This page lists files in the current directory. You can view content, get download/execute commands for Wget, Curl, or PowerShell, or filter the list using wildcards (e.g., `*.sh`).
wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/checkLoginHandler.php'<?php
session_start();
require "databaseHandler.php";
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
if(isset($_SESSION['username'])){
echo json_encode(array(
"success" => true,
"username"=>$_SESSION['username'],
"user_id" => $_SESSION['user_id']
));
exit;
}
else{
echo json_encode(array(
"success" => false
));
exit;
}
?>wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/createEventHandler.php'<?php
require "databaseHandler.php";
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
session_start();
// php://input recieves raw post data
$json_str = file_get_contents('php://input');
//This will store the data into an associative array
$json_obj = json_decode($json_str, true);
$title = $json_obj['title'];
$date = $json_obj['date'];
$time = $json_obj['time'];
$user_id = $_SESSION['user_id'];
$sql = "SELECT * FROM users WHERE `user_id` ='$user_id'";
$result = mysqli_query($mysqliConn,$sql);
$user = mysqli_fetch_assoc($result);
if(empty($title) || empty($date)|| empty($time)||empty($user_id)){
echo json_encode(array(
"success" => false,
"message" => "Empty Fields title:".$title." user_id: ".$user_id." username: ".$_SESSION['username']
));
exit;
}
else{
$sql = "INSERT INTO events(`user_id`,`date`,`time`,`title`) VALUES (?,?,?,?)";
$stmt = mysqli_stmt_init($mysqliConn);
if(!mysqli_stmt_prepare($stmt, $sql)){
echo json_encode(array(
"success" => false,
"message" => "SQL Error"
));
exit;
}
else{
mysqli_stmt_bind_param($stmt, "ssss", $user_id,$date,$time,$title);
//mysqli_stmt_execute($stmt);
if(mysqli_stmt_execute($stmt)){
echo json_encode(array(
"success" => true
));
exit;
}
else{
echo json_encode(array(
"success" => false,
"message" => "SQL Error"
));
exit;
}
}
}
return;wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/databaseHandler.php'<?php
$mysqliConn = mysqli_connect('localhost', 'mdrone', 'einstein', 'myCalendar');
if (!$mysqliConn){
die("Could not connect to database: ".mysqli_connect_error());
}
?>
wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/db.sql'DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`user_id` int(10) NOT NULL auto_increment,
`username` varchar(50) NOT NULL default '',
`password` varchar(100) NOT NULL default '',
PRIMARY KEY (`user_id`),
UNIQUE KEY `user_id` (`user_id`)
) ENGINE=MyISAM;
DROP TABLE IF EXISTS `events`;
CREATE TABLE `events` (
`event_id` int(10) NOT NULL auto_increment,
`user_id` int(10) NOT NULL,
`date` varchar(50) NOT NULL default '',
`time` varchar(50) NOT NULL default '',
`title` varchar(150) NOT NULL default '',
PRIMARY KEY (`event_id`),
UNIQUE KEY `event_id` (`event_id`)
) ENGINE=MyISAM;
wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/deleteEventHandler.php'<?php
require 'databaseHandler.php';
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
session_start();
// php://input recieves raw post data
$json_str = file_get_contents('php://input');
//This will store the data into an associative array
$json_obj = json_decode($json_str, true);
$event_id = $json_obj['event_id'];
$sql = "DELETE FROM events WHERE id=$event_id";
if(mysqli_query($mysqliConn,$sql)){
echo json_encode(array(
"success" => true
));
exit;
}
else{
echo json_encode(array(
"success" => false,
'message' => 'SQL error'
));
exit;
}
?>wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/editEventHandler.php'<?php
require "databaseHandler.php";
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
session_start();
// php://input recieves raw post data
$json_str = file_get_contents('php://input');
//This will store the data into an associative array
$json_obj = json_decode($json_str, true);
$title = $json_obj['title'];
$date = $json_obj['date'];
$time = $json_obj['time'];
$event_id = $json_obj['event_id'];
if(empty($title)|| empty($date)|| empty($time)){
echo json_encode(array(
"success" => false,
"message" => "One of the fields is empy"
));
exit;
}
else{
$sql ="UPDATE events SET `date`='$date', `time`='$time',`title`='$title' WHERE id =$event_id";
if(mysqli_query($mysqliConn,$sql)){
echo json_encode(array(
"success" => true,
'message' => 'Updated event'
));
exit;
}
else{
echo json_encode(array(
"success" => false,
"message" => "couldn't update event"
));
}
}
// if(empty($title)&& empty($date)&&empty($time)){
// echo json_encode(array(
// "success" => false,
// "message" => "All Fields Empty"
// ));
// exit;
// }
// else if(!empty($title)&& empty($date)&&empty($time)){
// $sql ="UPDATE events set `title`='$title' WHERE id =$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// 'message' => 'Updated Title'
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update title"
// ));
// exit;
// }
// }
// else if(!empty($title)&& !empty($date)&&empty($time)){
// $sql ="UPDATE events set `title`='$title' `date`='$date' WHERE id=$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// "message" => "Title and Date Updated"
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update title and date"
// ));
// exit;
// }
// }
// else if(!empty($title)&& !empty($date)&&!empty($time)){
// $sql ="UPDATE events set `title`='$title' `date`='$date' `time`='$time' WHERE id=$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// "message" => "Updated All Fields"
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update all fields"
// ));
// exit;
// }
// }
// else if(empty($title)&& !empty($date)&&empty($time)){
// $sql ="UPDATE events set `date`='$date' WHERE id=$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// "message" => "Updated Date"
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update date"
// ));
// exit;
// }
// }
// else if(empty($title)&& !empty($date)&&!empty($time)){
// $sql ="UPDATE events set `date`='$date' `time`='$time' WHERE id=$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// "message" => "Updated date and time"
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update date and time"
// ));
// exit;
// }
// }
// else if(empty($title)&& empty($date)&&!empty($time)){
// $sql ="UPDATE events set `time`='$time' WHERE id=$event_id";
// if(mysqli_query($mysqliConn,$sql)){
// echo json_encode(array(
// "success" => true,
// "message" => "Updated Time"
// ));
// exit;
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "Couldn't update time"
// ));
// exit;
// }
// }
// else{
// echo json_encode(array(
// "success" => false,
// "message" => "unkown error"
// ));
// exit;;
// }
?>wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/getEventHandler.php'<?php
require 'databaseHandler.php';
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
session_start();
$json_str = file_get_contents('php://input');
$json_obj = json_decode($json_str, true);
$user_id = $json_obj['user_id'];
$sql = "SELECT * FROM events WHERE `user_id`=$user_id ORDER BY `time` ASC";
$result = mysqli_query($mysqliConn,$sql);
if($result){
$events = mysqli_fetch_all($result, MYSQLI_ASSOC);
echo json_encode(array(
"success" => true,
"events" => $events
));
exit;
}
else{
echo json_encode(array(
"success" => false,
"message" => 'SQL Error'
));
exit;
}
?>
wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/loginHandler.php'<?php
require "databaseHandler.php";
header("Content-Type: application/json"); // Since we are sending a JSON response here (not an HTML document), set the MIME Type to application/json
// php://input recieves raw post data
$json_str = file_get_contents('php://input');
//This will store the data into an associative array
$json_obj = json_decode($json_str, true);
$userCred = $json_obj['username'];
$password = $json_obj['password'];
if(empty($userCred) || empty($password)){
echo json_encode(array(
"success" => false,
"message" => "Empty Username or Password"
));
exit;
}
else{
$sql = "SELECT * FROM users WHERE username=?";
$stmt = mysqli_stmt_init($mysqliConn);
if(!mysqli_stmt_prepare($stmt, $sql)){
echo json_encode(array(
"success" => false,
"message" => "MySql error"
));
exit;
}
else{
mysqli_stmt_bind_param($stmt,"s",$userCred);
mysqli_stmt_execute($stmt);
$data = mysqli_stmt_get_result($stmt);
#The selected row of the table is represented by an assciative array
if($row = mysqli_fetch_assoc($data)){
#checks to see if password matches, unhashes and rehashes
$pwdCheck = password_verify($password, $row['password']);
if($pwdCheck==false){
echo json_encode(array(
"success" => false,
"message" => "Wrong password"
));
exit;
}
else if($pwdCheck==true){
session_start();
$_SESSION['username'] = $row["username"];
$_SESSION['user_id'] = $row["user_id"];
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
echo json_encode(array(
"success" => true,
"username"=>$userCred,
"user_id" => $_SESSION['user_id']
));
exit;
}
else{
echo json_encode(array(
"success" => false,
"message" => "Wrong password"
));
exit;
}
}
else{
echo json_encode(array(
"success" => false,
"message" => "Username doesn't exist"
));
exit;
}
}
}
// if(isset($_POST['login-submit'])){
// require "databaseHandler.php";
// $userCred = $_POST['username'];
// $password = $_POST['pwd'];
// if(empty($userCred) || empty($password)){
// header("Location: ../index.php?error=emptyfields");
// exit();
// }
// else{
// $sql = "SELECT * FROM users WHERE username=?";
// $stmt = mysqli_stmt_init($mysqliConn);
// if(!mysqli_stmt_prepare($stmt, $sql)){
// header("Location: ../index.php?error=sqlError");
// exit();
// }
// else{
// mysqli_stmt_bind_param($stmt,"s",$userCred);
// mysqli_stmt_execute($stmt);
// $data = mysqli_stmt_get_result($stmt);
// #The selected row of the table is represented by an assciative array
// if($row = mysqli_fetch_assoc($data)){
// #checks to see if password matches, unhashes and rehashes
// $pwdCheck = password_verify($password, $row['password']);
// if($pwdCheck==false){
// header("Location: ../index.php?error=wrongpassword");
// exit();
// }
// else if($pwdCheck==true){
// session_start();
// $_SESSION['username'] = $row["username"];
// $_SESSION['userId'] = $row["user_id"];
// $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
// header("Location: ../index.php?LoginSuccess");
// exit();
// }
// else{
// header("Location: ../index.php?error=wrongpassword");
// exit();
// }
// }
// else{
// header("Location: ../index.php?error=noUsersMatch");
// exit();
// }
// }
// }
// }
// else{
// header("Location: ../index.php");
// exit();
// }wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/logoutHandler.php'<?php
session_start();
session_unset();
if(session_destroy()){
echo json_encode(array(
"success" => true
));
exit;
}else{
echo json_encode(array(
"success" => false,
"message" => "Incorrect Username or Password"
));
exit;
}
?>wget 'https://sme10.lists2.roe3.org/mdrone/Ajax-Calendar/includes/signupHandler.php'<?php
//This page soley handles the create of a new user
require 'databaseHandler.php';
// php://input recieves raw post data
$json_str = file_get_contents('php://input');
//This will store the data into an associative array
$json_obj = json_decode($json_str, true);
$username = $json_obj['username'];
$password = $json_obj['password'];
$passwordRepeat = $json_obj['passwordRepeat'];
if(empty($username)|| empty($password)|| empty($passwordRepeat)){
echo json_encode(array(
"success" => false,
"message" => "Empty Fields"
));
exit;
}
else if($password != $passwordRepeat){
echo json_encode(array(
"success" => false,
"message" => "Passwords do not match"
));
exit;
}
else{
$sql = "SELECT username FROM users WHERE username=?";
$stmt = mysqli_stmt_init($mysqliConn);
if(!mysqli_stmt_prepare($stmt, $sql)){
echo json_encode(array(
"success" => false,
"message" => "sql username error"
));
exit;
}
else{
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if($resultCheck>0){
echo json_encode(array(
"success" => false,
"message" => "Username has been taken"
));
exit;
}
else{
$sql = "INSERT INTO users(username,password) VALUES (?,?)";
$stmt = mysqli_stmt_init($mysqliConn);
if(!mysqli_stmt_prepare($stmt, $sql)){
echo json_encode(array(
"success" => false,
"message" => "Username or Password error"
));
exit;
}
else{
$hashedPassword = password_hash($password,PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "ss", $username,$hashedPassword);
mysqli_stmt_execute($stmt);
$stmt = "SELECT * FROM users WHERE username='$username'";
$data = mysqli_query($mysqliConn,$stmt);
if($row = mysqli_fetch_assoc($data)){
session_start();
$_SESSION['username'] = $row["username"];
$_SESSION['user_id'] = $row["user_id"];
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
echo json_encode(array(
"success" => true,
"username" => $username,
"user_id" => $_SESSION['user_id']
));
exit;
}
else{
echo json_encode(array(
"success" => false,
"message" => "couldn't get username and user_id"
));
exit;
}
}
}
}
}
mysqli_stmt_close($stmt);
mysqli_close($mysqliConn);
?>