/** * Handling a post. */ function post() { $new_id = $_POST['id']; $this->load->helper('validate_helper'); // Check to see if the ID already exists if ($this->accounts->get($new_id) == null) { $this->data['errors'][] = 'ID does not exist.'; } // Check to see if the ID is invalid if (!validate_id($_POST['id'])) { $this->data['errors'][] = 'Invalid ID.'; } // Check to see if the status is invalid. if (!validate_status($_POST['status'])) { $this->data['errors'][] = 'Invalid status.'; } // If more than 0 errors exist, adding entry fails, error produced if (count($this->data['errors']) > 0) { redirect('../update'); //$this -> index(); } else { $this->accounts->update($_POST); redirect('../'); } }
/** * Handling a post. */ function post() { // Call to neccessary variables and helpers $new_id = $_POST['id']; $this->load->helper('validate_helper'); // Check to see if the ID already exists if ($this->products->get($new_id) != null) { $this->data['errors'][] = 'ID already in use.'; } // Check to see if the ID is invalid if (!validate_id($_POST['id'])) { $this->data['errors'][] = 'Invalid ID.'; } // Check to see if the status is invalid. if (!validate_status($_POST['status'])) { $this->data['errors'][] = 'Invalid status.'; } // If more than 0 errors exist, adding entry fails, error produced if (count($this->data['errors']) > 0) { redirect('../add'); //$this -> index(); } else { $this->products->add($_POST); redirect('../'); } }
function download_file($file) { validate_id(array_get($file, 'id')); // do we read the file off AWS S3? if (CONFIG_AWS_S3_KEY_ID && CONFIG_AWS_S3_SECRET && CONFIG_AWS_S3_BUCKET) { try { // Instantiate the S3 client with your AWS credentials $client = S3Client::factory(array('key' => CONFIG_AWS_S3_KEY_ID, 'secret' => CONFIG_AWS_S3_SECRET)); $file_key = '/challenges/' . $file['id']; $client->registerStreamWrapper(); // Send a HEAD request to the object to get headers $command = $client->getCommand('HeadObject', array('Bucket' => CONFIG_AWS_S3_BUCKET, 'Key' => $file_key)); $filePath = 's3://' . CONFIG_AWS_S3_BUCKET . $file_key; } catch (Exception $e) { message_error('Caught exception uploading file to S3: ' . $e->getMessage()); } } else { $filePath = CONST_PATH_FILE_UPLOAD . $file['id']; if (!is_readable($filePath)) { log_exception(new Exception("Could not read the requested file: " . $filePath)); message_error("Could not read the requested file. An error report has been lodged."); } } $file_title = $file['title']; if (defined('CONFIG_APPEND_MD5_TO_DOWNLOADS') && CONFIG_APPEND_MD5_TO_DOWNLOADS && $file['md5']) { $pos = strpos($file['title'], '.'); if ($pos) { $file_title = substr($file['title'], 0, $pos) . '-' . $file['md5'] . substr($file['title'], $pos); } else { $file_title = $file_title . '-' . $file['md5']; } } // required for IE, otherwise Content-disposition is ignored if (ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Cache-Control: private', false); // required for certain browsers header('Content-Type: application/force-download'); header('Content-Disposition: attachment; filename="' . $file_title . '";'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . $file['size']); // Stop output buffering if (ob_get_level()) { ob_end_flush(); } flush(); readfile($filePath); }
function cdotw($id) { $id = validate_id($id); if ($id == '') { $date = "SELECT date, DATE_FORMAT(date, '%c/%d/%y' ) as fdate FROM cdotw GROUP BY date ORDER BY date DESC LIMIT 0,1"; $date_result = mysql_query($date); if (!$date_result) { die('Invalid'); } $datepicker = mysql_fetch_assoc($date_result); $query = "SELECT * FROM cdotw WHERE deleted = 'no' AND date = \"" . $datepicker['date'] . "\""; $result = mysql_query($query); } else { $date = "SELECT DATE_FORMAT(date, '%c/%d/%y' ) as fdate FROM cdotw WHERE id = " . $id; $date_result = mysql_query($date); if (!$date_result) { die('Invalid'); } $datepicker = mysql_fetch_assoc($date_result); $query = "SELECT * FROM cdotw WHERE deleted = 'no' AND id = " . $id; $result = mysql_query($query); } if (!$result) { echo "error: " . $query; die('Invalid'); } echo "Week of " . $datepicker['fdate']; echo '<ul>'; for ($i = 1; $i <= mysql_num_rows($result); $i++) { $info = mysql_fetch_assoc($result); echo "<h3>" . $info['artist'] . " - <em>" . $info['title'] . "</em> (" . $info['label'] . ")</h3>\n" . "<div class='review'> <a href=\"" . $info['band'] . "\" target=_new><img src=\"" . $info['cd_pic_url'] . "\" height=\"200\"> </a>\n" . $info['review'] . "</div>\n" . "<div class=\"footnote\">Review by " . $info['reviewer'] . "</div>\n"; if ($i != mysql_num_rows($result)) { echo "<p>\n<hr width=80%>\n"; } } echo '</ul>'; }
function user_exception_log($user_id, $limit = null) { validate_id($user_id); echo ' <table id="hints" class="table table-striped table-hover"> <thead> <tr> <th>Message</th> <th>Added</th> <th>IP</th> <th>Trace</th> </tr> </thead> <tbody> '; $exceptions = db_query_fetch_all(' SELECT e.id, e.message, e.added, e.added_by, e.trace, INET_NTOA(e.user_ip) AS user_ip, u.team_name FROM exceptions AS e LEFT JOIN users AS u ON u.id = e.added_by WHERE e.added_by = :user_id ORDER BY e.id DESC ' . ($limit ? 'LIMIT ' . $limit : ''), array('user_id' => $user_id)); foreach ($exceptions as $exception) { echo ' <tr> <td>', htmlspecialchars($exception['message']), '</td> <td>', date_time($exception['added']), '</td> <td><a href="', CONFIG_SITE_ADMIN_URL, 'list_ip_log.php?ip=', htmlspecialchars($exception['user_ip']), '">', htmlspecialchars($exception['user_ip']), '</a></td> <td>', htmlspecialchars($exception['trace']), '</td> </tr> '; } echo ' </tbody> </table> '; }
<!--##################################################################### # # File : DELETE IMAGE # Project : Game Magazine Project # Author : Béo Sagittarius # Created : 07/01/2015 # ##################################################################### --> <?php include '../includes/functions.php'; include '../includes/backend/header-admin.php'; include '../includes/backend/mysqli_connect.php'; $iid = validate_id($_GET['iid']); // Neu muon delete page $result = delete_images($iid); if (mysqli_affected_rows($dbc) == 1) { echo "\n\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\talert('{$lang['AD_DEL_SUCCESS']}');\n window.location = 'list_images.php';\n\t\t\t\t</script>\n\t\t\t"; } else { echo "\n\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\talert('{$lang['AD_DEL_FAIL']}');\n window.location = 'list_images.php';\n\t\t\t\t</script>\n\t\t\t"; }
<?php include '../includes/backend/mysqli_connect.php'; include '../includes/functions.php'; include '../includes/errors.php'; if ($gid = validate_id($_GET['gid'])) { $set = get_news_by_id($gid); $games = array(); if (mysqli_num_rows($set) > 0) { $games = mysqli_fetch_array($set, MYSQLI_ASSOC); } else { redirect_to('admin/list_games.php'); } } else { redirect_to('admin/list_games.php'); } $title_page = $games['type_name']; include '../includes/backend/header-admin.php'; ?> <div class="content-wrapper"> <div class="container"> <div class="row"> <div class="col-md-11" style="margin-left: 4.1%"> <div class="panel panel-default"> <div class="panel-heading"> <h2 style="text-align: center"><?php echo $games['title']; ?> </h2> <h4 style="text-align: center" ><a href="index.php"><?php
$data = $data[0]; $this_birthdate = $data['birthday']; $id_player = $data['id']; if ($this_birthdate != "" && $this_birthdate != $birthdate) { writelog($logFile, "warning", "\t{$full_name_corr} ({$id_player}) a des birthday differents (table: {$this_birthdate}, capgeek: {$birthdate}) (2)"); insert_or_update_corr_values($INSERTFILE, $id_player, $playerName, $birthdate); } } else { writelog($logFile, "warning", "\t{$playerName} est plus d'une fois dans la table nhl_players, mais les birthday ne fitte pas ({$birthdate})..."); continue; } if ($id_player == "") { writelog($logFile, "info", "Joueur {$playerName}: pas dans la table nhl_players (2)"); continue; } $data = validate_id($id_player, 'id_waronice'); $this_id_waronice = $data['id_waronice']; if ($id_war_on_ice != $this_id_waronice) { writelog($logFile, "info", "\tJoueur {$playerName} ({$id_player}) : id_waronice différent (2)"); $q = "update nhl_players set id_waronice={$id_war_on_ice} where id = {$id_player} and date_expiration = '2099-12-31';"; insert_query_in_file($INSERTFILE, $q); } // ajout/update dans la table de corr. insert_or_update_corr_values($INSERTFILE, $id_player, $playerName, $birthdate); } else { // on a trouvé le joueur $data = $data[0]; $id_player = $data['id']; $this_id_waronice = $data['id_waronice']; if ($this_id_waronice != $id_war_on_ice) { writelog($logFile, "info", "\t Joueur {$playerName} ({$id_player}): id_waronice différent");
function user_ip_log($user_id) { validate_id($user_id); echo ' <table id="files" class="table table-striped table-hover"> <thead> <tr> <th>IP</th> <th>Hostname</th> <th>First used</th> <th>Last used</th> <th>Times used</th> </tr> </thead> <tbody> '; $entries = db_select_all('ip_log', array('INET_NTOA(ip) AS ip', 'added', 'last_used', 'times_used'), array('user_id' => $_GET['id'])); foreach ($entries as $entry) { echo ' <tr> <td><a href="list_ip_log.php?ip=', htmlspecialchars($entry['ip']), '">', htmlspecialchars($entry['ip']), '</a></td> <td>', CONFIG_GET_IP_HOST_BY_ADDRESS ? gethostbyaddr($entry['ip']) : '<i>Lookup disabled in config</i>', '</td> <td>', date_time($entry['added']), '</td> <td>', date_time($entry['last_used']), '</td> <td>', number_format($entry['times_used']), '</td> </tr> '; } echo ' </tbody> </table> '; }
if ($_GET['status'] == 'correct') { message_dialog('Congratulations! You got the flag!', 'Correct flag', 'Yay!', 'challenge-attempt correct on-page-load'); } else { if ($_GET['status'] == 'incorrect') { message_dialog('Sorry! That wasn\'t correct', 'Incorrect flag', 'Ok', 'challenge-attempt incorrect on-page-load'); } else { if ($_GET['status'] == 'manual') { message_inline_blue('<h1>Your submission is awaiting manual marking.</h1>', false); } } } } $categories = db_select_all('categories', array('id', 'title', 'description', 'available_from', 'available_until'), array('exposed' => 1), 'title ASC'); // determine which category to display if (isset($_GET['category'])) { validate_id($_GET['category']); $current_category = array_search_matching_key($_GET['category'], $categories, 'id'); if (!$current_category) { message_error(lang_get('no_category_for_id'), false); } } else { // if no category is selected, display // the first available category foreach ($categories as $cat) { if ($time > $cat['available_from'] && $time < $cat['available_until']) { $current_category = $cat; break; } } // if no category has been made available // we'll just set it to the first one
<!--##################################################################### # # File : CHANGE STATUS VIDEO # Project : Game Magazine Project # Author : Béo Sagittarius # Created : 07/01/2015 # ##################################################################### --> <?php include '../includes/functions.php'; include '../includes/backend/mysqli_connect.php'; if (isset($_GET)) { $iid = validate_id($_GET['iid']); $stt = validate_id($_GET['stt']); // Change status $result = change_status_image($iid, $stt); if (mysqli_affected_rows($dbc) == 1) { redirect_to('admin/list_images.php'); } else { redirect_to('admin/list_images.php'); } }
<!--##################################################################### # # File : EDIT VIDEO # Project : Game Magazine Project # Author : Béo Sagittarius # Created : 07/01/2015 # ##################################################################### --> <?php include '../includes/backend/mysqli_connect.php'; include '../includes/functions.php'; include '../includes/errors.php'; $title_page = 'Edit Video'; if ($vid = validate_id($_GET['vid'])) { $result = get_video_item($vid); if (mysqli_num_rows($result) == 1) { $videos = mysqli_fetch_array($result, MYSQLI_ASSOC); } else { redirect_to('admin/list_videos.php'); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array(); //validate title if (empty($_POST['title'])) { $errors[] = "title"; } else { $title = mysqli_real_escape_string($dbc, strip_tags($_POST['title'])); } //validate description if (empty($_POST['description'])) { $errors[] = 'description';
<!--##################################################################### # # File : DELETE NEWS # Project : Game Magazine Project # Author : Béo Sagittarius # Created : 07/01/2015 # ##################################################################### --> <?php include '../includes/functions.php'; include '../includes/backend/header-admin.php'; include '../includes/backend/mysqli_connect.php'; $nid = validate_id($_GET['nid']); // Neu muon delete page $result = delete_news_games($nid); if (mysqli_affected_rows($dbc) == 1) { echo "\n\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\talert('{$lang['AD_DEL_SUCCESS']}');\n window.location = 'list_news.php';\n\t\t\t\t</script>\n\t\t\t"; } else { echo "\n\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\tert('{$lang['AD_DEL_FAIL']}');\n window.location = 'list_news.php';\n\t\t\t\t</script>\n\t\t\t"; }
$data = $data[0]; $this_birthdate = $data['birthday']; $id_player = $data['id']; if ($this_birthdate != "" && $this_birthdate != $birthdate) { writelog($logFile, "warning", "\t{$full_name_corr} ({$id_player}) a des birthday differents (table: {$this_birthdate}, rotoworld: {$birthdate}) (2)"); insert_or_update_corr_values($INSERTFILE, $id_player, $playerName, $birthdate); } } else { writelog($logFile, "warning", "\t{$playerName} est plus d'une fois dans la table nhl_players, mais les birthday ne fitte pas ({$birthdate})..."); continue; } if ($id_player == "") { writelog($logFile, "info", "Joueur {$playerName}: pas dans la table nhl_players (2)"); continue; } $data = validate_id($id_player, 'id_rotoworld'); $this_id_rotoworld = $data['id_rotoworld']; if ($id_rotoworld != $this_id_rotoworld) { writelog($logFile, "info", "\tJoueur {$playerName} ({$id_player}) : id_rotoworld différent (2)"); $q = "update nhl_players set id_rotoworld={$id_rotoworld} where id = {$id_player} and date_expiration = '2099-12-31';"; insert_query_in_file($INSERTFILE, $q); } // ajout/update dans la table de corr. insert_or_update_corr_values($INSERTFILE, $id_player, $playerName, $birthdate); } else { // on a trouvé le joueur $data = $data[0]; $id_player = $data['id']; $this_id_rotoworld = $data['id_rotoworld']; if ($this_id_rotoworld != $id_rotoworld) { writelog($logFile, "info", "\t Joueur {$playerName} ({$id_player}): id_rotoworld différent");
<?php include 'includes/mysqli_connect.php'; include 'includes/functions.php'; if ($pid = validate_id($_GET['pid'])) { // neu ton tai bien pid thi tiep tuc truy van csdl $set = get_page_by_id($pid); $posts = array(); if (mysqli_num_rows($set) > 0) { $pages = mysqli_fetch_array($set, MYSQLI_ASSOC); $title = $pages['page_name']; $posts[] = array('page_name' => $pages['page_name'], 'content' => $pages['content'], 'author' => $pages['name'], 'post-on' => $pages['date'], 'aid' => $pages['user_id']); } } else { redirest_to(); } include 'includes/header.php'; include 'includes/sidebar-a.php'; ?> <div id="content"> <?php foreach ($posts as $post) { echo "\n <div class='post'>\n <h2>" . $post['page_name'] . "</h2>\n <p>" . the_content($post['content']) . "</p>\n <p class='meta'><strong>Posted by: </strong><a href='author.php?aid={$post['aid']}'>" . $post['author'] . "</a> | <strong>On: </strong>" . $post['post-on'] . "</p>\n\n </div>\n "; } ?> <?php include 'includes/comment_form.php'; ?> </div><!--end content--> <?php include 'includes/sidebar-b.php';
<?php include '../includes/backend/mysqli_connect.php'; include '../includes/functions.php'; include '../includes/errors.php'; if ($nid = validate_id($_GET['uid'])) { $set = get_user_by_id_list($nid); $user = array(); if (mysqli_num_rows($set) > 0) { $user = mysqli_fetch_array($set, MYSQLI_ASSOC); } else { redirect_to('admin/list_user.php'); } } else { redirect_to('admin/list_user.php'); } include '../includes/backend/header-admin.php'; ?> <div class="content-wrapper"> <div class="container"> <div class="row"> <div class="col-md-11" style="margin-left: 4.1%"> <div class="panel panel-default"> <div class="panel-heading"> <h2 style="text-align: center"><?php echo $user['first_name'] . " " . $user['last_name']; ?> </h2> <h4 style="text-align: center" ><a href="index.php"><?php echo $lang['ADD_USER_LINK_HOME'];
} elseif ($pos == "") { $q = "update nhl_players set pos='{$this_pos}' where id = {$id_player} and date_expiration = '2099-12-31';"; insert_query_in_file($INSERTFILE, $q); } break; } } } else { // on a le id du joueur, car il se retrouvait dans la table de correspondance. On valide le id_forecaster et son équipe... /* $query = "select team,id_forecaster from nhl_players where id = $id_player and date_expiration = '2099-12-31'"; $data = DB::dbSelect($query); */ $data = validate_id($id_player, "team,id_forecaster"); $id_team = $data['team']; $id_forecaster = $data['id_forecaster']; // si l'équipe n'est pas la même, c'est que le joueur a peut-être été échangé... if ($my_id_team != "") { if ($id_team != $my_id_team) { $query = "select abbr from teams where id = {$id_team}"; $data = DB::dbSelect($query); $data = $data[0]; $abbr = $data['abbr']; writelog($logFile, "warning", "Joueur {$full_name_corr} : échangé (2) de {$abbr} à {$team}... Continue (y|n)"); $rep = "y"; if ($rep == "y") { $query = "UPDATE nhl_players SET date_expiration='{$today}'\n WHERE id = {$id_player}\n and date_expiration = '2099-12-31'"; DB::dbUpdate($query); $query = "create temporary table if not exists nhl_players_temp like nhl_players";
<!--##################################################################### # # File : EDIT TAG # Project : Game Magazine Project # Author : Béo Sagittarius # Created : 07/01/2015 # ##################################################################### --> <?php include '../includes/backend/mysqli_connect.php'; include '../includes/functions.php'; $title_page = 'Edit Game'; if ($tid = validate_id($_GET['tid'])) { $result = get_tag_item($tid); if (mysqli_num_rows($result) == 1) { $tag = mysqli_fetch_array($result, MYSQLI_ASSOC); } else { redirect_to('admin/list_tag.php'); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array(); // validate tag if (empty($_POST['tag'])) { $errors[] = "tag"; } else { $tag = mysqli_real_escape_string($dbc, strip_tags($_POST['tag'])); } if (empty($errors)) { $result = edit_tag($tid, $tag); if (mysqli_affected_rows($dbc) == 1) { echo "<script type='text/javascript'>\n alert('{$lang['AD_EDIT_GAME_SUCCESS']}');\n window.location = 'list_tag.php';\n </script>\n ";
<?php require '../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_USER, true); $time = time(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]); if (CONFIG_RECAPTCHA_ENABLE_PRIVATE) { validate_captcha(); } if ($_POST['action'] == 'submit_flag') { validate_id($_POST['challenge']); if (empty($_POST['flag'])) { message_error('Did you really mean to submit an empty flag?'); } $submissions = db_select_all('submissions', array('correct', 'added'), array('user_id' => $_SESSION['id'], 'challenge' => $_POST['challenge'])); // make sure user isn't "accidentally" submitting a correct flag twice $latest_submission_attempt = 0; $num_attempts = 0; foreach ($submissions as $submission) { $latest_submission_attempt = max($submission['added'], $latest_submission_attempt); if ($submission['correct']) { message_error('You may only submit a correct flag once.'); } $num_attempts++; } // get challenge information $challenge = db_select_one('challenges', array('flag', 'category', 'case_insensitive', 'automark', 'available_from', 'available_until', 'num_attempts_allowed', 'min_seconds_between_submissions'), array('id' => $_POST['challenge'])); $seconds_since_submission = $time - $latest_submission_attempt; if ($seconds_since_submission < $challenge['min_seconds_between_submissions']) { message_generic('Sorry', 'You may not submit another solution for this challenge for another ' . seconds_to_pretty_time($challenge['min_seconds_between_submissions'] - $seconds_since_submission));
function print_user_ip_log($user_id, $limit = 0) { validate_id($user_id); section_subhead('IP address usage', ($limit ? 'Limited to ' . $limit . ' results ' : '') . button_link('Show all for user', 'list_ip_log?user_id=' . htmlspecialchars($user_id)), false); echo ' <table id="files" class="table table-striped table-hover"> <thead> <tr> <th>IP</th> <th>Hostname</th> <th>First used</th> <th>Last used</th> <th>Times used</th> </tr> </thead> <tbody> '; $entries = db_query_fetch_all(' SELECT INET_NTOA(ip) AS ip, added, last_used, times_used FROM ip_log WHERE user_id = :user_id ORDER BY last_used DESC ' . ($limit ? 'LIMIT ' . $limit : ''), array('user_id' => $user_id)); foreach ($entries as $entry) { echo ' <tr> <td><a href="', CONFIG_SITE_ADMIN_URL, 'list_ip_log.php?ip=', htmlspecialchars($entry['ip']), '">', htmlspecialchars($entry['ip']), '</a></td> <td>', CONFIG_GET_IP_HOST_BY_ADDRESS ? gethostbyaddr($entry['ip']) : '<i>Lookup disabled in config</i>', '</td> <td>', date_time($entry['added']), '</td> <td>', date_time($entry['last_used']), '</td> <td>', number_format($entry['times_used']), '</td> </tr> '; } echo ' </tbody> </table> '; }
function log_user_ip($user_id) { validate_id($user_id); $now = time(); $ip = get_ip(true); $entry = db_select_one('ip_log', array('id', 'times_used'), array('user_id' => $user_id, 'ip' => $ip)); // if the user has logged in with this IP previously if ($entry['id']) { db_query_fetch_none(' UPDATE ip_log SET last_used=UNIX_TIMESTAMP(), ip=:ip, times_used=times_used+1 WHERE id=:id', array('ip' => $ip, 'id' => $entry['id'])); } else { db_insert('ip_log', array('added' => $now, 'last_used' => $now, 'user_id' => $user_id, 'ip' => $ip)); } }
<?php require '../include/mellivora.inc.php'; validate_id(array_get($_GET, 'id')); head(lang_get('user_details')); if (cache_start(CONST_CACHE_NAME_USER . $_GET['id'], CONFIG_CACHE_TIME_USER)) { $user = db_query_fetch_one(' SELECT u.team_name, u.competing, co.country_name, co.country_code FROM users AS u LEFT JOIN countries AS co ON co.id = u.country_id WHERE u.id = :user_id', array('user_id' => $_GET['id'])); if (empty($user)) { message_generic(lang_get('sorry'), lang_get('no_user_found'), false); } section_head(htmlspecialchars($user['team_name']), country_flag_link($user['country_name'], $user['country_code'], true), false); if (!$user['competing']) { message_inline_blue(lang_get('non_competing_user')); } $challenges = db_query_fetch_all(' SELECT ca.title, (SELECT SUM(ch.points) FROM challenges AS ch JOIN submissions AS s ON s.challenge = ch.id AND s.user_id = :user_id AND s.correct = 1 WHERE ch.category = ca.id GROUP BY ch.category) AS points, (SELECT SUM(ch.points) FROM challenges AS ch WHERE ch.category = ca.id GROUP BY ch.category) AS category_total FROM categories AS ca WHERE ca.available_from < UNIX_TIMESTAMP() AND
<?php require '../../include/ctf.inc.php'; enforce_authentication(CONST_USER_CLASS_MODERATOR); validate_id($_GET['id']); $challenge = db_select_one('challenges', array('*'), array('id' => $_GET['id'])); head('Site management'); menu_management(); section_subhead('Edit challenge: ' . $challenge['title']); form_start(CONFIG_SITE_ADMIN_RELPATH . 'actions/edit_challenge'); form_input_text('Title', $challenge['title']); form_textarea('Description', $challenge['description']); form_textarea('Flag', $challenge['flag']); form_input_checkbox('Automark', $challenge['automark']); form_input_checkbox('Case insensitive', $challenge['case_insensitive']); form_input_text('Points', $challenge['points']); form_input_text('Num attempts allowed', $challenge['num_attempts_allowed']); form_input_text('Min seconds between submissions', $challenge['min_seconds_between_submissions']); $opts = db_query_fetch_all('SELECT * FROM categories ORDER BY title'); form_select($opts, 'Category', 'id', $challenge['category'], 'title'); $opts = db_query_fetch_all(' SELECT ch.id, ch.title, ca.title AS category FROM challenges AS ch LEFT JOIN categories AS ca ON ca.id = ch.category ORDER BY ca.title, ch.title'); array_unshift($opts, array('id' => 0, 'title' => '-- User must solve selected challenge before revealing this one --')); form_select($opts, 'Relies on', 'id', $challenge['relies_on'], 'title', 'category'); form_input_checkbox('Exposed', $challenge['exposed']);
<?php // ini_set('display_errors', 'on'); require_once 'classes/connection.php'; include 'classes/validate_id.php'; include 'classes/events.php'; $connection = db_connect(); $eventID = $_GET['id']; validate_id($eventID); $eventinfo = event::get_event($connection, $eventID); echo $eventinfo->name; echo "<br>"; echo $eventinfo->date; echo "<hr>"; $event = new event($eventID); $showmembers = $event->show_members($connection, $eventID); foreach ($showmembers as $showmember) { echo $showmember['name']; echo "<br>"; } echo '<a href="add.php?id=' . $eventID . '">Schrijf in</a>';
<?php require '../../../include/mellivora.inc.php'; enforce_authentication(CONFIG_UC_MODERATOR); validateAuthority(3, $_GET['id']); if ($_SERVER['REQUEST_METHOD'] == 'POST') { validate_id($_POST['id']); validate_xsrf_token($_POST['xsrf_token']); if ($_POST['action'] == 'delete') { db_delete('submissions', array('id' => $_POST['id'])); redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1'); } else { if ($_POST['action'] == 'mark_incorrect') { db_update('submissions', array('correct' => 0, 'marked' => 1), array('id' => $_POST['id'])); redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1'); } else { if ($_POST['action'] == 'mark_correct') { db_update('submissions', array('correct' => 1, 'marked' => 1), array('id' => $_POST['id'])); redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_submissions.php?generic_success=1'); } } } }
if ($id_nhl != $this_id_nhl) { writelog($logFile, "info", "Joueur {$full_name_corr} ({$id_player}): id_nhl différent. Update en cours..."); $q = "update nhl_players set id_nhl={$this_id_nhl} where id = {$id_player} and date_expiration = '2099-12-31';"; insert_query_in_file($INSERTFILE, $q); } # ajout/update dans la table de corr, si nécessaire insert_or_update_corr_values($INSERTFILE, $id_player, $full_name_corr, $this_birthday); } elseif (count($data) > 1) { // il se peut qu'il y ait plus d'un joueur avec le même nom... // traitement à faire... } else { // on a le id du joueur, car il se retrouvait dans la table de correspondance. On valide le id_nhl... if ($DEBUG) { writelog($logFile, "info", "\t{$full_name_corr} ({$this_team}): trouve ds la table nhl_players_corr..."); } $data = validate_id($id_player, "id_nhl"); $id_nhl_from_table = $data['id_nhl']; if ($id_nhl_from_table != $this_id_nhl) { writelog($logFile, "info", "Joueur {$full_name_corr} ({$this_team}) (id: {$id_player}): id_nhl différent. Update en cours..."); $q = "update nhl_players set id_nhl={$this_id_nhl} where id = {$id_player} and date_expiration = '2099-12-31';"; insert_query_in_file($INSERTFILE, $q); } elseif ($DEBUG) { writelog($logFile, "info", "\t... id_nhl identique."); } } //break; } // déterminer s'il y a d'autres pages web pour la même lettre... if (preg_match("/ice\\/playersearch.*pg=/", $line) != 0 && $traite_joueurs_page) { $old_no_pageweb = $no_pageweb; $str = explode(" ", $line);