-
Notifications
You must be signed in to change notification settings - Fork 1
/
team.php
executable file
·87 lines (84 loc) · 3.21 KB
/
team.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
function check($str)
{
if (!strstr($str,'!')&&!strstr($str,'@')&&!strstr($str,'#')&&!strstr($str,'$')&&!strstr($str,'%')&&!strstr($str,'^')&&!strstr($str,'&')&&!strstr($str,'*')&&!strstr($str,'(')&&!strstr($str,')')&&!strstr($str,'-')&&!strstr($str,'_')&&!strstr($str,'=')&&!strstr($str,'+')&&!strstr($str,'[')&&!strstr($str,']')&&!strstr($str,'"')&&!strstr($str,'\'')&&!strstr($str,';')&&!strstr($str,'<')&&!strstr($str,'>')&&!strstr($str,'?')&&!strstr($str,'`')&&!strstr($str,'~')&&!strstr($str,'\\')&&!strstr($str,'/')&&!strstr($str,'|')) {
return TRUE;
}
else{
return FALSE;
}
}
$user = "ezbabyctf";
$passwd = "ezbabyctf";
$db = "ezbabyctf";
$tb = "users";
$conn = new mysqli("localhost",$user,$passwd,$db);
if($conn->connect_error){
die("Connection faild.".$conn->connect_error);
}
else{
//isset($_GET["tname"])&&
//
if (isset($_GET["id"])) {
//$tname=$_GET["tname"];
$id=urldecode($_GET["id"]);
if(!check($id)){
die("Invalid call.");
}
//$s = "select team from ".$tb." where name=\"".$name."\" and captain=\"".$captain."\" active=\"1\"";
$s = "select team from ".$tb." where id=\"".$id."\"";
$r1 = $conn->query($s);
$tname = mysqli_fetch_row($r1)[0];
//echo $tname;
$s3 = "select captain from teams where tname=\"".$tname."\"";
$r3 = $conn->query($s3);
$captain = mysqli_fetch_row($r3)[0];
//mysqli_affected_rows($conn)==1
if($id===$captain){
$s1="select name from users where team=\"".$tname."\"";
$result = array($tname,"captain");
$s2 = "select score from scoreboard where tname=\"".$tname."\"";
if ($r = $conn->query($s2)) {
while($row = mysqli_fetch_row($r)){
array_push($result,$row[0]);
}
}
if ($r = $conn->query($s1)) {
while($row = mysqli_fetch_row($r)){
array_push($result,$row[0]);
}
}
exit(json_encode($result));
}
else{
$s1="select name from users where team=\"".$tname."\"";
$result = array($tname,"member");
$s2 = "select score from scoreboard where tname=\"".$tname."\"";
$s3 = "select captain from teams where tname=\"".$tname."\"";
$r3 = $conn->query($s3);
$captainid = mysqli_fetch_row($r3)[0];
$s4="select name from users where id=\"".$captainid."\"";
$r4 = $conn->query($s4);
$captain = mysqli_fetch_row($r4)[0];
if ($r = $conn->query($s2)) {
while($row = mysqli_fetch_row($r)){
array_push($result,$row[0]);
}
}
array_push($result,$captain);
if ($r = $conn->query($s1)) {
while($row = mysqli_fetch_row($r)){
if($row[0]!=$captain){
array_push($result,$row[0]);
}
}
}
exit(json_encode($result));
}
}
else{
die("Invalid call.");
}
}
//http://192.168.64.129/team.php?name=1
?>