function handle_print_upload() { global $DB, $username; ini_set("upload_max_filesize", dbconfig_get('sourcesize_limit') * 1024); checkFileUpload($_FILES['code']['error']); $filename = $_FILES['code']['name']; $realfilename = $_FILES['code']['tmp_name']; /* Determine the language */ $langid = @$_POST['langid']; /* sanity check only */ if ($langid != "") { $lang = $DB->q('MAYBETUPLE SELECT langid FROM language WHERE langid = %s AND allow_submit = 1', $langid); if (!isset($lang)) { error("Unable to find language '{$langid}'"); } } if (IS_JURY) { $whoami = 'JURY/' . $username; } else { $whoami = $username; } $ret = send_print($realfilename, $langid, $whoami, $filename); echo "<p>" . nl2br(htmlspecialchars($ret[1])) . "</p>\n\n"; if ($ret[0]) { echo "<p>Print successful.</p>"; } else { error("Error while printing. Contact staff."); } }
/** Import functions **/ function tsv_import($fmt) { echo "<p>Importing {$fmt}.</p>\n\n"; // generic for each tsv format checkFileUpload($_FILES['tsv']['error']); // read entire file into an array $content = file($_FILES['tsv']['tmp_name']); // the first line of the tsv is always the format with a version number. // currently we hardcode version 1 because there are no others $version = rtrim(array_shift($content)); // Two variants are in use: one where the first token is a static string // "File_Version" and the second where it's the type, e.g. "groups". $versionmatch = '1'; if ($fmt == 'teams') { $versionmatch = '[12]'; } if (!preg_match("/^(File_Version|{$fmt})\t{$versionmatch}\$/i", $version)) { error("Unknown format or version: {$version} != {$versionmatch}"); } // select each format and call appropriate functions. // the prepare function parses the tsv, checks if the data looks sane, // and delivers it in the format for the setter function. The latter // updates the database (so only after all lines have first been // read and checked). switch ($fmt) { case 'groups': $data = tsv_groups_prepare($content); $c = tsv_groups_set($data); break; case 'teams': $data = tsv_teams_prepare($content); $c = tsv_teams_set($data); break; case 'accounts': $data = tsv_accounts_prepare($content); $c = tsv_accounts_set($data); break; default: error("Unknown format"); } echo "<p>{$c} items imported</p>"; }
{ // Annoying PHP: we need to import global variables here... global $title; require LIBWWWDIR . '/header.php'; echo "<h2>Submit - error</h2>\n\n"; echo '<div id="uploadstatus">'; logmsg(LOG_WARNING, $string); echo '</div>'; require LIBWWWDIR . '/footer.php'; exit; } // rebuild array of filenames, paths to get rid of empty upload fields $FILEPATHS = $FILENAMES = array(); foreach ($_FILES['code']['tmp_name'] as $fileid => $tmpname) { if (!empty($tmpname)) { checkFileUpload($_FILES['code']['error'][$fileid]); $FILEPATHS[] = $_FILES['code']['tmp_name'][$fileid]; $FILENAMES[] = $_FILES['code']['name'][$fileid]; } } // FIXME: the following checks are also performed inside // submit_solution. /* Determine the problem */ $probid = @$_POST['probid']; $prob = $DB->q('MAYBETUPLE SELECT probid, name FROM problem INNER JOIN contestproblem USING (probid) WHERE allow_submit = 1 AND probid = %i AND cid = %i', $probid, $cid); if (!isset($prob)) { err("Unable to find problem p{$probid}"); } $probid = $prob['probid'];
$extra = ''; if ($current_cid !== null) { $extra = '&cid=' . urlencode($current_cid); } $refresh = array('after' => 15, 'url' => $pagename . '?id=' . urlencode($id) . $extra); } // This doesn't return, call before sending headers if (isset($cmd) && $cmd == 'viewtext') { putProblemText($id); } require LIBWWWDIR . '/header.php'; if (isset($_POST['upload'])) { if (!empty($_FILES['problem_archive']['tmp_name'][0])) { foreach ($_FILES['problem_archive']['tmp_name'] as $fileid => $tmpname) { $cid = $_POST['contest']; checkFileUpload($_FILES['problem_archive']['error'][$fileid]); $zip = openZipFile($_FILES['problem_archive']['tmp_name'][$fileid]); $newid = importZippedProblem($zip, empty($id) ? NULL : $id, $cid); $zip->close(); auditlog('problem', $newid, 'upload zip', $_FILES['problem_archive']['name'][$fileid]); } if (count($_FILES['problem_archive']['tmp_name']) == 1) { $probid = empty($newid) ? $id : $newid; $probname = $DB->q('VALUE SELECT name FROM problem WHERE probid = %i', $probid); echo '<p><a href="' . $pagename . '?id=' . urlencode($probid) . '">Return to problem p' . specialchars($probid) . ': ' . specialchars($probname) . ".</a></p>\n"; } echo "<p><a href=\"problems.php\">Return to problems overview.</a></p>\n"; } else { error("Missing filename for problem upload. Maybe you have to increase upload_max_filesize, see config checker."); }
/** * POST a new submission */ function submissions_POST($args) { global $userdata, $DB, $api; checkargs($args, array('shortname', 'langid')); checkargs($userdata, array('teamid')); $contests = getCurContests(TRUE, $userdata['teamid'], false, 'shortname'); $contest_shortname = null; if (isset($args['contest'])) { if (isset($contests[$args['contest']])) { $contest_shortname = $args['contest']; } else { $api->createError("Cannot find active contest '{$args['contest']}', or you are not part of it."); } } else { if (count($contests) == 1) { $contest_shortname = key($contests); } else { $api->createError("No contest specified while multiple active contests found."); } } $cid = $contests[$contest_shortname]['cid']; $probid = $DB->q('MAYBEVALUE SELECT probid FROM problem INNER JOIN contestproblem USING (probid) WHERE shortname = %s AND cid = %i AND allow_submit = 1', $args['shortname'], $cid); if (empty($probid)) { error("Problem " . $args['shortname'] . " not found or or not submittable"); } // rebuild array of filenames, paths to get rid of empty upload fields $FILEPATHS = $FILENAMES = array(); foreach ($_FILES['code']['tmp_name'] as $fileid => $tmpname) { if (!empty($tmpname)) { checkFileUpload($_FILES['code']['error'][$fileid]); $FILEPATHS[] = $_FILES['code']['tmp_name'][$fileid]; $FILENAMES[] = $_FILES['code']['name'][$fileid]; } } $sid = submit_solution($userdata['teamid'], $probid, $cid, $args['langid'], $FILEPATHS, $FILENAMES); auditlog('submission', $sid, 'added', 'via api', null, $cid); return safe_int($sid); }
if (isset($_POST['description'][$rank])) { $DB->q('UPDATE testcase SET description = %s WHERE probid = %i AND rank = %i', $_POST['description'][$rank], $probid, $rank); auditlog('testcase', $probid, 'updated description', "rank {$rank}"); $result .= "<li>Updated description for testcase {$rank}</li>\n"; } } // end: foreach $data if (!empty($_FILES['add_input']['name']) || !empty($_FILES['add_output']['name'])) { $content = array(); $rank = $maxrank + 1; foreach ($FILES as $file) { if (empty($_FILES['add_' . $file]['name'])) { warning("No {$file} file specified for new testcase, ignoring."); } else { checkFileUpload($_FILES['add_' . $file]['error']); $content[$file] = file_get_contents($_FILES['add_' . $file]['tmp_name']); } } $DB->q("INSERT INTO testcase\n\t\t (probid,rank,md5sum_input,md5sum_output,input,output,description,sample)\n\t\t VALUES (%i,%i,%s,%s,%s,%s,%s,%i)", $probid, $rank, md5(@$content['input']), md5(@$content['output']), @$content['input'], @$content['output'], @$_POST['add_desc'], @$_POST['add_sample']); if (!empty($content['image'])) { list($thumb, $type) = get_image_thumb_type($content['image']); $DB->q('UPDATE testcase SET image = %s, image_thumb = %s, image_type = %s WHERE probid = %i AND rank = %i', @$content['image'], $thumb, $type, $probid, $rank); } auditlog('testcase', $probid, 'added', "rank {$rank}"); $result .= "<li>Added new testcase {$rank} from files " . htmlspecialchars($_FILES['add_input']['name']) . " (" . printsize($_FILES['add_input']['size']) . ") and " . htmlspecialchars($_FILES['add_output']['name']) . " (" . printsize($_FILES['add_output']['size']) . ")."; if ($_FILES['add_output']['size'] > dbconfig_get('output_limit') * 1024) { $result .= "<br /><b>Warning: output file size exceeds " . "<code>output_limit</code> of " . dbconfig_get('output_limit') . " kB. This will always result in wrong answers!</b>"; } if (empty($content['input']) || empty($content['output'])) {
$filename = $id . ".zip"; $size = $DB->q("MAYBEVALUE SELECT OCTET_LENGTH(zipfile)\n\t FROM executable WHERE execid = %s", $id); // sanity check before we start to output headers if ($size === NULL || !is_numeric($size)) { error("Problem while fetching executable"); } header("Content-Type: application/zip; name=\"{$filename}\""); header("Content-Disposition: attachment; filename=\"{$filename}\""); header("Content-Length: {$size}"); echo $DB->q("VALUE SELECT SQL_NO_CACHE zipfile FROM executable\n\t WHERE execid = %s", $id); exit(0); } if (isset($_POST['upload'])) { if (!empty($_FILES['executable_archive']['tmp_name'][0])) { foreach ($_FILES['executable_archive']['tmp_name'] as $fileid => $tmpname) { checkFileUpload($_FILES['executable_archive']['error'][$fileid]); $zip = openZipFile($_FILES['executable_archive']['tmp_name'][$fileid]); $prop_file = 'domjudge-executable.ini'; $newid = $_FILES['executable_archive']['name'][$fileid]; $newid = substr($newid, 0, strlen($newid) - strlen(".zip")); $desc = $newid; $type = 'unknown'; if (isset($_POST['type'])) { $type = $_POST['type']; } if (!empty($id)) { $desc = $DB->q('VALUE SELECT description FROM executable WHERE execid=%s', $id); $type = $DB->q('VALUE SELECT type FROM executable WHERE execid=%s', $id); } $ini_array = parse_ini_string($zip->getFromName($prop_file)); if (!empty($ini_array)) {
// Allow post-edit functioms $fn = "post_{$t}"; if (function_exists($fn)) { $CHECKER_ERRORS = array(); $fn($prikey, $cmd); if (count($CHECKER_ERRORS)) { error("Errors while post-processing {$t} " . @implode(', ', @$keydata[$i]) . ":\n" . implode(";\n", $CHECKER_ERRORS)); } } } // If the form contained uploadable files, process these now. if (isset($_FILES['data'])) { foreach ($_FILES['data']['tmp_name'] as $id => $tmpnames) { foreach ($tmpnames as $field => $tmpname) { if (!empty($tmpname)) { checkFileUpload($_FILES['data']['error'][$id][$field]); $itemdata = array($field => file_get_contents($tmpname)); $DB->q("UPDATE {$t} SET %S WHERE %S", $itemdata, $prikey); } } } } } // Throw the user back to the page he came from, if not available // to the overview for the edited data. if (!empty($referrer)) { $returnto = $referrer; } else { $returnto = ($t == 'team_category' ? 'team_categories' : $t . 's') . '.php'; } header('Location: ' . $returnto);
function check_add($probid, $rank, $FILES) { global $DB; $result = ''; if (!empty($_FILES['add_input']['name']) || !empty($_FILES['add_output']['name'])) { $content = array(); foreach ($FILES as $file) { if (empty($_FILES['add_' . $file]['name'])) { warning("No {$file} file specified for new testcase, ignoring."); } else { checkFileUpload($_FILES['add_' . $file]['error']); $content[$file] = file_get_contents($_FILES['add_' . $file]['tmp_name']); } } $DB->q("INSERT INTO testcase\n\t\t (probid,rank,md5sum_input,md5sum_output,input,output,description,sample)\n\t\t VALUES (%i,%i,%s,%s,%s,%s,%s,%i)", $probid, $rank, md5(@$content['input']), md5(@$content['output']), @$content['input'], @$content['output'], @$_POST['add_desc'], isset($_POST['add_sample'])); if (!empty($content['image'])) { list($thumb, $type) = get_image_thumb_type($content['image']); $DB->q('UPDATE testcase SET image = %s, image_thumb = %s, image_type = %s WHERE probid = %i AND rank = %i', @$content['image'], $thumb, $type, $probid, $rank); } auditlog('testcase', $probid, 'added', "rank {$rank}"); $result .= "<li>Added new testcase {$rank} from files " . specialchars($_FILES['add_input']['name']) . " (" . printsize($_FILES['add_input']['size']) . ") and " . specialchars($_FILES['add_output']['name']) . " (" . printsize($_FILES['add_output']['size']) . ")."; if ($_FILES['add_output']['size'] > dbconfig_get('output_limit') * 1024) { $result .= "<br /><b>Warning: output file size exceeds " . "<code>output_limit</code> of " . dbconfig_get('output_limit') . " kB. This will always result in wrong answers!</b>"; } if (empty($content['input']) || empty($content['output'])) { $result .= "<br /><b>Warning: empty testcase file(s)!</b>"; } $result .= "</li>\n"; } return $result; }