function DBRunDelete($number, $site, $contest, $user, $usersite)
{
$c = DBConnect();
DBExec($c, "begin work", "DBRunDelete(transaction)");
$sql = "select * from runtable as r where r.contestnumber={$contest} and " . "r.runsitenumber={$site} and r.runnumber={$number}";
$r = DBExec($c, $sql . " for update", "DBRunDelete(get run for update)");
$n = DBnlines($r);
if ($n != 1) {
DBExec($c, "rollback work", "DBRunDelete(rollback)");
LogLevel("Unable to delete a run. " . "(run={$number}, site={$site}, contest={$contest})", 1);
return false;
}
$temp = DBRow($r, 0);
$tinhabalao = DBBalloon($contest, $site, $temp["usernumber"], $temp["runproblem"], true, $c);
DBExec($c, "update runtable set runstatus='deleted', runjudge={$user}, runjudgesite={$usersite}, updatetime=" . time() . " where contestnumber={$contest} and runnumber={$number} and runsitenumber={$site}", "DBRunDelete(update run)");
$tembalao = DBBalloon($contest, $site, $temp["usernumber"], $temp["runproblem"], true, $c);
if ($tinhabalao && !$tembalao) {
$u = DBUserInfo($contest, $site, $temp["usernumber"], $c);
if ($u['usertype'] == 'team') {
$p = DBGetProblemData($contest, $temp["runproblem"], $c);
DBNewTask_old($contest, $site, $temp["usernumber"], escape_string("\"" . $u["username"] . "\" must have _NO_ balloon for problem " . $p[0]["problemname"] . ": " . $p[0]["fullname"]), "", "", "t", $p[0]["color"], $p[0]["colorname"], $c);
}
}
DBExec($c, "commit work", "DBRunDelete(commit)");
LOGLevel("Run deleted (run={$number}, site={$site}, contest={$contest}, user={$user}(site={$usersite})).", 3);
return true;
}
}
}
}
echo " <td nowrap bgcolor=\"#{$color}\">" . $run[$i]["status"] . "</td>\n";
if ($run[$i]["judge"] != "") {
$u = DBUserInfo($_SESSION["usertable"]["contestnumber"], $run[$i]["judgesite"], $run[$i]["judge"]);
echo " <td nowrap>" . $u["username"] . " (" . $run[$i]["judgesite"] . ")";
} else {
echo " <td> ";
}
if ($run[$i]["judge1"] != "") {
$u = DBUserInfo($_SESSION["usertable"]["contestnumber"], $run[$i]["judgesite1"], $run[$i]["judge1"]);
echo " [" . $u["username"] . " (" . $run[$i]["judgesite1"] . ")]";
}
if ($run[$i]["judge2"] != "") {
$u = DBUserInfo($_SESSION["usertable"]["contestnumber"], $run[$i]["judgesite2"], $run[$i]["judge2"]);
echo " [" . $u["username"] . " (" . $run[$i]["judgesite2"] . ")]";
}
echo "</td>\n";
if ($run[$i]["autoend"] != "") {
$color = "bbbbff";
if ($run[$i]["autoanswer"] == "") {
$color = "ff7777";
}
} else {
if ($run[$i]["autobegin"] == "") {
$color = "ffff88";
} else {
$color = "77ff77";
}
}
} else {
echo "0";
}
exit;
}
if (isset($_GET['remote']) && is_numeric($_GET['remote'])) {
ob_start();
header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
if (isset($_SESSION["usertable"])) {
$_SESSION["usertable"] = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]);
} else {
IntrusionNotify("scoretable1");
ForceLoad("index.php");
}
if (!isset($_SESSION['usertable']['usertype']) || $_SESSION["usertable"]["usertype"] != "score" && $_SESSION["usertable"]["usertype"] != "site") {
IntrusionNotify("scoretable2");
ForceLoad("index.php");
}
}
if (!ValidSession()) {
InvalidSession("scoretable.php");
ForceLoad("index.php");
}
$loc = $_SESSION["loc"];
if (!isset($detail)) {
function DBUserUpdate($contest, $site, $user, $username, $userfull, $userdesc, $passo, $passn)
{
$a = DBUserInfo($contest, $site, $user, null, false);
$p = myhash($a["userpassword"] . session_id());
if ($a["userpassword"] != "" && $p != $passo) {
LOGLevel("User " . $_SESSION["usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . " (contest={$contest}, site={$site}) " . "tried to change settings, but password was incorrect.", 2);
MSGError("Incorrect password.");
} else {
if (!$a['changepassword']) {
MSGError('Password change is DISABLED');
return;
}
if ($a["userpassword"] == "") {
$temp = myhash("");
} else {
$temp = $a["userpassword"];
}
$lentmp = strlen($temp);
$temp = bighexsub($passn, $temp);
if ($lentmp > strlen($temp)) {
$newpass = '******' . $temp;
} else {
$newpass = substr($temp, strlen($temp) - $lentmp);
}
$c = DBConnect();
DBExec($c, "begin work");
DBExec($c, "lock table usertable");
$r = DBExec($c, "select * from usertable where username='******' and usernumber!={$user} and " . "usersitenumber={$site} and contestnumber={$contest}");
$n = DBnlines($r);
if ($n == 0) {
$sql = "update usertable set username='******', userdesc='{$userdesc}', userfullname='{$userfull}', updatetime=" . time();
if ($newpass != myhash("")) {
$sql .= ", userpassword='******'";
}
$sql .= " where usernumber={$user} and usersitenumber={$site} and contestnumber={$contest}";
$r = DBExec($c, $sql);
DBExec($c, "commit work");
LOGLevel("User " . $_SESSION["usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . " changed his settings (newname={$username}) " . "(user={$user},site={$site},contest={$contest})", 2);
MSGError("Data updated.");
ForceLoad("index.php");
} else {
DBExec($c, "rollback work");
LOGLevel("User " . $_SESSION["usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . " couldn't change his settings " . "(user={$user},site={$site},contest={$contest})", 2);
MSGError("Update problem (maybe username already in use). No data was changed.");
}
}
}
function ValidSession()
{
if (!isset($_SESSION["usertable"])) {
return FALSE;
}
$_SESSION["usertable"] = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]);
if ($_SESSION["usertable"]["usersession"] != session_id() && ($_SESSION["usertable"]["usermultilogin"] != 't' || $_SESSION["usertable"]["usertype"] != 'score')) {
return FALSE;
}
return TRUE;
}
if (trim($s["sitejudging"]) != "") {
$s["sitejudging"] .= "," . $_SESSION["usertable"]["usersitenumber"];
} else {
$s["sitejudging"] = $_SESSION["usertable"]["usersitenumber"];
}
$clar = DBAllClarsInSites($_SESSION["usertable"]["contestnumber"], $s["sitejudging"], 'report');
for ($i = 0; $i < count($clar); $i++) {
echo " <tr>\n";
echo " <td nowrap>" . $clar[$i]["number"] . "</td>\n";
echo " <td nowrap>" . $clar[$i]["site"] . "</td>\n";
echo " <td nowrap>" . $clar[$i]["user"] . "</td>\n";
echo " <td nowrap>" . dateconvminutes($clar[$i]["timestamp"]) . "</td>\n";
echo " <td nowrap>" . $clar[$i]["problem"] . "</td>\n";
echo " <td nowrap>" . $clar[$i]["status"] . "</td>\n";
if ($clar[$i]["judge"] != "") {
$u = DBUserInfo($_SESSION["usertable"]["contestnumber"], $clar[$i]["judgesite"], $clar[$i]["judge"]);
echo " <td nowrap>" . $u["username"] . " (" . $clar[$i]["judgesite"] . ")</td>\n";
} else {
echo " <td> </td>\n";
}
if ($clar[$i]["question"] == "") {
$clar[$i]["question"] = " ";
}
echo " <td>";
// echo "<pre>" . $clar[$i]["question"] . "</pre>";
// echo $clar[$i]["question"];
echo " <textarea name=\"m{$i}\" cols=\"60\" rows=\"8\" readonly>" . $clar[$i]["question"] . "</textarea>\n";
echo "</td>\n";
if (trim($clar[$i]["answer"]) == "") {
$clar[$i]["answer"] = "Not answered yet";
}
function DBLogInContest($name, $pass, $contest, $msg = true)
{
$b = DBGetRow("select * from contesttable where contestnumber={$contest}", 0, null, "DBLogIn(get active contest)");
if ($b == null) {
LOGLevel("There is no contest {$contest}.", 0);
if ($msg) {
MSGError("There is no contest {$contest}, contact an admin.");
}
return false;
}
$d = DBSiteInfo($b["contestnumber"], $b["contestlocalsite"], null, false);
if ($d == null) {
if ($msg) {
MSGError("There is no active site, contact an admin.");
}
return false;
}
$a = DBGetRow("select * from usertable where username='******' and contestnumber=" . $b["contestnumber"] . " and " . "usersitenumber=" . $b["contestlocalsite"], 0, null, "DBLogIn(get user)");
if ($a == null) {
if ($msg) {
LOGLevel("User {$name} tried to log in contest {$contest} but it does not exist.", 2);
MSGError("User does not exist or incorrect password.");
}
return false;
}
$a = DBUserInfo($b["contestnumber"], $b["contestlocalsite"], $a['usernumber'], null, false);
$_SESSION['usertable'] = $a;
$p = myhash($a["userpassword"] . session_id());
$_SESSION['usertable']['userpassword'] = $p;
if ($a["userpassword"] != "" && $p != $pass) {
LOGLevel("User {$name} tried to log in contest {$contest} but password was incorrect.", 2);
if ($msg) {
MSGError("Incorrect password.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($d["sitepermitlogins"] == "f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") {
LOGLevel("User {$name} tried to login contest {$contest} but logins are denied.", 2);
if ($msg) {
MSGError("Logins are not allowed.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($a["userenabled"] != "t") {
LOGLevel("User {$name} tried to log in contest {$contest} but it is disabled.", 2);
if ($msg) {
MSGError("User disabled.");
}
unset($_SESSION["usertable"]);
return false;
}
$gip = getIP();
if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") {
LOGLevel("User {$name} is using two different IPs: " . $a["userip"] . "(" . dateconv($a["userlastlogin"]) . ") and " . $gip, 1);
if ($msg && $a["usertype"] != "admin") {
MSGError("You are using two distinct IPs. Admin notified.");
}
}
if ($a["userpermitip"] != "") {
$ips = explode(';', $a["userpermitip"]);
$gips = explode(';', $gip);
if (count($gips) < count($ips)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
for ($ipss = 0; $ipss < count($ips); $ipss++) {
$gipi = $gips[$ipss];
$ipi = $ips[$ipss];
if (!match_network($ipi, $gipi)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
}
}
$c = DBConnect();
$t = time();
if ($a["usertype"] == "team" && $a["usermultilogin"] != "t" && $a["userpermitip"] == "") {
$r = DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userpermitip='" . $gip . "'," . "userlastlogin={$t}, usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update session)");
} else {
DBExec($c, "begin work");
$sql = "update usertable set usersessionextra='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"] . " and (usersessionextra='' or userip != '" . $gip . "' or userlastlogin<=" . ($t - 86400) . ")";
DBExec($c, $sql);
DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userlastlogin={$t}, " . "usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update user)");
if ($name == 'admin') {
list($clockstr, $clocktime) = siteclock();
if ($clocktime < -600) {
DBExec($c, "update contesttable set contestunlockkey='' where contestnumber=" . $b["contestnumber"], "DBLogInContest(update contest)");
}
}
DBExec($c, "commit work");
}
LOGLevel("User {$name} authenticated (" . $gip . ")", 2);
return $a;
}
<?php
require '../../db.php';
require '../config.php';
header('Content-type: text/plain; encoding=utf-8');
$s = DBSiteInfo($contest, $site);
$run = DBAllRunsInSites($contest, $site, 'run');
$numRuns = count($run);
for ($i = 0; $i < $numRuns; $i++) {
$u = DBUserInfo($contest, $site, $run[$i]['user']);
$runID = $run[$i]['number'];
$runTime = dateconvminutes($run[$i]['timestamp']);
$runTeam = $u['username'];
$runProblem = $run[$i]['problem'];
if ($runTime > $freezeTime) {
continue;
}
echo $runID . '
' . $runTime . '
' . $runTeam . '
' . $runProblem . '
';
if ($run[$i]['yes'] == 't') {
echo 'Y' . "\n";
} else {
if ($run[$i]['answer'] == 'Not answered yet') {
echo '?' . "\n";
} else {
echo 'N' . "\n";
}
}
}
function ValidSession()
{
if (!isset($_SESSION["usertable"])) {
return FALSE;
}
$gip = getIP();
if ($_SESSION["usertable"]["userip"] != $gip || $_SESSION["usertable"]["usersession"] != session_id()) {
return FALSE;
}
if ($_SESSION["usertable"]["usermultilogin"] == 't') {
return TRUE;
}
$tmp = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]);
if ($tmp["userip"] != $gip) {
return FALSE;
}
return TRUE;
}
} else {
echo " <td nowrap>No</td>\n";
}
if ($usr[$i]["usermultilogin"] == "t") {
echo " <td nowrap>Yes</td>\n";
} else {
echo " <td nowrap>No</td>\n";
}
echo " <td nowrap>" . $usr[$i]["userfullname"] . " </td>\n";
echo " <td nowrap>" . $usr[$i]["userdesc"] . " </td>\n";
echo "</tr>";
}
echo "</table>\n";
unset($u);
if (isset($_GET["site"]) && isset($_GET["user"]) && is_numeric($_GET["site"]) && is_numeric($_GET["user"])) {
$u = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_GET["site"], $_GET["user"]);
}
?>
<script language="JavaScript" src="../sha256.js"></script>
<script language="JavaScript" src="../hex.js"></script>
<script language="JavaScript">
function computeHASH()
{
document.form3.passwordn1.value = bighexsoma(js_myhash(document.form3.passwordn1.value),js_myhash(document.form3.passwordo.value));
document.form3.passwordn2.value = bighexsoma(js_myhash(document.form3.passwordn2.value),js_myhash(document.form3.passwordo.value));
document.form3.passwordo.value = js_myhash(js_myhash(document.form3.passwordo.value)+'<?php
echo session_id();
?>
');
// document.form3.passwordn1.value = js_myhash(document.form3.passwordn1.value);
// document.form3.passwordn2.value = js_myhash(document.form3.passwordn2.value);
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
//Last updated 10/jul/2012 by cassio@ime.usp.br
require 'header.php';
$score = DBScore($_SESSION["usertable"]["contestnumber"], false, -1, $st["siteglobalscore"]);
echo "<h2>ICPC Output</h2>";
echo "<pre>";
$n = 0;
$class = 1;
while (list($e, $c) = each($score)) {
if (isset($score[$e]["site"]) && isset($score[$e]["user"])) {
$r = DBUserInfo($_SESSION["usertable"]["contestnumber"], $score[$e]["site"], $score[$e]["user"]);
echo $r["usericpcid"] . ",";
echo $class++ . ",";
echo $score[$e]["totalcount"] . ",";
echo $score[$e]["totaltime"] . ",";
if ($score[$e]["first"]) {
echo $score[$e]["first"] . "\n";
} else {
echo "0\n";
}
$n++;
}
}
echo "</pre>";
include "{$locr}/footnote.php";
?>
