示例#1
0
function register_account($email, $password, $team_name, $country, $type = null, $phoneNo, $age, $eduI, $eduLevel, $fullName, $instanceID)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error('Registration is currently closed.');
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error('Please fill in all the details correctly.');
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error('That does not look like a valid team type.');
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('Your team name was too long or too short.');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error('Email not on whitelist. Please choose a whitelisted email or contact organizers.');
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error('Please select a valid country.');
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error('An account with this team name or email already exists.');
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country, 'DOB' => $age, 'mobileNo' => $phoneNo, 'eduInstitution' => $eduI, 'eduLevel' => $eduLevel, 'fullName' => $fullName, 'instanceID' => $instanceID));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic('Signup successful', 'Thank you for registering!
            Your chosen email is: ' . htmlspecialchars($email) . '.
            Make sure to check your spam folder as emails from us may be placed into it.
            Please stay tuned for updates!');
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}
示例#2
0
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'new') {
        $successfully_sent_to = send_email(csv_email_list_to_array($_POST['to']), $_POST['subject'], $_POST['body'], csv_email_list_to_array($_POST['cc']), csv_email_list_to_array($_POST['bcc']), CONFIG_EMAIL_FROM_EMAIL, CONFIG_EMAIL_FROM_NAME, CONFIG_EMAIL_REPLYTO_EMAIL, CONFIG_EMAIL_REPLYTO_NAME, isset($_POST['html_email']) ? true : false);
        message_generic('Status', 'Successfully sent emails to ' . count($successfully_sent_to) . ' addresses.
            List: ' . implode(', ', $successfully_sent_to));
    }
}
示例#3
0
 section_head(htmlspecialchars($user['team_name']), country_flag_link($user['country_name'], $user['country_code'], true), false);
 if (!$user['competing']) {
     message_inline_blue(lang_get('non_competing_user'));
 }
 $challenges = db_query_fetch_all('
     SELECT
        ca.title,
        (SELECT SUM(ch.points) FROM challenges AS ch JOIN submissions AS s ON s.challenge = ch.id AND s.user_id = :user_id AND s.correct = 1 WHERE ch.category = ca.id GROUP BY ch.category) AS points,
        (SELECT SUM(ch.points) FROM challenges AS ch WHERE ch.category = ca.id GROUP BY ch.category) AS category_total
     FROM categories AS ca
     WHERE
       ca.available_from < UNIX_TIMESTAMP() AND
       ca.exposed = 1
     ORDER BY ca.title ASC', array('user_id' => $_GET['id']));
 if (empty($challenges)) {
     message_generic(lang_get('no_information'), lang_get('no_solves'), false);
 }
 $user_total = 0;
 $ctf_total = 0;
 foreach ($challenges as $challenge) {
     echo '<strong>', htmlspecialchars($challenge['title']), '</strong>, ', number_format($challenge['points']), ' / ', number_format($challenge['category_total']), ' (', round($challenge['points'] / max(1, $challenge['category_total']) * 100), '%)';
     progress_bar($challenge['points'] / max(1, $challenge['category_total']) * 100);
     $user_total += $challenge['points'];
     $ctf_total += $challenge['category_total'];
 }
 echo lang_get('total_solves'), ' ', number_format($user_total), ' / ', number_format($ctf_total), ' (', round($user_total / $ctf_total * 100, 1), '%)';
 section_head(lang_get('solved_challenges'));
 $submissions = db_query_fetch_all('
     SELECT
        s.added,
        ((SELECT COUNT(*) FROM submissions AS ss WHERE ss.correct = 1 AND ss.added < s.added AND ss.challenge=s.challenge)+1) AS pos,
示例#4
0
 $challenge = db_query_fetch_one('
     SELECT
        ch.title,
        ch.description,
        ch.available_from AS challenge_available_from,
        ca.title AS category_title,
        ca.available_from AS category_available_from
     FROM challenges AS ch
     LEFT JOIN categories AS ca ON ca.id = ch.category
     WHERE ch.id = :id', array('id' => $_GET['id']));
 if (empty($challenge)) {
     message_generic('Sorry', 'No challenge found with this ID', false);
 }
 $now = time();
 if ($challenge['challenge_available_from'] > $now || $challenge['category_available_from'] > $now) {
     message_generic('Sorry', 'This challenge is not yet available', false);
 }
 $submissions = db_query_fetch_all('SELECT
         u.id AS user_id,
         u.team_name,
         s.added,
         c.available_from
       FROM users AS u
       LEFT JOIN submissions AS s ON s.user_id = u.id
       LEFT JOIN challenges AS c ON c.id = s.challenge
       WHERE
          u.competing = 1 AND
          s.challenge = :id AND
          s.correct = 1
       ORDER BY s.added ASC', array('id' => $_GET['id']));
 section_head($challenge['title']);
示例#5
0
if (cache_start('hints', CONFIG_CACHE_TIME_HINTS)) {
    $hints = db_query_fetch_all('
        SELECT
           h.id,
           h.added,
           h.body,
           c.title,
           ca.title AS category_title
        FROM hints AS h
        LEFT JOIN challenges AS c ON c.id = h.challenge
        LEFT JOIN categories AS ca ON ca.id = c.category
        WHERE c.available_from < UNIX_TIMESTAMP() AND c.available_until > UNIX_TIMESTAMP() AND h.visible = 1
        ORDER BY h.id DESC
    ');
    if (!count($hints)) {
        message_generic("Hints", "No hints have been made available yet.", false);
    }
    section_head('Hints');
    echo '
        <table id="files" class="table table-striped table-hover">
          <thead>
            <tr>
              <th>Category</th>
              <th>Challenge</th>
              <th>Added</th>
              <th>Hint</th>
            </tr>
          </thead>
          <tbody>
        ';
    foreach ($hints as $hint) {
示例#6
0
function register_account($email, $password, $team_name, $country, $type = null)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error(lang_get('registration_closed'));
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error(lang_get('please_fill_details_correctly'));
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error(lang_get('invalid_team_type'));
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('team_name_too_long_or_short');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error(lang_get('email_not_whitelisted'));
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error(lang_get('please_supply_country_code'));
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error(lang_get('user_already_exists'));
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // signup email
        $email_subject = lang_get('signup_email_subject', array('site_name' => CONFIG_SITE_NAME));
        // body
        $email_body = lang_get('signup_email_success', array('team_name' => htmlspecialchars($team_name), 'site_name' => CONFIG_SITE_NAME, 'signup_email_availability' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? lang_get('signup_email_account_availability_message_login_now') : lang_get('signup_email_account_availability_message_login_later'), 'signup_email_password' => CONFIG_ACCOUNTS_EMAIL_PASSWORD_ON_SIGNUP ? lang_get('your_password_is') . ': ' . $password : lang_get('your_password_was_set')));
        // send details to user
        send_email(array($email), $email_subject, $email_body);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic(lang_get('signup_successful'), lang_get('signup_successful_text', array('email' => htmlspecialchars($email))));
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}
示例#7
0
        h.body,
        c.title,
        ca.title AS category_title
     FROM hints AS h
     LEFT JOIN challenges AS c ON c.id = h.challenge
     LEFT JOIN categories AS ca ON ca.id = c.category
     WHERE
       c.available_from < UNIX_TIMESTAMP() AND
       c.available_until > UNIX_TIMESTAMP() AND
       h.visible = 1 AND
       c.exposed = 1 AND
       ca.exposed = 1
     ORDER BY h.id DESC
 ');
 if (!count($hints)) {
     message_generic(lang_get('hints'), lang_get('no_hints_available'), false);
 }
 section_head('Hints');
 echo '
     <table id="files" class="table table-striped table-hover">
       <thead>
         <tr>
           <th>', lang_get('category'), '</th>
           <th>', lang_get('challenge'), '</th>
           <th>', lang_get('added'), '</th>
           <th>', lang_get('hint'), '</th>
         </tr>
       </thead>
       <tbody>
     ';
 foreach ($hints as $hint) {
示例#8
0
echo '<div id="categories-menu">
<ul id="categories-menu">';
foreach ($categories as $cat) {
    if ($time < $cat['available_from'] || $time > $cat['available_until']) {
        echo '<li class="disabled">
        <a data-container="body" data-toggle="tooltip" data-placement="top" class="has-tooltip" title="Available in ' . time_remaining($cat['available_from']) . '.">', htmlspecialchars($cat['title']), '</a>
        </li>';
    } else {
        echo '<li ', $current_category['id'] == $cat['id'] ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'challenges?category=', htmlspecialchars($cat['id']), '">', htmlspecialchars($cat['title']), '</a></li>';
    }
}
echo '</ul>
</div>';
// check that the category is actually available for display
if ($time < $current_category['available_from'] || $time > $current_category['available_until']) {
    message_generic('Category unavailable', 'This category is not available. It is open from ' . date_time($current_category['available_from']) . ' (' . time_remaining($current_category['available_from']) . ' from now) until ' . date_time($current_category['available_until']) . ' (' . time_remaining($current_category['available_until']) . ' from now)', false);
}
// write out the category description, if one exists
if ($current_category['description']) {
    echo '<div id="category-description">', $bbc->parse($current_category['description']), '</div>';
}
// get all the challenges for the selected category
$challenges = db_query_fetch_all('
    SELECT
       c.id,
       c.title,
       c.description,
       c.available_from,
       c.available_until,
       c.points,
       c.num_attempts_allowed,
示例#9
0
<?php

require '../../include/ctf.inc.php';
prefer_ssl();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if ($_POST['action'] == 'register') {
        if (CONFIG_RECAPTCHA_ENABLE_PRIVATE) {
            validate_captcha();
        }
        validate_email($_POST['email']);
        $recruit = db_select_one('recruit', array('id'), array('email' => $_POST['email']));
        if ($recruit['id']) {
            message_generic('Thank you', 'Your email was already registered!');
        }
        $id = db_insert('recruit', array('added' => time(), 'user_id' => $_SESSION['id'], 'name' => $_POST['name'], 'email' => $_POST['email'], 'city' => $_POST['city'], 'country' => $_POST['country']));
        if ($id) {
            message_generic('Success', 'The email ' . htmlspecialchars($_POST['email']) . ' has been registered. Thanks!');
        } else {
            message_error('Could not register interest. You must not be interested enough!');
        }
    }
}
示例#10
0
<?php

require '../../include/mellivora.inc.php';
prefer_ssl();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if ($_POST['action'] == 'register') {
        if (CONFIG_RECAPTCHA_ENABLE_PUBLIC) {
            validate_captcha();
        }
        validate_email($_POST['email']);
        $interest = db_select_one('interest', array('id'), array('email' => $_POST['email']));
        if ($interest['id']) {
            message_error('You have already registered your interest!');
        }
        $id = db_insert('interest', array('added' => time(), 'name' => $_POST['name'], 'email' => $_POST['email'], 'secret' => generate_random_string(40)));
        if ($id) {
            message_generic('Success', 'The email ' . htmlspecialchars($_POST['email']) . ' has been registered. We look forward to seeing you in our next competition!');
        } else {
            message_error('Could not register interest. You must not be interested enough!');
        }
    }
}
示例#11
0
<?php

require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_xsrf_token($_POST['xsrf_token']);
    if ($_POST['action'] == 'test') {
        if (allowed_email($_POST['email'])) {
            message_generic('Yes', 'A user will be able to sign up with this email.');
        } else {
            message_generic('No', 'A user will NOT be able to sign up with this email.');
        }
    }
}
示例#12
0
require '../../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    validate_id($_POST['id']);
    validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
    if ($_POST['action'] == 'edit') {
        validate_email($_POST['email']);
        db_update('users', array('email' => $_POST['email'], 'team_name' => $_POST['team_name'], 'enabled' => $_POST['enabled'], 'competing' => $_POST['competing'], 'country_id' => $_POST['country']), array('id' => $_POST['id']));
        invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
        redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
    } else {
        if ($_POST['action'] == 'delete') {
            if (!$_POST['delete_confirmation']) {
                message_error('Please confirm delete');
            }
            db_delete('users', array('id' => $_POST['id']));
            db_delete('submissions', array('user_id' => $_POST['id']));
            db_delete('ip_log', array('user_id' => $_POST['id']));
            db_delete('cookie_tokens', array('user_id' => $_POST['id']));
            invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
            redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
        } else {
            if ($_POST['action'] == 'reset_password') {
                $new_password = generate_random_string(8);
                $new_passhash = make_passhash($new_password);
                db_update('users', array('passhash' => $new_passhash), array('id' => $_POST['id']));
                message_generic('Success', 'Users new password is: ' . $new_password);
            }
        }
    }
}
示例#13
0
        ch.description,
        ch.available_from AS challenge_available_from,
        ca.title AS category_title,
        ca.available_from AS category_available_from
     FROM challenges AS ch
     LEFT JOIN categories AS ca ON ca.id = ch.category
     WHERE
        ch.id = :id AND
        ch.exposed = 1 AND
        ca.exposed = 1', array('id' => $_GET['id']));
 if (empty($challenge)) {
     message_generic(lang_get('sorry'), lang_get('no_challenge_for_id'), false);
 }
 $now = time();
 if ($challenge['challenge_available_from'] > $now || $challenge['category_available_from'] > $now) {
     message_generic(lang_get('sorry'), lang_get('challenge_not_available'), false);
 }
 $submissions = db_query_fetch_all('SELECT
         u.id AS user_id,
         u.team_name,
         s.added,
         c.available_from
       FROM users AS u
       LEFT JOIN submissions AS s ON s.user_id = u.id
       LEFT JOIN challenges AS c ON c.id = s.challenge
       WHERE
          u.competing = 1 AND
          s.challenge = :id AND
          s.correct = 1
       ORDER BY s.added ASC', array('id' => $_GET['id']));
 section_head($challenge['title']);
示例#14
0
        }
    }
    // stage 1, part 2
    if ($_POST['action'] == 'reset_password') {
        if (CONFIG_RECAPTCHA_ENABLE_PUBLIC) {
            validate_captcha();
        }
        $user = db_select_one('users', array('id', 'team_name', 'email'), array('email' => $_POST[md5(CONFIG_SITE_NAME . 'EMAIL')]));
        if ($user['id']) {
            $auth_key = hash('sha256', generate_random_string(128));
            db_insert('reset_password', array('added' => time(), 'user_id' => $user['id'], 'ip' => get_ip(true), 'auth_key' => $auth_key));
            $email_subject = 'Password recovery for team ' . htmlspecialchars($user['team_name']);
            // body
            $email_body = htmlspecialchars($user['team_name']) . ', please follow the link below to reset your password:'******'reset_password?action=choose_password&auth_key=' . $auth_key . '&id=' . $user['id'] . "\r\n" . "\r\n" . 'Regards,' . "\r\n" . CONFIG_SITE_NAME;
            // send details to user
            send_email(array($user['email']), $email_subject, $email_body);
        }
        message_generic('Success', 'If the email you provided was found in the database, an email has now been sent to it with further instructions!');
    } else {
        if ($_POST['action'] == 'choose_password' && is_valid_id($auth['user_id'])) {
            $new_password = $_POST[md5(CONFIG_SITE_NAME . 'PWD')];
            if (empty($new_password)) {
                message_error('You can\'t have an empty password');
            }
            $new_passhash = make_passhash($new_password);
            db_update('users', array('passhash' => $new_passhash), array('id' => $auth['user_id']));
            db_delete('reset_password', array('user_id' => $auth['user_id']));
            message_generic('Success', 'Your password has been reset.');
        }
    }
}
示例#15
0
文件: user.php 项目: dirvuk/mellivora
<?php

require '../include/mellivora.inc.php';
validate_id(array_get($_GET, 'id'));
head(lang_get('user_details'));
if (cache_start(CONST_CACHE_NAME_USER . $_GET['id'], CONFIG_CACHE_TIME_USER)) {
    $user = db_query_fetch_one('
        SELECT
            u.team_name,
            u.competing,
            co.country_name,
            co.country_code
        FROM users AS u
        LEFT JOIN countries AS co ON co.id = u.country_id
        WHERE
          u.id = :user_id', array('user_id' => $_GET['id']));
    if (empty($user)) {
        message_generic(lang_get('sorry'), lang_get('no_user_found'), false);
    }
    section_head(htmlspecialchars($user['team_name']), country_flag_link($user['country_name'], $user['country_code'], true), false);
    if (!$user['competing']) {
        message_inline_blue(lang_get('non_competing_user'));
    }
    print_solved_graph($_GET['id']);
    print_solved_challenges($_GET['id']);
    cache_end(CONST_CACHE_NAME_USER . $_GET['id']);
}
foot();
示例#16
0
     $num_attempts++;
 }
 // get challenge information
 $challenge = db_select_one('challenges', array('flag', 'category', 'case_insensitive', 'automark', 'available_from', 'available_until', 'num_attempts_allowed', 'min_seconds_between_submissions'), array('id' => $_POST['challenge']));
 $seconds_since_submission = $time - $latest_submission_attempt;
 if ($seconds_since_submission < $challenge['min_seconds_between_submissions']) {
     message_generic('Sorry', 'You may not submit another solution for this challenge for another ' . seconds_to_pretty_time($challenge['min_seconds_between_submissions'] - $seconds_since_submission));
 }
 if ($challenge['num_attempts_allowed'] && $num_attempts >= $challenge['num_attempts_allowed']) {
     message_generic('Sorry', 'You\'ve already tried ' . $challenge['num_attempts_allowed'] . ' times. Sorry!');
 }
 if ($challenge['available_from'] && $time < $challenge['available_from']) {
     message_generic('Sorry', 'This challenge hasn\'t started yet.');
 }
 if ($challenge['available_until'] && $time > $challenge['available_until']) {
     message_generic('Sorry', 'This challenge has expired.');
 }
 $correct = false;
 // automark the submission
 if ($challenge['automark']) {
     // lots of people submit with trailing whitespace..
     // we probably never want automarked keys with whitespace
     // at beginning or end, so trimming is probably fine.
     $_POST['flag'] = trim($_POST['flag']);
     $challenge['flag'] = trim($challenge['flag']);
     if ($challenge['case_insensitive']) {
         if (strcasecmp($_POST['flag'], $challenge['flag']) == 0) {
             $correct = true;
         }
     } else {
         if (strcmp($_POST['flag'], $challenge['flag']) == 0) {
示例#17
0
     message_generic('Sorry', 'No user found with that ID', false);
 }
 section_head(htmlspecialchars($user['team_name']), country_flag_link($user['country_name'], $user['country_code'], true), false);
 if (!$user['competing']) {
     message_inline_blue('This user is listed as a non-competitor.');
 }
 $challenges = db_query_fetch_all('
     SELECT
        ca.title,
        (SELECT SUM(ch.points) FROM challenges AS ch JOIN submissions AS s ON s.challenge = ch.id AND s.user_id = :user_id AND s.correct = 1 WHERE ch.category = ca.id GROUP BY ch.category) AS points,
        (SELECT SUM(ch.points) FROM challenges AS ch WHERE ch.category = ca.id GROUP BY ch.category) AS category_total
     FROM categories AS ca
     WHERE ca.available_from < UNIX_TIMESTAMP()
     ORDER BY ca.title ASC', array('user_id' => $_GET['id']));
 if (empty($challenges)) {
     message_generic('No information', 'This user has not solved any challenges yet!', false);
 }
 $user_total = 0;
 $ctf_total = 0;
 foreach ($challenges as $challenge) {
     echo '<strong>', htmlspecialchars($challenge['title']), '</strong>, ', number_format($challenge['points']), ' / ', number_format($challenge['category_total']), ' (', round($challenge['points'] / max(1, $challenge['category_total']) * 100), '%)';
     progress_bar($challenge['points'] / max(1, $challenge['category_total']) * 100);
     $user_total += $challenge['points'];
     $ctf_total += $challenge['category_total'];
 }
 echo 'Total: ', number_format($user_total), ' / ', number_format($ctf_total), ' (', round($user_total / $ctf_total * 100, 1), '%)';
 section_head('Solved challenges');
 $submissions = db_query_fetch_all('
     SELECT
        s.added,
        ((SELECT COUNT(*) FROM submissions AS ss WHERE ss.correct = 1 AND ss.added < s.added AND ss.challenge=s.challenge)+1) AS pos,
示例#18
0
<?php

require '../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
head('Site management');
menu_management();
check_server_configuration();
$categories = db_query_fetch_all('SELECT * FROM categories ORDER BY title');
if (empty($categories)) {
    message_generic('Welcome', 'Your CTF is looking a bit empty! Start by adding a category using the menu above.');
}
section_subhead('CTF Overview', '<a href="' . CONFIG_SITE_ADMIN_URL . 'visualise">Visualise challenge availability</a>', false);
foreach ($categories as $category) {
    echo '
    <h4>
    ', htmlspecialchars($category['title']), '
    <a href="edit_category.php?id=', htmlspecialchars($category['id']), '" class="btn btn-xs btn-primary">Edit category</a>
    <a href="new_challenge.php?category=', htmlspecialchars($category['id']), '" class="btn btn-xs btn-primary">Add challenge</a>
    </h4>
    ';
    $challenges = db_select_all('challenges', array('id', 'title', 'description', 'exposed', 'available_from', 'available_until', 'points'), array('category' => $category['id']), 'points ASC');
    if (empty($challenges)) {
        message_inline_blue('This category is empty! Use the link above to add a challenge.');
    } else {
        echo '
    <table class="table table-striped table-hover">
      <thead>
        <tr>
          <th>Title</th>
          <th>Description</th>
          <th class="center">Points</th>
示例#19
0
function register_account($email, $password, $team_name, $country, $type = null)
{
    if (!CONFIG_ACCOUNTS_SIGNUP_ALLOWED) {
        message_error('Registration is currently closed.');
    }
    if (empty($email) || empty($password) || empty($team_name)) {
        message_error('Please fill in all the details correctly.');
    }
    if (isset($type) && !is_valid_id($type)) {
        message_error('That does not look like a valid team type.');
    }
    if (strlen($team_name) > CONFIG_MAX_TEAM_NAME_LENGTH || strlen($team_name) < CONFIG_MIN_TEAM_NAME_LENGTH) {
        message_error('Your team name was too long or too short.');
    }
    validate_email($email);
    if (!allowed_email($email)) {
        message_error('Email not on whitelist. Please choose a whitelisted email or contact organizers.');
    }
    $num_countries = db_select_one('countries', array('COUNT(*) AS num'));
    if (!isset($country) || !is_valid_id($country) || $country > $num_countries['num']) {
        message_error('Please select a valid country.');
    }
    $user = db_select_one('users', array('id'), array('team_name' => $team_name, 'email' => $email), null, 'OR');
    if ($user['id']) {
        message_error('An account with this team name or email already exists.');
    }
    $user_id = db_insert('users', array('email' => $email, 'passhash' => make_passhash($password), 'team_name' => $team_name, 'added' => time(), 'enabled' => CONFIG_ACCOUNTS_DEFAULT_ENABLED ? '1' : '0', 'user_type' => isset($type) ? $type : 0, 'country_id' => $country));
    // insertion was successful
    if ($user_id) {
        // log signup IP
        log_user_ip($user_id);
        // signup email
        $email_subject = CONFIG_SITE_NAME . ' account details';
        // body
        $email_body = htmlspecialchars($team_name) . ', your registration at ' . CONFIG_SITE_NAME . ' was successful.' . "\r\n" . "\r\n" . (CONFIG_ACCOUNTS_DEFAULT_ENABLED ? 'You can now log in using your email and chosen password.' : 'Once the competition starts, please use this email address to log in.') . "\r\n";
        if (CONFIG_ACCOUNTS_EMAIL_PASSWORD_ON_SIGNUP) {
            $email_body .= 'Your password is: ' . $password . "\r\n";
        }
        $email_body .= "\r\n" . 'Please stay tuned for updates!' . "\r\n" . "\r\n" . 'Regards,' . "\r\n" . CONFIG_SITE_NAME;
        // send details to user
        send_email(array($email), $email_subject, $email_body);
        // if account isn't enabled by default, display message and die
        if (!CONFIG_ACCOUNTS_DEFAULT_ENABLED) {
            message_generic('Signup successful', 'Thank you for registering!
            Your chosen email is: ' . htmlspecialchars($email) . '.
            Make sure to check your spam folder as emails from us may be placed into it.
            Please stay tuned for updates!');
        } else {
            return true;
        }
    }
    // no rows were inserted
    return false;
}