From bc3df342f06c6f61e0daf9ae29d435f9299b8733 Mon Sep 17 00:00:00 2001
From: cassiopc <cassiopc@gmail.com>
Date: Thu, 29 Aug 2013 16:54:32 +0200
Subject: changed jar command-line to include the name of main class; users by
 default now cant change password

---
 src/fcontest.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/fcontest.php')

diff --git a/src/fcontest.php b/src/fcontest.php
index 7733111..313cf82 100644
--- a/src/fcontest.php
+++ b/src/fcontest.php
@@ -1128,7 +1128,7 @@ function DBNewUser($param, $c=null) {
 	if(isset($param['number']) && !isset($param['user'])) $param['user']=$param['number'];
 
 	$ac=array('contest','site','user');
-	$ac1=array('updatetime','username','usericpcid','userfull','userdesc','type','enabled','multilogin','pass','permitip',
+	$ac1=array('updatetime','username','usericpcid','userfull','userdesc','type','enabled','multilogin','pass','permitip','changepass',
 			   'userip','userlastlogin','userlastlogout','usersession','usersessionextra');
 
 	$typei['contest']=1;
@@ -1154,6 +1154,7 @@ function DBNewUser($param, $c=null) {
 	$userdesc='';
 	$type='team';
 	$enabled='f';
+	$changepass='f';
 	$multilogin='f';
 	$permitip='';
 	$usersession=null;
@@ -1177,8 +1178,10 @@ function DBNewUser($param, $c=null) {
 	if ($type != "chief" && $type != "judge" && $type != "admin" && 
 	    $type != "score" && $type != "staff" && $type != "site") 
 		$type = "team";
+	if ($type == "admin") $changepass = "t";
 	if ($enabled != "f") $enabled = "t";
 	if ($multilogin != "t") $multilogin = "f";
+	if ($changepass != "t") $changepass = "f";
 
 	$cw = false;
 	if($c == null) {
@@ -1194,6 +1197,7 @@ function DBNewUser($param, $c=null) {
 		MSGError("DBNewUser param error: site $site does not exist");
 		return false;
 	}
+	if($pass != myhash("") && $type != "admin" && $changepass != "t") $pass='!'.$pass;
 	$r = DBExec($c, "select * from usertable where username='$username' and usernumber!=$user and ".
 				"usersitenumber=$site and contestnumber=$contest", "DBNewUser(get user)");
 	$n = DBnlines ($r);
@@ -1211,7 +1215,6 @@ function DBNewUser($param, $c=null) {
 			MSGError("Site $site does not exist");
 			return false;
 		   }
-		   if($type=='team' && $pass != myhash("")) $pass='!'.$pass;
 			$sql = "insert into usertable (contestnumber, usersitenumber, usernumber, username, usericpcid, userfullname, " .
 				"userdesc, usertype, userenabled, usermultilogin, userpassword, userpermitip) values " .
 				"($contest, $site, $user, '$username', '$usericpcid', '$userfull', '$userdesc', '$type', '$enabled', " .
-- 
cgit v1.2.3