From f3497452f34af5f90a0902f71d7906472402c2ab Mon Sep 17 00:00:00 2001 From: Cassio de Campos Date: Mon, 10 Sep 2018 07:57:40 +0200 Subject: more logs --- src/team/run.php | 4 +++- tools/boca-submit-log | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/team/run.php b/src/team/run.php index 32c0d25..e157419 100644 --- a/src/team/run.php +++ b/src/team/run.php @@ -111,7 +111,7 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && MSGError("File name cannot contain spaces."); ForceLoad($runteam); } - if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') + if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') $shaf = myhtmlspecialchars($_POST["pastcode"]); else $shaf = @sha1_file($temp); // $ac=array('contest','site','user','problem','lang','filename','filepath'); @@ -133,6 +133,7 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && exit; } } + $name = str_replace("-", "_", $name); $verify = $compv . '-'. $shaf . '-' . $name . '-'. $prob . '-' . $lang . '-' . $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"]; @@ -154,6 +155,7 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && @file_put_contents($fcnamex, $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"], LOCK_EX); } else { if(trim($prevcomp) != $_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"]) { + @file_put_contents($fcname . ".try", $verify1 . "-UNAUTH\n", FILE_APPEND | LOCK_EX); if(isset($_POST['name']) && $_POST['name'] != '') { echo "\nRESULT: UNAUTHORIZED COMPUTER"; exit; diff --git a/tools/boca-submit-log b/tools/boca-submit-log index 1a22ac1..a22a058 100644 --- a/tools/boca-submit-log +++ b/tools/boca-submit-log @@ -36,8 +36,8 @@ mkdir -p "$ROOTLOGS" for zcount in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do - ###novoveroot - grep -i 'opened for user root' /var/log/auth.log | grep -v CRON | tail -n 500 > $ROOTLOGS/.logsession.tmp + ###novoveroot2 + grep -e 'opened for user root' -e " su " -e pkexec -e sudo -e "password:session" /var/log/auth.log | grep -v CRON | tail -n 500 > $ROOTLOGS/.logsession.tmp ###grep -e " su " -e pkexec -e sudo -e "password:session" /var/log/auth.log | tail -n 500 > $ROOTLOGS/.logsession.tmp [ -f $ROOTLOGS/.logsession ] || touch $ROOTLOGS/.logsession diff $ROOTLOGS/.logsession $ROOTLOGS/.logsession.tmp > $ROOTLOGS/.logsession.diff 2>/dev/null -- cgit v1.2.3 From eeb27b48f481d7329c65ffc6beb95730009290ed Mon Sep 17 00:00:00 2001 From: Cassio de Campos Date: Mon, 10 Sep 2018 08:42:43 +0200 Subject: clean filenames --- src/globals.php | 1 + src/team/run.php | 11 +++++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/globals.php b/src/globals.php index 5183040..a24d8b4 100755 --- a/src/globals.php +++ b/src/globals.php @@ -209,6 +209,7 @@ function sanitizeText($text, $doamp=true) } function sanitizeFilename($text) { + $text = preg_replace('/[^[:print:]]/', '',$text); $text = str_replace("*", "_", $text); $text = str_replace("$", "_", $text); $text = str_replace(")", "_", $text); diff --git a/src/team/run.php b/src/team/run.php index e157419..878f90c 100644 --- a/src/team/run.php +++ b/src/team/run.php @@ -74,7 +74,9 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && } if(isset($_POST['name']) && $_POST['name'] != '') { - $temp = tempnam("/tmp","bkp-"); + $runsfiles = $_SESSION["locr"] . $ds . "private" . $ds . 'runsfiles'; + @mkdir($runsfiles,0770); + $temp = tempnam($runsfiles,"bkp-"); $fout = fopen($temp,"wb"); fwrite($fout,base64_decode($_POST['data'])); fclose($fout); @@ -111,9 +113,14 @@ if (isset($_POST["problem"]) && isset($_POST["language"]) && MSGError("File name cannot contain spaces."); ForceLoad($runteam); } - if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') + + if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') $shaf = myhtmlspecialchars($_POST["pastcode"]); else $shaf = @sha1_file($temp); + + if(@rename($temp, $temp . "." . sanitizeFilename($shaf))) + $temp = $temp . "." . sanitizeFilename($shaf); + // $ac=array('contest','site','user','problem','lang','filename','filepath'); // $ac1=array('runnumber','rundate','rundatediff','rundatediffans','runanswer','runstatus','runjudge','runjudgesite', // 'runjudge1','runjudgesite1','runanswer1','runjudge2','runjudgesite2','runanswer2', -- cgit v1.2.3 From 7318fd1a73fd80b34c79b7ed9152d0acb137cf00 Mon Sep 17 00:00:00 2001 From: Cassio de Campos Date: Mon, 10 Sep 2018 08:45:31 +0200 Subject: no space filenames --- src/globals.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/globals.php b/src/globals.php index a24d8b4..5c2a46b 100755 --- a/src/globals.php +++ b/src/globals.php @@ -210,6 +210,7 @@ function sanitizeText($text, $doamp=true) function sanitizeFilename($text) { $text = preg_replace('/[^[:print:]]/', '',$text); + $text = str_replace(" ", "_", $text); $text = str_replace("*", "_", $text); $text = str_replace("$", "_", $text); $text = str_replace(")", "_", $text); -- cgit v1.2.3