From 2740f6cdff929e06bf86aaf440973730b1258cc9 Mon Sep 17 00:00:00 2001 From: Aymeric Sorek Date: Sat, 3 Nov 2018 01:37:37 +0100 Subject: [PATCH] Fixes and clean-up --- table.sql | 4 ++-- webroot/css/global.css | 0 webroot/css/term.css | 4 ---- webroot/index.html | 16 ++++++++-------- webroot/js/login.js | 2 +- webroot/{login.php => zetatech-admin.php} | 16 +++------------- 6 files changed, 14 insertions(+), 28 deletions(-) delete mode 100644 webroot/css/global.css rename webroot/{login.php => zetatech-admin.php} (81%) diff --git a/table.sql b/table.sql index 2a51abe..a609eae 100644 --- a/table.sql +++ b/table.sql @@ -1,6 +1,6 @@ -CREATE DATABASE `ctf-zetatech-inc` +CREATE DATABASE `ctf-zetatech-inc`; CREATE USER 'cyber-zetatech-inc'@'localhost' IDENTIFIED BY 'wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr'; @@ -8,7 +8,7 @@ GRANT SELECT ON `ctf-zetatech-inc`.* TO `cyber-zetatech-inc`@`localhost`; FLUSH PRIVILEGES; -use ctf +use `ctf-zetatech-inc`; CREATE TABLE `access` ( `id` int NOT NULL AUTO_INCREMENT, diff --git a/webroot/css/global.css b/webroot/css/global.css deleted file mode 100644 index e69de29..0000000 diff --git a/webroot/css/term.css b/webroot/css/term.css index 07f043b..1cb197f 100644 --- a/webroot/css/term.css +++ b/webroot/css/term.css @@ -153,7 +153,6 @@ body { display: inline-block } -#email, #username, #password { border: 2px solid #d7001e; @@ -169,13 +168,11 @@ body { line-height: normal } -#email::-moz-selection, #username::-moz-selection, #password::-moz-selection { background: #000 } -#email::selection, #username::selection, #password::selection { background: #000 @@ -264,7 +261,6 @@ body { .box--inner { width: calc(100% - 44px) } - #email, #username, #password { max-width: 70% diff --git a/webroot/index.html b/webroot/index.html index 304fbe4..92e286f 100644 --- a/webroot/index.html +++ b/webroot/index.html @@ -1,16 +1,17 @@ - + + - Zetatech — Connection + Zetatech — Cybernetic Prosthetics Management Interface - + - +

@@ -30,18 +31,17 @@ Login

- +
-
+
Password
- +
ACCESS DENIED diff --git a/webroot/js/login.js b/webroot/js/login.js index 182dc5c..2e14436 100644 --- a/webroot/js/login.js +++ b/webroot/js/login.js @@ -8,7 +8,7 @@ $(document).ready(function(){ password=$("#password").val(); $.ajax({ type: "POST", - url: "login.php", + url: "zetatech-admin.php", data: "username="+username+"&password="+password+"&login=Login", success: function(response) { diff --git a/webroot/login.php b/webroot/zetatech-admin.php similarity index 81% rename from webroot/login.php rename to webroot/zetatech-admin.php index ed026b2..e3aa51f 100644 --- a/webroot/login.php +++ b/webroot/zetatech-admin.php @@ -1,13 +1,14 @@ connect_errno) { - //echo "Echec lors de la connexion à MySQL : (" . $bdd->connect_errno . ") " . $bdd->connect_error; - $state->return = 'error'; $state->string = 'Connection error'; $state_json = json_encode($state); @@ -19,19 +20,13 @@ if (isset($_POST['login']) && $_POST['login'] == 'Login') { $user = $_POST['username']; $pass = hash("sha256", $_POST['password']); $sql = "SELECT user,password FROM access WHERE user='".$user."' AND password='".$pass."'"; - //$sql = "SELECT user,password FROM access WHERE user='admin' OR 1=1 LIMIT 1 OFFSET 1";// AND password='".$pass."'";; // curl -X POST http://localhost/netrunner/login.php -d "password=admiefn&login=Login&username=admin' OR 1 LIMIT 1 OFFSET 1 #" - //echo "\n"; - //echo $sql; - //echo "\n\n"; - $res = mysqli_query($bdd, $sql); $num_row = mysqli_num_rows($res); $row=mysqli_fetch_assoc($res); - //print_r($row); if ($_POST['username'] === "admin") { $state->return = 'false'; @@ -64,9 +59,4 @@ if (isset($_POST['login']) && $_POST['login'] == 'Login') { $state_json = json_encode($state); echo $state_json; -} else { // DEBUG - $state->return = 'form'; - $state->string = 'Submit form'; - $state_json = json_encode($state); - echo $state_json; }