aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBruno Cesar Ribas <brunoribas@gmail.com>2018-11-05 19:23:17 +0000
committerBruno Cesar Ribas <brunoribas@gmail.com>2018-11-05 19:23:17 +0000
commit87cb46dc671b84a5cfcb665cb9f02e050595529b (patch)
tree1543911f7934e1e775852a6fb1b5d7e6590beea5
parentd069fc757c591bda3cfabcd55ded730ff7d27348 (diff)
parent336e0c032cc0f9e9547853f814ebffdfd00c5e2d (diff)
downloadboca-87cb46dc671b84a5cfcb665cb9f02e050595529b.tar.gz
boca-87cb46dc671b84a5cfcb665cb9f02e050595529b.zip
Merge remote-tracking branch 'origin/develc' into devel
Diffstat
-rw-r--r--src/admin/report/header.php67
-rw-r--r--src/admin/report/webcast.php202
-rw-r--r--src/flog.php32
-rwxr-xr-xtools/boca-submit-run6
-rwxr-xr-xtools/boca-submit-run-root12
5 files changed, 188 insertions, 131 deletions
diff --git a/src/admin/report/header.php b/src/admin/report/header.php
index 1d191de..77e524a 100644
--- a/src/admin/report/header.php
+++ b/src/admin/report/header.php
@@ -15,51 +15,56 @@
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
-// Last modified 05/aug/2012 by cassio@ime.usp.br
ob_start();
+session_start();
header ("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header ("Cache-Control: no-cache, must-revalidate");
header ("Pragma: no-cache");
-header ("Content-Type: text/html; charset=utf-8");
-session_start();
-ob_end_flush();
//$locr = $_SESSION['locr'];
//$loc = $_SESSION['loc'];
$loc = $locr = "../..";
-require $locr.'/version.php';
require_once($locr . "/globals.php");
-if(!ValidSession()) {
- InvalidSession($_SERVER['PHP_SELF']);
- ForceLoad($loc."/index.php");
-}
-if($_SESSION["usertable"]["usertype"] != "admin") {
- IntrusionNotify($_SERVER['PHP_SELF']);
- ForceLoad($loc."/index.php");
-}
-
require_once($locr."/db.php");
require_once($locr."/freport.php");
-echo "<html><head><title>Report Page</title>\n";
-echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
+if(isset($_POST['webcastcode']) && ctype_alnum($_POST['webcastcode'])) {
+ header ("Content-transfer-encoding: binary\n");
+ header ("Content-type: application/force-download");
+ ob_end_flush();
+} else {
+ header ("Content-Type: text/html; charset=utf-8");
+ require $locr.'/version.php';
+ if(!ValidSession()) {
+ InvalidSession($_SERVER['PHP_SELF']);
+ ForceLoad($loc."/index.php");
+ }
+ if($_SESSION["usertable"]["usertype"] != "admin") {
+ IntrusionNotify($_SERVER['PHP_SELF']);
+ ForceLoad($loc."/index.php");
+ }
+ ob_end_flush();
-echo "<link rel=stylesheet href=\"$loc/Css.php\" type=\"text/css\">\n";
+ echo "<html><head><title>Report Page</title>\n";
+ echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
-$contest=$_SESSION["usertable"]["contestnumber"];
-if(($ct = DBContestInfo($contest)) == null)
- ForceLoad($loc."/index.php");
-$site=$_SESSION["usertable"]["usersitenumber"];
-if(($st = DBSiteInfo($contest,$site)) == null)
- ForceLoad($loc."/index.php");
+ echo "<link rel=stylesheet href=\"$loc/Css.php\" type=\"text/css\">\n";
-echo "</head><body><table border=1 width=\"100%\">\n";
-echo "<tr><td bgcolor=\"eeee00\" nowrap align=center>";
-echo "<img src=\"$loc/images/smallballoontransp.png\" alt=\"\">";
-echo "<font color=\"#ffffff\"><a href=\"http://www.ime.usp.br/~cassio/boca/\">BOCA</a></font>";
-echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
-echo $ct["contestname"] . " - " . $st["sitename"] . "</td>\n";
-echo "</tr></table>\n";
-?>
+ $contest=$_SESSION["usertable"]["contestnumber"];
+ if(($ct = DBContestInfo($contest)) == null)
+ ForceLoad($loc."/index.php");
+ $site=$_SESSION["usertable"]["usersitenumber"];
+ if(($st = DBSiteInfo($contest,$site)) == null)
+ ForceLoad($loc."/index.php");
+
+ echo "</head><body><table border=1 width=\"100%\">\n";
+ echo "<tr><td bgcolor=\"eeee00\" nowrap align=center>";
+ echo "<img src=\"$loc/images/smallballoontransp.png\" alt=\"\">";
+ echo "<font color=\"#ffffff\"><a href=\"http://www.ime.usp.br/~cassio/boca/\">BOCA</a></font>";
+ echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
+ echo $ct["contestname"] . " - " . $st["sitename"] . "</td>\n";
+ echo "</tr></table>\n";
+}
+?> \ No newline at end of file
diff --git a/src/admin/report/webcast.php b/src/admin/report/webcast.php
index 0f85317..a6aaceb 100644
--- a/src/admin/report/webcast.php
+++ b/src/admin/report/webcast.php
@@ -15,9 +15,52 @@
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
-//Last updated 07/nov/2012 by cassio@ime.usp.br
require('header.php');
+if(!isset($_POST['webcastcode']) || !ctype_alnum($_POST['webcastcode'])) exit;
+$webcastcode=$_POST['webcastcode'];
+
+$ds = DIRECTORY_SEPARATOR;
+if($ds=="") $ds = "/";
+
+if(isset($_SESSION['locr'])) {
+ $webcastdir = $_SESSION['locr'] . $ds . 'private' .$ds. 'webcast.' . $webcastcode;
+ $webcastparentdir = $_SESSION['locr'] . $ds. 'private';
+} else {
+ $webcastdir = $locr . $ds . 'private' . $ds . 'webcast.' . $webcastcode;
+ $webcastparentdir = $locr . $ds . 'private';
+}
+
+$wcdata=@file($webcastparentdir . $ds . 'webcast.sep');
+$wcsite = array();
+$wcloweruser = array();
+$wcupperuser = array();
+for($i=0; $i<count($wcdata);$i++) {
+ $wccode = explode(' ', $wcdata[$i]);
+ if($wccode[0] == $webcastcode) {
+ for($j=1; $j < count($wccode); $j++) {
+ $temp = explode('/', $wccode[$j]);
+ if(is_numeric($temp[0])) {
+ $wcsite[count($wcsite)] = $temp[0];
+ $wcloweruser[count($wcloweruser)] = 0;
+ $wcupperuser[count($wcupperuser)] = -1;
+ if(count($temp) > 1 && is_numeric($temp[1]))
+ $wcloweruser[count($wcloweruser)-1] = $temp[1];
+ if(count($temp) > 2 && is_numeric($temp[2]))
+ $wcupperuser[count($wcupperuser)-1] = $temp[2];
+ }
+ }
+ @file_put_contents($webcastparentdir . $ds . 'webcast.log', $webcastcode . "|Y|" . getIP() . "|" . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND);
+ break;
+ }
+}
+if($i>=count($wcdata)) {
+ @file_put_contents($webcastparentdir . $ds . 'webcast.log', $webcastcode . "|N|" . getIP() . "|" . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND);
+ exit;
+}
+
+cleardir($webcastdir);
+@mkdir($webcastdir);
$contest = $_SESSION["usertable"]["contestnumber"];
$site = $_SESSION["usertable"]["usersitenumber"];
@@ -26,10 +69,11 @@ $ct = DBContestInfo($contest);
if(($st = DBSiteInfo($contest, $site)) == null)
ForceLoad("../index.php");
-//if(isset($_GET['full']) && $_GET['full'] > 0)
- $freezeTime = $st['siteduration'];
-//else
-// $freezeTime = $st['sitelastmilescore'];
+if(isset($_POST['full']) && $_POST['full'] > 0)
+ $freezeTime = $st['siteduration'];
+else
+ $freezeTime = $st['sitelastmilescore'];
+
$contestfile = $ct['contestname'] . "\n";
@@ -45,17 +89,39 @@ $r = DBExec($c,
' WHERE contestnumber = ' . $contest .
' AND problemnumber > 0');
$numProblems = DBnlines($r);
-$r = DBExec($c,
- 'SELECT * FROM usertable' .
- ' WHERE contestnumber = ' . $contest .
- ' AND userenabled = \'t\' AND usersitenumber = ' . $site .
- ' AND usertype = \'team\'');
+
+$sql = 'SELECT username, userfullname, userdesc FROM usertable' .
+ ' WHERE contestnumber = ' . $contest .
+ ' AND userenabled = \'t\' AND usertype = \'team\' AND ((0 = 1)';
+for($i=0; $i < count($wcloweruser); $i++)
+ $sql .= ' OR (usersitenumber = ' . $wcsite[$i] . ' AND usernumber >= ' . $wcloweruser[$i] . ' AND usernumber <= ' . $wcupperuser[$i] . ')';
+$sql .= ')';
+$r = DBExec($c,$sql);
+
$numTeams = DBnlines($r);
$contestfile = $contestfile .
$numTeams . '' .
$numProblems . "\n";
+$teamIDs = array();
+for ($i = 0; $i < $numTeams; $i++) {
+ $a = DBRow($r, $i);
+ $teamID = $a['username'];
+ $teamIDs[count($teamIDs)] = $teamID;
+ $pieces = explode('</b>', $a['userfullname']);
+ $teamName = $a['userfullname'];
+ $pieces = explode(']', $a['userdesc']);
+ $pieces = explode('[', trim($pieces[0]));
+ $teamUni = trim($pieces[1]);
+ //print_r( array_keys($a));
+ $contestfile = $contestfile .
+ $teamID . '' .
+ $teamUni . '' .
+ $teamName . "\n";
+}
+
+/*
for ($i = 0; $i < $numTeams; $i++) {
$a = cleanuserdesc(DBRow($r, $i));
$teamID = $a['username'];
@@ -73,118 +139,58 @@ for ($i = 0; $i < $numTeams; $i++) {
$teamUni . '' .
$teamName . "\n";
}
-
+*/
$contestfile = $contestfile .
'1' . '' . '1' . "\n";
$contestfile = $contestfile .
$numProblems . '' . 'Y' . "\n";
-$score = DBScore($_SESSION["usertable"]["contestnumber"], false, -1, $ct["contestlocalsite"]);
-
-//$contestfile = $contestfile .
-// "<h2>ICPC Output</h2>";
-//$contestfile = $contestfile .
-// "<pre>";
-$n=0;
-$class=1;
-while(list($e, $c) = each($score)) {
- if(isset($score[$e]["site"]) && isset($score[$e]["user"])) {
- if(DBSiteInfo($_SESSION["usertable"]["contestnumber"],$score[$e]["site"]) != null) {
- $r = DBUserInfo($_SESSION["usertable"]["contestnumber"],
- $score[$e]["site"], $score[$e]["user"]);
- $contestfile = $contestfile .
- $r["usericpcid"] . "," .
- $class++ . "," .
- $score[$e]["totalcount"] . "," .
- $score[$e]["totaltime"] . ",";
-
- if($score[$e]["first"])
- $contestfile = $contestfile . $score[$e]["first"] . "\n";
- else $contestfile = $contestfile . "0\n";
- $n++;
- }
- }
-}
-//$contestfile = $contestfile .
-// "</pre>";
-
-$timefile = $st['currenttime'];
-$versionfile = '1.0' . "\n";
-
$run = DBAllRunsInSites($contest, $site, 'run');
-
$numRuns = count($run);
-
$runfile = '';
for ($i = 0; $i < $numRuns; $i++) {
$u = DBUserInfo($contest, $site, $run[$i]['user']);
-
$runID = $run[$i]['number'];
$runTime = dateconvminutes($run[$i]['timestamp']);
$runTeam = $u['username'];
- $runProblem = $run[$i]['problem'];
-
- if ($runTime > $freezeTime) {
- continue;
- }
-
- $runfile = $runfile .
- $runID . '' .
- $runTime . '' .
- $runTeam . '' .
- $runProblem . '';
-
- if ($run[$i]['yes']=='t') {
- $runfile = $runfile .
- 'Y' . "\n";
- } else if ($run[$i]['answer'] == 'Not answered yet') {
- $runfile = $runfile .
- '?' . "\n";
- } else {
- $runfile = $runfile .
- 'N' . "\n";
+ if(in_array($runTeam, $teamIDs)) {
+ $runProblem = $run[$i]['problem'];
+
+ $runfile = $runfile .
+ $runID . '' .
+ $runTime . '' .
+ $runTeam . '' .
+ $runProblem . '';
+
+ if ($runTime > $freezeTime) {
+ $runfile = $runfile . '?' . "\n";
+ } else if ($run[$i]['yes'] == 't') {
+ $runfile = $runfile . 'Y' . "\n";
+ } else if ($run[$i]['answer'] == 'Not answered yet') {
+ $runfile = $runfile . '?' . "\n";
+ } else {
+ $runfile = $runfile . 'N' . "\n";
+ }
}
}
-$ds = DIRECTORY_SEPARATOR;
-if($ds=="") $ds = "/";
+$timefile = $st['currenttime'];
+$versionfile = '1.0' . "\n";
-if(isset($_SESSION['locr'])) {
- $webcastdir = $_SESSION['locr'] . $ds . 'private' .$ds. 'webcast';
- $webcastparentdir = $_SESSION['locr'] . $ds. 'private';
-} else {
- $webcastdir = $locr . $ds . 'private' . $ds . 'webcast';
- $webcastparentdir = $locr . $ds . 'private';
-}
-cleardir($webcastdir);
-@mkdir($webcastdir);
if(is_writable($webcastdir)) {
- file_put_contents($webcastdir . $ds . 'runs',$runfile);
- file_put_contents($webcastdir . $ds . 'contest',$contestfile);
- file_put_contents($webcastdir . $ds . 'version',$versionfile);
- file_put_contents($webcastdir . $ds . 'time',$timefile);
- if(@create_zip($webcastparentdir,array('webcast'),$webcastdir . ".tmp") != 1) {
+ @file_put_contents($webcastdir . $ds . 'runs',$runfile);
+ @file_put_contents($webcastdir . $ds . 'contest',$contestfile);
+ @file_put_contents($webcastdir . $ds . 'version',$versionfile);
+ @file_put_contents($webcastdir . $ds . 'time',$timefile);
+ if(@create_zip($webcastparentdir,array('webcast'),$webcastdir . ".zip") != 1) {
LOGError("Cannot create score webcast.tmp file");
MSGError("Cannot create score webcast.tmp file");
} else {
- $cf = globalconf();
- file_put_contents($webcastdir . ".tmp",encryptData(file_get_contents($webcastdir . ".tmp"), $cf["key"],false));
- @rename($webcastdir . ".tmp",$webcastdir . '.zip');
+ echo file_get_contents($webcastdir . ".zip");
}
- echo "<br><br><br><center>";
- echo "<a href=\"$locr/filedownload.php?".
- filedownload(-1,$webcastdir . '.zip') . "\">CLICK TO DOWNLOAD</a>";
- echo "</center>";
} else {
LOGError('Error creating the folder for the ZIP file: '. $webcastdir);
MSGError('Error creating the folder for the ZIP file: '.$webcastdir);
ForceLoad("../index.php");
}
-echo "<br><br><br>\n";
-echo "<br><br><br>\n";
-echo "<br><br><br>\n";
-echo "<br><br><br>\n";
-echo "<br><br><br>\n";
-echo "<br><br><br>\n";
-?>
-<?php include("$locr/footnote.php"); ?>
+?> \ No newline at end of file
diff --git a/src/flog.php b/src/flog.php
index ed5afbd..1e6e6cb 100644
--- a/src/flog.php
+++ b/src/flog.php
@@ -156,6 +156,38 @@ function DBLogInContest($name,$pass,$contest,$msg=true) {
unset($_SESSION["usertable"]);
return false;
}
+
+ if(!ctype_alnum($name)) {
+ LOGLevel("User $name tried to log in contest $contest but username is not alphanum.",2);
+ if($msg) MSGError("Username must be alpha numeric.");
+ unset($_SESSION["usertable"]);
+ return false;
+ }
+ $ccode = trim($_SERVER['HTTP_USER_AGENT']);
+ $ds = DIRECTORY_SEPARATOR;
+ if($ds=="") $ds = "/";
+ $dircode=$_SESSION["locr"] . $ds . "private" . $ds . "agentcode";
+ @mkdir($dircode);
+ $dircode .= $ds . $contest . '-' . $name;
+ @file_put_contents($dircode . '.log', $ccode . "\n", FILE_APPEND | LOCK_EX);
+ if(@file_exists($dircode)) {
+ if(($prevuser = @file_get_contents($dircode)) === false) {
+ LOGLevel("User $name tried to log in contest $contest but computer file cannot be read.",2);
+ if($msg) MSGError("Invalid computer (2).");
+ unset($_SESSION["usertable"]);
+ return false;
+ }
+ if($prevuser != $ccode && $a["usertype"] == "team") {
+ LOGLevel("User $name tried to log in contest $contest but computer is invalid ($ccode).",2);
+ if($msg) MSGError("Invalid computer (3).");
+ unset($_SESSION["usertable"]);
+ return false;
+ }
+ } else {
+ if($a["usertype"] == "team")
+ @file_put_contents($dircode, $ccode);
+ }
+
$gip=getIP();
if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") {
LOGLevel("User $name is using two different IPs: " . $a["userip"] .
diff --git a/tools/boca-submit-run b/tools/boca-submit-run
index d2455e2..8f53838 100755
--- a/tools/boca-submit-run
+++ b/tools/boca-submit-run
@@ -74,8 +74,12 @@ if [ -r "$5" ]; then
fi
nom=`echo -n "$5" | perl -MURI::Escape -lne 'print uri_escape($_)'`
+ if [ "$nom" != "$5" ]; then
+ echo "Invalid file name"
+ exit 1
+ fi
for BOCASERVER in `echo $BOCASERVERS | tr ';' ' '`; do
- $runroot "$BOCASERVER" "$1" "$2" "$3" "$4" "`basename $5`" "$5"
+ $runroot "$BOCASERVER" "$1" "$2" "$3" "$4" "`basename $nom`" "$nom"
done
else
echo "file $5 not found/readable"
diff --git a/tools/boca-submit-run-root b/tools/boca-submit-run-root
index ad94aad..686c5eb 100755
--- a/tools/boca-submit-run-root
+++ b/tools/boca-submit-run-root
@@ -46,9 +46,17 @@ if [ "$7" != "" ]; then
tmpvar=`echo "$1" | tr -cd '[[:alnum:]]._+-/'`
echo "BOCASERVER=$tmpvar" > "$nom"
tmpvar=`echo "$2" | tr -cd '[[:alnum:]]._+-/'`
+ if [ -f "/root/submissions/user.ok" && "`cat /root/submissions/user.ok`" != "$tmpvar" ]; then
+ echo "WARNING: different username had been successfully used before - I will try to continue but you better check, this may fail later"
+ fi
echo "user=$tmpvar" >> "$nom"
+ tmpuser=$tmpvar
tmpvar=`echo "$3" | tr -cd '[[:alnum:]]._+-/'`
+ if [ -f "/root/submissions/pass.ok" && "`cat /root/submissions/pass.ok`" != "$tmpvar" ]; then
+ echo "WARNING: different password had been successfully used before - I will try to continue but you better check, this may fail later"
+ fi
echo "pass=$tmpvar" >> "$nom"
+ tmppass=$tmpvar
tmpvar=`echo "$4" | tr -cd '[[:alnum:]]._+-/'`
echo "problem=$tmpvar" >> "$nom"
tmpvar=`echo "$5" | tr -cd '[[:alnum:]]._+-/'`
@@ -83,7 +91,9 @@ if [ "$7" != "" ]; then
mv "$nom" "/root/submissions/`basename $nom .tmp`"
echo "Run submission included in the queue -- it shall appear in the system later when connection is available"
else
- [ -f "$nom" ] && rm -f $nom
+ [ -f "$nom" ] && mv "$nom" "/root/submissions/`basename $nom .tmp`.processed"
+ echo -n "$tmpuser" > /root/submissions/user.ok
+ echo -n "$tmpvar" > /root/submissions/pass.ok
fi
fi
fi
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-24 08:53:55 +0000