UI improvements and more robust flag checks & submission
This commit is contained in:
32
__init__.py
32
__init__.py
@@ -5,6 +5,7 @@ from CTFd.utils.user import get_current_user, get_current_team
|
||||
from CTFd.utils.decorators import authed_only, admins_only, during_ctf_time_only
|
||||
from CTFd.utils.decorators.visibility import check_challenge_visibility
|
||||
from CTFd.plugins.flags import get_flag_class
|
||||
from CTFd.plugins.challenges import get_chal_class
|
||||
from CTFd.utils import get_config, set_config
|
||||
|
||||
def load(app):
|
||||
@@ -20,14 +21,13 @@ def load(app):
|
||||
return render_template('category_submit_settings.html', success=True,
|
||||
categories=request.form.get('categories'),
|
||||
cooldown=request.form.get('cooldown'))
|
||||
|
||||
return render_template('category_submit_settings.html',
|
||||
categories=get_config('cat_sub_categories') or "",
|
||||
cooldown=get_config('cat_sub_cooldown') or "3"
|
||||
)
|
||||
|
||||
@plugin_bp.route('/category_submit/config', methods=['GET'])
|
||||
@check_challenge_visibility # Matches challenge page visibility settings
|
||||
@check_challenge_visibility
|
||||
@during_ctf_time_only
|
||||
def get_plugin_config():
|
||||
return jsonify({
|
||||
@@ -43,7 +43,7 @@ def load(app):
|
||||
user = get_current_user()
|
||||
team = get_current_team()
|
||||
category = request.form.get('category')
|
||||
provided_flag = request.form.get('submission', '').strip()
|
||||
provided = request.form.get('submission', '').strip()
|
||||
|
||||
enabled_cats = [c.strip() for c in (get_config('cat_sub_categories') or "").split(',') if c.strip()]
|
||||
cooldown = int(get_config('cat_sub_cooldown') or 3)
|
||||
@@ -56,7 +56,7 @@ def load(app):
|
||||
if last_sub and (time.time() - last_sub.date.timestamp() < cooldown):
|
||||
return jsonify({'success': False, 'message': f'Wait {cooldown}s'})
|
||||
|
||||
# Find unsolved challenges
|
||||
# Search unsolved challenges in this category
|
||||
solve_filter = (Solves.team_id == team.id) if team else (Solves.user_id == user.id)
|
||||
challenges = Challenges.query.filter(
|
||||
Challenges.category == category,
|
||||
@@ -65,26 +65,28 @@ def load(app):
|
||||
).all()
|
||||
|
||||
for chall in challenges:
|
||||
for flag in Flags.query.filter_by(challenge_id=chall.id).all():
|
||||
# 1. Manual check (no DB write)
|
||||
flags = Flags.query.filter_by(challenge_id=chall.id).all()
|
||||
for flag in flags:
|
||||
try:
|
||||
if get_flag_class(flag.type).compare(flag, provided_flag):
|
||||
# USE NATIVE CTFd SOLVE LOGIC
|
||||
# This handles Solves, Submissions, and Scoreboard updates correctly.
|
||||
if get_flag_class(flag.type).compare(flag, provided):
|
||||
# 2. Match found! Now use built-in CTFd methods.
|
||||
chal_class = get_chal_class(chall.type)
|
||||
|
||||
# attempt() creates the 'correct' Submission record
|
||||
chal_class.attempt(chall, request)
|
||||
|
||||
# solve() creates the Solve record and awards points
|
||||
chal_class.solve(user=user, team=team, challenge=chall, request=request)
|
||||
|
||||
db.session.commit()
|
||||
return jsonify({
|
||||
'success': True,
|
||||
'message': f'Correct! You solved: {chall.name}',
|
||||
'challenge_id': chall.id # Pass this back to help the JS
|
||||
})
|
||||
return jsonify({'success': True, 'message': f'Correct! Solved: {chall.name}'})
|
||||
except Exception: continue
|
||||
|
||||
# Log incorrect submission natively
|
||||
# 3. No match: Log ONE incorrect attempt globally
|
||||
db.session.add(Submissions(
|
||||
user_id=user.id, team_id=team.id if team else None,
|
||||
challenge_id=None, ip=request.remote_addr, provided=provided_flag, type='incorrect'
|
||||
challenge_id=None, ip=request.remote_addr, provided=provided, type='incorrect'
|
||||
))
|
||||
db.session.commit()
|
||||
return jsonify({'success': False, 'message': 'Incorrect Flag'})
|
||||
|
||||
Reference in New Issue
Block a user