fix: 90b3675bd5

2024-11-08 14:18:40 +00:00 · 2022-10-03 09:11:43 +08:00 · 2022-10-03 09:11:43 +08:00 · ef774d2e97
commit ef774d2e97
parent 90b3675bd5
4 changed files with 14 additions and 12 deletions
--- a/web/app/controllers/problem_solutions.php
+++ b/web/app/controllers/problem_solutions.php
@ -1,6 +1,8 @@
 <?php
 	requirePHPLib('form');
-	requirePHPLib('judger');	
+	requirePHPLib('judger');
 	$REQUIRE_LIB['bootstrap5'] = '';
 	if (!Auth::check()) {
 		become403Page(UOJLocale::get('need login'));
@ -18,11 +20,13 @@
 	$solution_viewable = hasViewSolutionPermission($problem_extra_config['view_solution_type'], $myUser, $problem);
 	$solution_submittable = hasViewSolutionPermission($problem_extra_config['submit_solution_type'], $myUser, $problem);
-	if (!$solution_viewable || isRegisteredRunningContestProblem($myUser, $problem)) {
+	if (!$solution_viewable) {
 		become403Page();
 	}
-	$REQUIRE_LIB['bootstrap5'] = '';
+	if (!hasProblemPermission($myUser, $problem) && isRegisteredRunningContestProblem($myUser, $problem)) {
 		become403Page();
 	}
 	function removeSolutionForm($blog_id) {
 		$res_form = new UOJForm("remove_solution_{$blog_id}");
--- a/web/app/controllers/problem_statistics.php
+++ b/web/app/controllers/problem_statistics.php
@ -21,10 +21,6 @@
 		if (!isNormalUser($myUser)) {
 			become403Page();
 		}
 		if (isRegisteredRunningContestProblem($myUser, $problem)) {
 			become403Page();
 		}
 	}
 	function scoreDistributionData() {
--- a/web/app/controllers/submission.php
+++ b/web/app/controllers/submission.php
@ -30,10 +30,10 @@
 		}
 	}
-	if (!isSubmissionVisibleToUser($submission, $problem, $myUser) || isRegisteredRunningContestProblem($myUser, $problem)) {
+	if (!isSubmissionVisibleToUser($submission, $problem, $myUser)) {
 		become403Page();
 	}
-	
+
 	$out_status = explode(', ', $submission['status'])[0];
 	if ($_GET['get'] == 'status-details' && Auth::check() && $submission['submitter'] === Auth::id()) {
--- a/web/app/libs/uoj-query-lib.php
+++ b/web/app/libs/uoj-query-lib.php
@ -221,12 +221,14 @@ function isHackVisibleToUser($hack, $problem, $user) {
 function isSubmissionFullVisibleToUser($submission, $contest, $problem, $user) {
 	if (isSuperUser($user)) {
 		return true;
 	} elseif ($submission['submitter'] == $user['username']) {
 		return true;
 	} elseif (isRegisteredRunningContestProblem($user, $problem)) {
 		return false;
 	} elseif (!$contest) {
 		return true;
 	} elseif ($contest['cur_progress'] > CONTEST_IN_PROGRESS) {
 		return true;
 	} elseif ($submission['submitter'] == $user['username']) {
 		return true;
 	} else {
 		return hasProblemPermission($user, $problem);
 	}
@ -250,7 +252,7 @@ function isRegisteredRunningContestProblem($user, $problem) {
 	while (list($contest_id) = DB::fetch($result, MYSQLI_NUM)) {
 		$contest = queryContest($contest_id);
 		genMoreContestInfo($contest);
-		if (CONTEST_NOT_STARTED < $contest['cur_progress'] && $contest['cur_progress'] <= CONTEST_IN_PROGRESS
+		if ($contest['cur_progress'] == CONTEST_IN_PROGRESS
 			&& hasRegistered($user, $contest)
 			&& !hasContestPermission($user, $contest)
 			&& queryContestProblemRank($contest, $problem)) {