diff options
| author | cassiopc <cassiopc@gmail.com> | 2012-10-31 13:14:34 +0000 |
|---|---|---|
| committer | cassiopc <cassiopc@gmail.com> | 2012-10-31 13:14:34 +0000 |
| commit | f97dd499bec751ea40e291aa4b7e3062c7b2df3a (patch) | |
| tree | 3d5aaba40abc6fd5e1db02004f9aa6c6d22fc021 | |
| parent | 7e2f9683036dd78f9ac4897b55f07f6286008a37 (diff) | |
| download | boca-f97dd499bec751ea40e291aa4b7e3062c7b2df3a.tar.gz boca-f97dd499bec751ea40e291aa4b7e3062c7b2df3a.zip | |
included check of validity of score file sent by sendscore.sh
| -rw-r--r-- | boca-1.5.2/src/site/putfile.php | 17 | ||||
| -rw-r--r-- | boca-1.5.2/tools/icpc.etc.tgz | bin | 9525 -> 9525 bytes |
2 files changed, 12 insertions, 5 deletions
diff --git a/boca-1.5.2/src/site/putfile.php b/boca-1.5.2/src/site/putfile.php index 3155bd8..808eaa5 100644 --- a/boca-1.5.2/src/site/putfile.php +++ b/boca-1.5.2/src/site/putfile.php @@ -163,10 +163,17 @@ if(is_writable($_SESSION["locr"] . $remotedir)) { fwrite($fout,$total,10000000); fclose($fout); - if(@rename($fn, $_SESSION["locr"] . $remotedir . $ds . "score_" . $_SESSION["usertable"]["username"] . - "_" . $_SESSION["usertable"]["usericpcid"] . "_" . md5(getIP()) . ".dat")) - echo "SCORE UPLOADED OK\n"; - else - echo "FAILED: UPDATE SCORE ERROR\n"; + // test the format of the file + $fc=file_get_contents($fout); + if(($arr = unserialize(base64_decode($fc)))===false || + !is_array($arr) || !isset($arr['site'])) { + echo "FAILED: File " . $fout . " is not compatible\n"; + } else { + if(@rename($fn, $_SESSION["locr"] . $remotedir . $ds . "score_" . $_SESSION["usertable"]["username"] . + "_" . $_SESSION["usertable"]["usericpcid"] . "_" . md5(getIP()) . ".dat")) + echo "SCORE UPLOADED OK\n"; + else + echo "FAILED: UPDATE SCORE ERROR\n"; + } } else echo "FAILED: PERMISSION DENIED IN THE SERVER\n"; ?> diff --git a/boca-1.5.2/tools/icpc.etc.tgz b/boca-1.5.2/tools/icpc.etc.tgz Binary files differindex 0e4380c..75654cb 100644 --- a/boca-1.5.2/tools/icpc.etc.tgz +++ b/boca-1.5.2/tools/icpc.etc.tgz |