diff --git a/connect.php b/connect.php
index 1c61e92..538d898 100644
--- a/connect.php
+++ b/connect.php
@@ -18,7 +18,8 @@
}
// Connect to session
- session_start();
+ session_start();
+ session_regenerate_id(true);
// Check Login
function logged_in() {
diff --git a/guestbook.php b/guestbook.php
index 5cc2e59..7edf2d7 100644
--- a/guestbook.php
+++ b/guestbook.php
@@ -13,13 +13,15 @@
if(isset($_POST['entry']) && $_POST['entry'] != "") {
$id = $_SESSION['userid'];
- $entry = $_POST['entry'];
+ $entry = filter_input(INPUT_POST, 'entry', FILTER_SANITIZE_SPECIAL_CHARS); //$_POST['entry'];
$query = "select * from `users` where `id` = '$id' LIMIT 1";
$result = $db->query($query);
if ($row = $result->fetch_assoc()) {
$username = $row['username'];
}
- $query = "INSERT INTO `guestbook` (`username`, `entry`) VALUES ('$username', '$entry');";
+
+
+ $query = "INSERT INTO `guestbook` (`username`, `entry`) VALUES ('" . $db->real_escape_string($username) . "', '" . $db->real_escape_string($entry) . "');";
$result = $db->query($query);
$db->commit();
print('
diff --git a/index.php b/index.php
index 6ec7e10..e68985c 100644
--- a/index.php
+++ b/index.php
@@ -1,8 +1,10 @@
");
include "connect.php";
+
+
+echo("");
include "head.php";
echo("");
@@ -25,10 +27,10 @@
@@ -37,8 +39,14 @@
');
-if (isset($_GET['site']) && $_GET['site'] != "") {
- include $_GET['site'];
+$allowed_pages = [
+ 'guestbook',
+ 'login',
+ 'logout'
+];
+
+if (isset($_GET['site']) && $_GET['site'] != "" && in_array( $_GET['site'], $allowed_pages) ) {
+ require $_GET['site'] . '.php';
} else {
$description = nl2br(file_get_contents("README.md"));
echo('
diff --git a/login.php b/login.php
index 0dce5fc..2deca39 100644
--- a/login.php
+++ b/login.php
@@ -2,7 +2,8 @@
function login($username, $password) {
global $db;
- $query = "select `id` from `users` where `username` = '$username' AND `password` = '$password'";
+ $query = "select `id` from `users` where `username` = '" . $db->real_escape_string($username) . "' AND `password` = '" . $db->real_escape_string($password) . "';";
+
$result = $db->query($query);
if ($result->num_rows > 0 && $row = $result->fetch_assoc()) {
$_SESSION['logged_in'] = true;
@@ -32,7 +33,7 @@ function login($username, $password) {
Private Area
Hey ' . $username . '. Nice to have you here!
- Logout
+ Logout
diff --git a/setup/setup.sh b/setup/setup.sh
index b0cf1b7..1db0251 100755
--- a/setup/setup.sh
+++ b/setup/setup.sh
@@ -2,5 +2,5 @@
echo "Setting up database"
mysql --user=che --password=che < create_db.sql
-
+rm create_db.sql
echo "Finished..."
\ No newline at end of file