From c8efdd3df4f0ce3ed41bb943dd30fa331b24ba1e Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 16:36:30 -0400
Subject: [PATCH 01/21] Add basic implementation for creating new problems

---
 deploy                        |  0
 server/api/models.py          |  6 ++++--
 server/api/problem.py         | 13 +++++++++----
 server/api/utils.py           |  2 +-
 web/js/admin.js               | 24 +++++++++++++++++++++++-
 web/pages/admin/problems.html | 26 ++++++++++++++++++++++----
 6 files changed, 59 insertions(+), 12 deletions(-)
 mode change 100644 => 100755 deploy

diff --git a/deploy b/deploy
old mode 100644
new mode 100755
diff --git a/server/api/models.py b/server/api/models.py
index 3270b09..0a5b34d 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -132,9 +132,10 @@ class Teams(db.Model):
 		return False
 
 class Problems(db.Model):
-	pid = db.Column(db.String(128), primary_key=True, autoincrement=False)
+	pid = db.Column(db.String(32), primary_key=True, autoincrement=False)
 	title = db.Column(db.String(128))
 	category = db.Column(db.String(128))
+	flag = db.Column(db.String(128))
 	description = db.Column(db.Text)
 	value = db.Column(db.Integer)
 	hint = db.Column(db.Text)
@@ -143,11 +144,12 @@ class Problems(db.Model):
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
 
-	def __init__(self, pid, title, category, description, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
+	def __init__(self, pid, title, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
 		self.pid = pid
 		self.title = title
 		self.category = category
 		self.description = description
+		self.flag = flag
 		self.value = value
 		self.hint = hint
 		self.autogen = autogen
diff --git a/server/api/problem.py b/server/api/problem.py
index 8e410a4..338fb7c 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -1,6 +1,7 @@
 import hashlib
 import logger
 import os
+import utils
 
 from flask import Blueprint, jsonify, session, request
 from flask import current_app as app
@@ -18,14 +19,18 @@ def problem_add():
 	name = request.form["name"]
 	category = request.form["category"]
 	description = request.form["description"]
-	hint = request.form["problem-hint"]
+	hint = request.form["hint"]
 	flag = request.form["flag"]
 	value = request.form["value"]
+	pid = utils.generate_string()
+	while Problems.query.filter_by(pid=pid).first():
+		pid = utils.generate_string()
 
-	name_exists = Problems.query.filter_by(name=name).first()
+	name_exists = Problems.query.filter_by(title=name).first()
 	if name_exists:
 		raise WebException("Problem name already taken.")
-	problem = Problems(name, category, description, hint, flag, value)
+
+	problem = Problems(pid, name, category, description, flag, value, hint=hint)
 	db.session.add(problem)
 	db.session.commit()
 
@@ -160,4 +165,4 @@ def get_problem(title=None, pid=None):
 		match.update({ "pid": pid })
 	with app.app_context():
 		result = Problems.query.filter_by(**match)
-		return result
\ No newline at end of file
+		return result
diff --git a/server/api/utils.py b/server/api/utils.py
index c2adef0..3c64f0f 100644
--- a/server/api/utils.py
+++ b/server/api/utils.py
@@ -99,4 +99,4 @@ def generate_identicon(email, filename):
 			draw.rectangle([(4*cell + margin, (i-10)*cell + margin), (5*cell + margin, (i-9)*cell + margin)], fill=c)
 
 	image.save(open("pfp/%s.png" % filename, "w"), "PNG")
-	return
\ No newline at end of file
+	return
diff --git a/web/js/admin.js b/web/js/admin.js
index c6b7fd6..5874aa1 100644
--- a/web/js/admin.js
+++ b/web/js/admin.js
@@ -2,4 +2,26 @@ $(document).ready(function() {
 	$(".panel-title > a[data-toggle=collapse]").click(function(e) {
 		e.preventDefault();
 	});
-});
\ No newline at end of file
+});
+
+var create_problem = function() {
+	var input = "#new_problem_form input";
+	var data = $("#new_problem_form").serializeObject();
+	$(input).attr("disabled", "disabled");
+	api_call("POST", "/api/problem/add", data, function(result) {
+		if (result["success"] == 1) {
+			display_message("add-status", "success", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		} else {
+			display_message("add-status", "danger", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		}
+	}, function(jqXHR, status, error) {
+		var result = jqXHR["responseText"];
+		display_message("add-status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
+			$(input).removeAttr("disabled");
+		});
+	});
+}
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index 03712a5..992d77c 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -25,6 +25,24 @@
 						<h4 class="panel-title">New Problem</h4>
 					</div>
 					<div class="panel-body">
+						<div id="add-status"></div>
+						<form class="form-horizontal" onsubmit="create_problem(); return false;" id="new_problem_form">
+							<input class="form-control" name="name" placeholder="Name" required/>
+							<br>
+							<textarea class="form-control" name="description" placeholder="Description" required autocomplete="off"/>
+							<br>
+							<input class="form-control" name="category" placeholder="Category" required autocomplete="off"/>
+							<br>
+							<input class="form-control" name="hint" placeholder="Hint" required/>
+							<br>
+							<input class="form-control" name="value" type="number" placeholder="Problem Value" required autocomplete="off"/>
+							<br>
+							<input class="form-control" name="flag" placeholder="Flag" required/>
+							<br>
+							<div id="new_grader"></div>
+							<br>
+							<input type="submit" id="create-problem" class="btn btn-success" value="Create"/>
+						</form>
 					</div>
 				</div>
 			</div>
@@ -43,7 +61,7 @@
 
 <script type="text/javascript">
 	$(document).ready(function() {
-		/*$(".selectpicker").selectpicker();
+		$(".selectpicker").selectpicker();
 		var config = {
 			toolbar: [
 				{ name: "basicstyles", items: [ "Bold", "Italic", "Underline" ] },
@@ -54,7 +72,7 @@
 			]
 		};
 		var editor = new EpicEditor({
-			container: "description",
+			container: "new_grader",
 			theme: {
 				base: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/base/epiceditor.css",
 				preview: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/preview/github.css",
@@ -66,6 +84,6 @@
 		}).load();
 		var new_grader = ace.edit("new_grader");
 		new_grader.setTheme("ace/theme/tomorrow");
-		new_grader.getSession().setMode("ace/mode/python");*/
+		new_grader.getSession().setMode("ace/mode/python");
 	});
-</script>
\ No newline at end of file
+</script>

From 6df67c0e76804b18984e0bf85329ea7325f9cc4c Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 18:01:17 -0400
Subject: [PATCH 02/21] Add basic functionality for updating/deleting problems

---
 server/api/admin.py           |  7 +++---
 server/api/models.py          |  6 ++---
 server/api/problem.py         | 12 ++++------
 web/js/admin.js               | 45 +++++++++++++++++++++++++++++++++++
 web/js/easyctf.js             |  2 +-
 web/pages/admin/problems.html | 26 ++++++++++++++++----
 6 files changed, 79 insertions(+), 19 deletions(-)

diff --git a/server/api/admin.py b/server/api/admin.py
index 14bc52a..6c172a7 100644
--- a/server/api/admin.py
+++ b/server/api/admin.py
@@ -16,13 +16,14 @@ def problem_data():
 	for problem in problems:
 		problems_return.append({
 			"pid": problem.pid,
-			"title": problem.title,
+			"name": problem.name,
 			"category": problem.category,
 			"description": problem.description,
 			"hint": problem.hint,
 			"value": problem.value,
 			"threshold": problem.threshold,
-			"weightmap": problem.weightmap
+			"weightmap": problem.weightmap,
+			"flag": problem.flag
 		})
 	problems_return.sort(key=lambda prob: prob["value"])
 	return { "success": 1, "problems": problems_return }
@@ -42,4 +43,4 @@ ProblemSubmissionSchema = Schema({
 		([str, Length(min=4, max=64)], "The title should be between 4 and 64 characters long."),
 	),
 }, extra=True)
-"""
\ No newline at end of file
+"""
diff --git a/server/api/models.py b/server/api/models.py
index 0a5b34d..98abf5e 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -133,7 +133,7 @@ class Teams(db.Model):
 
 class Problems(db.Model):
 	pid = db.Column(db.String(32), primary_key=True, autoincrement=False)
-	title = db.Column(db.String(128))
+	name = db.Column(db.String(128))
 	category = db.Column(db.String(128))
 	flag = db.Column(db.String(128))
 	description = db.Column(db.Text)
@@ -144,9 +144,9 @@ class Problems(db.Model):
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
 
-	def __init__(self, pid, title, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
+	def __init__(self, pid, name, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
 		self.pid = pid
-		self.title = title
+		self.name = name
 		self.category = category
 		self.description = description
 		self.flag = flag
diff --git a/server/api/problem.py b/server/api/problem.py
index 338fb7c..d45c8fe 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -26,7 +26,7 @@ def problem_add():
 	while Problems.query.filter_by(pid=pid).first():
 		pid = utils.generate_string()
 
-	name_exists = Problems.query.filter_by(title=name).first()
+	name_exists = Problems.query.filter_by(name=name).first()
 	if name_exists:
 		raise WebException("Problem name already taken.")
 
@@ -74,7 +74,6 @@ def problem_update():
 	description = request.form["description"]
 	hint = request.form["hint"]
 	flag = request.form["flag"]
-	disabled = request.form.get("disabled", 0)
 	value = request.form["value"]
 
 	problem = Problems.query.filter_by(pid=pid).first()
@@ -84,7 +83,6 @@ def problem_update():
 		problem.description = description
 		problem.hint = hint
 		problem.flag = flag
-		problem.disabled = disabled
 		problem.value = value
 
 		db.session.add(problem)
@@ -146,7 +144,7 @@ def insert_problem(data, force=False):
 			else:
 				raise InternalException("Problem already exists.")
 
-		insert = Problems(data["pid"], data["title"], data["category"], data["description"], data["value"])
+		insert = Problems(data["pid"], data["name"], data["category"], data["description"], data["value"])
 		if "hint" in data: insert.hint = data["hint"]
 		if "autogen" in data: insert.autogen = data["autogen"]
 		if "bonus" in data: insert.bonus = data["bonus"]
@@ -157,10 +155,10 @@ def insert_problem(data, force=False):
 
 	return True
 
-def get_problem(title=None, pid=None):
+def get_problem(name=None, pid=None):
 	match = {}
-	if title != None:
-		match.update({ "title": title })
+	if name != None:
+		match.update({ "name": name })
 	elif pid != None:
 		match.update({ "pid": pid })
 	with app.app_context():
diff --git a/web/js/admin.js b/web/js/admin.js
index 5874aa1..b3640ef 100644
--- a/web/js/admin.js
+++ b/web/js/admin.js
@@ -24,4 +24,49 @@ var create_problem = function() {
 			$(input).removeAttr("disabled");
 		});
 	});
+};
+
+var update_problem = function(form_id) {
+	var input = "#" + form_id + " input";
+	var data = $("#" + form_id).serializeObject();
+	pid = data["pid"];
+	$(input).attr("disabled", "disabled");
+	api_call("POST", "/api/problem/update", data, function(result) {
+		if (result["success"] == 1) {
+			display_message(pid + "_status", "success", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		} else {
+			display_message(pid + "_status", "danger", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		}
+	}, function(jqXHR, status, error) {
+		var result = jqXHR["responseText"];
+		display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
+			$(input).removeAttr("disabled");
+		});
+	});
+};
+
+var delete_problem = function(form_id) {
+	var input = "#" + form_id + " input";
+	var pid = form_id.split("_")[1];
+	$(input).attr("disabled", "disabled");
+	api_call("POST", "/api/problem/delete", {"pid": pid}, function(result) {
+		if (result["success"] == 1) {
+			display_message(pid + "_status", "success", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		} else {
+			display_message(pid + "_status", "danger", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		}
+	}, function(jqXHR, status, error) {
+		var result = jqXHR["responseText"];
+		display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
+			$(input).removeAttr("disabled");
+		});
+	});
 }
diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index de1d7e4..0f290c9 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -420,4 +420,4 @@ var remove_profile_picture = function() {
 			location.reload(true);
 		}
 	});
-};
\ No newline at end of file
+};
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index 992d77c..ec4d7dc 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -12,11 +12,9 @@
 }
 </style>
 
-<div class="row">
-	<div class="tabbable">
-		<ul class="nav nav-pills nav-stacked col-md-3">
+<div class="row"> <div class="tabbable"> <ul class="nav nav-pills nav-stacked col-md-3">
 			<li class="active"><a data-target="#new" data-toggle="tab">New</a></li>
-			<li ng-repeat="problem in problems"><a data-target="#problem_{{ problem['pid'] }}" data-toggle="tab">{{ problem["title"] }} ({{ problem["value"] }} points)</a></li>
+			<li ng-repeat="problem in problems"><a data-target="#problem_{{ problem['pid'] }}" data-toggle="tab">{{ problem["name"] }} ({{ problem["value"] }} points)</a></li>
 		</ul>
 		<div class="tab-content col-md-9">
 			<div class="tab-pane active" id="new">
@@ -49,9 +47,27 @@
 			<div class="tab-pane" ng-repeat="problem in problems" id="problem_{{ problem['pid'] }}">
 				<div class="panel panel-default">
 					<div class="panel-heading">
-						<h4 class="panel-title">{{ problem["title"] }}</h4>
+						<h4 class="panel-title">{{ problem["name"] }}</h4>
 					</div>
 					<div class="panel-body">
+						<div id="{{ problem['pid'] }}_status"/>
+						<form class="form-horizontal" onsubmit="update_problem(this.id); return false;" id="update_{{ problem['pid'] }}">
+							<input type="hidden" name="pid" value="{{ problem['pid'] }}"/>
+							<input class="form-control" name="name" value="{{ problem['name'] }}" required/>
+							<br>
+							<textarea class="form-control" name="description" required autocomplete="off">{{ problem["description"] }}</textarea>
+							<br>
+							<input class="form-control" name="category" value="{{ problem['category'] }}" required/>
+							<br>
+							<input class="form-control" name="hint" value="{{ problem['hint'] }}" required/>
+							<br>
+							<input class="form-control" type="number" name="value" value="{{ problem['value'] }}" required/>
+							<br>
+							<input class="form-control" name="flag" value="{{ problem['flag'] }}" required/>
+							<br>
+							<input type="submit" class="btn btn-success" value="Update"/>
+							<input onclick="delete_problem(this.closest('form').id); return false;" class="btn btn-danger" value="Delete"/>
+						</form>
 					</div>
 				</div>
 			</div>

From 6aa0a119ffc45f18a440fcbb011af8a09adce118 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 20:58:56 -0400
Subject: [PATCH 03/21] Refactor name to title

---
 server/api/admin.py   |  2 +-
 server/api/models.py  |  6 +++---
 server/api/problem.py | 26 +++++++++++++-------------
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/server/api/admin.py b/server/api/admin.py
index 6c172a7..68b65b7 100644
--- a/server/api/admin.py
+++ b/server/api/admin.py
@@ -16,7 +16,7 @@ def problem_data():
 	for problem in problems:
 		problems_return.append({
 			"pid": problem.pid,
-			"name": problem.name,
+			"title": problem.title,
 			"category": problem.category,
 			"description": problem.description,
 			"hint": problem.hint,
diff --git a/server/api/models.py b/server/api/models.py
index 98abf5e..0a5b34d 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -133,7 +133,7 @@ class Teams(db.Model):
 
 class Problems(db.Model):
 	pid = db.Column(db.String(32), primary_key=True, autoincrement=False)
-	name = db.Column(db.String(128))
+	title = db.Column(db.String(128))
 	category = db.Column(db.String(128))
 	flag = db.Column(db.String(128))
 	description = db.Column(db.Text)
@@ -144,9 +144,9 @@ class Problems(db.Model):
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
 
-	def __init__(self, pid, name, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
+	def __init__(self, pid, title, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
 		self.pid = pid
-		self.name = name
+		self.title = title
 		self.category = category
 		self.description = description
 		self.flag = flag
diff --git a/server/api/problem.py b/server/api/problem.py
index d45c8fe..7f782e3 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -16,7 +16,7 @@ blueprint = Blueprint("problem", __name__)
 @admins_only
 @api_wrapper
 def problem_add():
-	name = request.form["name"]
+	title = request.form["title"]
 	category = request.form["category"]
 	description = request.form["description"]
 	hint = request.form["hint"]
@@ -26,11 +26,11 @@ def problem_add():
 	while Problems.query.filter_by(pid=pid).first():
 		pid = utils.generate_string()
 
-	name_exists = Problems.query.filter_by(name=name).first()
-	if name_exists:
+	title_exist = Problems.query.filter_by(title=title).first()
+	if title_exist:
 		raise WebException("Problem name already taken.")
 
-	problem = Problems(pid, name, category, description, flag, value, hint=hint)
+	problem = Problems(pid, title, category, description, flag, value, hint=hint)
 	db.session.add(problem)
 	db.session.commit()
 
@@ -69,7 +69,7 @@ def problem_delete():
 @api_wrapper
 def problem_update():
 	pid = request.form["pid"]
-	name = request.form["name"]
+	title = request.form["title"]
 	category = request.form["category"]
 	description = request.form["description"]
 	hint = request.form["hint"]
@@ -78,7 +78,7 @@ def problem_update():
 
 	problem = Problems.query.filter_by(pid=pid).first()
 	if problem:
-		problem.name = name
+		problem.title = title
 		problem.category = category
 		problem.description = description
 		problem.hint = hint
@@ -111,11 +111,11 @@ def problem_submit():
 			db.session.add(problem)
 			db.session.commit()
 
-			logger.log(__name__, logger.WARNING, "%s has solved %s by submitting %s" % (team.name, problem.name, flag))
+			logger.log(__name__, logger.WARNING, "%s has solved %s by submitting %s" % (team.name, problem.title, flag))
 			return { "success": 1, "message": "Correct!" }
 
 		else:
-			logger.log(__name__, logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.name))
+			logger.log(__name__, logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.title))
 			raise WebException("Incorrect.")
 
 	else:
@@ -130,7 +130,7 @@ def problem_data():
 
 	for problem in problems:
 		problem_files = [ str(_file.location) for _file in Files.query.filter_by(pid=int(problem.pid)).all() ]
-		jason.append({"pid": problem[1], "name": problem[2] ,"category": problem[3], "description": problem[4], "hint": problem[5], "value": problem[6], "solves": problem[7], "files": problem_files})
+		jason.append({"pid": problem[1], "title": problem[2] ,"category": problem[3], "description": problem[4], "hint": problem[5], "value": problem[6], "solves": problem[7], "files": problem_files})
 
 	return jsonify(data=jason)
 
@@ -144,7 +144,7 @@ def insert_problem(data, force=False):
 			else:
 				raise InternalException("Problem already exists.")
 
-		insert = Problems(data["pid"], data["name"], data["category"], data["description"], data["value"])
+		insert = Problems(data["pid"], data["title"], data["category"], data["description"], data["value"])
 		if "hint" in data: insert.hint = data["hint"]
 		if "autogen" in data: insert.autogen = data["autogen"]
 		if "bonus" in data: insert.bonus = data["bonus"]
@@ -155,10 +155,10 @@ def insert_problem(data, force=False):
 
 	return True
 
-def get_problem(name=None, pid=None):
+def get_problem(title=None, pid=None):
 	match = {}
-	if name != None:
-		match.update({ "name": name })
+	if title != None:
+		match.update({ "title": title })
 	elif pid != None:
 		match.update({ "pid": pid })
 	with app.app_context():

From 19d9fe32eb118892b9dc44f2fce36a1a7fde12be Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 22:48:12 -0400
Subject: [PATCH 04/21] Implement grader scripts

---
 .gitignore                    |  1 +
 server/api/admin.py           |  2 +-
 server/api/models.py          |  5 ++---
 server/api/problem.py         | 19 +++++++++++++++----
 server/app.py                 |  4 +++-
 server/config.py              |  3 ++-
 web/js/admin.js               |  6 ++++++
 web/js/easyctf.js             | 28 ++++++++++++++++++++++++++++
 web/pages/admin/problems.html | 12 +++++-------
 9 files changed, 63 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index 3052973..06599fd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 .vagrant
 .secret_key
 .bundle/config
+graders/
 logs/
 files/
 pfp/
diff --git a/server/api/admin.py b/server/api/admin.py
index 68b65b7..d9e78f8 100644
--- a/server/api/admin.py
+++ b/server/api/admin.py
@@ -23,7 +23,7 @@ def problem_data():
 			"value": problem.value,
 			"threshold": problem.threshold,
 			"weightmap": problem.weightmap,
-			"flag": problem.flag
+			"grader_contents": open(problem.grader, "r").read()
 		})
 	problems_return.sort(key=lambda prob: prob["value"])
 	return { "success": 1, "problems": problems_return }
diff --git a/server/api/models.py b/server/api/models.py
index 0a5b34d..a872856 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -135,7 +135,6 @@ class Problems(db.Model):
 	pid = db.Column(db.String(32), primary_key=True, autoincrement=False)
 	title = db.Column(db.String(128))
 	category = db.Column(db.String(128))
-	flag = db.Column(db.String(128))
 	description = db.Column(db.Text)
 	value = db.Column(db.Integer)
 	hint = db.Column(db.Text)
@@ -143,13 +142,13 @@ class Problems(db.Model):
 	bonus = db.Column(db.Integer)
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
+	grader = db.Column(db.Text)
 
-	def __init__(self, pid, title, category, description, flag, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
+	def __init__(self, pid, title, category, description, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
 		self.pid = pid
 		self.title = title
 		self.category = category
 		self.description = description
-		self.flag = flag
 		self.value = value
 		self.hint = hint
 		self.autogen = autogen
diff --git a/server/api/problem.py b/server/api/problem.py
index 7f782e3..634b45a 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -20,8 +20,8 @@ def problem_add():
 	category = request.form["category"]
 	description = request.form["description"]
 	hint = request.form["hint"]
-	flag = request.form["flag"]
 	value = request.form["value"]
+	grader_contents = request.form["grader_contents"]
 	pid = utils.generate_string()
 	while Problems.query.filter_by(pid=pid).first():
 		pid = utils.generate_string()
@@ -30,7 +30,7 @@ def problem_add():
 	if title_exist:
 		raise WebException("Problem name already taken.")
 
-	problem = Problems(pid, title, category, description, flag, value, hint=hint)
+	problem = Problems(pid, title, category, description, value, hint=hint)
 	db.session.add(problem)
 	db.session.commit()
 
@@ -47,6 +47,14 @@ def problem_add():
 		db_file = Files(problem.pid, "/".join(file_path.split("/")[2:]))
 		db.session.add(db_file)
 
+	grader_folder = os.path.join(app.config["GRADER_FOLDER"], pid)
+	if not os.path.exists(grader_folder):
+		os.makedirs(grader_folder)
+	grader_path = os.path.join(grader_folder, "grader.py")
+	grader_file = open(grader_path, "w")
+	grader_file.write(grader_contents)
+	grader_file.close()
+	problem.grader = grader_path
 	db.session.commit()
 
 	return { "success": 1, "message": "Success!" }
@@ -73,8 +81,8 @@ def problem_update():
 	category = request.form["category"]
 	description = request.form["description"]
 	hint = request.form["hint"]
-	flag = request.form["flag"]
 	value = request.form["value"]
+	grader_contents = request.form["grader_contents"]
 
 	problem = Problems.query.filter_by(pid=pid).first()
 	if problem:
@@ -82,9 +90,12 @@ def problem_update():
 		problem.category = category
 		problem.description = description
 		problem.hint = hint
-		problem.flag = flag
 		problem.value = value
 
+		grader = open(problem.grader, "w")
+		grader.write(grader_contents)
+		grader.close()
+
 		db.session.add(problem)
 		db.session.commit()
 
diff --git a/server/app.py b/server/app.py
index ec403b2..6b4a282 100644
--- a/server/app.py
+++ b/server/app.py
@@ -18,6 +18,8 @@ app.config.from_object(config)
 
 if not os.path.exists(app.config["UPLOAD_FOLDER"]):
     os.makedirs(app.config["UPLOAD_FOLDER"])
+if not os.path.exists(app.config["GRADER_FOLDER"]):
+	os.makedirs(app.config["GRADER_FOLDER"])
 if not os.path.exists("pfp"):
 	os.makedirs("pfp")
 
@@ -117,4 +119,4 @@ def main():
 		parser.print_help()
 
 if __name__ == "__main__":
-	main()
\ No newline at end of file
+	main()
diff --git a/server/config.py b/server/config.py
index 44f2c2e..f1d7569 100644
--- a/server/config.py
+++ b/server/config.py
@@ -16,6 +16,7 @@ SQLALCHEMY_DATABASE_URI = "mysql://root:i_hate_passwords@localhost/easyctf"
 SQLALCHEMY_TRACK_MODIFICATIONS = False
 
 UPLOAD_FOLDER = os.path.normpath("../web/files")
+GRADER_FOLDER = os.path.normpath("graders")
 
 CTF_BEGIN = 0 # To be used later
 CTF_END = 0 # To be used later
@@ -24,4 +25,4 @@ MG_HOST = ""
 MG_API_KEY = ""
 ADMIN_EMAIL = ""
 
-PROBLEM_DIR = "../problems"
\ No newline at end of file
+PROBLEM_DIR = "../problems"
diff --git a/web/js/admin.js b/web/js/admin.js
index b3640ef..b700dd1 100644
--- a/web/js/admin.js
+++ b/web/js/admin.js
@@ -7,6 +7,8 @@ $(document).ready(function() {
 var create_problem = function() {
 	var input = "#new_problem_form input";
 	var data = $("#new_problem_form").serializeObject();
+	var grader_contents = ace.edit("new_grader").getValue();
+	data["grader_contents"] = grader_contents;
 	$(input).attr("disabled", "disabled");
 	api_call("POST", "/api/problem/add", data, function(result) {
 		if (result["success"] == 1) {
@@ -30,6 +32,10 @@ var update_problem = function(form_id) {
 	var input = "#" + form_id + " input";
 	var data = $("#" + form_id).serializeObject();
 	pid = data["pid"];
+
+	var grader_contents = ace.edit(pid + "_grader").getValue();
+	data["grader_contents"] = grader_contents;
+
 	$(input).attr("disabled", "disabled");
 	api_call("POST", "/api/problem/update", data, function(result) {
 		if (result["success"] == 1) {
diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index 0f290c9..afa9f86 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -216,6 +216,34 @@ app.controller("adminProblemsController", ["$controller", "$scope", "$http", fun
 			$scope.problems = [];
 		}
 		$scope.$apply();
+		$scope.problems.forEach(function(problem) {
+			
+			$(".selectpicker").selectpicker();
+			var config = {
+				toolbar: [
+					{ name: "basicstyles", items: [ "Bold", "Italic", "Underline" ] },
+					{ name: "links", items: [ "Link" ] },
+					{ name: "paragraph", items: [ "NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", "Blockquote" ] },
+					{ name: "tools", items: [ "Maximize" ] },
+					{ name: "document", items: [ "Source" ] },
+				]
+			};
+			var editor = new EpicEditor({
+				container: "new_grader",
+				theme: {
+					base: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/base/epiceditor.css",
+					preview: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/preview/github.css",
+					editor: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/editor/epic-light.css"
+				},
+				button: {
+					bar: "show"
+				}
+			}).load();
+			var grader = ace.edit(problem.pid + "_grader");
+			grader.setTheme("ace/theme/tomorrow");
+			grader.getSession().setMode("ace/mode/python");
+			grader.setValue(problem.grader_contents);
+		});
 	});
 }]);
 
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index ec4d7dc..3fb183f 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -14,7 +14,7 @@
 
 <div class="row"> <div class="tabbable"> <ul class="nav nav-pills nav-stacked col-md-3">
 			<li class="active"><a data-target="#new" data-toggle="tab">New</a></li>
-			<li ng-repeat="problem in problems"><a data-target="#problem_{{ problem['pid'] }}" data-toggle="tab">{{ problem["name"] }} ({{ problem["value"] }} points)</a></li>
+			<li ng-repeat="problem in problems"><a data-target="#problem_{{ problem['pid'] }}" data-toggle="tab">{{ problem["title"] }} ({{ problem["value"] }} points)</a></li>
 		</ul>
 		<div class="tab-content col-md-9">
 			<div class="tab-pane active" id="new">
@@ -25,7 +25,7 @@
 					<div class="panel-body">
 						<div id="add-status"></div>
 						<form class="form-horizontal" onsubmit="create_problem(); return false;" id="new_problem_form">
-							<input class="form-control" name="name" placeholder="Name" required/>
+							<input class="form-control" name="title" placeholder="Name" required/>
 							<br>
 							<textarea class="form-control" name="description" placeholder="Description" required autocomplete="off"/>
 							<br>
@@ -35,8 +35,6 @@
 							<br>
 							<input class="form-control" name="value" type="number" placeholder="Problem Value" required autocomplete="off"/>
 							<br>
-							<input class="form-control" name="flag" placeholder="Flag" required/>
-							<br>
 							<div id="new_grader"></div>
 							<br>
 							<input type="submit" id="create-problem" class="btn btn-success" value="Create"/>
@@ -47,13 +45,13 @@
 			<div class="tab-pane" ng-repeat="problem in problems" id="problem_{{ problem['pid'] }}">
 				<div class="panel panel-default">
 					<div class="panel-heading">
-						<h4 class="panel-title">{{ problem["name"] }}</h4>
+						<h4 class="panel-title">{{ problem["title"] }}</h4>
 					</div>
 					<div class="panel-body">
 						<div id="{{ problem['pid'] }}_status"/>
 						<form class="form-horizontal" onsubmit="update_problem(this.id); return false;" id="update_{{ problem['pid'] }}">
 							<input type="hidden" name="pid" value="{{ problem['pid'] }}"/>
-							<input class="form-control" name="name" value="{{ problem['name'] }}" required/>
+							<input class="form-control" name="title" value="{{ problem['title'] }}" required/>
 							<br>
 							<textarea class="form-control" name="description" required autocomplete="off">{{ problem["description"] }}</textarea>
 							<br>
@@ -63,7 +61,7 @@
 							<br>
 							<input class="form-control" type="number" name="value" value="{{ problem['value'] }}" required/>
 							<br>
-							<input class="form-control" name="flag" value="{{ problem['flag'] }}" required/>
+							<div id="{{ problem['pid'] }}_grader"></div>
 							<br>
 							<input type="submit" class="btn btn-success" value="Update"/>
 							<input onclick="delete_problem(this.closest('form').id); return false;" class="btn btn-danger" value="Delete"/>

From a94df0dd49434904a365707989604d085eca3dc1 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 22:54:47 -0400
Subject: [PATCH 05/21] Delete graders when deleting problems

---
 server/api/problem.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/server/api/problem.py b/server/api/problem.py
index 634b45a..b36af60 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -1,6 +1,7 @@
 import hashlib
 import logger
 import os
+import shutil
 import utils
 
 from flask import Blueprint, jsonify, session, request
@@ -68,6 +69,8 @@ def problem_delete():
 	if problem:
 		Solves.query.filter_by(pid=pid).delete()
 		Problems.query.filter_by(pid=pid).delete()
+		grader_folder = "/".join(problem.grader.split("/")[:-1])
+		shutil.rmtree(grader_folder)
 		db.session.commit()
 		return { "success": 1, "message": "Success!" }
 	raise WebException("Problem does not exist!")

From 765f6e0ec15db7272606c42e7388c5f672c44e5e Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Thu, 7 Apr 2016 23:41:35 -0400
Subject: [PATCH 06/21] Show confirm dialog before deleting problem

---
 web/js/admin.js               | 36 +++++++++++++++++++----------------
 web/pages/admin/problems.html | 12 ++++++++++++
 2 files changed, 32 insertions(+), 16 deletions(-)

diff --git a/web/js/admin.js b/web/js/admin.js
index b700dd1..ad4e3a5 100644
--- a/web/js/admin.js
+++ b/web/js/admin.js
@@ -56,23 +56,27 @@ var update_problem = function(form_id) {
 };
 
 var delete_problem = function(form_id) {
-	var input = "#" + form_id + " input";
-	var pid = form_id.split("_")[1];
-	$(input).attr("disabled", "disabled");
-	api_call("POST", "/api/problem/delete", {"pid": pid}, function(result) {
-		if (result["success"] == 1) {
-			display_message(pid + "_status", "success", result["message"], function() {
+	$('#confirm').modal("show", { backdrop: 'static', keyboard: false })
+        .one('click', '#delete', function() {
+		var input = "#" + form_id + " input";
+		var pid = form_id.split("_")[1];
+		$(input).attr("disabled", "disabled");
+		api_call("POST", "/api/problem/delete", {"pid": pid}, function(result) {
+			if (result["success"] == 1) {
+				display_message(pid + "_status", "success", result["message"], function() {
+					$(input).removeAttr("disabled");
+				});
+			} else {
+				display_message(pid + "_status", "danger", result["message"], function() {
+					$(input).removeAttr("disabled");
+				});
+			}
+		}, function(jqXHR, status, error) {
+			var result = jqXHR["responseText"];
+			display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
 				$(input).removeAttr("disabled");
 			});
-		} else {
-			display_message(pid + "_status", "danger", result["message"], function() {
-				$(input).removeAttr("disabled");
-			});
-		}
-	}, function(jqXHR, status, error) {
-		var result = jqXHR["responseText"];
-		display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
-			$(input).removeAttr("disabled");
 		});
-	});
+
+        });
 }
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index 3fb183f..cc318f8 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -73,6 +73,18 @@
 	</div>
 </div>
 
+<div id="confirm" class="modal fade">
+	<div class="modal-dialog">
+		<div class="modal-content">
+			<div class="modal-body">Are you sure you want to delete this problem?</div>
+			<div class="modal-footer">
+				<button type="button" data-dismiss="modal" class="btn btn-primary" id="delete">Delete</button>
+				<button type="button" data-dismiss="modal" class="btn">Cancel</button>
+			</div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 	$(document).ready(function() {
 		$(".selectpicker").selectpicker();

From 5b549e0e70da50f36db0a4e3a71dfe6b1f77d2ea Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Fri, 8 Apr 2016 10:57:36 -0400
Subject: [PATCH 07/21] Fix team registration

---
 server/api/team.py | 3 +--
 server/api/user.py | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/server/api/team.py b/server/api/team.py
index cbde6be..a2bad53 100644
--- a/server/api/team.py
+++ b/server/api/team.py
@@ -29,15 +29,14 @@ def team_create():
 	school = params.get("school")
 
 	team = Teams(teamname, school, _user.uid, _user.utype != 1)
-	tid = team.tid
 	with app.app_context():
 		db.session.add(team)
 		db.session.commit()
 		Users.query.filter_by(uid=_user.uid).update({ "tid": team.tid })
 		db.session.commit()
+		session["tid"] = team.tid
 		db.session.close()
 
-		session["tid"] = team.tid
 	return { "success": 1, "message": "Success!" }
 
 @blueprint.route("/delete", methods=["POST"])
diff --git a/server/api/user.py b/server/api/user.py
index 93b56b1..9a9acbf 100644
--- a/server/api/user.py
+++ b/server/api/user.py
@@ -133,7 +133,7 @@ def user_status():
 		"logged_in": logged_in,
 		"admin": is_admin(),
 		"competition": is_admin(),
-		"in_team": in_team(get_user()),
+		"in_team": in_team(get_user().first()),
 		"username": session["username"] if logged_in else "",
 	}
 	if logged_in:

From bc6c1247e1fba44b8d51be8c29b046be7f139ef1 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sat, 16 Apr 2016 20:01:21 -0400
Subject: [PATCH 08/21] Rudimentary implementation of config interface

---
 server/api/__init__.py        |  1 +
 server/api/admin.py           | 12 ++++++++++++
 server/api/models.py          |  9 +++++++++
 server/api/settings.py        | 36 +++++++++++++++++++++++++++++++++++
 server/app.py                 |  3 ++-
 server/config.py              |  3 ---
 web/js/easyctf.js             | 14 ++++++++++++++
 web/pages/admin/settings.html | 33 ++++++++++++++++++++++++++++++++
 web/pages/settings.html       |  2 +-
 9 files changed, 108 insertions(+), 5 deletions(-)
 create mode 100644 server/api/settings.py
 create mode 100644 web/pages/admin/settings.html

diff --git a/server/api/__init__.py b/server/api/__init__.py
index 4c362a8..a52d0a0 100644
--- a/server/api/__init__.py
+++ b/server/api/__init__.py
@@ -3,6 +3,7 @@ import logger
 import models
 import problem
 import user
+import settings
 import stats
 import team
 import utils
diff --git a/server/api/admin.py b/server/api/admin.py
index d9e78f8..f79a2e0 100644
--- a/server/api/admin.py
+++ b/server/api/admin.py
@@ -3,6 +3,8 @@ from decorators import admins_only, api_wrapper
 from models import db, Problems, Files
 from schemas import verify_to_schema, check
 
+import settings
+
 import cPickle as pickle
 
 blueprint = Blueprint("admin", __name__)
@@ -28,6 +30,16 @@ def problem_data():
 	problems_return.sort(key=lambda prob: prob["value"])
 	return { "success": 1, "problems": problems_return }
 
+@blueprint.route("/settings", methods=["GET"])
+@api_wrapper
+@admins_only
+def settings_data():
+	# data = settings.get_all()
+	settings_return = {}
+	settings_return["ctf_begin"] = settings.get("ctf_begin")
+	settings_return["ctf_end"] = settings.get("ctf_end")
+	return { "success": 1, "settings": settings_return }
+
 """
 @blueprint.route("/problems/submit", methods=["POST"])
 @api_wrapper
diff --git a/server/api/models.py b/server/api/models.py
index a872856..2366a22 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -211,3 +211,12 @@ class TeamInvitations(db.Model):
 		self.rtype = rtype
 		self.frid = frid
 		self.toid = toid
+
+class Settings(db.Model):
+	sid = db.Column(db.Integer, primary_key=True)
+	key = db.Column(db.Text, unique=True)
+	value = db.Column(db.Text)
+
+	def __init__(self, key, value):
+		self.key = key
+		self.value = value
diff --git a/server/api/settings.py b/server/api/settings.py
new file mode 100644
index 0000000..358ee97
--- /dev/null
+++ b/server/api/settings.py
@@ -0,0 +1,36 @@
+from flask import Blueprint, request
+
+from models import db, Settings
+from decorators import admins_only, api_wrapper, WebException
+
+blueprint = Blueprint("setting", __name__)
+
+@blueprint.route("/update", methods=["POST"])
+@admins_only
+@api_wrapper
+def update_setting():
+	for key in request.form.keys():
+		value = request.form[key]
+		set(key, value)
+	return { "success": 1, "message": "Success!" }
+
+def set(key, value):
+	setting = Settings.query.filter_by(key=key).first()
+	if setting:
+		setting.value = value
+	else:
+		setting = Settings(key, value)
+		db.session.add(setting)
+	db.session.commit()
+	return setting
+
+def get_all():
+	settings = {}
+	for setting in Settings.query.all():
+		settings[setting.key] = setting.value
+
+def get(key):
+	setting = Settings.query.filter_by(key=key).first()
+	if setting:
+		return setting.value
+	return set(key, None)
diff --git a/server/app.py b/server/app.py
index 6b4a282..43a22d6 100644
--- a/server/app.py
+++ b/server/app.py
@@ -24,7 +24,7 @@ if not os.path.exists("pfp"):
 	os.makedirs("pfp")
 
 with app.app_context():
-	from api.models import db, Files, Teams, Problems, Solves, Users
+	from api.models import db, Files, Teams, Problems, Settings, Solves, Users
 	db.init_app(app)
 	db.create_all()
 
@@ -34,6 +34,7 @@ app.secret_key = config.SECRET_KEY
 
 app.register_blueprint(api.admin.blueprint, url_prefix="/api/admin")
 app.register_blueprint(api.problem.blueprint, url_prefix="/api/problem")
+app.register_blueprint(api.settings.blueprint, url_prefix="/api/settings")
 app.register_blueprint(api.stats.blueprint, url_prefix="/api/stats")
 app.register_blueprint(api.team.blueprint, url_prefix="/api/team")
 app.register_blueprint(api.user.blueprint, url_prefix="/api/user")
diff --git a/server/config.py b/server/config.py
index f1d7569..ab757b0 100644
--- a/server/config.py
+++ b/server/config.py
@@ -18,9 +18,6 @@ SQLALCHEMY_TRACK_MODIFICATIONS = False
 UPLOAD_FOLDER = os.path.normpath("../web/files")
 GRADER_FOLDER = os.path.normpath("graders")
 
-CTF_BEGIN = 0 # To be used later
-CTF_END = 0 # To be used later
-
 MG_HOST = ""
 MG_API_KEY = ""
 ADMIN_EMAIL = ""
diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index afa9f86..72c8d32 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -68,6 +68,10 @@ app.config(function($routeProvider, $locationProvider) {
 		templateUrl: "pages/admin/problems.html",
 		controller: "adminProblemsController"
 	})
+	.when("/admin/settings", {
+		templateUrl: "pages/admin/settings.html",
+		controller: "adminSettingsController"
+	})
 	.otherwise({
 		templateUrl: "pages/404.html",
 		controller: "mainController"
@@ -247,6 +251,16 @@ app.controller("adminProblemsController", ["$controller", "$scope", "$http", fun
 	});
 }]);
 
+app.controller("adminSettingsController", ["$controller", "$scope", "$http", function($controller, $scope, $http) {
+	$controller("adminController", { $scope: $scope });
+	api_call("GET", "/api/admin/settings", {}, function(result) {
+		if (result["success"] == 1) {
+			$scope.settings = result["settings"];
+		}
+		$scope.$apply();
+	});
+}]);
+
 app.controller("settingsController", ["$controller", "$scope", "$http", function($controller, $scope, $http) {
 	$controller("loginController", { $scope: $scope });
 	api_call("GET", "/api/user/info", {}, function(result) {
diff --git a/web/pages/admin/settings.html b/web/pages/admin/settings.html
new file mode 100644
index 0000000..712497e
--- /dev/null
+++ b/web/pages/admin/settings.html
@@ -0,0 +1,33 @@
+<div>
+	<h1>CTF Settings</h1>
+	<div ng-if="settings">
+		<div id="settings_msg"/>
+		<form class="form-horizontal" onsubmit="update_settings(); return false;" id="update_settings_form">
+			<input class="form-control" name="ctf_begin" value="{{ settings['ctf_begin'] }}"/>
+			<br>
+			<input class="form-control" name="ctf_end" value="{{ settings['ctf_end'] }}"/>
+			<br>
+			<input type="submit" class="btn btn-success" value="Update"/>
+		</form>
+	</div>
+</div>
+
+<script>
+var update_settings = function() {
+	var input = "#update_settings_form form input";
+	var data = $("#update_settings_form").serializeObject();
+	$(input).attr("disabled", "disabled");
+	api_call("POST", "/api/settings/update", data, function(result) {
+		if (result["success"] == 1) {
+			display_message("settings_msg", "success", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		} else {
+			display_message("settings_msg", "danger", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+			console.log(result["error"]);
+		}
+	});
+}
+</script>
diff --git a/web/pages/settings.html b/web/pages/settings.html
index d2bc0fe..39e61a7 100644
--- a/web/pages/settings.html
+++ b/web/pages/settings.html
@@ -189,4 +189,4 @@
 			document.getElementById("file").addEventListener("change", uploadListener, false);
 		};
 	});
-</script>
\ No newline at end of file
+</script>

From 34fe70600b58fe66e39d612b58c52e2756dc0eb6 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sat, 16 Apr 2016 22:15:57 -0400
Subject: [PATCH 09/21] Implement problem viewing and problem submitting

---
 server/api/logger.py    |  2 +-
 server/api/models.py    |  5 ++--
 server/api/problem.py   | 46 ++++++++++++++++++----------
 web/js/easyctf.js       | 14 +++++++++
 web/pages/problems.html | 66 +++++++++++++++++++++++++++++++++++++++--
 5 files changed, 110 insertions(+), 23 deletions(-)

diff --git a/server/api/logger.py b/server/api/logger.py
index 1d886b7..81cd451 100644
--- a/server/api/logger.py
+++ b/server/api/logger.py
@@ -31,4 +31,4 @@ def initialize_logs():
 def log(logname, message, level=INFO):
 	logger = logging.getLogger(logname)
 	message = "[%s] %s" % (datetime.datetime.now().strftime("%m/%d/%Y %X"), message)
-	logger.log(level, message)
\ No newline at end of file
+	logger.log(level, message)
diff --git a/server/api/models.py b/server/api/models.py
index 2366a22..7bb3cb0 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -166,9 +166,8 @@ class Files(db.Model):
 		self.location = location
 
 class Solves(db.Model):
-	__table_args__ = (db.UniqueConstraint("pid", "tid"), {})
 	sid = db.Column(db.Integer, primary_key=True)
-	pid = db.Column(db.Integer)
+	pid = db.Column(db.String(32))
 	tid = db.Column(db.Integer)
 	date = db.Column(db.Integer, default=utils.get_time_since_epoch())
 	correct = db.Column(db.Boolean)
@@ -214,7 +213,7 @@ class TeamInvitations(db.Model):
 
 class Settings(db.Model):
 	sid = db.Column(db.Integer, primary_key=True)
-	key = db.Column(db.Text, unique=True)
+	key = db.Column(db.Text)
 	value = db.Column(db.Text)
 
 	def __init__(self, key, value):
diff --git a/server/api/problem.py b/server/api/problem.py
index b36af60..8f639e2 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -1,4 +1,5 @@
 import hashlib
+import imp
 import logger
 import os
 import shutil
@@ -115,38 +116,51 @@ def problem_submit():
 
 	problem = Problems.query.filter_by(pid=pid).first()
 	team = Teams.query.filter_by(tid=tid).first()
+	solved = Solves.query.filter_by(pid=pid, tid=tid, correct=1).first()
+	if solved:
+		raise WebException("You already solved this problem.")
 	if problem:
-		if flag == problem.flag:
-			solve = Solves(pid, tid)
-			team.score += problem.value
-			problem.solves += 1
+		grader = imp.load_source("grader.py", problem.grader)
+		if grader.grade(flag):
+			solve = Solves(pid, tid, flag, True)
 			db.session.add(solve)
-			db.session.add(team)
-			db.session.add(problem)
 			db.session.commit()
 
-			logger.log(__name__, logger.WARNING, "%s has solved %s by submitting %s" % (team.name, problem.title, flag))
+			logger.log(__name__, "%s has solved %s by submitting %s" % (team.teamname, problem.title, flag), level=logger.WARNING)
 			return { "success": 1, "message": "Correct!" }
 
 		else:
-			logger.log(__name__, logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.title))
+			solve = Solves(pid, tid, flag, False)
+			db.session.add(solve)
+			db.session.commit()
+			logger.log(__name__, "%s has incorrectly submitted %s to %s" % (team.teamname, flag, problem.title), level=logger.WARNING)
 			raise WebException("Incorrect.")
 
 	else:
 		raise WebException("Problem does not exist!")
 
-@blueprint.route("/data", methods=["POST"])
-#@api_wrapper # Disable atm due to json serialization issues: will fix
+@blueprint.route("/data", methods=["GET"])
 @login_required
+@api_wrapper
 def problem_data():
-	problems = Problems.query.add_columns("pid", "name", "category", "description", "hint", "value", "solves").order_by(Problems.value).filter_by(disabled=False).all()
-	jason = []
+	problems = Problems.query.order_by(Problems.value).all()
+	problems_return = []
 
 	for problem in problems:
-		problem_files = [ str(_file.location) for _file in Files.query.filter_by(pid=int(problem.pid)).all() ]
-		jason.append({"pid": problem[1], "title": problem[2] ,"category": problem[3], "description": problem[4], "hint": problem[5], "value": problem[6], "solves": problem[7], "files": problem_files})
-
-	return jsonify(data=jason)
+		solves = Solves.query.filter_by(pid=problem.pid, correct=1).count()
+		solved = Solves.query.filter_by(pid=problem.pid, tid=session.get("tid", None), correct=1)
+		solved = ["Solved", "Unsolved"][solved is None]
+		problems_return.append({
+			"pid": problem.pid,
+			"title": problem.title,
+			"category": problem.category,
+			"description": problem.description,
+			"hint": problem.hint,
+			"value": problem.value,
+			"solves": solves,
+			"solved": solved
+		})
+	return { "success": 1, "problems": problems_return }
 
 def insert_problem(data, force=False):
 	with app.app_context():
diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index 72c8d32..b51deb9 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -48,6 +48,10 @@ app.config(function($routeProvider, $locationProvider) {
 		templateUrl: "pages/settings.html",
 		controller: "settingsController"
 	})
+	.when("/problems", {
+		templateUrl: "pages/problems.html",
+		controller: "problemsController"
+	})
 	.when("/forgot", {
 		templateUrl: "pages/forgot.html",
 		controller: "resetController"
@@ -271,6 +275,16 @@ app.controller("settingsController", ["$controller", "$scope", "$http", function
 	});
 }]);
 
+app.controller("problemsController", ["$controller", "$scope", "$http", function($controller, $scope, $http) {
+	$controller("loginController", { $scope: $scope });
+	api_call("GET", "/api/problem/data", {}, function(result) {
+		if (result["success"] == 1) {
+			$scope.problems = result["problems"];
+		}
+		$scope.$apply();
+	});
+}]);
+
 $.fn.serializeObject = function() {
 	var a, o;
 	o = {};
diff --git a/web/pages/problems.html b/web/pages/problems.html
index 614ed91..e189f66 100644
--- a/web/pages/problems.html
+++ b/web/pages/problems.html
@@ -5,7 +5,67 @@
   3) remove these instructions (:P)
 -->
 <div class="fade_in">
-    <h1 class="heading1 text-center">Problems</h1>
-    <div id="problems"></div>
+	<h1 class="text-center">Problems</h1>
+	<div ng-repeat="problem in problems">
+		<div class="panel-group">
+			<div class="panel panel-default">
+				<div class="panel-heading" data-toggle="collapse" data-target="#{{ problem['pid'] }}_body">
+					<h4 class="panel-title">
+						{{ problem["title"] }} {{ problem["value"] }} points
+						<div class="pull-right">{{ problem["category"] }} - {{ problem["solved"] }} ({{ problem["solves"] }} {{ problem["solves"] === 1 ? "solve" : "solves" }})</div>
+					</h4>
+				</div>
+				<div id="{{ problem['pid'] }}_body" class="panel-collapse collapse">
+					<div class="panel-body">
+						<div hidden id="{{ problem['pid'] }}_hint">{{ problem['hint'] }}</div>
+						<div hidden id="{{ problem['pid'] }}_status"/>
+						{{ problem["description"] }}
+					</div>
+					<form id="{{ problem['pid'] }}_form" class="horizontal-form" onsubmit="submit_problem(this.id); return false;">
+						<div class="input-group">
+							<input hidden name="pid" value="{{ problem['pid'] }}"/>
+							<input class="form-control" name="flag" placeholder="Flag"/>
+							<span class="input-group-btn">
+								<input onclick="toggle_hint(this.closest('form').id); return false;" type="button" class="btn btn-success" value="Hint"/>
+							</span>
+							<span class="input-group-btn">
+								<input type="submit" class="btn btn-success" value="Submit"/>
+							</span>
+						</div>
+					</form>
+				</div>
+			</div>
+		</div>
+	</div>
 </div>
-<script src="js/problems.js">
+
+<script>
+var toggle_hint = function(form) {
+	pid = form.split("_")[0];
+	$("#" + pid + "_hint").slideToggle("fast", function() {});
+}
+
+var submit_problem = function(form) {
+	var input = "#" + form + " input";
+	var data = $("#" + form).serializeObject();
+	pid = data["pid"];
+	$(input).attr("disabled", "disabed");
+	api_call("POST", "/api/problem/submit", data, function(result) {
+		if (result["success"] == 1) {
+			display_message(pid + "_status", "success", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		} else {
+			display_message(pid + "_status", "danger", result["message"], function() {
+				$(input).removeAttr("disabled");
+			});
+		}
+		console.log(result["error"]);
+	}, function(jqXHR, status, error) {
+		var result = jqXHR["responseText"];
+		display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
+			$(input).removeAttr("disabled");
+		});
+	});
+}
+</script>

From db91af5d828dd44506448f8d5b7778b070821176 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sat, 16 Apr 2016 22:19:04 -0400
Subject: [PATCH 10/21] Store date as Text, not Integer

---
 server/api/models.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/api/models.py b/server/api/models.py
index 7bb3cb0..e29314b 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -169,7 +169,7 @@ class Solves(db.Model):
 	sid = db.Column(db.Integer, primary_key=True)
 	pid = db.Column(db.String(32))
 	tid = db.Column(db.Integer)
-	date = db.Column(db.Integer, default=utils.get_time_since_epoch())
+	date = db.Column(db.Text, default=utils.get_time_since_epoch())
 	correct = db.Column(db.Boolean)
 	flag = db.Column(db.Text)
 

From aa4f19d9769111665632159d1ff9bacf88b38b85 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sat, 16 Apr 2016 22:45:14 -0400
Subject: [PATCH 11/21] Add grader blueprint

---
 web/pages/admin/problems.html | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index cc318f8..7050fb2 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -111,5 +111,14 @@
 		var new_grader = ace.edit("new_grader");
 		new_grader.setTheme("ace/theme/tomorrow");
 		new_grader.getSession().setMode("ace/mode/python");
+		new_grader.setValue(
+			'flag = "easyctf{FLAG}"\n\n'+
+			'def grade(candidate):\n'+
+			'    if candidate == flag:\n'+
+			'        return True, "Correct!"\n'+
+			'    return False, "Incorrect."\n\n'+
+			'# Return True if the flag is correct, False otherwise, along with\n'+
+			'# a corresponding message to send to the user.'
+		);
 	});
 </script>

From d3371e5417052319c81ebba1287bbb53dfe50913 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sun, 17 Apr 2016 08:58:32 -0400
Subject: [PATCH 12/21] Check for syntax errors in new graders

---
 server/api/problem.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/server/api/problem.py b/server/api/problem.py
index 8f639e2..d1d0f6b 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -32,6 +32,11 @@ def problem_add():
 	if title_exist:
 		raise WebException("Problem name already taken.")
 
+	try:
+		exec(grader_contents)
+	except Exception, e:
+		raise WebException("There is a syntax error in the grader: %s" % e)
+
 	problem = Problems(pid, title, category, description, value, hint=hint)
 	db.session.add(problem)
 	db.session.commit()
@@ -87,6 +92,10 @@ def problem_update():
 	hint = request.form["hint"]
 	value = request.form["value"]
 	grader_contents = request.form["grader_contents"]
+	try:
+		exec(grader_contents)
+	except Exception, e:
+		raise WebException("There is a syntax error in the grader: %s" % e)
 
 	problem = Problems.query.filter_by(pid=pid).first()
 	if problem:

From bc13bdce80c7a0b98c9aaf204b9f2260ede9bd4c Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sun, 17 Apr 2016 09:27:46 -0400
Subject: [PATCH 13/21] Add support for custom responses in the grader

---
 server/api/problem.py | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/server/api/problem.py b/server/api/problem.py
index d1d0f6b..821e68f 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -128,22 +128,22 @@ def problem_submit():
 	solved = Solves.query.filter_by(pid=pid, tid=tid, correct=1).first()
 	if solved:
 		raise WebException("You already solved this problem.")
-	if problem:
-		grader = imp.load_source("grader.py", problem.grader)
-		if grader.grade(flag):
-			solve = Solves(pid, tid, flag, True)
-			db.session.add(solve)
-			db.session.commit()
 
+	if problem:
+		grader = imp.load_source("grader", problem.grader)
+		correct, response = grader.grade(flag)
+
+		solve = Solves(pid, tid, flag, correct)
+		db.session.add(solve)
+		db.session.commit()
+
+		if correct:
 			logger.log(__name__, "%s has solved %s by submitting %s" % (team.teamname, problem.title, flag), level=logger.WARNING)
-			return { "success": 1, "message": "Correct!" }
+			return { "success": 1, "message": response }
 
 		else:
-			solve = Solves(pid, tid, flag, False)
-			db.session.add(solve)
-			db.session.commit()
 			logger.log(__name__, "%s has incorrectly submitted %s to %s" % (team.teamname, flag, problem.title), level=logger.WARNING)
-			raise WebException("Incorrect.")
+			raise WebException(response)
 
 	else:
 		raise WebException("Problem does not exist!")

From dbeb86edbca78a458337a54f73027f9d5e9be506 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sun, 17 Apr 2016 21:30:49 -0400
Subject: [PATCH 14/21] Fix bug where new grader editor would be uneditable

---
 web/js/easyctf.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index b51deb9..681d49c 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -237,7 +237,7 @@ app.controller("adminProblemsController", ["$controller", "$scope", "$http", fun
 				]
 			};
 			var editor = new EpicEditor({
-				container: "new_grader",
+				container: problem.pid + "_grader",
 				theme: {
 					base: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/base/epiceditor.css",
 					preview: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/preview/github.css",

From 398b413095eb92985b7f14218f8d8f3a426c71ec Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sun, 17 Apr 2016 22:37:01 -0400
Subject: [PATCH 15/21] Remove obsolete EpicEditor javascript

---
 web/js/easyctf.js             | 22 ----------------------
 web/pages/admin/problems.html | 21 ---------------------
 2 files changed, 43 deletions(-)

diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index 681d49c..2ed8b06 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -225,28 +225,6 @@ app.controller("adminProblemsController", ["$controller", "$scope", "$http", fun
 		}
 		$scope.$apply();
 		$scope.problems.forEach(function(problem) {
-			
-			$(".selectpicker").selectpicker();
-			var config = {
-				toolbar: [
-					{ name: "basicstyles", items: [ "Bold", "Italic", "Underline" ] },
-					{ name: "links", items: [ "Link" ] },
-					{ name: "paragraph", items: [ "NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", "Blockquote" ] },
-					{ name: "tools", items: [ "Maximize" ] },
-					{ name: "document", items: [ "Source" ] },
-				]
-			};
-			var editor = new EpicEditor({
-				container: problem.pid + "_grader",
-				theme: {
-					base: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/base/epiceditor.css",
-					preview: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/preview/github.css",
-					editor: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/editor/epic-light.css"
-				},
-				button: {
-					bar: "show"
-				}
-			}).load();
 			var grader = ace.edit(problem.pid + "_grader");
 			grader.setTheme("ace/theme/tomorrow");
 			grader.getSession().setMode("ace/mode/python");
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index 7050fb2..9c253b1 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -87,27 +87,6 @@
 
 <script type="text/javascript">
 	$(document).ready(function() {
-		$(".selectpicker").selectpicker();
-		var config = {
-			toolbar: [
-				{ name: "basicstyles", items: [ "Bold", "Italic", "Underline" ] },
-				{ name: "links", items: [ "Link" ] },
-				{ name: "paragraph", items: [ "NumberedList", "BulletedList", "-", "Outdent", "Indent", "-", "Blockquote" ] },
-				{ name: "tools", items: [ "Maximize" ] },
-				{ name: "document", items: [ "Source" ] },
-			]
-		};
-		var editor = new EpicEditor({
-			container: "new_grader",
-			theme: {
-				base: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/base/epiceditor.css",
-				preview: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/preview/github.css",
-				editor: "https://cdnjs.cloudflare.com/ajax/libs/epiceditor/0.2.2/themes/editor/epic-light.css"
-			},
-			button: {
-				bar: "show"
-			}
-		}).load();
 		var new_grader = ace.edit("new_grader");
 		new_grader.setTheme("ace/theme/tomorrow");
 		new_grader.getSession().setMode("ace/mode/python");

From c38ad5611de2e575a7f7d055cb6fe418948b0888 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Sun, 17 Apr 2016 22:39:04 -0400
Subject: [PATCH 16/21] Implement bonus points

---
 server/api/models.py  | 17 +++++++++++++----
 server/api/problem.py | 10 ++++++++++
 server/api/stats.py   |  2 +-
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/server/api/models.py b/server/api/models.py
index e29314b..70f6d09 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -71,8 +71,18 @@ class Teams(db.Model):
 		return members
 
 	def points(self):
-		""" TODO: Implement scoring with Bonus Points """
-		return 0
+		bonuses = [5, 3, 1] # TODO: Make this a setting in the web interface
+		points = 0
+
+		# TODO: use joins
+		solves = Solves.query.filter_by(tid=self.tid).all()
+		for solve in solves:
+			problem = Problems.query.filter_by(pid=solve.pid).first()
+			multiplier = 1
+			if solve.bonus != -1:
+				multiplier += bonuses[solve.bonus-1]/100.0
+			points += round(problem.value*multiplier)
+		return points
 
 	def place(self, ranked=True):
 		# score = db.func.sum(Problems.value).label("score")
@@ -139,7 +149,6 @@ class Problems(db.Model):
 	value = db.Column(db.Integer)
 	hint = db.Column(db.Text)
 	autogen = db.Column(db.Boolean)
-	bonus = db.Column(db.Integer)
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
 	grader = db.Column(db.Text)
@@ -152,7 +161,6 @@ class Problems(db.Model):
 		self.value = value
 		self.hint = hint
 		self.autogen = autogen
-		self.bonus = bonus
 		self.threshold = threshold
 		self.weightmap = weightmap
 
@@ -172,6 +180,7 @@ class Solves(db.Model):
 	date = db.Column(db.Text, default=utils.get_time_since_epoch())
 	correct = db.Column(db.Boolean)
 	flag = db.Column(db.Text)
+	bonus = db.Column(db.Integer) # 1 for first solve, 2 for second, etc.
 
 	def __init__(self, pid, tid, flag, correct):
 		self.pid = pid
diff --git a/server/api/problem.py b/server/api/problem.py
index 821e68f..34faf7c 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -138,6 +138,16 @@ def problem_submit():
 		db.session.commit()
 
 		if correct:
+			# Wait until after the solve has been added to the database before adding bonus
+			solves = Solves.query.filter_by(pid=pid, correct=1).count()
+			if solves < 4:
+				bonus = solves
+			else:
+				bonus = -1
+			solve.bonus = bonus
+			db.session.add(solve)
+			db.session.commit()
+
 			logger.log(__name__, "%s has solved %s by submitting %s" % (team.teamname, problem.title, flag), level=logger.WARNING)
 			return { "success": 1, "message": response }
 
diff --git a/server/api/stats.py b/server/api/stats.py
index 1b9c88f..aeeb51f 100644
--- a/server/api/stats.py
+++ b/server/api/stats.py
@@ -22,4 +22,4 @@ def all_teams_stats():
 			"school": _team.school,
 			"points": _team.points()
 		})
-	return { "success": 1, "scoreboard": result }
\ No newline at end of file
+	return { "success": 1, "scoreboard": result }

From 720fcd40d46474cab3d8fef1e98ca40fe0058156 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Mon, 18 Apr 2016 16:29:33 -0400
Subject: [PATCH 17/21] Implement different solve bonuses

---
 server/api/admin.py           |  3 ++-
 server/api/models.py          | 13 +++++++++++--
 server/api/problem.py         |  5 ++++-
 web/js/admin.js               |  8 +++++++-
 web/pages/admin/problems.html | 21 +++++++++++++++++++++
 5 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/server/api/admin.py b/server/api/admin.py
index f79a2e0..57500e1 100644
--- a/server/api/admin.py
+++ b/server/api/admin.py
@@ -25,7 +25,8 @@ def problem_data():
 			"value": problem.value,
 			"threshold": problem.threshold,
 			"weightmap": problem.weightmap,
-			"grader_contents": open(problem.grader, "r").read()
+			"grader_contents": open(problem.grader, "r").read(),
+			"bonus": problem.bonus
 		})
 	problems_return.sort(key=lambda prob: prob["value"])
 	return { "success": 1, "problems": problems_return }
diff --git a/server/api/models.py b/server/api/models.py
index 70f6d09..93cd2be 100644
--- a/server/api/models.py
+++ b/server/api/models.py
@@ -71,7 +71,14 @@ class Teams(db.Model):
 		return members
 
 	def points(self):
-		bonuses = [5, 3, 1] # TODO: Make this a setting in the web interface
+		bonuses = [
+			[0, 0, 0],
+			[3, 2, 1],
+			[5, 3, 1],
+			[8, 5, 3],
+			[10, 8, 6],
+			[20, 12, 8]
+		]
 		points = 0
 
 		# TODO: use joins
@@ -80,7 +87,7 @@ class Teams(db.Model):
 			problem = Problems.query.filter_by(pid=solve.pid).first()
 			multiplier = 1
 			if solve.bonus != -1:
-				multiplier += bonuses[solve.bonus-1]/100.0
+				multiplier += bonuses[problem.bonus][solve.bonus-1]/100.0
 			points += round(problem.value*multiplier)
 		return points
 
@@ -152,6 +159,7 @@ class Problems(db.Model):
 	threshold = db.Column(db.Integer)
 	weightmap = db.Column(db.PickleType)
 	grader = db.Column(db.Text)
+	bonus = db.Column(db.Integer)
 
 	def __init__(self, pid, title, category, description, value, hint="", autogen=False, bonus=0, threshold=0, weightmap={}):
 		self.pid = pid
@@ -163,6 +171,7 @@ class Problems(db.Model):
 		self.autogen = autogen
 		self.threshold = threshold
 		self.weightmap = weightmap
+		self.bonus = bonus
 
 class Files(db.Model):
 	fid = db.Column(db.Integer, primary_key=True)
diff --git a/server/api/problem.py b/server/api/problem.py
index 34faf7c..77e9c41 100644
--- a/server/api/problem.py
+++ b/server/api/problem.py
@@ -24,6 +24,7 @@ def problem_add():
 	hint = request.form["hint"]
 	value = request.form["value"]
 	grader_contents = request.form["grader_contents"]
+	bonus = request.form["bonus"]
 	pid = utils.generate_string()
 	while Problems.query.filter_by(pid=pid).first():
 		pid = utils.generate_string()
@@ -37,7 +38,7 @@ def problem_add():
 	except Exception, e:
 		raise WebException("There is a syntax error in the grader: %s" % e)
 
-	problem = Problems(pid, title, category, description, value, hint=hint)
+	problem = Problems(pid, title, category, description, value, hint=hint, bonus=bonus)
 	db.session.add(problem)
 	db.session.commit()
 
@@ -92,6 +93,7 @@ def problem_update():
 	hint = request.form["hint"]
 	value = request.form["value"]
 	grader_contents = request.form["grader_contents"]
+	bonus = request.form["bonus"]
 	try:
 		exec(grader_contents)
 	except Exception, e:
@@ -104,6 +106,7 @@ def problem_update():
 		problem.description = description
 		problem.hint = hint
 		problem.value = value
+		problem.bonus = bonus
 
 		grader = open(problem.grader, "w")
 		grader.write(grader_contents)
diff --git a/web/js/admin.js b/web/js/admin.js
index ad4e3a5..a24f8f0 100644
--- a/web/js/admin.js
+++ b/web/js/admin.js
@@ -9,6 +9,8 @@ var create_problem = function() {
 	var data = $("#new_problem_form").serializeObject();
 	var grader_contents = ace.edit("new_grader").getValue();
 	data["grader_contents"] = grader_contents;
+	var bonus = $("#bonus").val();
+	data["bonus"] = bonus;
 	$(input).attr("disabled", "disabled");
 	api_call("POST", "/api/problem/add", data, function(result) {
 		if (result["success"] == 1) {
@@ -31,10 +33,13 @@ var create_problem = function() {
 var update_problem = function(form_id) {
 	var input = "#" + form_id + " input";
 	var data = $("#" + form_id).serializeObject();
-	pid = data["pid"];
+	var pid = data["pid"];
 
 	var grader_contents = ace.edit(pid + "_grader").getValue();
 	data["grader_contents"] = grader_contents;
+	var bonus = $("#" + pid + "_bonus").val();
+	console.log(bonus);
+	data["bonus"] = bonus;
 
 	$(input).attr("disabled", "disabled");
 	api_call("POST", "/api/problem/update", data, function(result) {
@@ -47,6 +52,7 @@ var update_problem = function(form_id) {
 				$(input).removeAttr("disabled");
 			});
 		}
+		console.log(result);
 	}, function(jqXHR, status, error) {
 		var result = jqXHR["responseText"];
 		display_message(pid + "_status", "danger", "Error " + jqXHR["status"] + ": " + result["message"], function() {
diff --git a/web/pages/admin/problems.html b/web/pages/admin/problems.html
index 9c253b1..f62581f 100644
--- a/web/pages/admin/problems.html
+++ b/web/pages/admin/problems.html
@@ -34,6 +34,17 @@
 							<input class="form-control" name="hint" placeholder="Hint" required/>
 							<br>
 							<input class="form-control" name="value" type="number" placeholder="Problem Value" required autocomplete="off"/>
+							<br>
+							<label for="bonus">Speed bonuses (%)</label>
+							<select class="form-control" id="bonus">
+								<option value="0">0/0/0</option>
+								<option value="1">3/2/1</option>
+								<option value="2">5/3/1</option>
+								<option value="3">8/5/3</option>
+								<option value="4">10/8/6</option>
+								<option value="5">20/12/8</option>
+							</select>
+
 							<br>
 							<div id="new_grader"></div>
 							<br>
@@ -61,6 +72,16 @@
 							<br>
 							<input class="form-control" type="number" name="value" value="{{ problem['value'] }}" required/>
 							<br>
+							<label for="bonus">Speed bonuses (%)</label>
+							<select class="form-control" id="{{ problem.pid }}_bonus">
+								<option ng-selected="problem.bonus == 0" value="0">0/0/0</option>
+								<option ng-selected="problem.bonus == 1" value="1">3/2/1</option>
+								<option ng-selected="problem.bonus == 2" value="2">5/3/1</option>
+								<option ng-selected="problem.bonus == 3" value="3">8/5/3</option>
+								<option ng-selected="problem.bonus == 4" value="4">10/8/6</option>
+								<option ng-selected="problem.bonus == 5" value="5">20/12/8</option>
+							</select>
+							<br>
 							<div id="{{ problem['pid'] }}_grader"></div>
 							<br>
 							<input type="submit" class="btn btn-success" value="Update"/>

From 451230f4402e39dd4db05c64b0768629d2f86361 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Mon, 18 Apr 2016 17:59:36 -0400
Subject: [PATCH 18/21] Begin work on programming interface

---
 web/js/easyctf.js          | 18 +++++++++++++
 web/pages/programming.html | 53 ++++++++++++++++++++++++++++++++------
 2 files changed, 63 insertions(+), 8 deletions(-)

diff --git a/web/js/easyctf.js b/web/js/easyctf.js
index 2ed8b06..d669f56 100644
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@@ -52,6 +52,10 @@ app.config(function($routeProvider, $locationProvider) {
 		templateUrl: "pages/problems.html",
 		controller: "problemsController"
 	})
+	.when("/programming", {
+		templateUrl: "pages/programming.html",
+		controller: "programmingController"
+	})
 	.when("/forgot", {
 		templateUrl: "pages/forgot.html",
 		controller: "resetController"
@@ -263,6 +267,20 @@ app.controller("problemsController", ["$controller", "$scope", "$http", function
 	});
 }]);
 
+app.controller("programmingController", ["$controller", "$scope", "$http", function($controller, $scope, $http) {
+	$controller("loginController", { $scope: $scope });
+	$("#editor").height($(window).height()/2);
+	var grader = ace.edit("editor");
+	grader.setTheme("ace/theme/tomorrow");
+	grader.getSession().setMode("ace/mode/python");
+	grader.setOptions({
+	  fontFamily: "monospace",
+	  fontSize: "12pt"
+	});
+	grader.setValue("");
+
+}]);
+
 $.fn.serializeObject = function() {
 	var a, o;
 	o = {};
diff --git a/web/pages/programming.html b/web/pages/programming.html
index 42af714..c5575d0 100644
--- a/web/pages/programming.html
+++ b/web/pages/programming.html
@@ -1,11 +1,48 @@
 <div class="fade_in text-center">
-  <h1 class="heading1">Programming</h1>
-  <div class="panel panel-default">
-    <div class="panel-heading">
-      <h3 class="panel-title">Problems Avalible: NaN?</h3>
+    <h1 class="heading1">Programming</h1>
+    <div class="panel panel-default">
+        <div class="panel-heading clearfix">
+            <h4 class="panel-title">Code Editor
+                <div class="pull-right">
+                    <select class="form-control" id="language-select" onchange="update_highlighting()">
+                        <option value="python">Python 2</option>
+                        <option value="python3">Python 3</option>
+                        <option value="java">Java</option>
+                    </select>
+                </div>
+            </h4>
+        </div>
+        <br>
+        <div style="text-align: left" class="panel-body" id="editor">
+        </div>
     </div>
-    <div class="panel-body">
-      <h3>Insert Programming Client Here</h3>
-    </div>
-  </div>
 </div>
+<div class="input-group">
+    <select class="form-control" id="problem-select">
+	<option value="pid">Problem name</option>
+    </select>
+   <span class="input-group-btn">
+        <button class="btn btn-success" type="button" onclick="submit(); return false;">Submit</button>
+   </span>
+</div>
+<script>
+var update_highlighting = function() {
+    var language = $("#language").val();
+    if (language != "python3") {
+        var editor = ace.edit("editor");
+        editor.getSession().setMode("ace/mode/" + language);
+    }
+}
+
+var submit = function() {
+    data = {};
+    var pid = $("#problem-select").val();
+    var language = $("#language-select").val();
+    var editor = ace.edit("editor");
+    var program = editor.getValue();
+    data["pid"] = pid;
+    data["language"] = language;
+    data["program"] = program;
+    // api_call("POST", "/api/programming/submit", data, function(result) {});
+}
+</script>

From b428bef8083bf460c66fc6e719b03fcbe9d30bc2 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Tue, 19 Apr 2016 10:14:56 -0400
Subject: [PATCH 19/21] Fix syntax highlighting

---
 web/pages/programming.html | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/web/pages/programming.html b/web/pages/programming.html
index c5575d0..8591e33 100644
--- a/web/pages/programming.html
+++ b/web/pages/programming.html
@@ -28,10 +28,11 @@
 <script>
 var update_highlighting = function() {
     var language = $("#language").val();
-    if (language != "python3") {
-        var editor = ace.edit("editor");
-        editor.getSession().setMode("ace/mode/" + language);
+    if (language == "python3") {
+        language = "python";
     }
+    var editor = ace.edit("editor");
+    editor.getSession().setMode("ace/mode/" + language);
 }
 
 var submit = function() {

From d5b8be16c01d90ee9a05c4c0f0f833a9dc67e316 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Tue, 19 Apr 2016 11:00:43 -0400
Subject: [PATCH 20/21] Implement competition start and end times

---
 server/api/user.py            |  2 +-
 server/api/utils.py           | 16 ++++++++++++++++
 web/index.html                |  4 ++--
 web/pages/admin/settings.html |  4 ++--
 4 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/server/api/user.py b/server/api/user.py
index 9a9acbf..9ef4e7d 100644
--- a/server/api/user.py
+++ b/server/api/user.py
@@ -132,7 +132,7 @@ def user_status():
 		"success": 1,
 		"logged_in": logged_in,
 		"admin": is_admin(),
-		"competition": is_admin(),
+		"competition": utils.is_ctf_time(),
 		"in_team": in_team(get_user().first()),
 		"username": session["username"] if logged_in else "",
 	}
diff --git a/server/api/utils.py b/server/api/utils.py
index 3c64f0f..bcdf9b7 100644
--- a/server/api/utils.py
+++ b/server/api/utils.py
@@ -100,3 +100,19 @@ def generate_identicon(email, filename):
 
 	image.save(open("pfp/%s.png" % filename, "w"), "PNG")
 	return
+
+def is_ctf_time():
+	import settings
+	start = settings.get("ctf_begin")
+	end = settings.get("ctf_end")
+	start = [int(start), 0][start is None]
+	end = [int(end), 0][end is None]
+	time = get_time_since_epoch()
+
+	if start and end:
+		return start < time < end
+
+	if start < time and end == 0:
+		return True
+
+	return False
diff --git a/web/index.html b/web/index.html
index de8ae3f..f9e86e4 100644
--- a/web/index.html
+++ b/web/index.html
@@ -50,10 +50,10 @@
 					<li><a href="/login">Login</a></li>
 				</ul>
 				<ul class="nav navbar-nav navbar-right" ng-show="config.navbar['logged_in']==true">
-					<div ng-show="config.navbar['competition_started']==true">
+					<div ng-show="config.navbar['competition']==true">
 					</div>
 					<li><a href="/chat">Chat</a></li>
-					<li class="dropdown" ng-show="config.navbar['competition']==true">
+					<li class="dropdown" ng-show="config.navbar['competition']==true||config.navbar['admin']==true">
 						<a href="javascript:void(0);" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Competition <span class="caret"></span></a>
 						<ul class="dropdown-menu">
 							<li><a href="/problems">Problems</a></li>
diff --git a/web/pages/admin/settings.html b/web/pages/admin/settings.html
index 712497e..caa95b7 100644
--- a/web/pages/admin/settings.html
+++ b/web/pages/admin/settings.html
@@ -3,9 +3,9 @@
 	<div ng-if="settings">
 		<div id="settings_msg"/>
 		<form class="form-horizontal" onsubmit="update_settings(); return false;" id="update_settings_form">
-			<input class="form-control" name="ctf_begin" value="{{ settings['ctf_begin'] }}"/>
+			<input class="form-control" name="ctf_begin" placeholder="CTF Start time (seconds)" value="{{ settings['ctf_begin'] }}" required/>
 			<br>
-			<input class="form-control" name="ctf_end" value="{{ settings['ctf_end'] }}"/>
+			<input class="form-control" name="ctf_end" placeholder="CTF End time (seconds)" value="{{ settings['ctf_end'] }}"required/>
 			<br>
 			<input type="submit" class="btn btn-success" value="Update"/>
 		</form>

From 0051d5b5f77201721dbd81a943addf1c1902f935 Mon Sep 17 00:00:00 2001
From: James Wang <jameswang9909@hotmail.com>
Date: Tue, 19 Apr 2016 20:44:16 -0400
Subject: [PATCH 21/21] Update README

---
 README.md | 34 ----------------------------------
 1 file changed, 34 deletions(-)

diff --git a/README.md b/README.md
index a0d96c0..0e7d10d 100644
--- a/README.md
+++ b/README.md
@@ -15,37 +15,3 @@ If you have Vagrant installed, setting up the platform should be a piece of cake
 If you have any issues during installation, file an issue.
 
 ## Notes
-
-####reCAPTCHA
-
-Do not worry if you see "ERROR: Invalid domain for site key", the reCAPTCHA expects to be hosted on the domain "easyctf.com" and will not function properly until it is.
-
-Site Key: *6Lc4xhMTAAAAAIaiF3yEWGbHRaGgMg4FHor61p1G*
-
-Secret Key: *6Lc4xhMTAAAAACFaG2NyuKoMdZQtSa_1LI76BCEu*
-
-**Resources** : Flask, MySQL, AngularJS
-
-
-Main Pages:
-- <b>index.html</b>
-- <b>login.html</b>
-- <b>register.html</b>
-- <b>about.html</b>
-- <b>scoreboard.html</b>
-- <b>problems.html</b>
-- account.html
-- <b>programming.html</b>
-- <b>chat.html</b>
-- forgot_password.html
-- logout.html
-- <b>rules.html</b>
-- team.html
-- <b>shell.html</b>
-- <b>updates.html</b>
-- resetpassword.html
-
-Misc Pages:
-- <b>Admin/submission page</b>
-
-Color Scheme: #62AC5B | #0080FF