Add files via upload

2022-07-21 02:41:04 -04:00 · 2022-07-21 02:41:04 -04:00 · 519993ebad
commit 519993ebad
parent 70357239c0
6 changed files with 278 additions and 0 deletions
--- a/html/tags/error.html.php
+++ b/html/tags/error.html.php
@ -0,0 +1,25 @@
+<!DOCTYPE html> 
+
+<html> 
+
+  <head> 
+
+    <title>PHP Error Output</title> 
+
+    <meta http-equiv="content-type" 
+
+        content="text/html; charset=utf-8"/> 
+
+  </head> 
+
+  <body> 
+
+    <p> 
+
+      <?php echo $error; ?> 
+
+    </p> 
+
+  </body> 
+
+</html>
--- a/html/tags/form.html.php
+++ b/html/tags/form.html.php
@ -0,0 +1,18 @@
+<!DOCTYPE html>    
+
+<html>    
+  <head>    
+    <title>Add tag to URL</title>   
+    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>   
+    <link rel="stylesheet" type="text/css" href="/styles.css"> 
+  </head>    
+  <body>    
+    <form action="tags.php" method="post"> 
+      <div>
+        <label for="url">URL as it appears in search results:</label><br> 
+        <input type="text" id="url" name="url" size="45"></input>  
+      </div>     
+      <div><input type="submit" value="Submit"/></div>    
+    </form>    
+  </body>    
+</html>
--- a/html/tags/index.php
+++ b/html/tags/index.php
@ -0,0 +1,94 @@
+<?php
+session_start();
+
+	if ( !isset($_POST['pass']) || !isset($_POST['user']))    
+	{    
+		include 'login.html.php';   
+	}
+	else if( $_POST['user'] == '' || $_POST['pass'] == '')
+	{
+		echo "It doesn't look like you submitted a valid username or password.";
+		include 'login.html.php';
+	}
+	else
+	{
+		if(!isset($_SESSION["authenticated"]))
+		{
+			include_once $_SERVER['DOCUMENT_ROOT'] . '/securimage/securimage.php';
+			$securimage = new Securimage();
+			if ($securimage->check($_POST['captcha_code']) == false) 
+			{
+			  echo "The security code entered was incorrect.";
+			  include 'login.html.php';
+			  exit();
+
+			}
+		}
+	
+		$link = mysqli_connect('localhost', 'approver', 'foobar');
+		$user = mysqli_real_escape_string($link, $_POST['user']);
+		$pass = mysqli_real_escape_string($link, $_POST['pass']);
+
+		if (!$link)
+		{
+			$error = 'Cant connect to database.';
+			include 'error.html.php';
+			exit();
+		}
+		if (!mysqli_set_charset($link, 'utf8')) 
+		{ 
+		  $error = 'Unable to set database connection encoding.'; 
+		  include 'error.html.php'; 
+		  exit(); 
+		}
+		if(!mysqli_select_db($link, 'wiby'))
+		{
+		  $error = 'Unable to locate the database.'; 
+		  include 'error.html.php'; 
+		  exit(); 
+		}
+		$loginresult = mysqli_query($link,"SELECT hash, attempts FROM accounts WHERE name = '$user';");
+		if(!$loginresult)
+		{
+		  $error = 'Error fetching index: ' . mysqli_error($link); 
+		  include 'error.html.php'; 
+		  exit(); 
+		}
+
+		//lets put contents of accounts into an array
+		while($rowaccounts = mysqli_fetch_array($loginresult))
+		{
+			$hash[] = $rowaccounts['hash'];
+			$attempts[] = $rowaccounts['attempts'];
+		}
+		if(password_verify($pass,$hash[0]) && $attempts[0] < 5)
+		{
+			if($attempts[0]>0)
+			{
+				if (!mysqli_query($link, "UPDATE accounts SET attempts = '0' WHERE name = '$user';"))
+				{
+				  $error = 'Error fetching index: ' . mysqli_error($link);  
+				  include 'error.html.php';  
+				  exit(); 
+				}				
+			}
+			
+			$_SESSION["authenticated"] = true;
+			$_SESSION["user"] = $user;
+			include 'tags.php';
+			exit();
+		}
+		else{
+			$attempt = $attempts[0] + 1;
+			if (!mysqli_query($link, "UPDATE accounts SET attempts = '$attempt' WHERE name = '$user';"))
+			{
+			  $error = 'Error fetching index: ' . mysqli_error($link);  
+			  include 'error.html.php';  
+			  exit(); 
+			}
+			echo "It doesn't look like you submitted a valid username or password.";
+			include 'login.html.php';
+		}
+	}
+?>
+
--- a/html/tags/login.html.php
+++ b/html/tags/login.html.php
@ -0,0 +1,31 @@
+<!DOCTYPE html>    
+<?php session_start(); ?>
+<html>    
+
+  <head>    
+
+    <title>wiby.me</title>    
+
+    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>  
+    <link rel="stylesheet" type="text/css" href="/styles.css">
+
+  </head>    
+
+  <body>    
+    <form method="post">  
+      Username <input type="text" name="user" id="user"/><br>     
+      Password <input type="password" name="pass" id="pass"/><br><br>
+      <?php if($_SESSION["authenticated"]!=true): ?> 
+	  <div>
+	    <img id="captcha" src="/securimage/securimage_show.php" alt="CAPTCHA Image" />
+	  </div>
+	  <div>
+	    <input type="text" name="captcha_code" size="10" maxlength="6" />
+	    <a href="#" onclick="document.getElementById('captcha').src = '/securimage/securimage_show.php?' + Math.random(); return false">Reload Image</a>
+      </div>  
+      <?php endif; ?>
+      <br><input type="submit" id="login" value="Login"/>
+    </form>    
+  </body>    
+
+</html>
--- a/html/tags/tags.html.php
+++ b/html/tags/tags.html.php
@ -0,0 +1,30 @@
+<!DOCTYPE html>    
+
+<html>    
+
+  <head>    
+
+    <title>Form Example</title>    
+
+    <meta http-equiv="content-type"    
+
+        content="text/html; charset=utf-8"/>    
+
+  </head>    
+
+  <body>   
+	<?php echo $status; ?>
+    <form action="tags.php" method="post"> 
+      <div>
+        <label for="tags">Tags:</label>
+        <input type="text" id="tags" name="tags" size="45" value="<?php echo $tags; ?>"></input>  
+        <br>
+        <label for="url">URL:</label>
+        <input type="text" id="url" name="url" size="45" value="<?php echo $url; ?>"></input> 
+      </div>     
+      <div><input type="submit" value="Submit"/></div>    
+    </form>      
+
+  </body>    
+
+</html>
--- a/html/tags/tags.php
+++ b/html/tags/tags.php
@ -0,0 +1,80 @@
+<?php    
+	session_start();
+	
+	if($_SESSION["authenticated"]!=true)
+	{
+		include 'index.php';
+		exit();
+	}
+
+	if (!isset($_POST['url']) && !isset($_POST['tags']))    
+	{    
+	  include 'form.html.php';    
+	}    
+
+	else    
+	{    
+		$link = mysqli_connect('localhost', 'crawler', 'seekout');
+
+		if (!$link)
+		{
+			$error = 'Cant connect to database.';
+			include 'error.html.php';
+			exit();
+		}
+
+		if (!mysqli_set_charset($link, 'utf8')) 
+		{ 
+		  $error = 'Unable to set database connection encoding.'; 
+		  include 'error.html.php'; 
+		  exit(); 
+		}
+
+		if(!mysqli_select_db($link, 'wiby'))
+		{
+		  $error = 'Unable to locate the database.'; 
+		  include 'error.html.php'; 
+		  exit(); 
+		}
+		
+		$url = mysqli_real_escape_string($link, $_POST['url']);
+		$status = "";
+		
+		if( isset($_POST['tags']))
+		{
+			$tags = mysqli_real_escape_string($link, $_POST['tags']);
+			if($tags==""){
+				$result = mysqli_query($link,'UPDATE windex SET tags = NULL WHERE url = "'.$url.'";');
+			}
+			else{
+				$result = mysqli_query($link,'UPDATE windex SET tags = "'.$tags.'" WHERE url = "'.$url.'";');
+			}
+			if ($result === false)   
+			{
+			  $error = 'Error fetching index: ' . mysqli_error($link);  
+			  include 'error.html.php';  
+			  exit(); 
+			}
+			$status = "Update Completed";
+			unset($_POST['tags']);
+		}		
+	    
+		$result = mysqli_query($link,'SELECT tags FROM windex WHERE url = "'.$url.'";');
+		if ($result === false)  
+		{
+		  $error = 'Error fetching index: ' . mysqli_error($link);  
+		  include 'error.html.php';  
+		  exit(); 
+		}
+
+		while($row = mysqli_fetch_array($result))
+		{
+			$tagsArray[] = $row['tags'];
+		}
+		
+		$tags = $tagsArray[0];
+		include 'tags.html.php';       
+	}
+?>
+
+