From e80e0bbdb0b44f95caf6ee69456a05f1c4da65c3 Mon Sep 17 00:00:00 2001
From: cassio <cassiopc@gmail.com>
Date: Sat, 8 Aug 2015 18:11:58 -0300
Subject: updates to allow submissions by command-line

---
 src/admin/language.php |  9 ++++--
 src/admin/problem.php  | 11 +++++--
 src/team/run.php       | 78 ++++++++++++++++++++++++++++++++++++++++++++++----
 3 files changed, 87 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/admin/language.php b/src/admin/language.php
index b2a7481..94be1ae 100644
--- a/src/admin/language.php
+++ b/src/admin/language.php
@@ -15,7 +15,7 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 05/aug/2012 by cassio@ime.usp.br
+// Last modified 08/aug/2015 by cassio@ime.usp.br
 require('header.php');
 
 if(($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null)
@@ -29,13 +29,18 @@ if (isset($_GET["delete"]) && is_numeric($_GET["delete"])) {
 
 if (isset($_POST["Submit3"]) && isset($_POST["langnumber"]) && is_numeric($_POST["langnumber"]) && 
     isset($_POST["langname"]) && $_POST["langname"] != "") {
+	if(strpos(trim($_POST["langname"]),' ')!==false) {
+		$_POST["confirmation"]='';
+		MSGError('Language name cannot have spaces');
+	} else {
 	if ($_POST["confirmation"] == "confirm") {
 		$param = array();
 		$param['number'] = $_POST['langnumber'];
-		$param['name'] = $_POST['langname'];
+		$param['name'] = trim($_POST['langname']);
 		$param['extension'] = $_POST['langextension'];
 		DBNewLanguage ($_SESSION["usertable"]["contestnumber"], $param);
 	}
+	}
 	ForceLoad("language.php");
 }
 ?>
diff --git a/src/admin/problem.php b/src/admin/problem.php
index 6a894ba..4228d05 100644
--- a/src/admin/problem.php
+++ b/src/admin/problem.php
@@ -15,7 +15,7 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 31/aug/2012 by cassio@ime.usp.br
+// Last modified 08/aug/2015 by cassio@ime.usp.br
 if ($_POST["confirmation"] != "confirm")
 	unset($_POST['noflush']);
 
@@ -168,6 +168,10 @@ if(isset($_POST['Submit5']) && $_POST['Submit5']=='Send') {
 
 if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_POST["problemnumber"]) && 
     isset($_POST["problemname"]) && $_POST["problemname"] != "") {
+	if(strpos(trim($_POST["problemname"]),' ')!==false) {
+		$_POST["confirmation"]='';
+		MSGError('Problem short name cannot have spaces');
+	} else {
 	if ($_POST["confirmation"] == "confirm") {
 		if ($_FILES["probleminput"]["name"] != "") {
 			$type=myhtmlspecialchars($_FILES["probleminput"]["type"]);
@@ -182,7 +186,7 @@ if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_P
 
 		$param = array();
 		$param['number'] = $_POST["problemnumber"];
-		$param['name'] = $_POST["problemname"];
+		$param['name'] = trim($_POST["problemname"]);
 		$param['inputfilename'] = $name;
 		$param['inputfilepath'] = $temp;
 		$param['fake'] = 'f';
@@ -190,6 +194,7 @@ if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_P
 		$param['color'] = $_POST["color"];
 		DBNewProblem ($_SESSION["usertable"]["contestnumber"], $param);
 	}
+	}
 	ForceLoad("problem.php");
 }
 ?>
@@ -340,7 +345,7 @@ To replace the data of a problem, proceed as if it did not exist (data will be r
         </td>
       </tr>
       <tr>
-	 <td width="35%" align=right>Short Name (usually a letter):</td>
+	 <td width="35%" align=right>Short Name (usually a letter, no spaces):</td>
         <td width="65%">
           <input type="text" name="problemname" value="" size="20" maxlength="20" />
         </td>
diff --git a/src/team/run.php b/src/team/run.php
index 467ce56..d11447b 100644
--- a/src/team/run.php
+++ b/src/team/run.php
@@ -15,15 +15,21 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 28/oct/2013 by cassio@ime.usp.br
+// Last modified 08/aug/2015 by cassio@ime.usp.br
 require('header.php');
+$ds = DIRECTORY_SEPARATOR;
+if($ds=="") $ds = "/";
 
 if (isset($_FILES["sourcefile"]) && isset($_POST["problem"]) && isset($_POST["Submit"]) && isset($_POST["language"]) &&
     is_numeric($_POST["problem"]) && is_numeric($_POST["language"]) && $_FILES["sourcefile"]["name"]!="") {
 	if ($_POST["confirmation"] == "confirm") {
-		if(($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null)
+		if(($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null) {
+			if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
+				echo "RESULT: CONTEST NOT FOUND";
+				exit;
+			}
 			ForceLoad("../index.php");
-
+		}
 		$prob = myhtmlspecialchars($_POST["problem"]);
 		$lang = myhtmlspecialchars($_POST["language"]);
 
@@ -35,14 +41,26 @@ if (isset($_FILES["sourcefile"]) && isset($_POST["problem"]) && isset($_POST["Su
 		if ($size > $ct["contestmaxfilesize"]) {
 	                LOGLevel("User {$_SESSION["usertable"]["username"]} tried to submit file " .
 			"$name with $size bytes ({$ct["contestmaxfilesize"]} max allowed).", 1);
+			if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
+				echo "RESULT: FILE TOO LARGE";
+				exit;
+			}
 			MSGError("File size exceeds the limit allowed.");
 			ForceLoad($runteam);
 		}
 		if(strpos($name,' ') === true || strpos($temp,' ') === true) {
+			if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
+				echo "RESULT: FILE NAME CANNOT HAVE SPACES";
+				exit;
+			}
 			MSGError("File name cannot contain spaces.");
 			ForceLoad($runteam);		
 		}
 		if (!is_uploaded_file($temp) || strlen($name)>100) {
+			if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
+				echo "RESULT: FILE UPLOAD PROBLEM";
+				exit;
+			}
 			IntrusionNotify("file upload problem.");
 			ForceLoad("../index.php");
 		}
@@ -59,15 +77,45 @@ if (isset($_FILES["sourcefile"]) && isset($_POST["problem"]) && isset($_POST["Su
 					   'lang'=>$lang,
 					   'filename'=>$name,
 					   'filepath'=>$temp);
+
+		if(isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
+			$pastcode = myhtmlspecialchars($_POST["pastcode"]);
+			if(isset($_POST["pasthash"]) && isset($_POST["pastval"])) {
+				$pasthash = myhtmlspecialchars($_POST["pasthash"]);
+				$pastval = myhtmlspecialchars($_POST["pastval"]);
+				$pastsubmission = myhash(@file_get_contents($_SESSION["locr"] . $ds . "private" . $ds . 'run-past.config') . $pastcode);
+				if($pastsubmission != $pasthash) {
+					echo "\nRESULT: INVALID SUBMISSION CODE";
+					exit;
+				}
+			} else {
+				$pastval = 0;
+			}
+			$verify = $pastcode . '-' .$_SESSION["usertable"]["contestnumber"].'-'.$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"];
+			$fcname = $_SESSION["locr"] . $ds . "private" . $ds . 'laterun-submitted-' . $_SESSION["usertable"]["contestnumber"].'-'.
+				$_SESSION["usertable"]["usersitenumber"].'-'.$_SESSION["usertable"]["usernumber"].'.txt';
+			$codes = @file($fcname);
+			if(in_array($verify,$codes)) {
+				echo "\nRESULT: RUN ALREADY SUBMITTED";
+			} else {
+				if($pastval > 0) {
+					$param['rundate']=time() - $pastval;
+					$b = DBSiteInfo($contest, $site, $c);
+					$dif = $b["currenttime"]; 
+					$param['rundatediff']=$dif - $pastval;
+				}
+				if(DBNewRun ($param) == 2)
+					@file_put_contents($fcname, $verify . '\n', FILE_APPEND | LOCK_EX);
+				echo "\nRESULT: RUN SUBMITTED SUCCESSFULLY";
+			}
+			exit;
+		}
 		DBNewRun ($param);
 		$_SESSION['forceredo']=true;
 	}
 	ForceLoad($runteam);
 }
 
-$ds = DIRECTORY_SEPARATOR;
-if($ds=="") $ds = "/";
-
 $runtmp = $_SESSION["locr"] . $ds . "private" . $ds . "runtmp" . $ds . "run-contest" . $_SESSION["usertable"]["contestnumber"] . 
 	"-site". $_SESSION["usertable"]["usersitenumber"] . "-user" . $_SESSION["usertable"]["usernumber"] . ".php";
 $redo = TRUE;
@@ -126,6 +174,23 @@ if($redo) {
 $strtmp .= "</table>";
 if (count($run) == 0) $strtmp .= "<br><center><b><font color=\"#ff0000\">NO RUNS AVAILABLE</font></b></center>";
 
+$linesubmission = @file_get_contents($_SESSION["locr"] . $ds . "private" . $ds . 'run-using-command.config');
+if(trim($linesubmission) == '1') {
+$strtmp .= "<br><br><center><b>To submit a program, use the command-line tool:</b>\n<br><br>".
+	"<pre>boca-send-run USER PASSWORD PROBLEM LANGUAGE FILE</pre><br><br>".
+    "where <pre>USER</pre> is your username, <pre>PASSWORD</pre> is your password, <pre>FILE</pre> is your submission file,<br>".
+	"<pre>PROBLEM</pre> is one of { <pre>";
+
+$prob = DBGetProblems($_SESSION["usertable"]["contestnumber"],$_SESSION["usertable"]["usertype"]=='judge');
+for ($i=0;$i<count($prob);$i++)
+	$strtmp .= $prob[$i]["problem"] . " ";
+$strtmp .= "</pre>} and<br><pre>LANGUAGE</pre> is one of { <pre>"
+$lang = DBGetLanguages($_SESSION["usertable"]["contestnumber"]);
+for ($i=0;$i<count($lang);$i++)
+	$strtmp .= $lang[$i]["name"] . " ";
+$strtmp .= "</pre>}<br><br>\n";
+} else {
+
 $strtmp .= "<br><br><center><b>To submit a program, just fill in the following fields:</b></center>\n".
 "<form name=\"form1\" enctype=\"multipart/form-data\" method=\"post\" action=\"". $runteam ."\">\n".
 "  <input type=hidden name=\"confirmation\" value=\"noconfirm\" />\n".
@@ -177,6 +242,7 @@ $strtmp .= "	  </select>\n".
 "      <input type=\"reset\" name=\"Submit2\" value=\"Clear\">\n".
 "  </center>\n".
 "</form>\n";
+}
     $conf=globalconf();
     $strtmp1 = "<!-- " . time() . " --> <?php exit; ?>\t" . encryptData($strcolors,$conf["key"],false) . "\n" . encryptData($strtmp,$conf["key"],false);
 	$randnum = session_id() . "_" . rand();
-- 
cgit v1.2.3