C
", "", $description);
$description = str_replace("", "
", $description); $description = str_replace(",", ",", $description); $sql = "UPDATE `contest` SET `title`=?,`description`=?,`start_time`=?,`end_time`=?,`private`=?,`langmask`=?,`password`=? WHERE `contest_id`=?"; //echo $sql; pdo_query($sql,$title,$description,$starttime,$endtime,$private,$langmask,$password,$cid); $sql = "DELETE FROM `contest_problem` WHERE `contest_id`=?"; pdo_query($sql,$cid); $plist=trim($_POST['cproblem']); $pieces = explode(',', $plist); if(count($pieces)>0 && strlen($pieces[0])>0){ $sql_1 = "INSERT INTO `contest_problem`(`contest_id`,`problem_id`,`num`) VALUES (?,?,?)"; for($i=0; $i0 && strlen($pieces[0])>0){
$sql_1 = "INSERT INTO `privilege`(`user_id`,`rightstr`) VALUES (?,?)";
for($i=0; $iwindow.location.href=\"contest_list.php\";";
exit();
}else{
$cid = intval($_GET['cid']);
$sql = "SELECT * FROM `contest` WHERE `contest_id`=?";
$result = pdo_query($sql,$cid);
if(count($result)!=1){
echo "No such Contest!";
exit(0);
}
$row = $result[0];
$starttime = $row['start_time'];
$endtime = $row['end_time'];
$private = $row['private'];
$password = $row['password'];
$langmask = $row['langmask'];
$description = $row['description'];
$title = htmlentities($row['title'],ENT_QUOTES,"UTF-8");
$plist = "";
$sql = "SELECT `problem_id` FROM `contest_problem` WHERE `contest_id`=? ORDER BY `num`";
$result=pdo_query($sql,$cid);
foreach($result as $row){
if($plist) $plist .= ",";
$plist.=$row[0];
}
$ulist = "";
$sql = "SELECT `user_id` FROM `privilege` WHERE `rightstr`=? order by user_id";
$result = pdo_query($sql,"c$cid");
foreach($result as $row){
if($ulist) $ulist .= "\n";
$ulist .= $row[0];
}
}
?>
", $description); $description = str_replace(",", ",", $description); $sql = "UPDATE `contest` SET `title`=?,`description`=?,`start_time`=?,`end_time`=?,`private`=?,`langmask`=?,`password`=? WHERE `contest_id`=?"; //echo $sql; pdo_query($sql,$title,$description,$starttime,$endtime,$private,$langmask,$password,$cid); $sql = "DELETE FROM `contest_problem` WHERE `contest_id`=?"; pdo_query($sql,$cid); $plist=trim($_POST['cproblem']); $pieces = explode(',', $plist); if(count($pieces)>0 && strlen($pieces[0])>0){ $sql_1 = "INSERT INTO `contest_problem`(`contest_id`,`problem_id`,`num`) VALUES (?,?,?)"; for($i=0; $i