diff options
| author | Bruno Cesar Ribas <brunoribas@gmail.com> | 2018-09-13 02:00:27 +0000 |
|---|---|---|
| committer | Bruno Cesar Ribas <brunoribas@gmail.com> | 2018-09-13 02:00:27 +0000 |
| commit | 0fd36c0a540ecdbd4ee301655f42c763602425bc (patch) | |
| tree | 2c525da21c8303fd76363cc4a975252da2275d0a /src/team/run.php | |
| parent | ee2a736ffd66d6043381fbf2da70840e2e54216c (diff) | |
| parent | 7318fd1a73fd80b34c79b7ed9152d0acb137cf00 (diff) | |
| download | boca-0fd36c0a540ecdbd4ee301655f42c763602425bc.tar.gz boca-0fd36c0a540ecdbd4ee301655f42c763602425bc.zip | |
Merge remote-tracking branch 'origin/develc' into devel
Diffstat (limited to 'src/team/run.php')
| -rw-r--r-- | src/team/run.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/team/run.php b/src/team/run.php index 32c0d25..878f90c 100644 --- a/src/team/run.php +++ b/src/team/run.php @@ -74,7 +74,9 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && } if(isset($_POST['name']) && $_POST['name'] != '') { - $temp = tempnam("/tmp","bkp-"); + $runsfiles = $_SESSION["locr"] . $ds . "private" . $ds . 'runsfiles'; + @mkdir($runsfiles,0770); + $temp = tempnam($runsfiles,"bkp-"); $fout = fopen($temp,"wb"); fwrite($fout,base64_decode($_POST['data'])); fclose($fout); @@ -111,9 +113,14 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && MSGError("File name cannot contain spaces."); ForceLoad($runteam); } + if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') $shaf = myhtmlspecialchars($_POST["pastcode"]); else $shaf = @sha1_file($temp); + + if(@rename($temp, $temp . "." . sanitizeFilename($shaf))) + $temp = $temp . "." . sanitizeFilename($shaf); + // $ac=array('contest','site','user','problem','lang','filename','filepath'); // $ac1=array('runnumber','rundate','rundatediff','rundatediffans','runanswer','runstatus','runjudge','runjudgesite', // 'runjudge1','runjudgesite1','runanswer1','runjudge2','runjudgesite2','runanswer2', @@ -133,6 +140,7 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && exit; } } + $name = str_replace("-", "_", $name); $verify = $compv . '-'. $shaf . '-' . $name . '-'. $prob . '-' . $lang . '-' . $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"]; @@ -154,6 +162,7 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && @file_put_contents($fcnamex, $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"], LOCK_EX); } else { if(trim($prevcomp) != $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"]) { + @file_put_contents($fcname . ".try", $verify1 . "-UNAUTH\n", FILE_APPEND | LOCK_EX); if(isset($_POST['name']) && $_POST['name'] != '') { echo "\nRESULT: UNAUTHORIZED COMPUTER"; exit; |