diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/admin/user.php | 13 | ||||
| -rw-r--r-- | src/fcontest.php | 15 | ||||
| -rwxr-xr-x | src/globals.php | 5 | ||||
| -rw-r--r-- | src/score/header.php | 3 |
4 files changed, 28 insertions, 8 deletions
diff --git a/src/admin/user.php b/src/admin/user.php index adde9db..4bcb264 100644 --- a/src/admin/user.php +++ b/src/admin/user.php @@ -49,6 +49,19 @@ if (isset($_POST["username"]) && isset($_POST["userfullname"]) && isset($_POST[" $param['type'] = htmlspecialchars($_POST["usertype"]); $param['permitip'] = htmlspecialchars($_POST["userip"]); $param['contest'] = $_SESSION["usertable"]["contestnumber"]; +/* + $param['user'] = myhtmlspecialchars($_POST["usernumber"]); + $param['site'] = myhtmlspecialchars($_POST["usersitenumber"]); + $param['username'] = myhtmlspecialchars($_POST["username"]); + $param['usericpcid'] = myhtmlspecialchars($_POST["usericpcid"]); + $param['enabled'] = myhtmlspecialchars($_POST["userenabled"]); + $param['multilogin'] = myhtmlspecialchars($_POST["usermultilogin"]); + $param['userfull'] = unsanitizeText($_POST["userfullname"]); //myhtmlspecialchars($_POST["userfullname"]); + $param['userdesc'] = unsanitizeText($_POST["userdesc"]); //myhtmlspecialchars($_POST["userdesc"]); + $param['type'] = myhtmlspecialchars($_POST["usertype"]); + $param['permitip'] = myhtmlspecialchars($_POST["userip"]); +*/ + $passcheck = htmlspecialchars($_POST["passwordo"]); $a = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], null, false); diff --git a/src/fcontest.php b/src/fcontest.php index a698fd3..380442a 100644 --- a/src/fcontest.php +++ b/src/fcontest.php @@ -443,14 +443,16 @@ function DBSiteEndNow ($contest, $site, $w=0) { return true; } function DBSiteLogins ($contest, $site, $logins) { - $s = DBSiteInfo($contest, $site); + if(($s = DBSiteInfo($contest, $site)) == null) + LOGError("DBSiteLogins: cant read site (contest=$contest,site=$site)"); + $param = $s; $param['contestnumber']=$contest; $param['sitenumber']=$site; $param['sitepermitlogins']=$logins; unset($param['updatetime']); DBUpdateSite ($param); - LOGLevel("Site logins=$logins (contest=$contest)",2); + LOGLevel("Site logins=$logins (contest=$contest,site=$site)",2); } function DBSiteDeleteAllClars ($contest, $site, $user, $usersite, $c=null) { $cw=false; @@ -591,10 +593,6 @@ function DBUpdateSite ($param,$c=null) { } } } - $t = time(); - if($updatetime <= 0) - $updatetime=$t; - if ($siteautoend != "t" && $siteautoend != "") $siteautoend = "f"; if ($siteactive != "t" && $siteactive != "") $siteactive = "f"; if ($siteautojudge != "t" && $siteautojudge != "") $siteautojudge = "f"; @@ -609,7 +607,6 @@ function DBUpdateSite ($param,$c=null) { $docommit=true; } $a = DBGetRow ("select * from sitetable where contestnumber=$contestnumber and sitenumber=$sitenumber", 0, $c); - $ret=1; if ($a == null) { $ret=2; $param['number']=$sitenumber; @@ -622,6 +619,10 @@ function DBUpdateSite ($param,$c=null) { return false; } } + $t = time(); + if($updatetime <= 0) + $updatetime=$t; + $ret=1; if($updatetime > $a['updatetime']) { $ret=2; if($sitenextrun==0) diff --git a/src/globals.php b/src/globals.php index 1d07ba1..b179bd5 100755 --- a/src/globals.php +++ b/src/globals.php @@ -108,6 +108,11 @@ function sanitizeText($text, $doamp=true) return $text; } +function unsanitizeText($text) { + $text = str_replace("&", "&", $text); + return $text; +} + array_walk_recursive($_FILES, 'sanitizeVariables'); array_walk_recursive($_POST, 'sanitizeVariables'); array_walk_recursive($_GET, 'sanitizeVariables'); diff --git a/src/score/header.php b/src/score/header.php index 69cf6e5..662a1bf 100644 --- a/src/score/header.php +++ b/src/score/header.php @@ -58,7 +58,8 @@ echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; echo "<font color=\"#000000\">BOCA</font>"; echo "</td><td bgcolor=\"#cc9966\" width=\"99%\">\n"; echo "Username: " . $_SESSION["usertable"]["userfullname"] . " (site=".$_SESSION["usertable"]["usersitenumber"].")<br>\n"; -list($clockstr,$clocktype)=siteclock(); +//list($clockstr,$clocktype)=siteclock(); // THIS IS SLOW, WE NEED A BETTER OPTION +$clockstr=''; echo "</td><td bgcolor=\"#cc9966\" align=center nowrap> ".$clockstr." </td></tr>\n"; echo "</table>\n"; if(!isset($_SESSION["scorenomenu"]) || !$_SESSION["scorenomenu"]) { |