Base code added

CUEH · Nov 22, 2021 · ebd8885abcb85fdb2f303f016e6bdaa36a5b15da · ebd8885
1 parent e1332dd
commit ebd8885abcb85fdb2f303f016e6bdaa36a5b15da
Show file tree

Hide file tree

Showing 10 changed files with 650 additions and 0 deletions.
diff --git a/html/bootstrap.min.css b/html/bootstrap.min.css
diff --git a/html/conn.php b/html/conn.php
@@ -0,0 +1,3 @@
+<?php
+$db = new SQLITE3("R@n40mD@tab4se.sqlite");
+?>
diff --git a/html/enquire.php b/html/enquire.php
@@ -0,0 +1,97 @@
+<?php
+// Start the session
+session_start();
+?>
+
+<!doctype html>
+<html lang="en">
+    <head>
+	<!-- Required meta tags -->
+	<meta charset="utf-8">
+	<meta name="viewport" content="width=device-width, initial-scale=1">
+
+	<!-- Bootstrap CSS -->
+	<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
+	<link href="/bootstrap.min.css" rel="stylesheet">
+	<title>Learn Hacking (Again)!</title>
+    </head>
+    <body>
+	<div class="container">
+	    <header class="p-3 mb-3 border-bottom" style="background-color: #e3f2fd;">
+		<div class="container">
+		    <div class="d-flex flex-wrap align-items-center justify-content-center justify-content-lg-start">
+			<a href="/" class="d-flex align-items-center mb-2 mb-lg-0 text-dark text-decoration-none">
+			    <img class="bi me-2" width="40" height="32" role="img" aria-label="Bootstrap" src="/images/HoodieHacker.svg"></img>
+			</a>
+
+			<ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
+			    <li><a href="/" class="nav-link px-2 link-dark">Overview</a></li>
+			    <li><a href="/topics.php" class="nav-link px-2 link-dark">Topics</a></li>
+			    <li><a href="/enquire.php" class="nav-link px-2 link-secondary">Enquiries</a></li>
+			    <?php
+			    if (isset($_SESSION["userid"])){
+                    echo '<li><a href="/profile.php" class="nav-link px-2 link-dark">Profile</a></li>';
+                    echo '<li><a href="/logout.php" class="nav-link px-2 link-dark">Logout</a></li>';
+                            }
+			    else{
+				echo '<li><a href="/login.php" class="nav-link px-2 link-dark">Login</a></li>';
+                            }
+			    ?>
+
+			</ul>
+
+			<form class="col-12 col-lg-auto mb-3 mb-lg-0 me-lg-3">
+			    <input type="search" class="form-control" placeholder="Search..." aria-label="Search">
+			</form>
+
+		    </div>
+		</div>
+	    </header>
+
+	    <div class="row">
+		<h1>Ask the Course Team</h1>
+		<p> Have a question for the team,  let us know here</p>
+		<!-- Honestly, its still not worth faffing with this -->
+		<form method="POST">
+		    <div class="mb-3">
+			<label for="email" class="form-label">Email address</label>
+			<input type="email" class="form-control" id="email" name="email" aria-describedby="emailHelp" required>
+			<div id="emailHelp" class="form-text">We'll never share your email with anyone else.</div>
+		    </div>
+
+		    <div class="mb-3">
+			<label for="query" class="form-label">Query</label>
+			<textarea class="form-control" id="query" name="query" rows="10" required></textarea>
+		    </div>
+
+		    <button type="submit" name="submit" class="btn btn-primary">Submit</button>
+		</form>
+	    </div>
+
+	    <div class="row">
+		<?php
+		//The Response
+		if (isset($_POST["submit"])){
+		?>
+		    <div class="alert alert-success">
+			<p>Thank you for your query <strong><?php echo htmlspecialchars($_POST["email"]) ?></strong>,  it has been filed in <code>/dev/null</code></p>
+	      </div>
+	  <?php
+	  }
+
+	  ?>
+
+      </div>
+    </div>
+    <!-- Optional JavaScript; choose one of the two! -->
+
+    <!-- Option 1: Bootstrap Bundle with Popper -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
+
+    <!-- Option 2: Separate Popper and Bootstrap JS -->
+    <!--
+    <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js" integrity="sha384-7+zCNj/IqJ95wo16oMtfsKbZ9ccEh31eOz1HGyDuCQ6wgnyJNSYdrPa03rtR1zdB" crossorigin="anonymous"></script>
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js" integrity="sha384-QJHtvGhmr9XOIpI6YVutG+2QOK9T+ZnN4kzFN1RtK3zEFEIsxhlmWl5/YESvpZ13" crossorigin="anonymous"></script>
+    -->
+  </body>
+</html>
diff --git a/html/index.php b/html/index.php
@@ -0,0 +1,82 @@
+<?php
+// Start the session
+session_start();
+if(isset($_COOKIE["PHPSESSID"])){
+    header('Set-Cookie: PHPSESSID='.$_COOKIE["PHPSESSID"].'; SameSite=Lax');
+}
+?>
+<!-- Code at https://github.coventry.ac.uk/CUEH/Learn_Hacking_Web -->
+<!doctype html>
+<html lang="en">
+  <head>
+    <!-- Required meta tags -->
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    <!-- Bootstrap CSS -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
+    <link href="/bootstrap.min.css" rel="stylesheet">
+    <title>Learn Hacking (Again)</title>
+  </head>
+  <body>
+    <div class="container">
+	<header class="p-3 mb-3 border-bottom" style="background-color: #e3f2fd;">
+	    <div class="container">
+		<div class="d-flex flex-wrap align-items-center justify-content-center justify-content-lg-start">
+          <a href="/" class="d-flex align-items-center mb-2 mb-lg-0 text-dark text-decoration-none">
+            <img class="bi me-2" width="40" height="32" role="img" aria-label="Bootstrap" src="/images/HoodieHacker.svg"></img>
+          </a>
+
+          <ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
+            <li><a href="/" class="nav-link px-2 link-secondary">Overview</a></li>
+            <li><a href="/topics.php" class="nav-link px-2 link-dark">Topics</a></li>
+            <li><a href="/enquire.php" class="nav-link px-2 link-dark">Enquiries</a></li>
+	    <?php
+            if (isset($_SESSION["userid"])){
+                //Good god, I hate the jankyness of PHP sometimes
+                echo '<li><a href="/profile.php" class="nav-link px-2 link-dark">Profile</a></li>';
+                echo '<li><a href="/logout.php" class="nav-link px-2 link-dark">Logout</a></li>';
+            }
+            else{
+                echo '<li><a href="/login.php" class="nav-link px-2 link-dark">Login</a></li>';
+            }
+            ?>
+
+          </ul>
+
+          <form class="col-12 col-lg-auto mb-3 mb-lg-0 me-lg-3">
+              <input type="search" class="form-control" placeholder="Search..." aria-label="Search">
+          </form>
+
+	</div>
+      </div>
+      </header>
+
+      <h1>Learn Hacking (Yet Again)</h1>
+
+      <p>Welcome to our new site around learning cyber secuity topics.</p>
+      <p>Given the issues with the <strong>Learning Engagement Platform</strong>, and the <wiki> we
+	  are have decided to enforce a login system...
+      </p>
+
+      <h3>Want to learn more</h3>
+      <p>See the:
+	  <ul>
+	      <li><a href="/topics.php">Topics we offer</a></li>
+              <li><a href="/enquire.php">Enquire about the Course</a></li>
+	</ul>
+    </p>
+
+    </div>
+    <!-- Optional JavaScript; choose one of the two! -->
+
+    <!-- Option 1: Bootstrap Bundle with Popper -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
+
+    <!-- Option 2: Separate Popper and Bootstrap JS -->
+    <!--
+    <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js" integrity="sha384-7+zCNj/IqJ95wo16oMtfsKbZ9ccEh31eOz1HGyDuCQ6wgnyJNSYdrPa03rtR1zdB" crossorigin="anonymous"></script>
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js" integrity="sha384-QJHtvGhmr9XOIpI6YVutG+2QOK9T+ZnN4kzFN1RtK3zEFEIsxhlmWl5/YESvpZ13" crossorigin="anonymous"></script>
+    -->
+  </body>
+</html>
diff --git a/html/login.php b/html/login.php
@@ -0,0 +1,132 @@
+<?php
+// Start the session
+session_start();
+if(isset($_COOKIE["PHPSESSID"])){
+    header('Set-Cookie: PHPSESSID='.$_COOKIE["PHPSESSID"].'; SameSite=Lax');
+}
+?>
+
+<!doctype html>
+<html lang="en">
+    <head>
+      <!-- Required meta tags -->
+      <meta charset="utf-8">
+      <meta name="viewport" content="width=device-width, initial-scale=1">
+
+      <!-- Bootstrap CSS -->
+      <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
+      <link href="/bootstrap.min.css" rel="stylesheet">
+      <title>Learn Hacking (Again)!</title>
+    </head>
+
+    <body>
+      <div class="container">
+	<header class="p-3 mb-3 border-bottom" style="background-color: #e3f2fd;">
+          <div class="container">
+	    <div class="d-flex flex-wrap align-items-center justify-content-center justify-content-lg-start">
+                  <a href="/" class="d-flex align-items-center mb-2 mb-lg-0 text-dark text-decoration-none">
+                               <img class="bi me-2" width="40" height="32" role="img" aria-label="Bootstrap" src="/images/HoodieHacker.svg"/>
+              </a>
+
+              <ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
+              <li><a href="/" class="nav-link px-2 link-dark">Overview</a></li>
+              <li><a href="/topics.php" class="nav-link px-2 link-secondary">Topics</a></li>
+		      <li><a href="/enquire.php" class="nav-link px-2 link-dark">Enquiries</a></li>
+               <?php
+                     if (isset($_SESSION["userid"])){
+                         echo '<li><a href="/profile.php" class="nav-link px-2 link-dark">Profile</a></li>';
+                         echo '<li><a href="/logout.php" class="nav-link px-2 link-dark">Logout</a></li>';
+                         }
+                     else{
+                         echo '<li><a href="/login.php" class="nav-link px-2 link-dark">Login</a></li>';
+                         }
+                ?>
+              </ul>
+
+              <form class="col-12 col-lg-auto mb-3 mb-lg-0 me-lg-3">
+		<input type="search" class="form-control" placeholder="Search..." aria-label="Search">
+              </form>
+
+	    </div>
+          </div>
+	</header>
+
+	<div class="row">
+	  <div class="col-8">
+
+	    <form class="form-signin" method="post">
+              <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
+              <label for="inputEmail" class="sr-only">uusername</label>
+              <input type="email" id="inputEmail" name="email" class="form-control" placeholder="email" required autofocus>
+              <label for="inputPassword" class="sr-only">Password</label>
+              <input type="password" id="inputPassword" name="password" class="form-control" placeholder="Password" required>
+              <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
+	    </form>
+	  </div>    
+	</div>
+
+
+<!-- Code at https://github.coventry.ac.uk/CUEH/Learn_Hacking_Web -->        
+<?php
+require("conn.php");
+
+//Login Throttle
+$date = new DateTime();
+$ts = $date->getTimestamp();
+$control = $db->querySingle('SELECT * from loginControl WHERE id=1', true);
+$timeTaken = $ts-$control["last"];
+
+if ($control["sleepTill"] - $ts > 0){
+   http_response_code(403);
+   $timeLeft = $control["sleepTill"]-$ts;
+   die("<div class='alert alert-warning'>Too Many Requests: Sleeping for {$timeLeft}</div>");
+}
+
+$theCount = $control["count"];
+if ($theCount > 15){
+    $sleepyTime = $ts+5;
+    $qryString = "UPDATE loginControl SET count = 0, last = {$ts}, sleepTill={$sleepyTime} WHERE id = 1";
+    $db->querySingle($qryString);
+    $theCount = 0;
+}
+
+
+
+//Login Logic
+$email = $_POST["email"];
+$password = $_POST["password"];
+$hash = md5($password);
+
+if (isset($email)) {
+
+    $newCount = $theCount + 1;
+    $qryString = "UPDATE loginControl SET count = {$newCount}, last = {$ts} WHERE id = 1";    
+    $db->querySingle($qryString);
+
+
+    $qry = "SELECT * FROM users WHERE email='{$email}'";
+    $result = $db->query($qry);
+    $row = $result->fetchArray();
+
+    if ($row){
+        if (strcmp($hash, $row['password']) !== 0 ){
+            echo "<div class='alert alert-info'>Incorrect Password for ${row['email']}</div>";
+        }
+        else {
+            echo "<div class='alert alert-success'>Login Correct</div>";
+            $_SESSION["userid"] = $row["id"];
+            $_SESSION["email"] = $row["email"];
+            $_SESSION["name"] = $row["name"];
+        }
+
+    }
+    else {
+        echo "<div class='alert alert-info'>No Such User</div>";
+    }
+}
+?>
+
+
+      </div>
+    </body>
+</html>
diff --git a/html/logout.php b/html/logout.php
@@ -0,0 +1,10 @@
+<?php
+// Start the session
+session_start();
+// remove all session variables
+session_unset();
+
+// destroy the session
+session_destroy();
+header("Location:index.php");
+?>