示例#1
0
function do_enter_clarified_score()
{
    if (!validate_team_short_score($_GET['Score'])) {
        trigger_error('Score isn\'t valid this time?!', E_USER_ERROR);
    }
    $row = DB::queryFirstRow('SELECT name, score_team_short FROM teams WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '"');
    if (!is_null($row['score_team_short']) && !isset($_GET['Overwrite'])) {
        if (isset($_GET['xsrf_token'])) {
            header('Location: Team_Short?ID=' . $_GET['ID'] . '&Score=' . $_GET['Score']);
            die;
        } else {
            $msg = 'A score of ' . htmlentities($row['score_team_short']) . ' has already been entered for ' . htmlentities($row['name']);
            if ($row['score_team_short'] != $_GET['Score']) {
                $msg .= ' (<a href="Team_Short?Overwrite&amp;ID=' . htmlentities($_GET['ID']) . '&amp;Score=' . htmlentities($_GET['Score']) . '&amp;xsrf_token=' . $_SESSION['xsrf_token'] . '">change to ' . htmlentities($_GET['Score']) . '</a>)';
            }
            show_page($msg, '');
        }
    }
    // we check this later so we can go here without a token, too - so we can show an override message
    // if the team already has a score entered
    if ($_GET['xsrf_token'] != $_SESSION['xsrf_token']) {
        trigger_error('XSRF code incorrect', E_USER_ERROR);
    }
    DB::queryRaw('UPDATE teams SET score_team_short="' . mysqli_real_escape_string(DB::get(), $_GET['Score']) . '" WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1');
    $msg = 'A score of ' . htmlentities($_GET['Score']) . ' was entered for ' . htmlentities($row['name']);
    if (isset($_GET['ID'])) {
        alert($msg, 1);
        header('Location: Team_Short');
        die;
    }
    show_page('', $msg);
}
示例#2
0
function do_set_team_round_short()
{
    if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) {
        trigger_error('XSRF code incorrect', E_USER_ERROR);
    }
    if (!scoring_is_enabled()) {
        header('Location: ../Scoring_Frozen');
        die;
    }
    if ($_POST['teamRoundShortHasValue'] == 'Yes') {
        $score = $_POST['teamRoundShortScore'];
        $score_msg = validate_team_short_score($score);
        if ($score_msg !== true) {
            display_team($score_msg, 'document.forms[\'lmtDataTeamRoundShortScore\'].teamRoundShortScore.focus();');
        }
        DB::queryRaw('UPDATE teams SET score_team_short="' . mysqli_real_escape_string(DB::get(), $score) . '" WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND (score_team_short <> "' . mysqli_real_escape_string(DB::get(), $score) . '" OR score_team_short IS NULL) LIMIT 1');
    } else {
        DB::queryRaw('UPDATE teams SET score_team_short=NULL WHERE team_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND score_team_short IS NOT NULL LIMIT 1');
    }
    global $LMT_DB;
    if (mysqli_affected_rows($LMT_DB) == 1) {
        add_alert('lmt_data_team_update_team_score_short', 'Team round short answer score was changed');
    }
    header('Location: Team?ID=' . $_GET['ID']);
}