASST_ID_MAP))) {
        return $short ? __t('Asst.') : __t('CS Circles Assistant');
    } else {
        return get_userdata($uid)->user_login;
    }
}
Пример #9
0
 public function clearsearchcacheAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
     if ($this->session->userid !== null) {
         if (userIsAdmin($this->session->userid)) {
             db()->exec('SELECT invalidate_filtercache();');
             echo 'Search cache cleared';
         }
     } else {
         $this->getResponse()->clearAllHeaders();
         header("HTTP/1.0 403 Forbidden");
     }
 }
Пример #10
0
function show_users($ObjectPDO)
{
    //If the user isn't an admin then bring them back to the page they were on
    if (!userIsAdmin()) {
        if (!isset($_SERVER['HTTP_REFERER'])) {
            header("Location:" . course_route('course_category'));
        } else {
            // header("Location:". $_SERVER['HTTP_REFERER']);
        }
    }
    $user = new User($ObjectPDO);
    $results = $user->get_users_info();
    return $results;
}
Пример #11
0
function addMessage($message)
{
    global $TBLPREFIX, $CONTACT_METHOD, $pgv_lang, $CHARACTER_SET, $LANGUAGE, $PGV_STORE_MESSAGES, $SERVER_URL, $PGV_SIMPLE_MAIL, $WEBMASTER_EMAIL;
    global $TEXT_DIRECTION, $TEXT_DIRECTION_array, $DATE_FORMAT, $DATE_FORMAT_array, $TIME_FORMAT, $TIME_FORMAT_array, $WEEK_START, $WEEK_START_array;
    global $PHPGEDVIEW_EMAIL;
    //-- do not allow users to send a message to themselves
    if ($message["from"] == $message["to"]) {
        return false;
    }
    require_once 'includes/functions/functions_mail.php';
    if (!get_user_id($message["to"])) {
        //-- the to user must be a valid user in the system before it will send any mails
        return false;
    }
    // Switch to the "from" user's language
    $oldLanguage = $LANGUAGE;
    $from_lang = get_user_setting($message["from"], 'language');
    if ($from_lang && $LANGUAGE != $from_lang) {
        loadLanguage($from_lang);
    }
    //-- setup the message body for the "from" user
    $email2 = stripslashes($message["body"]);
    if (isset($message["from_name"])) {
        $email2 = $pgv_lang["message_from_name"] . " " . $message["from_name"] . "\r\n" . $pgv_lang["message_from"] . " " . $message["from_email"] . "\r\n\r\n" . $email2;
    }
    if (!empty($message["url"])) {
        $email2 .= "\r\n\r\n--------------------------------------\r\n\r\n" . $pgv_lang["viewing_url"] . "\r\n" . $SERVER_URL . $message["url"] . "\r\n";
    }
    $email2 .= "\r\n=--------------------------------------=\r\nIP ADDRESS: " . $_SERVER['REMOTE_ADDR'] . "\r\n";
    $email2 .= "DNS LOOKUP: " . gethostbyaddr($_SERVER['REMOTE_ADDR']) . "\r\n";
    $email2 .= "LANGUAGE: {$LANGUAGE}\r\n";
    $subject2 = "[" . $pgv_lang["phpgedview_message"] . ($TEXT_DIRECTION == "ltr" ? "] " : " [") . stripslashes($message["subject"]);
    $from = "";
    if (!get_user_id($message["from"])) {
        $from = $message["from"];
        $email2 = $pgv_lang["message_email3"] . "\r\n\r\n" . stripslashes($email2);
        $fromFullName = $message["from"];
    } else {
        $fromFullName = getUserFullName($message['from']);
        if (!$PGV_SIMPLE_MAIL) {
            $from = hex4email(stripslashes($fromFullName), $CHARACTER_SET) . " <" . get_user_setting($message["from"], 'email') . ">";
        } else {
            $from = get_user_setting($message["from"], 'email');
        }
        $email2 = $pgv_lang["message_email2"] . "\r\n\r\n" . stripslashes($email2);
    }
    if ($message["method"] != "messaging") {
        $subject1 = "[" . $pgv_lang["phpgedview_message"] . ($TEXT_DIRECTION == "ltr" ? "] " : " [") . stripslashes($message["subject"]);
        if (!get_user_id($message["from"])) {
            $email1 = $pgv_lang["message_email1"];
            if (!empty($message["from_name"])) {
                $email1 .= $message["from_name"] . "\r\n\r\n" . stripslashes($message["body"]);
            } else {
                $email1 .= $from . "\r\n\r\n" . stripslashes($message["body"]);
            }
        } else {
            $email1 = $pgv_lang["message_email1"];
            $email1 .= stripslashes($fromFullName) . "\r\n\r\n" . stripslashes($message["body"]);
        }
        if (!isset($message["no_from"])) {
            if (stristr($from, $PHPGEDVIEW_EMAIL)) {
                $from = get_user_setting($WEBMASTER_EMAIL, 'email');
            }
            if (!get_user_id($message["from"])) {
                $header2 = $PHPGEDVIEW_EMAIL;
            } else {
                if (isset($to)) {
                    $header2 = $to;
                }
            }
            if (!empty($header2)) {
                pgvMail($from, $header2, $subject2, $email2);
            }
        }
    }
    //-- Load the "to" users language
    $to_lang = get_user_setting($message["to"], 'language');
    if ($to_lang && $LANGUAGE != $to_lang) {
        loadLanguage($to_lang);
    }
    if (isset($message["from_name"])) {
        $message["body"] = $pgv_lang["message_from_name"] . " " . $message["from_name"] . "\r\n" . $pgv_lang["message_from"] . " " . $message["from_email"] . "\r\n\r\n" . $message["body"];
    }
    //-- [ phpgedview-Feature Requests-1588353 ] Supress admin IP address in Outgoing PGV Email
    if (!userIsAdmin(get_user_id($message["from"]))) {
        if (!empty($message["url"])) {
            $message["body"] .= "\r\n\r\n--------------------------------------\r\n\r\n" . $pgv_lang["viewing_url"] . "\r\n" . $SERVER_URL . $message["url"] . "\r\n";
        }
        $message["body"] .= "\r\n=--------------------------------------=\r\nIP ADDRESS: " . $_SERVER['REMOTE_ADDR'] . "\r\n";
        $message["body"] .= "DNS LOOKUP: " . gethostbyaddr($_SERVER['REMOTE_ADDR']) . "\r\n";
        $message["body"] .= "LANGUAGE: {$LANGUAGE}\r\n";
    }
    if (empty($message["created"])) {
        $message["created"] = gmdate("D, d M Y H:i:s T");
    }
    if ($PGV_STORE_MESSAGES && ($message["method"] != "messaging3" && $message["method"] != "mailto" && $message["method"] != "none")) {
        PGV_DB::prepare("INSERT INTO {$TBLPREFIX}messages (m_id, m_from, m_to, m_subject, m_body, m_created) VALUES (?, ? ,? ,? ,? ,?)")->execute(array(get_next_id("messages", "m_id"), $message["from"], $message["to"], $message["subject"], $message["body"], $message["created"]));
    }
    if ($message["method"] != "messaging") {
        $subject1 = "[" . $pgv_lang["phpgedview_message"] . ($TEXT_DIRECTION == "ltr" ? "] " : " [") . stripslashes($message["subject"]);
        if (!get_user_id($message["from"])) {
            $email1 = $pgv_lang["message_email1"];
            if (!empty($message["from_name"])) {
                $email1 .= $message["from_name"] . "\r\n\r\n" . stripslashes($message["body"]);
            } else {
                $email1 .= $from . "\r\n\r\n" . stripslashes($message["body"]);
            }
        } else {
            $email1 = $pgv_lang["message_email1"];
            $email1 .= stripslashes($fromFullName) . "\r\n\r\n" . stripslashes($message["body"]);
        }
        if (!get_user_id($message["to"])) {
            //-- the to user must be a valid user in the system before it will send any mails
            return false;
        } else {
            $toFullName = getUserFullName($message['to']);
            if (!$PGV_SIMPLE_MAIL) {
                $to = hex4email(stripslashes($toFullName), $CHARACTER_SET) . " <" . get_user_setting($message["to"], 'email') . ">";
            } else {
                $to = get_user_setting($message["to"], 'email');
            }
        }
        if (get_user_setting($message["to"], 'email')) {
            pgvMail($to, $from, $subject1, $email1);
        }
    }
    if ($LANGUAGE != $oldLanguage) {
        loadLanguage($oldLanguage);
    }
    // restore language settings if needed
    return true;
}
function footsy()
{
    global $popupBoxen;
    echo $popupBoxen;
    if (class_exists('PLL_Base')) {
        echo '<span id="pylangswitcher">';
        //  echo '<li><a id="notice-trans" href="#">notice! (08-30)</a></li>';
        // these are the publicly-available languages
        foreach (unserialize(PRODUCTION_LANGUAGES) as $lang) {
            if ($lang != pll_current_language()) {
                echo '<li><a href="' . get_permalink(pll_get_post(get_the_ID(), $lang)) . '">' . $lang . '</a></li>';
            }
        }
        // these are the ones in development
        if (userIsAdmin() || userIsTranslator() || userIsAssistant()) {
            foreach (unserialize(DEVELOPMENT_LANGUAGES) as $lang) {
                if ($lang != pll_current_language()) {
                    echo '<li><a href="' . get_permalink(pll_get_post(get_the_ID(), $lang)) . '">' . $lang . '</a></li>';
                }
            }
        }
        // old method:  echo pll_the_languages(array('echo'=>0,'display_names_as' => 'slug','hide_current' => 1));
        if (userIsAdmin() || userIsTranslator() || userIsAssistant()) {
            echo '<li><a href="' . admin_url('edit.php?post_type=page') . '">' . __t('Editor') . '</a></li>';
        }
        echo '</span>';
    }
}
Пример #13
0
        $user_name_arr = explode(" ", $user['name']);
        $name = "";
        for ($i = 0; $i < count($user_name_arr) - 2; $i++) {
            $name = $name . $user_name_arr[$i];
        }
        $surname = $user_name_arr[count($user_name_arr) - 2];
        $class = $user_name_arr[count($user_name_arr) - 1];
        $username_str = str_replace(' ', '', $name . $surname . $class);
        $pass = $user['badge'];
        $user = User::create(['username' => strtolower($username_str), 'name' => $name, 'surname' => $surname, 'class' => $class, 'password' => bcrypt($pass)]);
        $user->roles()->attach(Role::where('name', 'User')->get()->first());
    }
    return redirect(route("home"))->withSuccess("Utenti inseriti con successo.");
}]);
Route::post('/administration/setupreferents', ['as' => 'admin.setupReferents', function () {
    if (userIsAdmin() == NULL) {
        return redirect(route("home"))->withErrors(["Non hai i privilegi necessari per l'amministrazione."]);
    }
    DB::table('course_user')->truncate();
    ini_set('max_execution_time', 1200);
    $courses = Course::all();
    foreach ($courses as $course) {
        $tmpshjit = explode("-", $course->referents);
        $referentsArray = $tmpshjit;
        foreach ($referentsArray as $ref) {
            $tmpSr = explode(" ", $ref);
            $rOsurname = last($tmpSr);
            $tmpNm = explode(" ", $ref);
            $nm_exp = array_slice($tmpNm, 0, -1);
            $rOname = implode(" ", $nm_exp);
            $cond = ['name' => $rOname, 'surname' => $rOsurname];
function reselector(&$students, $cstudents)
{
    global $wpdb;
    $problem_table = $wpdb->prefix . "pb_problems";
    $problems = $wpdb->get_results("SELECT * FROM {$problem_table} WHERE facultative = 0 AND lang = '" . pll_current_language() . "' AND lesson IS NOT NULL ORDER BY lesson ASC, boxid ASC", ARRAY_A);
    $problemsByNumber = array();
    foreach ($problems as $prow) {
        $problemsByNumber[$prow['slug']] = $prow;
    }
    $gp = getSoft($_GET, "what", "");
    if ($gp != "" && $gp != "console" && !array_key_exists($gp, $problemsByNumber)) {
        echo sprintf(__t("Problem %s not found (at least in current language)"), $gp);
        return;
    }
    $preamble = "<div class='progress-selector'>\n       <form method='get'><table style='border:none'>";
    if ($cstudents > 0 || userIsAssistant()) {
        // slightly leaky but assistants will want to see progress
        $preamble .= "<tr><td>" . sprintf(__t("View mail with one of your students? (you have %s)"), $cstudents) . '</td><td>';
        $options = array();
        $options[''] = __t('Me');
        if (!userIsAdmin()) {
            foreach ($students as $student) {
                $info = get_userdata($student);
                $options[$info->ID] = userString($info->ID);
            }
        }
        if (userIsAdmin()) {
            $preamble .= 'blank: you; "all": all; id#: user (<a href="' . cscurl('allusers') . '">list</a>) <input style = "padding:0px;width:60px" type="text" name="user" value="' . getSoft($_REQUEST, 'user', '') . '">';
        } else {
            $preamble .= optionsHelper($options, 'who');
        }
        $preamble .= "</td></tr>";
    }
    $preamble .= "<tr><td>" . __t("View mail for another problem?") . "</td><td>";
    $options = array();
    $options[''] = 'all problems';
    foreach ($problems as $problem) {
        if ($problem['type'] == 'code') {
            $options[$problem['slug']] = $problem['publicname'];
        }
    }
    $preamble .= optionsHelper($options, 'what') . "</td></tr>";
    $preamble .= "</td></tr><tr><td colspan='2' style='text-align:center'><input style='width: 25%' type='submit' value='" . __t('Submit') . "'/></tr></td></table></form></div>";
    return $preamble;
}
Пример #15
0
function edit_course($ObjectPDO)
{
    // TODO - Mak sure that a user input is filtered.
    // If User isn't signed in, go back to home page
    if (!userSignedIn()) {
        redirectHome();
        die("You should not be here");
    }
    // If the user is not an admin then take them back home.
    // A normal user should not be able to see this page.
    if (userSignedIn() && !userIsAdmin()) {
        redirectHome();
    }
    // If the user is sign in and is an admin
    if (userSignedIn() && userIsAdmin()) {
        if (!isset($_GET['courseId']) || trim($_GET['courseId'] == "")) {
            // Should redirect back to the course edit page;
            redirectHome();
        }
        $course = new Course($ObjectPDO);
        // Uses $_GET variable to show the course details
        $results = $course->get_class_details($_GET['courseId']);
        // Todo - get a cournt of result instead of whether there is something in ther or not.
        if (!$results) {
            redirectHome();
            return false;
        }
        // Make each array item HTML safe;
        $results = makeArrayHtmlSafe($results);
        return $results;
    }
    die("edit_profile ran into a critical error. You must be signed in to continue");
}
function tweak_polylang_menu()
{
    global $wp_admin_bar;
    if (class_exists('PLL_Base') && is_admin()) {
        if (pybox_on() && !(userIsTranslator() || userIsAdmin() || userIsAssistant())) {
            $wp_admin_bar->remove_node('languages');
        } else {
            $node = $wp_admin_bar->get_node('languages');
            $node->title = ___t('Filter Listed Pages');
            // 'Languages' is confusing
            $wp_admin_bar->add_node($node);
            // update
            /*      $node = $wp_admin_bar->get_node('all'); doesn't exist any more?
                  $node->title = str_replace(__('Show all languages', 'polylang'), ___t('Show all visible'), $node->title); // similar
                  $wp_admin_bar->add_node($node); // update   */
        }
    }
}
function pyUser($options, $content)
{
    if (!is_user_logged_in()) {
        return __t("You must login to view your user page.");
    }
    global $wpdb;
    $user = wp_get_current_user();
    $uid = $user->ID;
    $students = getStudents();
    $cstudents = count($students);
    $problem_table = $wpdb->prefix . "pb_problems";
    $problems = $wpdb->get_results("SELECT * FROM {$problem_table} WHERE facultative = 0 AND lang = '" . currLang2() . "' AND lesson IS NOT NULL ORDER BY lesson ASC, boxid ASC", ARRAY_A);
    $problemsByNumber = array();
    foreach ($problems as $prow) {
        $problemsByNumber[$prow['slug']] = $prow;
    }
    $gp = getSoft($_GET, "problem", "");
    if ($gp != "" && $gp != "console" && !array_key_exists($gp, $problemsByNumber)) {
        echo sprintf(__t("Problem %s not found (at least in current language)"), $gp);
        return;
    }
    if (userIsAdmin() || userIsAssistant() || $cstudents > 0) {
        $preamble = "<div class='progress-selector'>\n       <form method='get'><table style='border:none'><tr><td>" . sprintf(__t("View one of your students? (you have %s)"), $cstudents) . '</td><td>';
        $options = array();
        $options[''] = __t('Show only me');
        $options['all'] = __t('Summary of all my students');
        if (!userIsAdmin()) {
            foreach ($students as $student) {
                $info = get_userdata($student);
                $options[$info->ID] = userString($info->ID);
            }
        }
        if (userIsAdmin()) {
            $preamble .= 'blank: you; "all": all; id#: user (<a href="' . cscurl('allusers') . '">list</a>) <input style = "padding:0px;width:60px" type="text" name="user" value="' . getSoft($_REQUEST, 'user', '') . '">';
        } else {
            $preamble .= optionsHelper($options, 'user');
        }
        $preamble .= '</td></tr><tr><td>';
        $preamble .= __t("Just show submissions for one problem?");
        $options = array();
        $options[''] = __t('Show all');
        $options['console'] = __t('Console');
        foreach ($problems as $problem) {
            if ($problem['type'] == 'code') {
                $options[$problem['slug']] = $problem['publicname'];
            }
        }
        $preamble .= '</td><td>';
        $preamble .= optionsHelper($options, 'problem');
        $preamble .= "</td></tr><tr><td colspan='2' style='text-align:center'><input style='width: 25%' type='submit' value='" . __t('Submit') . "'/></tr></td></table></form></div>";
        echo $preamble;
    }
    $allStudents = isSoft($_GET, 'user', 'all');
    $viewingAsStudent = '' == getSoft($_GET, 'user', '');
    $allProblems = $gp == "";
    if (!$viewingAsStudent) {
        if ($allProblems) {
            $problem_html = "all problems";
        } else {
            if ($gp == 'console') {
                $problem_html = "Console";
            } else {
                $problem_html = "<a href='" . $problemsByNumber[$gp]['url'] . "'>" . $problemsByNumber[$gp]['publicname'] . "</a>";
            }
        }
    }
    if (!$allStudents && array_key_exists('user', $_GET) && $_GET['user'] != '') {
        if (!is_numeric($_GET['user'])) {
            return __t("User id must be numeric.");
        }
        $getuid = (int) $_GET['user'];
        if (userIsAdmin() || userIsAssistant()) {
            if (get_userdata($getuid) === FALSE) {
                return __t("Invalid user id.");
            }
        } else {
            if (!in_array($getuid, $students)) {
                return __t("Invalid user id.");
            }
        }
        $uid = $getuid;
        $user = get_userdata($uid);
        echo "<div class='history-prenote'>" . sprintf(__t("Now viewing %s for "), $problem_html) . userString($uid) . '</div>';
    }
    if ($allStudents) {
        echo "<div class='history-prenote'>" . sprintf(__t("Now viewing %s for all of your students"), $problem_html) . "</div>";
    }
    /***************** end of header ***************/
    $flexigrids = "";
    $completed_table = $wpdb->prefix . "pb_completed";
    if ($allStudents && !$allProblems && $gp != "console") {
        $flexigrids .= niceFlex('perstudent', sprintf(__t("Solutions by my students for %s"), $problemsByNumber[$_GET['problem']]['publicname']), 'problem-summary', 'dbProblemSummary', array('p' => $_GET['problem']));
    }
    $dbparams = array();
    if (getSoft($_GET, 'user', '') != '') {
        $dbparams['user'] = $_GET['user'];
    }
    if (getSoft($_GET, 'problem', '') != '') {
        $dbparams['problemhash'] = $_GET['problem'];
    }
    $flexigrids .= niceFlex('submittedcode', $allProblems ? __t("Submitted code") : sprintf(__t("Submitted code for %s"), $_GET['problem'] == 'console' ? 'Console' : $problemsByNumber[$_GET['problem']]['publicname']), 'entire-history', 'dbEntireHistory', $dbparams);
    $recent = "";
    if (!$allStudents) {
        // queries more than 6 in order to fill out progress table of all problems
        $completed = $wpdb->get_results("SELECT * FROM {$completed_table} WHERE userid = {$uid} ORDER BY time DESC", ARRAY_A);
        $recent .= '<div class="recent"><span class="latest-title">' . __t("Latest problems completed") . ":</span>";
        // but for now we only use 6 entries for "most recently completed" section
        for ($i = 0; $i < count($completed) && $i < 6; $i++) {
            $p = getSoft($problemsByNumber, $completed[$i]['problem'], FALSE);
            if ($p !== FALSE) {
                if (getSoft($_GET, 'user', '') != '') {
                    if ($problemsByNumber[$p['slug']]['type'] == 'code') {
                        $url = '.?user='******'user'] . '&problem=' . $p['slug'];
                    } else {
                        $url = null;
                    }
                } else {
                    $url = $p['url'];
                }
                $recent .= ' <a class="open-same-window problem-completed" ';
                if ($url != null) {
                    $recent .= ' href="' . $url . '" ';
                }
                $recent .= ' title="' . $completed[$i]['time'] . '">' . $p['publicname'] . '</a>';
            } else {
                $recent .= '[' . $completed[$i]['problem'] . ']';
            }
        }
        $recent .= '</div>';
    }
    $submissions_table = $wpdb->prefix . "pb_submissions";
    $studentTable = '';
    if ($allStudents && !userIsAdmin()) {
        $studentList = getStudentList();
        $where = "WHERE userid in {$studentList}";
        if (!$allProblems) {
            $where .= $wpdb->prepare("and problem LIKE %s", $gp);
        }
        // show number of problems each student completed
        $scompleted = $wpdb->get_results("SELECT userid, count(1) as comps from {$completed_table} {$where} GROUP BY userid", OBJECT_K);
        // show number of submissions by each student for this problem
        $ssubmissions = $wpdb->get_results("SELECT userid, count(1) as subs from {$submissions_table} {$where} GROUP BY userid", OBJECT_K);
        $studentTable .= '<div class="history-note">Student listing (click name to drill down)</div>';
        $studentTable .= '<table>';
        foreach (getStudents() as $stu) {
            $studentTable .= '<tr>';
            $studentTable .= '<td>';
            $studentTable .= '<a class="open-same-window" href="?user='******'&problem=' . $gp . '">';
            $studentTable .= userString($stu);
            $studentTable .= '</a></td>';
            $studentTable .= '<td>';
            if ($allProblems) {
                $studentTable .= (array_key_exists($stu, $scompleted) ? $scompleted[$stu]->comps : 0) . ' completed';
            } else {
                $studentTable .= '<img src="' . UFILES . (array_key_exists($stu, $scompleted) ? 'checked' : 'icon') . '.png"/>';
            }
            $studentTable .= '</td>';
            $studentTable .= '<td>';
            $studentTable .= (array_key_exists($stu, $ssubmissions) ? $ssubmissions[$stu]->subs : 0) . ' submissions';
            $studentTable .= '</td>';
            $studentTable .= '</tr>';
        }
        $studentTable .= '</table>';
    }
    $lessons_table = $wpdb->prefix . "pb_lessons";
    $lessons = $wpdb->get_results("SELECT * FROM {$lessons_table} WHERE lang = '" . currLang2() . "'", ARRAY_A);
    $lessonsByNumber = array();
    foreach ($lessons as $lrow) {
        $lessonsByNumber[$lrow['ordering']] = $lrow;
    }
    $overview = '';
    if ($allProblems || !$allStudents) {
        $overview = '<h2 style="margin-top:5px;text-align:center">' . __t('List of all problems') . ' ' . ($allStudents ? __t('(with #completed)') : __t('(with #submissions)')) . '</h2>';
        if (!$viewingAsStudent) {
            $overview .= "<div style='text-align:center'>Click on the <img style='height:1em,width:1em' src='" . UFILES . "/icon.png'> to drill down.</div>";
        }
        $checkIt = array();
        //array from slug to boolean, whether to check the icon
        $showNum = array();
        //array from slug to number, number to display beside each
        if ($allStudents) {
            if (userIsAdmin() || userIsAssistant()) {
                $completed = $wpdb->get_results("SELECT count(userid), problem from {$completed_table} GROUP BY problem", ARRAY_A);
            } else {
                $studentList = getStudentList();
                $completed = $wpdb->get_results("SELECT count(userid), problem from {$completed_table} WHERE userid in {$studentList} GROUP BY problem", ARRAY_A);
            }
            foreach ($completed as $crow) {
                $showNum[$crow['problem']] = $crow['count(userid)'];
            }
        } else {
            $submissions = $wpdb->get_results("SELECT count(1), problem from {$submissions_table} WHERE userid = {$uid} GROUP BY problem", ARRAY_A);
            foreach ($submissions as $srow) {
                $showNum[$srow['problem']] = $srow['count(1)'];
            }
            foreach ($completed as $crow) {
                // this was queried earlier
                $checkIt[$crow['problem']] = TRUE;
            }
        }
        $overview .= '<table style="width:auto;border:none;margin:0px auto;">';
        $lesson = -1;
        $lrow = NULL;
        $llink = "";
        $firstloop = true;
        foreach ($problems as $prow) {
            if ($prow['lesson'] != $lesson) {
                if (!$firstloop) {
                    $overview .= "</td></tr>\n";
                }
                $firstloop = false;
                $overview .= "<tr><td class='lessoninfo'>";
                $lesson = $prow['lesson'];
                $lrow = $lessonsByNumber[$lesson];
                $overview .= '<a class="open-same-window" href="';
                $llink = get_page_link($lrow['id']);
                $overview .= $llink;
                $overview .= '">';
                $overview .= $lrow['number'] . ": " . $lrow['title'];
                $overview .= '</a></td><td>';
            }
            if (!$viewingAsStudent) {
                // drill-down link
                $url = '.?user='******'user'] . '&problem=' . $prow['slug'];
            } else {
                $url = $prow['url'];
            }
            $overview .= '<a class="open-same-window" ';
            if ($url != null) {
                $overview .= ' href="' . $url . '" ';
            }
            $overview .= '>';
            $overview .= '<table class="history-tablette" ><tr class="history-tablette-top"><td>';
            $overview .= '<img style="margin:-10px 0px" title="' . $prow['publicname'] . '" src="' . UFILES . (isSoft($checkIt, $prow['slug'], TRUE) ? 'checked' : 'icon') . '.png"/>';
            $overview .= '</a></td></tr><tr class="history-tablette-bottom"><td>';
            /*      $overview .= '<a class="open-same-window" ';
                  if ($url != null) $overview .= ' href="' . $url . '" ';
                  $overview .= '>';*/
            $overview .= array_key_exists($prow['slug'], $showNum) ? $showNum[$prow['slug']] : '&nbsp;';
            $overview .= '</td></tr></table></a>';
        }
        $overview .= '</table>';
    }
    return "<div class='userpage'>{$flexigrids} {$recent} {$studentTable} {$overview}</div>";
}
Пример #18
0
<?php

include_once 'include/view-helper.php';
// Si des erreurs surviennent, elles seront placées dans ce tableau
$errors = [];
// Si on recoit un 'id' numérique en get, on est en mode édition, sinon en mode ajout
$editMode = verifyKeysIn($_GET, 'id') && is_numeric($_GET['id']);
if ($editMode) {
    $user = getUserById($_GET['id']);
    // Si l'utilisateur n'existe pas, on repasse en mode ajout
    if ($user === false) {
        $editMode = false;
    }
    // On verifie si l'utilisateur essaie de s'auto-modifier ou si c'est un admin
    if ($user['user_id'] != userID() && !userIsAdmin()) {
        abort('Vous n\'avez pas le droit de modifier cet utilisateur');
    }
}
// Gestion de l'envoi du formulaire
if (verifyKeysIn($_POST, 'submit')) {
    // Si les champs du formulaire sont valides
    if (verifyKeysIn($_POST, 'name', 'fname', 'mail', 'username', 'pwd', 'birth', 'desc')) {
        if ($editMode) {
            editUser($_GET['id'], $_POST['name'], $_POST['fname'], $_POST['mail'], $_POST['username'], $_POST['pwd'], $_POST['birth'], $_POST['desc']);
        } else {
            insertUser($_POST['name'], $_POST['fname'], $_POST['mail'], $_POST['username'], $_POST['pwd'], $_POST['birth'], $_POST['desc']);
        }
        // Retour à la liste des utilisateurs
        redirect('list-users.php');
    } else {
        $errors[] = "Il manque des champs dans le formulaire";
Пример #19
0
		<td class="descriptionbox wrap width20"><?php 
    print_help_link("WEBMASTER_EMAIL_help", "qm", "WEBMASTER_EMAIL");
    print $pgv_lang["WEBMASTER_EMAIL"];
    ?>
</td>
		<td class="optionbox"><select name="NEW_WEBMASTER_EMAIL" tabindex="<?php 
    $i++;
    print $i;
    ?>
" onfocus="getHelp('WEBMASTER_EMAIL_help');">
		<?php 
    if ($WEBMASTER_EMAIL == "*****@*****.**") {
        $WEBMASTER_EMAIL = PGV_USER_NAME;
    }
    foreach (get_all_users() as $user_id => $user_name) {
        if (userIsAdmin($user_id)) {
            print "<option value=\"" . $user_name . "\"";
            if ($WEBMASTER_EMAIL == $user_name) {
                print " selected=\"selected\"";
            }
            print ">" . getUserFullName($user_id) . " - " . $user_name . "</option>\n";
        }
    }
    ?>
		</select>
		</td>
	</tr>
	<tr>
		<td class="descriptionbox wrap width20"><?php 
    print_help_link("SUPPORT_METHOD_help", "qm", "SUPPORT_METHOD");
    print $pgv_lang["SUPPORT_METHOD"];
function dbEntireHistory($limit, $sortname, $sortorder, $req = NULL)
{
    global $db_query_info;
    $db_query_info = array();
    if ($req == NULL) {
        $req = $_REQUEST;
    }
    $db_query_info['type'] = 'entire-history';
    $user = getSoft($req, "user", "");
    $problem = getSoft($req, "problemhash", "");
    $resultdesc = array('y' => __t('Did not crash.'), 'Y' => __t('Correct!'), 'N' => __t('Incorrect.'), 'E' => __t('Internal error.'), 'S' => __t('Saved.'), 's' => __t('Saved.'));
    global $current_user;
    get_currentuserinfo();
    global $wpdb;
    if (!is_user_logged_in()) {
        return __t("You must log in to view past submissions.");
    }
    if ($user == "all") {
        $u = "all";
    } elseif ($user == "") {
        $u = $current_user;
    } elseif (userIsAdmin() || userIsAssistant()) {
        $u = get_userdata($user);
        if ($u === false) {
            return __t("User number not found.");
        }
    } else {
        $u = get_userdata($user);
        if ($u === false) {
            return __t("User number not found.");
        }
        if (strcasecmp(get_user_meta($user, 'pbguru', true), $current_user->user_login) != 0) {
            return sprintf(__t("User %s does not have you as their guru."), $user);
        }
    }
    if ($user != "") {
        $db_query_info['viewuser'] = $user;
    }
    // make an associative array indexed by slug
    $problemTable = $wpdb->get_results("SELECT slug, publicname, url FROM " . $wpdb->prefix . "pb_problems WHERE slug IS NOT NULL AND lang = '" . currLang2() . "'", OBJECT_K);
    $whereProblem = "1";
    if ($problem != '') {
        if (!array_key_exists($problem, $problemTable)) {
            return sprintf(__t("Problem %s is unknown."), $problem);
        }
        $whereProblem = $wpdb->prepare("problem = %s", $problem);
    }
    $db_query_info['problem'] = $problem;
    $knownFields = array(__t("userid") => "userid", __t("time &amp; ID") => "beginstamp", __t("problem") => "problem", __t("user code") => "usercode", __t("user input") => "userinput", __t("result") => "result");
    if (array_key_exists($sortname, $knownFields)) {
        $sortString = $knownFields[$sortname] . " " . $sortorder . ", ";
    } else {
        $sortString = "";
    }
    $whereStudent = NULL;
    if ($u == "all") {
        $whereStudent = userIsAdmin() ? "1" : "userid in " . getStudentList();
    } else {
        $uid = $u->ID;
        $whereStudent = $wpdb->prepare("userid = %d", $uid);
    }
    $count = $wpdb->get_var("\nSELECT COUNT(1)\nFROM " . $wpdb->prefix . "pb_submissions \nWHERE {$whereStudent} AND {$whereProblem}");
    if ($count == 0) {
        return __t("We do not have record of any submissions.");
    }
    $prep = "\nSELECT userid, ID, beginstamp, usercode, userinput, result, problem\nFROM " . $wpdb->prefix . "pb_submissions \nWHERE {$whereStudent} AND {$whereProblem}\nORDER BY {$sortString} ID DESC " . $limit;
    $flexirows = array();
    foreach ($wpdb->get_results($prep, ARRAY_A) as $r) {
        $cell = array();
        if ($u == "all") {
            $cell[__t('userid')] = str_replace(' ', "<br>", userString($r['userid'], true));
        }
        $p = $r['problem'];
        if (array_key_exists($p, $problemTable)) {
            $cell[__t('problem')] = '<a class="open-same-window" href="' . $problemTable[$p]->url . '">' . $problemTable[$p]->publicname . '</a>';
        } else {
            $cell[__t('problem')] = $p;
        }
        $cell[__t('user code')] = preBox($r['usercode'], -1, -1);
        $cell[__t('user input')] = $r['userinput'] == NULL ? '<i>' . __t('n/a') . '</i>' : preBox($r['userinput'], -1, 100000);
        if ($p != 'visualizer' && $p != 'visualizer-iframe') {
            $cell[__t('result')] = getSoft($resultdesc, $r['result'], '???');
        } else {
            $cell[__t('result')] = '<i>n/a</i>';
        }
        $cell[__t('time &amp; ID')] = str_replace(' ', '<br/>', $r['beginstamp']) . '<br/>#' . $r['ID'];
        $flexirows[] = array('id' => $r['ID'], 'cell' => $cell);
    }
    return array('total' => $count, 'rows' => $flexirows);
}
function registerPybox($id, $slug, $type, $facultative, $title, $content, $args = NULL, $hash = NULL, $graderOptions = NULL)
{
    if (is_array($args)) {
        $args = json_encode($args);
    }
    global $wpdb, $lesson_reg_info;
    if (isMakingDatabases()) {
        if (!userIsAdmin()) {
            echo "Error: must be admin to rebuild DB.";
            return;
        }
        $curr_post = get_post($lesson_reg_info['id']);
        $table_name = $wpdb->prefix . "pb_problems";
        $row = array();
        $row['postid'] = $lesson_reg_info['id'];
        $row['lesson'] = $lesson_reg_info['index'];
        $row['boxid'] = $id;
        if ($slug != 'NULL') {
            $row['slug'] = $slug;
        }
        $row['type'] = $type;
        $row['facultative'] = $facultative;
        $row['url'] = $lesson_reg_info['url'] . '#pybox' . $id;
        $row['lang'] = $lesson_reg_info['lang'];
        if ($title != NULL) {
            if ($lesson_reg_info['index'] >= 0) {
                $row['publicname'] = $lesson_reg_info["fullnumber"] . ': ' . $title;
            } else {
                $row['publicname'] = $title;
            }
            //e.g., for the console, which is not part of any lesson
        }
        if ($args != NULL) {
            $row['shortcodeArgs'] = $args;
        }
        if ($hash != NULL) {
            $row['hash'] = $hash;
        }
        if ($graderOptions != NULL) {
            $row['graderArgs'] = $graderOptions;
        }
        $row['content'] = $content;
        echo "<br>About to insert problem: " . rowSummary($row);
        if (!$GLOBALS['SKIP_DB_REBUILD']) {
            echo $wpdb->insert($table_name, $row) != 1 ? '<br>insert bad' : ' insert ok';
        }
    } else {
        if ($hash != NULL) {
            $lang = currLang2();
            if ($wpdb->get_var("SELECT COUNT(1) from " . $wpdb->prefix . "pb_problems WHERE hash = '{$hash}' AND lang='" . $lang . "'") == 0) {
                // hash is important, but not yet registered!
                // typically this would occur if we're editing a problem and viewing it before rebuilding db
                // if the hash doesn't exist, add it so the grader knows what do to with submissions
                global $post;
                $row = array('type' => $type, 'postid' => $post->ID, 'boxid' => $id, 'facultative' => $facultative, 'url' => get_page_link($post->ID) . '#pybox' . $id, 'shortcodeArgs' => $args, 'graderArgs' => $graderOptions, 'hash' => $hash, 'lang' => $lang);
                if ($slug != 'NULL') {
                    $row['slug'] = $slug;
                }
                $wpdb->insert($wpdb->prefix . "pb_problems", $row);
            }
        }
    }
}
function doGrading($usercode, $TC)
{
    $files = array();
    if ($TC['showonly'] !== FALSE) {
        $desired = explode(" ", $TC['showonly']);
        foreach ($TC as $name => $value) {
            if (substr($name, 0, 4) == "show") {
                $TC[$name] = in_array(substr($name, 4), $desired) ? "Y" : "N";
            }
        }
    }
    if ($TC['answer'] !== FALSE) {
        $TC['answer'] = ensureNewlineTerminated($TC['answer']);
    }
    $TC["inplace"] = booleanize($TC["inplace"]);
    extract($TC);
    // same as $showinput = $TC["showinput"], etc
    $mainFile = "";
    $er = FALSE;
    $mainFile .= "from _UTILITIES import *\n";
    $lang = 'en_US';
    if (array_key_exists("lang", $_REQUEST) && preg_match("~^[a-zA-Z_]*\$~", $_REQUEST["lang"])) {
        $lang = $_REQUEST["lang"];
    }
    $mainFile .= "_setLanguage('{$lang}')\n";
    $inputMaker = inputMaker($TC);
    $noInput = $inputMaker === FALSE;
    $mainFile .= ($inputMaker === FALSE ? "_stdin=''" : $inputMaker) . "\n_stdincopy = open('stdincopy', 'w', encoding='utf-8')\nprint(_stdin, file=_stdincopy, end='')\n_stdincopy.close()\n";
    if ($precode !== FALSE) {
        $mainFile .= softSafeDereference($precode) . "\n";
    }
    $files['stdincopy'] = NULL;
    $mainFile .= "import _GRADER\n";
    $mainFile .= "_G = _GRADER\n";
    global $inputInUse, $facultative;
    if (!$inputInUse && ($inplace || $solver !== FALSE)) {
        if ($solver !== FALSE) {
            $files['solver'] = $solver;
        }
        if ($solver !== FALSE) {
            $mainFile .= "_GRADER.globalsInitAndEcho(globals())\n";
        } else {
            $mainFile .= "_GRADER.globalsInitAndEcho(globals(), False)\n";
        }
        $files['graderreply'] = NULL;
        $files['graderpre'] = NULL;
        $files['solverstdout'] = NULL;
        // run the solver before usercode, lest they mess up our globals.
        $mainFile .= "_GRADER.runSolverWithTests()\n";
        $testcode = "";
        if ($rawtests !== FALSE) {
            $testcode .= $rawtests . "\n";
        }
        if ($autotests != FALSE) {
            $autotests = softSafeDereference($autotests);
            $python_ident_regex = '(\\p{L}|\\p{Nl}|_)(\\p{L}|\\p{N}|\\p{Mn}|\\p{Mc}|\\p{Pc})*';
            // note: this is close to, but not technically, 100% the
            // same as the formal Python definition of an identifier
            $py_regex_parens = 2;
            foreach (explode("\n", $autotests) as $autotestline) {
                if (preg_match('|^(\\s*)(\\S.*)$|', $autotestline, $matches) === 0) {
                    continue;
                }
                //skip blank lines
                $indentation = $matches[1];
                $command = trim($matches[2]);
                if (1 == preg_match('@^' . $python_ident_regex . '$@u', $command)) {
                    //varname
                    $testcode .= $indentation . "_G.checkVar('{$command}')\n";
                } elseif (1 == preg_match('@^(' . $python_ident_regex . ')\\s*\\((.*)\\)$@u', $command, $pieces)) {
                    if (strpos($pieces[2], $pieces[1]) === FALSE) {
                        // looks like a non-self-nested function call
                        $testcode .= $indentation . "_G.autotestCall('" . $pieces[1] . "',[" . $pieces[2 + $py_regex_parens] . "])\n";
                    } else {
                        // something more complex
                        $testcode .= $indentation . "_G.sayRunning(\"" . $command . "\")\n";
                        $testcode .= $indentation . "_G.autotestCompare(\"" . $command . "\", {$command})\n";
                    }
                } else {
                    $testcode .= $autotestline . "\n";
                }
                // just leave it alone
            }
        }
        $files['testcode'] = $testcode === FALSE ? "" : softSafeDereference($testcode) . "\n";
    }
    $mainFile .= '
_orig_std = (_sys.stdin, _sys.stdout)
_user_stdout = _StringIO()
_sys.stdout = _TeeOut(_user_stdout, _orig_std[1])
_sys.stdin = _StringIO(_stdin)
exec(compile(open(\'usercode\', encoding="utf-8").read(), ' . '\'usercode\', \'exec\'))
';
    if (!$inputInUse) {
        // lesson 18, part 2: may do this even if facultative
        if ($inplace) {
            $mainFile .= "exec(compile(open('testcode', encoding='utf-8').read()," . " 'testcode', 'exec'))\n";
            $mainFile .= "_G.say('Y', 'noend')\n";
            // success if none of the tests crash
        }
    }
    // we've got all the user stdout necessary for testing
    $mainFile .= '
__user_stdout = _user_stdout.getvalue()
_user_stdout.close()
(_sys.stdin, _sys.stdout) = _orig_std
';
    if (!$facultative && !$inputInUse) {
        if ($answer !== FALSE) {
            $mainFile .= "_G._solver_stdout = " . pythonEscape(softSafeDereference($answer)) . "\n";
        }
        if ($grader !== '*nograder*' && ($answer !== FALSE || $solver !== FALSE)) {
            $mainFile .= "_G.stdoutGrading(_stdin,__user_stdout,_G._solver_stdout, " . pythonEscape(softSafeDereference($grader)) . " )\n";
            $files['stdoutgraderreply'] = NULL;
        }
    }
    $testDescription = FALSE;
    $files["usercode"] = $usercode;
    global $usertni;
    if ($inputInUse && $usertni) {
        $mainFile .= "\n" . "exec(compile(open('usertests', encoding='utf-8').read(), " . "'usertests', 'exec'))\n";
        global $userinput;
        $files['usertests'] = $userinput;
    }
    $files["mainfile"] = $mainFile;
    $userResult = safepython($files, "mainfile", "", $cpulimit);
    extract($userResult);
    // start printing stuff out now.
    $m = '';
    if ($testDescription != FALSE) {
        $m .= $testDescription;
    }
    if (!$inputInUse && $inplace && trim($outdata['graderpre']) != '') {
        $m .= '<i>' . __t('Before running your code:') . '</i> ' . $outdata['graderpre'] . '<br/>';
    }
    if ($showinput == "Y" && !$inputInUse && !$noInput && ($hideemptyinput == "N" || $outdata['stdincopy'] != "")) {
        $m .= __t("Input:") . preBox($outdata['stdincopy']);
    }
    global $submit_code_stderr, $submit_code_errnice;
    $submit_code_stderr = $stderr;
    $submit_code_errnice = stderrNiceify($stderr);
    if (userIsAdmin() && $stderrlen > 0) {
        $m .= JQpopUp("Debug: view unsanitized", preBox($stderr, $stderrlen));
    }
    if ($stderr == '') {
        $errnice = '';
    } else {
        $errnice = '<p>' . __t('Error messages: ') . preBoxHinted(stderrNiceify($stderr), $stderrlen) . '</p>';
    }
    if ($ok) {
        $m .= "<p>" . __t('Program executed without crashing.') . "</p>";
    } elseif (firstLine($safeexecOut) == 'Command exited with non-zero status (1)') {
        $m .= "<p>" . __t("Program crashed.") . "</p>";
    } else {
        $m .= "<p>" . __t("Program crashed &mdash; ") . firstLine($safeexecOut) . ".</p>";
    }
    if (1 === 2) {
        // these lines are just to trick gettext
        __t("Memory Limit Exceeded") . __t("Time Limit Exceeded") . __t("Command exited with non-zero status") . __t("Command terminated by signal") . __t("Output Limit Exceeded") . __t("Invalid Function") . __t("Internal Error");
    }
    if ($showsafeexec == "Y") {
        $m .= "Sandbox messages:" . preBox($safeexecOut);
    }
    $simpleOutputDescription = outputDescription(NULL, array('showoutput' => $showoutput, 'stdoutlen' => $stdoutlen, 'hideemptyoutput' => $hideemptyoutput, 'stdout' => $stdout, 'ok' => $ok));
    if ($desirederror !== FALSE) {
        $m .= $simpleOutputDescription;
        $lines = explode("\n", trim($userResult["stderr"]));
        $goodFail = count($lines) > 0 && $lines[count($lines) - 1] == $desirederror;
        $m .= $errnice;
        return $goodFail ? tcpass($m) : tcfail($m);
    }
    if (!$ok || $facultative) {
        // we don't care what's in stdout
        $graderreply = trim(getSoft($outdata, 'graderreply', ''));
        if (!$ok && !$inputInUse && $graderreply != '') {
            $m .= "<i>" . __t("The grader said:") . "</i>" . "<div>" . $graderreply . "</div>";
        } elseif ($inplace && $solver === FALSE & $graderreply != '') {
            $m .= "<i>" . __t("Automatic tests:") . "</i>" . "<div>" . substr($graderreply, 0, -1) . "</div>";
        }
        $m .= $errnice . $simpleOutputDescription;
        return $ok ? tcpass($m) : tcfail($m);
    }
    if ($inplace) {
        // don't care what's in stdout, unless solverstdout != ''
        $GR = $outdata['graderreply'];
        $inplaceresult = substr($GR, -1);
        $inplacereply = substr($GR, 0, -1);
        if ($inplacereply != '') {
            $inplacereply = "<i>" . __t("The grader said:") . "</i>" . "<div>{$inplacereply}</div>";
        }
        if ($inplaceresult == 'Y') {
            if ($outdata['solverstdout'] == '') {
                return tcpass($m . $inplacereply . $errnice . $simpleOutputDescription);
            }
        } elseif ($inplaceresult == 'N') {
            return tcfail($m . $inplacereply . $errnice . $simpleOutputDescription);
        }
        $m .= $inplacereply;
        // carry on and let the stdout grader do its thing
    }
    // the user's code did not crash. what did the stdout grader say?
    $outGraderReply = $outdata['stdoutgraderreply'];
    if ($outGraderReply == "" || !($outGraderReply[0] == "Y" || $outGraderReply[0] == "N")) {
        throw new PyboxException("Grader error 2 [" . $outGraderReply . '|' . $outdata['graderreply'] . "|" . ord(substr($outdata['graderreply'], -1)) . "| {$m} ]");
    }
    $outinfo = array('stdout' => $stdout, 'stdoutlen' => $stdoutlen, 'requiredStdout' => getSoft($outdata, 'solverstdout', $answer), 'showoutput' => $showoutput, 'showexpected' => $showexpected, 'grader' => $grader);
    $m .= outputDescription($outGraderReply[0] == "Y", $outinfo) . $errnice;
    if (strlen(trim($outGraderReply)) > 1) {
        $m .= "<p>" . __t("Result of grading: ") . substr($outGraderReply, 1) . "</p>";
    }
    return $outGraderReply[0] == "Y" ? tcpass($m) : tcfail($m);
}
function dbMail($limit, $sortname, $sortorder, $req = NULL)
{
    global $db_query_info;
    $db_query_info = array();
    $who = getSoft($req === NULL ? $_REQUEST : $req, "who", "");
    $xwho = getSoft($req === NULL ? $_REQUEST : $req, "xwho", "");
    $what = getSoft($req === NULL ? $_REQUEST : $req, "what", "");
    $xwhat = getSoft($req === NULL ? $_REQUEST : $req, "xwhat", "");
    $unans = getSoft($req === NULL ? $_REQUEST : $req, "unans", "");
    $db_query_info['type'] = 'mail-history';
    $db_query_info['who'] = $who;
    $db_query_info['xwho'] = $xwho;
    $db_query_info['what'] = $what;
    $db_query_info['xwhat'] = $xwhat;
    $db_query_info['unans'] = $unans;
    if (!is_user_logged_in()) {
        return __t("You must log in to view past mail.");
    }
    $where = 'WHERE 1';
    if (userIsAdmin()) {
        $where .= ' AND (uto = ' . getUserID() . ' OR uto = 0 OR ufrom = ' . getUserID() . ' OR ufrom = 0)';
    } else {
        $students = getStudents();
        $students[] = getUserID();
        $where .= ' AND (ustudent IN (' . implode(',', $students) . ') OR uto = ' . getUserID() . ' OR ufrom = ' . getUserID() . ' )';
    }
    if ($who != '') {
        if (!is_numeric($who)) {
            return sprintf(__t("%s must be numeric."), "'who'");
        }
        $who = (int) $who;
        if (userIsAdmin() || getUserID() == $who || getUserID() == guruIDID($who) || userIsAssistant()) {
            $where .= ' AND ustudent = ' . $who;
        } else {
            return __t("Access denied.");
        }
    } else {
        if ($xwho != '') {
            if (!is_numeric($xwho)) {
                return sprintf(__t("%s must be numeric."), "'xwho'");
            }
            $xwho = (int) $xwho;
            $where .= ' AND ustudent != ' . $xwho;
        }
    }
    if ($unans != '') {
        if (!is_numeric($unans)) {
            return sprintf(__t("%s must be numeric."), "'unans'");
        }
        $unans = (int) $unans;
        $where .= ' AND unanswered = ' . $unans;
    }
    global $wpdb;
    if ($what != '') {
        $where .= $wpdb->prepare(' AND problem = %s', $what);
    }
    if ($xwhat != '') {
        $where .= $wpdb->prepare(' AND problem != %s', $xwhat);
    }
    $table_name = $wpdb->prefix . "pb_mail";
    $knownFields = array(__t("from") => "ufrom", __t("to") => "uto", __t("when") => "time", __t("message") => "body", __t("problem") => "problem", __t("replied?") => "unanswered");
    $sortString = array_key_exists($sortname, $knownFields) ? $knownFields[$sortname] . " " . $sortorder . ", " : "";
    $count = $wpdb->get_var("SELECT COUNT(1) from {$table_name} {$where}");
    $prep = "SELECT * from {$table_name} {$where} ORDER BY {$sortString} ID DESC" . $limit;
    //   pyboxlog($prep);
    $flexirows = array();
    foreach ($wpdb->get_results($prep, ARRAY_A) as $r) {
        $cell = array();
        $cell[__t('from')] = nicefiedUsername($r['ufrom']);
        $cell[__t('to')] = nicefiedUsername($r['uto']);
        $url = cscurl('mail') . "?who=" . $r['ustudent'] . "&what=" . $r['problem'] . "&which=" . $r['ID'] . "#m";
        $cell[__t('when')] = str_replace(' ', '<br>', $r['time']);
        if ($what == '') {
            $cell[__t('problem')] = $r['problem'];
        }
        if ($unans == '') {
            $cell[__t('replied?')] = $r['unanswered'] == 1 ? __t('no') : __t('yes');
        }
        $cell[__t('message')] = "<a href='{$url}'>" . preBox($r['body']) . "</a>";
        $flexirows[] = array('id' => $r['ID'], 'cell' => $cell);
    }
    return array('total' => $count, 'rows' => $flexirows);
}
Пример #24
0
        <th>Action</th>
    </tr>
    <?php 
foreach ($users as $user) {
    echo '<tr>';
    $td = '<td>%s</td>';
    // On va l'utiliser plusieurs fois, donc on le stocke
    $uid = $user['user_id'];
    // Les données
    echo sprintf($td, $uid);
    echo sprintf($td, $user['user_name']);
    echo sprintf($td, $user['user_firstname']);
    echo sprintf($td, $user['user_username']);
    $link = '<a href="%s?id=' . $uid . '">%s</a> ';
    // Les liens
    $links = sprintf($link, 'show-user.php', 'Détail');
    // S'il s'agit de l'utilisateur courant ou d'un admin
    if ($uid === userID() || userIsAdmin()) {
        $links .= sprintf($link, 'edit-user.php', 'Modifier');
    }
    // S'il s'agit d'un admin
    if (userIsAdmin()) {
        $links .= sprintf($link, 'delete-user.php', 'Supprimer');
    }
    echo sprintf($td, $links);
    echo '</tr>';
}
?>
</table>
<?php 
foot();
<?php

require_once "db-include.php";
/* 
inner function returns either a string in case of error,
or an array-pair (total, array of (id, cell) array-pairs),
where each cell is an array representing a row.
*/
echo dbFlexigrid(function ($limit, $sortname, $sortorder) {
    global $db_query_info;
    $db_query_info = array();
    $db_query_info['type'] = 'profiling';
    if (!userIsAdmin()) {
        return "Error";
    }
    global $wpdb;
    $L = getSoft($_POST, 'frequency', '');
    if (!is_numeric($L) || $L <= 0) {
        $L = 10;
    }
    $A = getSoft($_POST, 'activity', '');
    if ($A == 'all' || $A == '') {
        $where = "";
    } else {
        if ($A == 'noDatabases') {
            $where = "WHERE activity NOT LIKE 'database%'";
        } else {
            if ($A == 'databases') {
                $where = "WHERE activity LIKE 'database%'";
            } else {
                $where = $wpdb->prepare("WHERE activity LIKE %s", $A);