From 9e95d24e8f36625d8bc5fb6da9db69ea794d1d3a Mon Sep 17 00:00:00 2001 From: root Date: Mon, 31 Jul 2023 18:25:31 +0100 Subject: [PATCH] adjusts, adding SQL page3~5 --- SQL/index.php | 3 - SQL/page1.php | 1 + SQL/page3.php | 242 ++++++++++++++++++++++++++++++++++++++++++++ SQL/page4.php | 237 +++++++++++++++++++++++++++++++++++++++++++ SQL/page5.php | 237 +++++++++++++++++++++++++++++++++++++++++++ SQL/page6.php | 237 +++++++++++++++++++++++++++++++++++++++++++ options/restore.php | 16 +-- 7 files changed, 962 insertions(+), 11 deletions(-) create mode 100644 SQL/page3.php create mode 100644 SQL/page4.php create mode 100644 SQL/page5.php create mode 100644 SQL/page6.php diff --git a/SQL/index.php b/SQL/index.php index 5fea17f..ffd41b6 100644 --- a/SQL/index.php +++ b/SQL/index.php @@ -152,9 +152,6 @@ - - - diff --git a/SQL/page1.php b/SQL/page1.php index 9d240e7..a4a99e7 100644 --- a/SQL/page1.php +++ b/SQL/page1.php @@ -219,6 +219,7 @@ if(isset($_POST['clear'])){ $sql1 = "DELETE FROM user"; $result = mysqli_query($conn,$sql1); + include '../options/restore.php'; } $sql3 = "SELECT name FROM user";//String diff --git a/SQL/page3.php b/SQL/page3.php new file mode 100644 index 0000000..d8d0bb6 --- /dev/null +++ b/SQL/page3.php @@ -0,0 +1,242 @@ + + + + + + OSTE Vulnerable Web Application + + + +
+ Logo + back + + +
+ +

Greetings, Welcome to the database <3

+
+
+ + + + +
+
+ +
+
+ 0) { + while($row = mysqli_fetch_assoc($result)) { + if ($namber ==$row['Id']){ + echo "

Correct!! Nice

"; + } + else { + echo "

You are bad at this game.

"; + + } + } + } else { + echo "There's problem of user table make sure you have created it successfully"; + } + + +} + +if(isset($_POST['clear'])){ + $sql1 = "DELETE FROM user"; + $result = mysqli_query($conn,$sql1); +} + + + + +?> + + + diff --git a/SQL/page4.php b/SQL/page4.php new file mode 100644 index 0000000..2f8594d --- /dev/null +++ b/SQL/page4.php @@ -0,0 +1,237 @@ + + + + + + OSTE Vulnerable Web Application + + + +
+ Logo + back + + + +
+ +

Greetings, are you a book reader ? give me the author and and i give you a book: <3

+ +
+
+ + + +
+ + +
+ 0) { + // output data of each row + while($row = mysqli_fetch_assoc($result)) { + echo $row["name"]; + echo "
"; + } + } else { + echo "0 results"; + } + +} + +?> + + + diff --git a/SQL/page5.php b/SQL/page5.php new file mode 100644 index 0000000..985fc66 --- /dev/null +++ b/SQL/page5.php @@ -0,0 +1,237 @@ + + + + + + OSTE Vulnerable Web Application + + + +
+ Logo + back + + + +
+ +

Greetings, Chose anumber and i give you a sport<3

+ +
+
+ + + +
+
note: between<0-25>
+ +
+ 0) { + // output data of each row + while($row = mysqli_fetch_assoc($result)) { + echo $row["name"]; + echo "
"; + } + } else { + echo "0 results"; + } + +} + +?> + + + diff --git a/SQL/page6.php b/SQL/page6.php new file mode 100644 index 0000000..1eae143 --- /dev/null +++ b/SQL/page6.php @@ -0,0 +1,237 @@ + + + + + + OSTE Vulnerable Web Application + + + +
+ Logo + back + + + +
+ +

Greetings, Chose anumber and i give you a sport<3

+ +
+
+ + + +
+
note: between<0-25>
+ +
+ 0) { + // output data of each row + while($row = mysqli_fetch_assoc($result)) { + echo $row["name"]; + echo "
"; + } + } else { + echo "0 results"; + } + +} + +?> + + + diff --git a/options/restore.php b/options/restore.php index 33ee723..17f2ec6 100644 --- a/options/restore.php +++ b/options/restore.php @@ -13,7 +13,7 @@ $conn->exec($sql); $sql = "CREATE DATABASE IF NOT EXISTS OSTE"; $conn->exec($sql); - echo "Database created successfully
"; + // echo "Database created successfully
"; // Step 3: Switch to the "OSTE" database $conn->exec("USE OSTE"); @@ -27,7 +27,7 @@ $conn->exec($sql); $sql = "INSERT INTO user (Id,name,password) VALUES ('26', 'ADmin','aDMin')"; $conn->exec($sql); - echo "Table 'user' created successfully
"; + //echo "Table 'user' created successfully
"; // Step 5: Create the "comontair" table $sql = "CREATE TABLE IF NOT EXISTS comontair ( @@ -35,7 +35,7 @@ msg TEXT NOT NULL )"; $conn->exec($sql); - echo "Table 'comontair' created successfully
"; +// echo "Table 'comontair' created successfully
"; $sql = "CREATE TABLE IF NOT EXISTS books ( Id INT AUTO_INCREMENT PRIMARY KEY, @@ -44,14 +44,14 @@ year INT NOT NULL )"; $conn->exec($sql); - echo "Table 'books' created successfully
"; + // echo "Table 'books' created successfully
"; $sql = "CREATE TABLE IF NOT EXISTS sport ( id INT AUTO_INCREMENT PRIMARY KEY, name TEXT NOT NULL )"; $conn->exec($sql); - echo "Table 'sport' created successfully
"; + //echo "Table 'sport' created successfully
"; $booksData = array( @@ -77,7 +77,7 @@ $stmt->bindParam(':year', $data[2], PDO::PARAM_STR); $stmt->execute(); } - echo "books 'inserted successfully
"; + // echo "books 'inserted successfully
"; $sportsData = array( "Football", "Basketball", @@ -117,8 +117,8 @@ $stmt->bindParam(':name', $data, PDO::PARAM_STR); $stmt->execute(); } - echo "books 'inserted successfully
"; - +// echo "books 'inserted successfully
"; +echo "DATA RESTORED and history cleared"; } catch (PDOException $e) { echo "Connection failed: " . $e->getMessage();