2016-07-19 00:39:37 +08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
function getPasswordToStore($password, $username) {
|
|
|
|
return md5($username . $password);
|
|
|
|
}
|
|
|
|
function checkPassword($user, $password) {
|
2020-06-25 20:41:16 +08:00
|
|
|
return $user['password'] == md5($user['username'] . $password);
|
2016-07-19 00:39:37 +08:00
|
|
|
}
|
|
|
|
function getPasswordClientSalt() {
|
|
|
|
return UOJConfig::$data['security']['user']['client_salt'];
|
|
|
|
}
|
|
|
|
|
|
|
|
function crsf_token() {
|
|
|
|
if (!isset($_SESSION['_token'])) {
|
|
|
|
$_SESSION['_token'] = uojRandString(60);
|
|
|
|
}
|
|
|
|
return $_SESSION['_token'];
|
|
|
|
}
|
|
|
|
function crsf_check() {
|
|
|
|
if (isset($_POST['_token'])) {
|
|
|
|
$_token = $_POST['_token'];
|
2020-06-25 20:41:16 +08:00
|
|
|
} elseif (isset($_GET['_token'])) {
|
2016-07-19 00:39:37 +08:00
|
|
|
$_token = $_GET['_token'];
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return $_token === $_SESSION['_token'];
|
|
|
|
}
|
|
|
|
function crsf_defend() {
|
|
|
|
if (!crsf_check()) {
|
2022-11-06 10:26:21 +08:00
|
|
|
UOJResponse::page403('页面已过期(可能页面真的过期了,也可能是刚才你访问的网页没有完全加载,也可能是你的浏览器版本太老)');
|
2016-07-19 00:39:37 +08:00
|
|
|
}
|
|
|
|
}
|
2022-11-06 10:26:21 +08:00
|
|
|
|
|
|
|
function submission_frequency_check() {
|
|
|
|
$recent = clone UOJTime::$time_now;
|
|
|
|
$recent->sub(new DateInterval("PT1S"));
|
|
|
|
$num = DB::selectCount([
|
|
|
|
"select count(*) from submissions",
|
|
|
|
"where", [
|
|
|
|
"submitter" => Auth::id(),
|
|
|
|
["submit_time", ">=", $recent->format('Y-m-d H:i:s')]
|
|
|
|
]
|
|
|
|
]);
|
|
|
|
if ($num >= 1) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// use the implementation below if OJ is under attack
|
|
|
|
/*
|
|
|
|
// 1
|
|
|
|
$recent = clone UOJTime::$time_now;
|
|
|
|
$recent->sub(new DateInterval("PT3S"));
|
|
|
|
$num = DB::selectCount([
|
|
|
|
"select count(*) from submissions",
|
|
|
|
"where", [
|
|
|
|
"submitter" => Auth::id(),
|
|
|
|
["submit_time", ">=", $recent->format('Y-m-d H:i:s')]
|
|
|
|
]
|
|
|
|
]);
|
|
|
|
if ($num >= 1) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// 2
|
|
|
|
$recent = clone UOJTime::$time_now;
|
|
|
|
$recent->sub(new DateInterval("PT1M"));
|
|
|
|
$num = DB::selectCount([
|
|
|
|
"select count(*) from submissions",
|
|
|
|
"where", [
|
|
|
|
"submitter" => Auth::id(),
|
|
|
|
["submit_time", ">=", $recent->format('Y-m-d H:i:s')]
|
|
|
|
]
|
|
|
|
]);
|
|
|
|
if ($num >= 6) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// 3
|
|
|
|
$recent = clone UOJTime::$time_now;
|
|
|
|
$recent->sub(new DateInterval("PT30M"));
|
|
|
|
$num = DB::selectCount([
|
|
|
|
"select count(*) from submissions",
|
|
|
|
"where", [
|
|
|
|
"submitter" => Auth::id(),
|
|
|
|
["submit_time", ">=", $recent->format('Y-m-d H:i:s')]
|
|
|
|
]
|
|
|
|
]);
|
|
|
|
if ($num >= 30) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
*/
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|