From d736282207ca60703f1eebe6af3301cd6a3c8fbb Mon Sep 17 00:00:00 2001 From: root Date: Thu, 20 Jul 2023 20:05:40 +0100 Subject: [PATCH] Changing and adding to Database tables. --- SQL/index.php | 163 +++++++++++++++++++++++++++++++++++++++++++++ SQL/page1.php | 0 XSS/index.php | 6 +- options/create.php | 84 +++++++++++++++++++++++ 4 files changed, 250 insertions(+), 3 deletions(-) create mode 100644 SQL/index.php create mode 100644 SQL/page1.php diff --git a/SQL/index.php b/SQL/index.php new file mode 100644 index 0000000..5fea17f --- /dev/null +++ b/SQL/index.php @@ -0,0 +1,163 @@ + + + + + + OSTE Vulnerable Web Application + + + +
+ Logo + +
+ +

List of SQL vulnerable pages

+
+ + + + + + + + + +
+ + + + diff --git a/SQL/page1.php b/SQL/page1.php new file mode 100644 index 0000000..e69de29 diff --git a/XSS/index.php b/XSS/index.php index f1507fa..407e3b2 100644 --- a/XSS/index.php +++ b/XSS/index.php @@ -139,9 +139,9 @@
Logo
diff --git a/options/create.php b/options/create.php index 52622a6..737fc24 100644 --- a/options/create.php +++ b/options/create.php @@ -32,6 +32,90 @@ )"; $conn->exec($sql); echo "Table 'comontair' created successfully
"; + + $sql = "CREATE TABLE IF NOT EXISTS books ( + Id INT AUTO_INCREMENT PRIMARY KEY, + name TEXT NOT NULL, + author TEXT NOT NULL, + year INT NOT NULL + )"; + $conn->exec($sql); + echo "Table 'books' created successfully
"; + + $sql = "CREATE TABLE IF NOT EXISTS sport ( + id INT AUTO_INCREMENT PRIMARY KEY, + name TEXT NOT NULL + )"; + $conn->exec($sql); + echo "Table 'sport' created successfully
"; + + + $booksData = array( + array("To Kill a Mockingbird", "Harper Lee", 1960), + array("1984", "George Orwell", 1949), + array("The Great Gatsby", "F. Scott Fitzgerald", 1925), + array("Pride and Prejudice", "Jane Austen", 1813), + array("The Lord of the Rings", "J.R.R. Tolkien", 1954), + array("Harry Potter and the Philosopher's Stone", "J.K. Rowling", 1997), + array("Moby-Dick", "Herman Melville", 1851), + array("The Catcher in the Rye", "J.D. Salinger", 1951), + array("Brave New World", "Aldous Huxley", 1932), + array("The Hobbit", "J.R.R. Tolkien", 1937) + // Add more books and authors as needed + ); + + $sql = "INSERT INTO books (name, author,year) VALUES (:name, :author,:year)"; + $stmt = $conn->prepare($sql); + + foreach ($booksData as $data) { + $stmt->bindParam(':name', $data[0], PDO::PARAM_STR); + $stmt->bindParam(':author', $data[1], PDO::PARAM_STR); + $stmt->bindParam(':year', $data[2], PDO::PARAM_STR); + $stmt->execute(); + } + echo "books 'inserted successfully
"; +$sportsData = array( + "Football", + "Basketball", + "Tennis", + "Cricket", + "Baseball", + "Volleyball", + "Rugby", + "Golf", + "Swimming", + "Athletics", + "Ice Hockey", + "Table Tennis", + "Badminton", + "Boxing", + "Wrestling", + "Gymnastics", + "Cycling", + "Skiing", + "Figure Skating", + "Surfing", + "Martial Arts (e.g., Karate, Judo, Taekwondo)", + "American Football", + "Formula 1 Racing", + "Horse Racing", + "Archery", + "Sailing", + "Diving", + "Rowing", + "Triathlon", + "Skateboarding" +); + $sql = "INSERT INTO sport (name) VALUES (:name)"; + $stmt = $conn->prepare($sql); + + foreach ($sportsData as $data) { + $stmt->bindParam(':name', $data, PDO::PARAM_STR); + $stmt->execute(); + } + echo "books 'inserted successfully
"; + + } catch (PDOException $e) { echo "Connection failed: " . $e->getMessage(); }