forked from interference-security/DVWS
-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup.php
137 lines (134 loc) · 3.45 KB
/
setup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<?php
$reply_data = "";
try
{
require("includes/connect-db.php");
try
{
$reply_data .= "<b>Setup started</b><br><br>";
$sql_query = "drop table if exists users";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Dropped 'users' table<br>";
}
else
{
$reply_data .= "Failed to drop 'users' table<br>";
}
//$sql_query = "create table users(Name varchar(255) NOT NULL, Comment varchar(1000) NOT NULL)";
$sql_query = "create table users(`username` varchar(50) NOT NULL, `first_name` varchar(50) NOT NULL, `last_name` varchar(50) NOT NULL, `password` varchar(50) NOT NULL, PRIMARY KEY (`username`))";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Created 'users' table<br>";
}
else
{
$reply_data .= "Failed to create 'users' table<br>";
}
$sql_query = "insert into users values('admin','Super','Administrator','admin')";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Added 1st row to 'users' table<br>";
}
else
{
$reply_data .= "Failed to add a row to 'users' table<br>";
}
$sql_query = "insert into users values('bob','Bob','Builder','bobbuilder')";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Added 2nd row to 'users' table<br>";
}
else
{
$reply_data .= "Failed to add a row to 'users' table<br>";
}
$sql_query = "insert into users values('jsmith','John','Smith','password')";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Added 3rd row to 'users' table<br>";
}
else
{
$reply_data .= "Failed to add a row to 'users' table<br>";
}
$sql_query = "drop table if exists comments";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Dropped 'comments' table<br>";
}
else
{
$reply_data .= "Failed to drop 'comments' table<br>";
}
$sql_query = "create table comments(Name varchar(255) NOT NULL, Comment varchar(1000) NOT NULL)";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Created 'comments' table<br>";
}
else
{
$reply_data .= "Failed to create 'comments' table<br>";
}
$sql_query = "insert into comments values('Admin','I like this website.')";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Added 1st row to 'comments' table<br>";
}
else
{
$reply_data .= "Failed to add a row to 'comments' table<br>";
}
$sql_query = "insert into comments values('Bob','Did we pentest this site?')";
$result = mysqli_query($con, $sql_query);
if($result)
{
$reply_data .= "Added 2nd row to 'comments' table<br>";
}
else
{
$reply_data .= "Failed to add a row to 'comments' table<br>";
}
$reply_data .= "<br><b>Setup finished</b>";
mysqli_close($con);
}
catch(Exception $e)
{
$reply_data = "Something went wrong. Could not get data.";
}
}
catch(Exception $e)
{
$reply_data = "Database connection file not found";
}
$page_data = <<<EOT
<div class="page-header">
<h1>DVWS: Database Setup</h1>
</div>
<div class="row">
<div class="col-md-12">
<p>
Ensure that you have set the correct MySQL hostname, username, password and existing database name in "<i>includes/connect-db.php</i>" file.<br><br>
$reply_data
</p>
</div>
</div>
<div class="row">
<div class="col-md-12">
<p id="result">
</p>
</div>
</div>
EOT;
$page_script= <<<EOT
EOT;
?>
<?php require_once('includes/template.php'); ?>