Merge pull request #18 from SamuraiWTF/Aug-2023-Misc

Aug 2023 misc
SamuraiWTF · Aug 23, 2023 · 1e7be80 · 1e7be80
2 parents fd77f37 + f4ee0a1
commit 1e7be80
Show file tree

Hide file tree

Showing 6 changed files with 107 additions and 14 deletions.
diff --git a/src/basic/css/dojo-basic.css b/src/basic/css/dojo-basic.css
@@ -1,35 +1,100 @@
+body {
+    font-family: Arial, sans-serif;
+    color: #333333;
+    line-height: 1.6;
+    background-color: #ffffff;
+}
+
 #titlebar {
     text-align: center;
-    color: darkblue;
-    background-color: lightblue;
+    color: #ffffff;
+    background-color: #003366;
+    padding: 15px 0;
 }
 
 #footerbar {
     text-align: center;
+    padding: 10px 0;
+    background-color: #e6f7ff;
 }
 
 #title-error {
-    color: lightcoral;
+    color: #ff9900; /* Accent color for error messages */
 }
 
 .sidenav {
-    color: dimgrey;
-    background-color: lightblue;
+    color: #333333;
+    background-color: #e6f7ff;
+    padding: 15px;
 }
 
 .menu-heading {
     font-weight: bolder;
 }
 
 .nav-pills a {
-    color: darkslateblue;
+    color: #003366;
+    padding: 5px;
+    display: block;
+    transition: all 0.3s ease;
 }
 
 .nav-pills a:hover {
-    color:cornflowerblue;
-    background-color: beige;
+    color: #ff9900;
+    background-color: #f0f0f0;
 }
 
 .page-title {
     text-align: center;
+    font-size: 24px;
+}
+
+input[type="text"],
+input[type="password"] {
+    padding: 10px;
+    width: 100%;
+    margin: 5px 0;
+    border: 1px solid #ccc;
+}
+
+input[type="submit"] {
+    padding: 10px 15px;
+    background-color: #ff9900;
+    color: #fff;
+    border: none;
+    cursor: pointer;
+    transition: all 0.3s ease;
+}
+
+input[type="submit"]:hover {
+    background-color: #e68a00; /* Darker shade of orange */
+}
+
+.blog-controls {
+    display: flex;
+    align-items: center;
+    justify-content: flex-start;
+    margin-bottom: 20px;
+}
+
+.blog-controls p {
+    margin-right: 10px; /* Add spacing between the label and the dropdown */
+}
+
+.blog-controls select {
+    margin-right: 10px; /* Add spacing between the dropdown and the submit button */
+    padding: 5px; /* Add padding for a comfortable click area */
+}
+
+.blog-controls input[type="submit"] {
+    background-color: #ff9900; /* Accent color */
+    color: #fff;
+    border: none;
+    padding: 5px 10px;
+    cursor: pointer;
+    transition: all 0.3s ease;
+}
+
+.blog-controls input[type="submit"]:hover {
+    background-color: #e68a00; /* Darker shade of orange */
 }
diff --git a/src/basic/favicon.ico b/src/basic/favicon.ico
diff --git a/src/basic/header.php b/src/basic/header.php
@@ -7,6 +7,11 @@
 $password = $_REQUEST["password"];
 $dosomething = $_REQUEST["do"];
 
+$page = isset($_GET['page']) ? $_GET['page'] : '';
+if ($page === "login.php") {
+    header("Content-Security-Policy: script-src 'self'");
+}
+
 if ($username <> "" and $password <> "") {
 	$query  = "SELECT * FROM accounts WHERE username='". $username ."' AND password='".stripslashes($password)."'";
 	$result = $conn->query($query) or die(mysqli_error($conn) . '<p><b>SQL Statement:</b>' . $query);
@@ -35,6 +40,11 @@
 	} else {
 		$failedloginflag=1;
 	}
+
+	if ($failedloginflag == 1) {
+        $tag = isset($_GET['tag']) ? $_GET['tag'] : '';
+        echo '<meta http-equiv="refresh" content="0;url=index.php?page=login.php&tag=' . $tag . '">';
+    }
 }
 
 switch ($dosomething) {
@@ -110,7 +120,6 @@
 		<li><a href="?page=add-to-your-blog.php">Blog Entry</a></li>
 		<li><a href="?page=view-someones-blog.php">View Blogs</a></li>
 		<li><a href="?page=text-file-viewer.php">Reading Room</a></li>
-		<li><a href="snake/">Play Snake</a></li>
         <li><a href="?do=logout">Logout</a></li>
            <hr/><h4><div class="menu-heading">User Utilities</div></h4>
         <li><a href="?page=browser-info.php">Browser Info</a></li>

diff --git a/src/basic/login.php b/src/basic/login.php
@@ -4,8 +4,18 @@
 if ($failedloginflag==1) {
 	echo '<h1><font color="#ff0000">Bad user name or password!</font></h1>';
 }
-echo "<form method=\"POST\" action=\"" .$_SERVER['SCRIPT_NAME'] . "?" . $_SERVER['QUERY_STRING'] . "\">";
+
+$tag = isset($_GET['tag']) ? $_GET['tag'] : 'basic';
+$query_string = $_SERVER['QUERY_STRING'];
+$action_tag = $tag;
+if (preg_match('/\b\w+\b/', $tag, $matches)) {
+    $action_tag = $matches[0];
+}
+$action_url = $_SERVER['SCRIPT_NAME'] . "?" . $query_string . "&tag=" . $action_tag;
+
 ?>
+<form method="POST" action="<?php echo $action_url; ?>">
+    <input type="hidden" name="tag" value="<?php echo htmlspecialchars_decode($tag, ENT_IGNORE); ?>" />
 	<p>Enter your username and password:</p>
 	<p>Name:<br><input type="text" name="user_name" size="20"></p>
 	<p>Password:<br><input type="password" name="password" size="20"></p>

diff --git a/src/basic/user-info.php b/src/basic/user-info.php
@@ -1,13 +1,21 @@
 <div class="page-title"><h2>Account Details</h2></div>
 
 <?php
+
 $password = $_REQUEST["password"];
 $signature = $_REQUEST["signature"];
 $cid = base64_decode($_COOKIE["uid"]);
 if ($password <> "") {
-	$query = "UPDATE accounts SET password='" . $password . "', mysignature='" . $signature . "' WHERE cid='" . $cid . "'";
-	$result = $conn->query($query) or die(mysqli_error($conn) . '<p><b>SQL Statement:</b>' . $query);
-	header("Location: ".$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING']);
+    $query = "UPDATE accounts SET password='" . $password . "', mysignature='" . $signature . "' WHERE cid='" . $cid . "'";
+    $result = $conn->query($query) or die(mysqli_error($conn) . '<p><b>SQL Statement:</b>' . $query);
+    // Output success message that the information was updated
+    echo '<div class="alert alert-success" role="alert">Account information updated!</div>';
+    // header("Location: ".$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING']);
+} else {
+    // Output error message that the password must be filled in
+    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+        echo '<div class="alert alert-danger" role="alert">Password must contain a value!</div>';
+    }
 }
 
 ?>

diff --git a/src/basic/view-someones-blog.php b/src/basic/view-someones-blog.php
@@ -6,6 +6,7 @@
 $query  = "SELECT * FROM accounts";
 $result = $conn->query($query) or die(mysqli_error($conn) . '<p><b>SQL Statement:</b>' . $query);;
 //echo $result;
+echo '<div class="blog-controls">';
 echo '<p>Show only:<select size="1" name="show_only_user">';
 echo '<option value="">Choose someone</option>\n';
 echo '<option value="Show All Users">Show All Users</option>\n';
@@ -14,7 +15,7 @@
     echo '<option value="' . $row['username'] . '">' . $row['username'] . '</option>\n';
 
 }
-echo '</select><input type="submit" value="Submit" name="Submit_button">';
+echo '</select><input type="submit" value="Submit" name="Submit_button"></div>';
 
 ?>
 <?php