From f495725c81abc1f3d2d3bf0aed2b4464449eff71 Mon Sep 17 00:00:00 2001
From: Aymeric Sorek <delt0x@protonmail.com>
Date: Thu, 8 Nov 2018 19:09:21 +0100
Subject: [PATCH] Functionnal chall

---
 .gitignore                   |  1 +
 README.md                    |  0
 docker-compose.yml           | 22 ++++++++++++++
 php/Dockerfile               |  8 ++++++
 resources/nginx/default.conf | 18 ++++++++++++
 resources/nginx/nginx.conf   | 55 +++++++++++++++++++++++++++++++++++
 resources/php/custom.ini     | 14 +++++++++
 webroot/index.php            | 56 ++++++++++++++++++++++++++++++++++++
 webroot/style.css            | 56 ++++++++++++++++++++++++++++++++++++
 9 files changed, 230 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 docker-compose.yml
 create mode 100644 php/Dockerfile
 create mode 100644 resources/nginx/default.conf
 create mode 100644 resources/nginx/nginx.conf
 create mode 100644 resources/php/custom.ini
 create mode 100644 webroot/index.php
 create mode 100644 webroot/style.css

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..397b4a7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+*.log
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..5e00d0a
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: '3'
+
+services:
+    web:
+        image: nginx:latest
+        ports:
+            - "8080:80"
+        volumes:
+            - ./webroot:/webroot
+            - ./resources/nginx/default.conf:/etc/nginx/conf.d/default.conf
+            - ./resources/nginx/nginx.conf:/etc/nginx/nginx.conf
+            - ./log/nginx:/var/log/nginx
+        links:
+            - php
+        restart: always
+
+    php:
+        build: ./php/
+        volumes:
+            - ./webroot:/webroot
+            - ./resources/php/custom.ini:/usr/local/etc/php/conf.d/custom.ini
+        restart: always
diff --git a/php/Dockerfile b/php/Dockerfile
new file mode 100644
index 0000000..01bd195
--- /dev/null
+++ b/php/Dockerfile
@@ -0,0 +1,8 @@
+FROM php:7.2-fpm
+
+MAINTAINER Aymeric Sorek "aymericsorek@protonmail.com"
+
+RUN mkdir -p /var/log/php
+
+# Install mysqli
+RUN docker-php-ext-install mysqli
diff --git a/resources/nginx/default.conf b/resources/nginx/default.conf
new file mode 100644
index 0000000..ab2db18
--- /dev/null
+++ b/resources/nginx/default.conf
@@ -0,0 +1,18 @@
+server {
+    listen 80;
+
+    index index.php;
+    server_name localhost;
+
+    error_log  /var/log/nginx/error.log;
+    access_log /var/log/nginx/access.log;
+
+    root /webroot;
+
+    location ~ \.php$ {
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param REDIRECT_STATUS 200;
+        fastcgi_pass php:9000;
+    }
+}
diff --git a/resources/nginx/nginx.conf b/resources/nginx/nginx.conf
new file mode 100644
index 0000000..466000e
--- /dev/null
+++ b/resources/nginx/nginx.conf
@@ -0,0 +1,55 @@
+user www-data;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	server_tokens off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# Headers
+	##
+
+	add_header X-Frame-Options DENY;
+	add_header X-Content-Type-Options nosniff;
+	add_header X-XSS-Protection "1; mode=block";
+
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip off; # To avoid BREACH Attack
+	gzip_disable "msie6";
+
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+}
diff --git a/resources/php/custom.ini b/resources/php/custom.ini
new file mode 100644
index 0000000..63f0da4
--- /dev/null
+++ b/resources/php/custom.ini
@@ -0,0 +1,14 @@
+expose_php              = Off
+error_reporting         = E_ALL
+display_errors          = Off
+display_startup_errors  = Off
+log_errors              = On
+error_log               = /var/log/php/php_error.log
+ignore_repeated_errors  = Off
+allow_url_fopen         = Off
+allow_url_include       = Off
+file_uploads            = Off
+disable_functions       = system, exec, shell_exec, passthru, phpinfo, show_source, popen, proc_open
+disable_functions       = fopen_with_path, dbmopen, dbase_open, putenv, move_uploaded_file
+disable_functions       = chdir, mkdir, rmdir, chmod, rename
+disable_functions       = filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo
diff --git a/webroot/index.php b/webroot/index.php
new file mode 100644
index 0000000..60edbbb
--- /dev/null
+++ b/webroot/index.php
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+  <head>
+    <meta charset="utf-8">
+    <title>Authentication 2.0</title>
+    <link rel="stylesheet" type="text/css" href="style.css">
+    <link href="https://fonts.googleapis.com/css?family=Bitter" rel="stylesheet">
+  </head>
+  <body>
+
+    <div class="box">
+
+      <?php if ($_SERVER['REQUEST_METHOD'] != 'POST') { ?>
+
+        <div class="code red">
+          <h1><?php echo $_SERVER['REQUEST_METHOD']; ?></h1>
+        </div>
+        <div class="sub grey">
+        <h2>Send your username for authentication.</h2>
+        </div>
+
+      <?php } else { ?>
+
+        <div class="code green">
+          <h1>POST</h1>
+        </div>
+
+      <?php if (!isset($_POST['username'])) { ?>
+
+        <div class="sub red">
+          <h2>What is your username?</h2>
+        </div>
+
+      <?php
+        } else {
+          $username = htmlspecialchars($_POST['username']);
+
+          if ($username === 'admin') {
+      ?>
+
+        <div class="sub">
+          <h2 class="blue">Hello admin</h2>
+          <h3 class="grey">IMTLD{Y0u_H4v3_t0_st4rT_s0m3Wh3r3}</h3>
+        </div>
+
+      <?php } else { ?>
+
+        <div class="sub">
+          <h2 class="blue">Hello <?php echo $username; ?></h2>
+          <h3 class="red">You don't have the permission to see anything.</h3>
+        </div>
+
+      <?php }}} ?>
+  </div>
+  </body>
+</html>
diff --git a/webroot/style.css b/webroot/style.css
new file mode 100644
index 0000000..74af827
--- /dev/null
+++ b/webroot/style.css
@@ -0,0 +1,56 @@
+html,
+body {
+  margin: 0;
+  padding: 0;
+  display: grid;
+  place-items: center;
+  height: 100vh;
+  font-family: 'Bitter', serif;
+}
+
+.box {
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  flex-direction: column;
+}
+
+.code {
+  font-size: 40px;
+}
+
+.sub {
+  text-align: center;
+}
+
+.sub h2 {
+  font-size: 26px;
+}
+
+.sub h3 {
+  font-size: 20px;
+}
+
+.red {
+  color: #f44336;
+}
+
+.orange {
+  color: #FF5722;
+}
+
+.green {
+  color: #4CAF50;
+}
+
+.blue {
+  color: #2196F3;
+}
+
+.violet {
+  color: #9C27B0;
+}
+
+.grey {
+  color: #546E7A;
+}