Nächste Seite: Re: MySQL, Bash Aufwärts: Graphen, Schaltwerke und Zahlen Vorherige Seite: Re: MySQL, Bash
ECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*(a OR b) AND c = a AND c OR b AND c*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*(a OR c) AND b = a AND b OR c AND b*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*(b OR c) AND a = b AND a OR c AND a*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
057/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test058", \$handle);
mysql_query ("INSERT INTO def VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name4", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
mysql_close (\$handle);
?>
058/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
echo htmlentities (\$_COOKIE ["Cookie58"]) . "<br>n";
echo htmlentities (\$_COOKIE ["Cookie58a"]) . "<br>n";
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
session_destroy ();
?>
058/form1.php
POST /058/form1.php HTTP/1.1
host: localhost
Cookie: Cookie58a=COOKIE58a
Content-Length: 14
Content-Type: application/x-www-form-urlencoded
pwd1=PASSWORD1
058/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 637
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test058;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE test058
Database changed
MariaDB [test058]> CREATE TABLE abc (name1 VARCHAR (8), name2 VARCHAR (8));
Query OK, 0 rows affected (0.054 sec)
MariaDB [test058]> CREATE TABLE def (name3 VARCHAR (8), name4 VARCHAR (8));
Query OK, 0 rows affected (0.058 sec)
MariaDB [test058]> INSERT INTO abc VALUES ("001", "001");
Query OK, 1 row affected (0.031 sec)
MariaDB [test058]> INSERT INTO abc VALUES ("001", "002");
Query OK, 1 row affected (0.027 sec)
MariaDB [test058]> INSERT INTO abc VALUES ("002", "001");
Query OK, 1 row affected (0.028 sec)
MariaDB [test058]> INSERT INTO abc VALUES ("002", "002");
Query OK, 1 row affected (0.031 sec)
MariaDB [test058]> INSERT INTO def VALUES ("001", "001");
Query OK, 1 row affected (0.035 sec)
MariaDB [test058]> INSERT INTO def VALUES ("001", "002");
Query OK, 1 row affected (0.030 sec)
MariaDB [test058]> SELECT * FROM abc;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 001 |
| 002 | 002 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test058]> SELECT * FROM def;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
+-------+-------+
2 rows in set (0.001 sec)
MariaDB [test058]> SELECT * FROM abc JOIN def;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
8 rows in set (0.002 sec)
MariaDB [test058]> SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test058]> SELECT * FROM abc RIGHT JOIN def ON abc.name2 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test058]> SELECT * FROM abc LEFT JOIN def ON abc.name1 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test058]> QUIT
Bye
david@intel-compute-stick:~\$
058/output01.txt
001 001 001 001<br>
001 001 001 002<br>
001 002 001 001<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
001 001 001 001<br>
002 001 001 001<br>
001 002 001 002<br>
002 002 001 002<br>
001 002 002 002<br>
002 002 002 002<br>
058/output02.txt
david@intel-compute-stick:/var/www/html/058\$ telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '\^]'.
POST /058/form1.php HTTP/1.1
host: localhost
Cookie: Cookie58a=COOKIE58a
Content-Length: 14
Content-Type: application/x-www-form-urlencoded
pwd1=PASSWORD1
HTTP/1.1 200 OK
Date: Wed, 01 Jun 2022 14:17:37 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=lejqhkuo7vpnjebpi4dkfjtsv7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 190
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
lejqhkuo7vpnjebpi4dkfjtsv7<br>
<br>
COOKIE58a<br>
PASSWORD1<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/058\$
058/output03.txt
90<br>
14<br>
93<br>
71<br>
86<br>
116<br>
55<br>
97<br>
125<br>
22<br>
39<br>
94<br>
41<br>
98<br>
72<br>
52<br>
66<br>
119<br>
70<br>
11<br>
63<br>
5<br>
92<br>
17<br>
46<br>
104<br>
100<br>
36<br>
50<br>
53<br>
61<br>
120<br>
51<br>
124<br>
13<br>
87<br>
7<br>
108<br>
29<br>
115<br>
118<br>
111<br>
16<br>
45<br>
64<br>
9<br>
27<br>
37<br>
127<br>
107<br>
21<br>
2<br>
48<br>
75<br>
38<br>
18<br>
78<br>
114<br>
88<br>
65<br>
101<br>
123<br>
99<br>
32<br>
85<br>
83<br>
<br><br>
90<br>
14<br>
93<br>
71<br>
86<br>
116<br>
55<br>
97<br>
125<br>
22<br>
39<br>
94<br>
41<br>
98<br>
72<br>
52<br>
66<br>
119<br>
70<br>
11<br>
63<br>
5<br>
92<br>
17<br>
46<br>
104<br>
100<br>
36<br>
50<br>
53<br>
61<br>
120<br>
51<br>
124<br>
13<br>
87<br>
7<br>
108<br>
29<br>
115<br>
75<br>
0<br>
57<br>
102<br>
79<br>
69<br>
3<br>
88<br>
24<br>
38<br>
68<br>
67<br>
12<br>
73<br>
48<br>
101<br>
16<br>
80<br>
42<br>
15<br>
103<br>
28<br>
99<br>
<br><br>
118<br>
111<br>
17<br>
16<br>
45<br>
11<br>
64<br>
9<br>
27<br>
37<br>
127<br>
14<br>
107<br>
51<br>
125<br>
52<br>
21<br>
108<br>
2<br>
41<br>
7<br>
48<br>
75<br>
38<br>
18<br>
5<br>
86<br>
78<br>
114<br>
90<br>
100<br>
88<br>
53<br>
70<br>
116<br>
92<br>
65<br>
101<br>
123<br>
46<br>
99<br>
32<br>
85<br>
83<br>
55<br>
0<br>
57<br>
102<br>
13<br>
79<br>
69<br>
3<br>
115<br>
24<br>
68<br>
120<br>
67<br>
12<br>
73<br>
97<br>
104<br>
94<br>
80<br>
42<br>
15<br>
103<br>
28<br>
87<br>
<br><br>
90<br>
14<br>
86<br>
116<br>
125<br>
41<br>
52<br>
70<br>
11<br>
5<br>
92<br>
17<br>
46<br>
100<br>
53<br>
51<br>
7<br>
108<br>
<br><br>
14<br>
86<br>
55<br>
97<br>
94<br>
52<br>
17<br>
46<br>
104<br>
53<br>
120<br>
13<br>
87<br>
108<br>
115<br>
<br><br>
17<br>
16<br>
14<br>
52<br>
108<br>
48<br>
75<br>
38<br>
86<br>
88<br>
53<br>
101<br>
46<br>
99<br>
<br><br>
13<br>
14<br>
16<br>
17<br>
38<br>
46<br>
48<br>
52<br>
53<br>
55<br>
75<br>
86<br>
87<br>
88<br>
94<br>
97<br>
99<br>
101<br>
104<br>
108<br>
115<br>
120<br>
<br><br>
5<br>
7<br>
11<br>
14<br>
16<br>
17<br>
38<br>
41<br>
46<br>
48<br>
51<br>
52<br>
53<br>
70<br>
75<br>
86<br>
88<br>
90<br>
92<br>
99<br>
100<br>
101<br>
108<br>
116<br>
125<br>
<br><br>
5<br>
7<br>
11<br>
14<br>
16<br>
17<br>
38<br>
41<br>
46<br>
48<br>
51<br>
52<br>
53<br>
70<br>
75<br>
86<br>
88<br>
90<br>
92<br>
99<br>
100<br>
101<br>
108<br>
116<br>
125<br>
<br><br>
5<br>
7<br>
11<br>
14<br>
16<br>
17<br>
38<br>
41<br>
46<br>
48<br>
51<br>
52<br>
53<br>
70<br>
75<br>
86<br>
88<br>
90<br>
92<br>
99<br>
100<br>
101<br>
108<br>
116<br>
125<br>
<br><br>
5<br>
7<br>
11<br>
13<br>
14<br>
17<br>
41<br>
46<br>
51<br>
52<br>
53<br>
55<br>
70<br>
86<br>
87<br>
90<br>
92<br>
94<br>
97<br>
100<br>
104<br>
108<br>
115<br>
116<br>
120<br>
125<br>
<br><br>
5<br>
7<br>
11<br>
13<br>
14<br>
17<br>
41<br>
46<br>
51<br>
52<br>
53<br>
55<br>
70<br>
86<br>
87<br>
90<br>
92<br>
94<br>
97<br>
100<br>
104<br>
108<br>
115<br>
116<br>
120<br>
125<br>
<br><br>
058/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity58", \$handle);
mysql_select_db ("quantity58", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 128 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 128 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 128 . "")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
058/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test059", \$handle);
mysql_query ("INSERT INTO def VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name4", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
\$result = mysql_query ("SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
mysql_close (\$handle);
?>
059/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("Cookie59", "COOKIE59", time () + 30);
echo htmlentities (\$_COOKIE ["Cookie59"]) . "<br>n";
echo htmlentities (\$_COOKIE ["Cookie59a"]) . "<br>n";
echo htmlentities (\$_POST ["txt1"]) . "<br>n";
session_destroy ();
?>
059/form1.php
POST /059/form1.php HTTP/1.1
host: localhost
Cookie: Cookie59a=COOKIE59a
Content-Length: 11
Content-Type: application/x-www-form-urlencoded
txt1=TEXT59
059/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 694
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test059
-> ;
Query OK, 1 row affected (0.033 sec)
MariaDB [(none)]> CREATE TABLE abc (name1 VARCHAR (4), name2 VARCHAR (4));
ERROR 1046 (3D000): No database selected
MariaDB [(none)]> USE test059;
Database changed
MariaDB [test059]> CREATE TABLE abc (name1 VARCHAR (4), name2 VARCHAR (4));
Query OK, 0 rows affected (0.097 sec)
MariaDB [test059]> CREATE TABLE def (name3 VARCHAR (4), name4 VARCHAR (4));
Query OK, 0 rows affected (0.068 sec)
MariaDB [test059]> INSERT INTO abc VALUES ("001", "001");
Query OK, 1 row affected (0.029 sec)
MariaDB [test059]> INSERT INTO abc VALUES ("001", "002");
Query OK, 1 row affected (0.032 sec)
MariaDB [test059]> INSERT INTO abc VALUES ("002", "002");
Query OK, 1 row affected (0.030 sec)
MariaDB [test059]> INSERT INTO abc VALUES ("002", "001");
Query OK, 1 row affected (0.033 sec)
MariaDB [test059]> INSERT INTO def VALUES ("001", "001");
Query OK, 1 row affected (0.031 sec)
MariaDB [test059]> INSERT INTO def VALUES ("001", "002");
Query OK, 1 row affected (0.033 sec)
MariaDB [test059]> SELECT * FROM abc;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 002 |
| 002 | 001 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test059]> SELECT * FROM def;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
+-------+-------+
2 rows in set (0.001 sec)
MariaDB [test059]> SELECT * FROM abc JOIN defM
-> ;
ERROR 1146 (42S02): Table 'test059.defM' doesn't exist
MariaDB [test059]> SELECT * FROM abc JOIN def;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
+-------+-------+-------+-------+
8 rows in set (0.001 sec)
MariaDB [test059]> SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.026 sec)
MariaDB [test059]> SELECT * FROM abc RIGHT JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.032 sec)
MariaDB [test059]> SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 002 | 001 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test059]> quit
Bye
david@intel-compute-stick:~\$
059/output01.txt
001 001 001 001<br>
001 002 001 001<br>
002 002 001 002<br>
002 002 002 002<br>
002 001 001 002<br>
002 001 002 002<br>
001 001 001 001<br>
002 001 001 001<br>
001 001 001 002<br>
002 001 001 002<br>
001 002 002 002<br>
002 002 002 002<br>
059/output02.txt
david@intel-compute-stick:/var/www/html/059\$ telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '\^]'.
POST /059/form1.php HTTP/1.1
host: localhost
Cookie: Cookie59a=COOKIE59a
Content-Length: 11
Content-Type: application/x-www-form-urlencoded
txt1=TEXT59
HTTP/1.1 200 OK
Date: Thu, 02 Jun 2022 10:59:23 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=pggar842vapn665d6nil84eo22; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: Cookie59=COOKIE59; expires=Thu, 02-Jun-2022 10:59:54 GMT; Max-Age=30
Vary: Accept-Encoding
Content-Length: 183
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
pggar842vapn665d6nil84eo22<br>
<br>
COOKIE59a<br>
TEXT59<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/059\$
059/output03.txt
60<br>
31<br>
48<br>
40<br>
5<br>
57<br>
27<br>
9<br>
32<br>
14<br>
16<br>
10<br>
53<br>
34<br>
12<br>
55<br>
54<br>
17<br>
1<br>
6<br>
2<br>
51<br>
20<br>
45<br>
28<br>
61<br>
44<br>
39<br>
35<br>
50<br>
26<br>
25<br>
52<br>
29<br>
43<br>
37<br>
63<br>
<br><br>
60<br>
31<br>
48<br>
40<br>
5<br>
57<br>
27<br>
9<br>
32<br>
14<br>
16<br>
10<br>
53<br>
34<br>
12<br>
55<br>
54<br>
17<br>
1<br>
6<br>
2<br>
51<br>
22<br>
58<br>
43<br>
45<br>
42<br>
62<br>
47<br>
30<br>
39<br>
59<br>
49<br>
52<br>
13<br>
33<br>
4<br>
7<br>
20<br>
<br><br>
9<br>
20<br>
54<br>
5<br>
16<br>
45<br>
28<br>
61<br>
44<br>
39<br>
35<br>
2<br>
50<br>
26<br>
32<br>
25<br>
52<br>
29<br>
43<br>
37<br>
53<br>
63<br>
22<br>
58<br>
42<br>
62<br>
27<br>
47<br>
30<br>
59<br>
49<br>
6<br>
13<br>
33<br>
4<br>
7<br>
57<br>
<br><br>
5<br>
9<br>
32<br>
16<br>
53<br>
54<br>
2<br>
<br><br>
57<br>
27<br>
16<br>
54<br>
6<br>
<br><br>
20<br>
54<br>
16<br>
45<br>
39<br>
52<br>
43<br>
<br><br>
6<br>
16<br>
20<br>
27<br>
39<br>
43<br>
45<br>
52<br>
54<br>
57<br>
<br><br>
6<br>
16<br>
20<br>
27<br>
39<br>
43<br>
45<br>
52<br>
54<br>
57<br>
<br><br>
2<br>
5<br>
9<br>
16<br>
20<br>
32<br>
39<br>
43<br>
45<br>
52<br>
53<br>
54<br>
<br><br>
2<br>
5<br>
9<br>
16<br>
20<br>
32<br>
39<br>
43<br>
45<br>
52<br>
53<br>
54<br>
<br><br>
2<br>
5<br>
6<br>
9<br>
16<br>
27<br>
32<br>
53<br>
54<br>
57<br>
<br><br>
2<br>
5<br>
6<br>
9<br>
16<br>
27<br>
32<br>
53<br>
54<br>
57<br>
<br><br>
059/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity59", \$handle);
mysql_select_db ("quantity59", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
059/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test060", \$handle);
mysql_query ("INSERT INTO def ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM abc RIGHT JOIN def ON abc.name2 = def.name4", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
mysql_close (\$handle);
?>
060/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("Cookie60", "COOKIE60", time () + 1200);
echo htmlentities (\$_COOKIE ["Cookie60"]) . "<br>n";
echo htmlentities (\$_COOKIE ["Cookie60a"]) . "<br>n";
echo htmlentities (\$_POST ["txt1"]) . "<br>n";
session_destroy ();
?>
060/form1.php
POST /060/form1.php HTTP/1.1
host: localhost
Cookie: Cookie60a=COOKIE60a
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
txt1=TEXT60
060/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 703
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test060;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE test060;
Database changed
MariaDB [test060]> CREATE TABLE abc (name1 VARCHAR (4), name2 VARCHAR (4));
Query OK, 0 rows affected (0.078 sec)
MariaDB [test060]> CREATE TABLE def (name3 VARCHAR (4), name4 VARCHAR (4));
Query OK, 0 rows affected (0.062 sec)
MariaDB [test060]> INSERT INTO abc VALUES ("001", "001");
Query OK, 1 row affected (0.030 sec)
MariaDB [test060]> INSERT INTO abc VALUES ("001", "002");
Query OK, 1 row affected (0.034 sec)
MariaDB [test060]> INSERT INTO abc VALUES ("002", "002");
Query OK, 1 row affected (0.031 sec)
MariaDB [test060]> INSERT INTO abc VALUES ("002", "001");
Query OK, 1 row affected (0.025 sec)
MariaDB [test060]> INSERT INTO def VALUES ("001", "001");
Query OK, 1 row affected (0.037 sec)
MariaDB [test060]> INSERT INTO def VALUES ("001", "002");
Query OK, 1 row affected (0.032 sec)
MariaDB [test060]> INSERT INTO def VALUES ("abc", "def");
Query OK, 1 row affected (0.026 sec)
MariaDB [test060]> SELECT * FROM abc;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 002 |
| 002 | 001 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test060]> SELECT * FROM def;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| abc | def |
+-------+-------+
3 rows in set (0.001 sec)
MariaDB [test060]> SELECT * FROM abc JOIN def;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 001 | abc | def |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 001 | 002 | abc | def |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
| 002 | 002 | abc | def |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 001 | abc | def |
+-------+-------+-------+-------+
12 rows in set (0.002 sec)
MariaDB [test060]> SELECT * FROM abc RIGHT JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| NULL | NULL | abc | def |
+-------+-------+-------+-------+
5 rows in set (0.002 sec)
MariaDB [test060]> SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 002 | 001 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test060]> SELECT * FROM abc INNER JOIN def ON abc.name2 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test060]> QUIT
Bye
david@intel-compute-stick:~\$
060/output01.txt
001 001 001 001<br>
001 001 001 002<br>
001 002 001 001<br>
001 002 001 002<br>
001 001 001 001<br>
001 002 001 002<br>
002 002 001 002<br>
002 001 001 001<br>
abc def<br>
060/output02.txt
david@intel-compute-stick:/var/www/html/060\$ telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '\^]'.
POST /060/form1.php HTTP/1.1
host: localhost
Cookie: Cookie60a=COOKIE60a
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
txt1=TEXT60
HTTP/1.1 200 OK
Date: Fri, 03 Jun 2022 14:12:28 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=sgnq4elsq6oksbunvdnbidipq4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: Cookie60=COOKIE60; expires=Fri, 03-Jun-2022 14:32:29 GMT; Max-Age=1200
Vary: Accept-Encoding
Content-Length: 183
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
sgnq4elsq6oksbunvdnbidipq4<br>
<br>
COOKIE60a<br>
TEXT60<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/060\$
060/output03.txt
54<br>
27<br>
11<br>
58<br>
62<br>
5<br>
24<br>
39<br>
60<br>
52<br>
4<br>
41<br>
14<br>
48<br>
19<br>
40<br>
8<br>
30<br>
9<br>
35<br>
57<br>
56<br>
28<br>
53<br>
29<br>
13<br>
12<br>
16<br>
46<br>
59<br>
1<br>
33<br>
38<br>
25<br>
15<br>
42<br>
51<br>
47<br>
44<br>
32<br>
37<br>
0<br>
22<br>
18<br>
23<br>
49<br>
20<br>
6<br>
36<br>
2<br>
<br><br>
54<br>
27<br>
11<br>
58<br>
62<br>
5<br>
24<br>
39<br>
60<br>
52<br>
4<br>
41<br>
14<br>
48<br>
19<br>
40<br>
8<br>
30<br>
9<br>
35<br>
57<br>
56<br>
28<br>
53<br>
29<br>
13<br>
12<br>
16<br>
46<br>
59<br>
1<br>
22<br>
25<br>
36<br>
34<br>
21<br>
32<br>
18<br>
2<br>
50<br>
44<br>
7<br>
38<br>
6<br>
17<br>
45<br>
<br><br>
29<br>
62<br>
58<br>
14<br>
33<br>
38<br>
54<br>
48<br>
11<br>
25<br>
15<br>
42<br>
53<br>
46<br>
51<br>
47<br>
44<br>
32<br>
37<br>
0<br>
52<br>
22<br>
57<br>
19<br>
56<br>
18<br>
23<br>
24<br>
49<br>
20<br>
6<br>
59<br>
12<br>
36<br>
2<br>
16<br>
34<br>
35<br>
21<br>
60<br>
40<br>
30<br>
50<br>
27<br>
7<br>
13<br>
17<br>
39<br>
45<br>
1<br>
<br><br>
54<br>
11<br>
58<br>
62<br>
24<br>
52<br>
14<br>
48<br>
19<br>
57<br>
56<br>
53<br>
29<br>
12<br>
46<br>
59<br>
<br><br>
54<br>
27<br>
58<br>
24<br>
39<br>
60<br>
14<br>
48<br>
19<br>
40<br>
30<br>
35<br>
56<br>
53<br>
13<br>
16<br>
46<br>
59<br>
1<br>
<br><br>
58<br>
14<br>
38<br>
54<br>
48<br>
25<br>
53<br>
46<br>
44<br>
32<br>
22<br>
19<br>
56<br>
18<br>
24<br>
6<br>
59<br>
36<br>
2<br>
<br><br>
1<br>
2<br>
6<br>
13<br>
14<br>
16<br>
18<br>
19<br>
22<br>
24<br>
25<br>
27<br>
30<br>
32<br>
35<br>
36<br>
38<br>
39<br>
40<br>
44<br>
46<br>
48<br>
53<br>
54<br>
56<br>
58<br>
59<br>
60<br>
<br><br>
1<br>
2<br>
6<br>
13<br>
14<br>
16<br>
18<br>
19<br>
22<br>
24<br>
25<br>
27<br>
30<br>
32<br>
35<br>
36<br>
38<br>
39<br>
40<br>
44<br>
46<br>
48<br>
53<br>
54<br>
56<br>
58<br>
59<br>
60<br>
<br><br>
2<br>
6<br>
11<br>
12<br>
14<br>
18<br>
19<br>
22<br>
24<br>
25<br>
29<br>
32<br>
36<br>
38<br>
44<br>
46<br>
48<br>
52<br>
53<br>
54<br>
56<br>
57<br>
58<br>
59<br>
62<br>
<br><br>
1<br>
2<br>
6<br>
13<br>
14<br>
16<br>
18<br>
19<br>
22<br>
24<br>
25<br>
27<br>
30<br>
32<br>
35<br>
36<br>
38<br>
39<br>
40<br>
44<br>
46<br>
48<br>
53<br>
54<br>
56<br>
58<br>
59<br>
60<br>
<br><br>
1<br>
11<br>
12<br>
13<br>
14<br>
16<br>
19<br>
24<br>
27<br>
29<br>
30<br>
35<br>
39<br>
40<br>
46<br>
48<br>
52<br>
53<br>
54<br>
56<br>
57<br>
58<br>
59<br>
60<br>
62<br>
<br><br>
14<br>
19<br>
24<br>
46<br>
48<br>
53<br>
54<br>
56<br>
58<br>
59<br>
<br><br>
060/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity60", \$handle);
mysql_select_db ("quantity60", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
INTERSECT
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
060/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test061", \$handle);
mysql_query ("INSERT INTO abc VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name4", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
mysql_close (\$handle);
?>
061/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("Cookie61", "COOKIE61", time () + 120);
echo htmlentities (\$_COOKIE ["Cookie61"]) . "<br>n";
echo htmlentities (\$_COOKIE ["Cookie61a"]) . "<br>n";
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
session_destroy ();
?>
061/form1.php
POST /061/form1.php HTTP/1.1
host: localhost
Cookie: Cookie61a=COOKIE61A
Content-Length: 15
Content-Type: application/x-www-form-urlencoded
pwd1=PASSWORD61
061/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 723
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test061;
Query OK, 1 row affected (0.002 sec)
MariaDB [(none)]> USE test061;
Database changed
MariaDB [test061]> CREATE TABLE abc (name1 VARCHAR (4), name2 VARCHAR (4));
Query OK, 0 rows affected (0.066 sec)
MariaDB [test061]> CREATE TABLE def (name3 VARCHAR (4), name4 VARCHAR (4));
Query OK, 0 rows affected (0.067 sec)
MariaDB [test061]> INSERT INTO abc VALUES ("001", "001");
Query OK, 1 row affected (0.031 sec)
MariaDB [test061]> INSERT INTO abc VALUES ("001", "002");
Query OK, 1 row affected (0.003 sec)
MariaDB [test061]> INSERT INTO abc (name1, name2) VALUES ("002", "001");
Query OK, 1 row affected (0.030 sec)
MariaDB [test061]> INSERT INTO def (name2, name1) VALUES ("002", "002");
ERROR 1054 (42S22): Unknown column 'name2' in 'field list'
MariaDB [test061]> INSERT INTO abc (name2, name1) VALUES ("002", "002");
Query OK, 1 row affected (0.025 sec)
MariaDB [test061]> INSERT INTO def (name3, name4) VALUES ("001", "001");
Query OK, 1 row affected (0.005 sec)
MariaDB [test061]> INSERT INTO def (name3, name4) VALUES ("001", "002");
Query OK, 1 row affected (0.029 sec)
MariaDB [test061]> INSERT INTO def (name4, name3) VALUES ("def", "abc");
Query OK, 1 row affected (0.029 sec)
MariaDB [test061]> SELECT * FROM abc;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 001 |
| 002 | 002 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test061]> SELECT d
-> ef * FROM abc;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '* FROM abc' at line 2
MariaDB [test061]> SELECT def * FROM abc;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM abc' at line 1
MariaDB [test061]> SELECT * FROM def;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| abc | def |
+-------+-------+
3 rows in set (0.001 sec)
MariaDB [test061]> SELECT * FROM abc JOIN def;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 001 | abc | def |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 001 | 002 | abc | def |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 001 | abc | def |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
| 002 | 002 | abc | def |
+-------+-------+-------+-------+
12 rows in set (0.002 sec)
MariaDB [test061]> SELECT * FROM abc INNER JOIN def.name1 = def.name3;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '.name3' at line 1
MariaDB [test061]> SELECT * FROM abc INNER JOIN ON def.name1 = def.name3;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'ON def.name1 = def.name3' at line 1
MariaDB [test061]> SELECT * FROM abc INNER JOIN def ON def.name1 = def.name3;
ERROR 1054 (42S22): Unknown column 'def.name1' in 'on clause'
MariaDB [test061]> SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test061]> SELECT * FROM abc LEFT def ON abc.name1 = def.name3;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'def ON abc.name1 = def.name3' at line 1
MariaDB [test061]> SELECT * FROM abc LEFT JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | NULL | NULL |
| 002 | 002 | NULL | NULL |
+-------+-------+-------+-------+
6 rows in set (0.002 sec)
MariaDB [test061]> SELECT * FROM abc RIGHT JOIN def ON abc
-> .name2 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 002 | 001 | 002 |
| NULL | NULL | abc | def |
+-------+-------+-------+-------+
5 rows in set (0.002 sec)
MariaDB [test061]> QUIT
Bye
david@intel-compute-stick:~\$
061/output01.txt
001 001 001 001<br>
001 001 001 002<br>
001 002 001 001<br>
001 002 001 002<br>
001 001 001 001<br>
002 001 001 001<br>
001 002 001 002<br>
002 002 001 002<br>
002 002 001 002<br>
061/output02.txt
david@intel-compute-stick:/var/www/html/061\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /061/form1.php HTTP/1.1
host: localhost
Cookie: Cookie61a=COOKIE61A
Content-Length: 15
Content-Type: application/x-www-form-urlencoded
pwd1=PASSWORD61
HTTP/1.1 200 OK
Date: Sat, 04 Jun 2022 16:18:59 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=ecv8u21c5npsoaj9edrp58dcu7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: Cookie61=COOKIE61; expires=Sat, 04-Jun-2022 16:21:00 GMT; Max-Age=120
Vary: Accept-Encoding
Content-Length: 191
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
ecv8u21c5npsoaj9edrp58dcu7<br>
<br>
COOKIE61A<br>
PASSWORD61<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/061\$
061/output03.txt
36<br>
14<br>
43<br>
20<br>
53<br>
8<br>
29<br>
21<br>
19<br>
60<br>
6<br>
58<br>
48<br>
40<br>
34<br>
25<br>
62<br>
28<br>
52<br>
38<br>
57<br>
27<br>
13<br>
49<br>
55<br>
22<br>
15<br>
33<br>
63<br>
9<br>
0<br>
61<br>
3<br>
<br><br>
57<br>
27<br>
13<br>
49<br>
29<br>
20<br>
55<br>
22<br>
36<br>
15<br>
25<br>
33<br>
63<br>
9<br>
28<br>
0<br>
61<br>
3<br>
62<br>
24<br>
10<br>
52<br>
40<br>
46<br>
58<br>
37<br>
30<br>
23<br>
50<br>
48<br>
7<br>
18<br>
<br><br>
57<br>
27<br>
13<br>
49<br>
29<br>
20<br>
55<br>
22<br>
36<br>
15<br>
25<br>
33<br>
63<br>
9<br>
28<br>
0<br>
61<br>
3<br>
62<br>
24<br>
10<br>
52<br>
40<br>
46<br>
58<br>
37<br>
30<br>
23<br>
50<br>
48<br>
7<br>
18<br>
<br><br>
36<br>
20<br>
29<br>
25<br>
62<br>
28<br>
<br><br>
27<br>
13<br>
49<br>
55<br>
25<br>
63<br>
9<br>
61<br>
3<br>
<br><br>
58<br>
48<br>
40<br>
25<br>
52<br>
<br><br>
3<br>
9<br>
13<br>
25<br>
27<br>
40<br>
48<br>
49<br>
52<br>
55<br>
58<br>
61<br>
63<br>
<br><br>
3<br>
9<br>
13<br>
25<br>
27<br>
40<br>
48<br>
49<br>
52<br>
55<br>
58<br>
61<br>
63<br>
<br><br>
0<br>
3<br>
9<br>
13<br>
15<br>
20<br>
22<br>
25<br>
27<br>
28<br>
29<br>
33<br>
36<br>
49<br>
55<br>
57<br>
61<br>
62<br>
63<br>
<br><br>
3<br>
9<br>
13<br>
20<br>
25<br>
27<br>
28<br>
29<br>
36<br>
49<br>
55<br>
61<br>
62<br>
63<br>
<br><br>
20<br>
25<br>
28<br>
29<br>
36<br>
40<br>
48<br>
52<br>
58<br>
62<br>
<br><br>
20<br>
25<br>
28<br>
29<br>
36<br>
40<br>
48<br>
52<br>
58<br>
62<br>
<br><br>
061/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity61", \$handle);
mysql_select_db ("quantity61", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
b OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
a AND b
b AND c
a AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
061/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test062", \$handle);
mysql_query ("INSERT INTO def VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM abc RIGHT JOIN def ON abc.name1 = def.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
mysql_close (\$handle);
?>
062/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("COOKIE62", "COOKIE62", time () + 90);
echo htmlentities (\$_COOKIE ["COOKIE62"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE62A"]) . "<br>n";
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
session_destroy ();
?>
062/form1.php
POST /062/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE62A=COOKIE62A
Content-Type: application/x-www-form-urlencoded
Content-Length: 15
pwd1=PASSWORD62
062/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 760
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| menge001 |
| menge002 |
| menge003 |
| menge004 |
| menge006 |
| menge007 |
| menge008 |
| mysoc1 |
| mysocial_database |
| mysql |
| mytest |
| performance_schema |
| quantity001 |
| quantity002 |
| quantity003 |
| quantity004 |
| quantity007 |
| quantity008 |
| quantity035 |
| quantity035a |
| quantity036 |
| quantity037 |
| quantity038 |
| quantity038a |
| quantity039 |
| quantity040 |
| quantity041 |
| quantity043 |
| quantity044 |
| quantity045 |
| quantity047 |
| quantity048 |
| quantity049 |
| quantity051 |
| quantity052 |
| quantity055 |
| quantity30 |
| quantity31 |
| quantity50 |
| quantity53 |
| quantity54 |
| quantity56 |
| quantity57 |
| quantity58 |
| quantity59 |
| quantity60 |
| quantity61 |
| taadsasda |
| test001 |
| test002 |
| test003 |
| test004 |
| test005 |
| test006 |
| test007 |
| test008 |
| test009 |
| test010 |
| test011 |
| test012 |
| test013 |
| test014 |
| test015 |
| test016 |
| test019 |
| test020 |
| test021 |
| test022 |
| test023 |
| test024 |
| test025 |
| test026 |
| test027 |
| test028 |
| test030 |
| test031 |
| test032 |
| test033 |
| test034 |
| test035 |
| test036 |
| test037 |
| test038 |
| test039 |
| test040 |
| test041 |
| test042 |
| test043 |
| test044 |
| test045 |
| test046 |
| test047 |
| test048 |
| test049 |
| test050 |
| test051 |
| test052 |
| test053 |
| test054 |
| test055 |
| test056 |
| test057 |
| test058 |
| test059 |
| test060 |
| test061 |
+--------------------+
107 rows in set (0.005 sec)
MariaDB [(none)]> CREATE DATABASE test062;
Query OK, 1 row affected (0.014 sec)
MariaDB [(none)]> USE test062;
Database changed
MariaDB [test062]> CREATE TABLE abc (name1 VARCHAR (3), name2 VARCHAR (3));
Query OK, 0 rows affected (0.059 sec)
MariaDB [test062]> CREATE TABLE def (name3 VARCHAR (3), name4 VARCHAR (3));
Query OK, 0 rows affected (0.052 sec)
MariaDB [test062]> INSERT INTO abc VALUES ("001", "001");
Query OK, 1 row affected (0.031 sec)
MariaDB [test062]> INSERT INTO abc (name1, name2) VALUES ("001", "002");
Query OK, 1 row affected (0.027 sec)
MariaDB [test062]> INSERT INTO abc (name2, name1) VALUES ("001", "002");
Query OK, 1 row affected (0.027 sec)
MariaDB [test062]> INSERT INTO abc (name1, name2) VALUES ("002", "002");
Query OK, 1 row affected (0.031 sec)
MariaDB [test062]> INSERT INTO def (name3, name4) VALUES ("001", "001");
Query OK, 1 row affected (0.028 sec)
MariaDB [test062]> INSERT INTO def (name3, name4) VALUES ("001", "002");
Query OK, 1 row affected (0.032 sec)
MariaDB [test062]> SELECT * FROM abc;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 001 |
| 002 | 002 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test062]> SELECT * FROM def;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
+-------+-------+
2 rows in set (0.001 sec)
MariaDB [test062]> SELECT * FROM abc JOIN def;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
8 rows in set (0.001 sec)
MariaDB [test062]> SELECT * FROM abc INNER JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test062]> SELECT * FROM abc RIGHT JOIN def ON abc.name1 = def.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test062]> SELECT * FROM abc LEFT JOIN def ON abc.name2 = def.name4;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 002 | 001 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test062]> QUIT
Bye
david@intel-compute-stick:~\$
062/output01.txt
001 001 001 001<br>
001 001 001 002<br>
001 002 001 001<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
001 001 001 001<br>
001 001 001 002<br>
001 002 001 001<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
062/output02.txt
david@intel-compute-stick:/var/www/html/062\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /062/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE62A=COOKIE62A
Content-Type: application/x-www-form-urlencoded
Content-Length: 15
pwd1=PASSWORD62
HTTP/1.1 200 OK
Date: Mon, 06 Jun 2022 11:30:42 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=t8anq292b2sl5a2i2jrree04q6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE62=COOKIE62; expires=Mon, 06-Jun-2022 11:32:13 GMT; Max-Age=90
Vary: Accept-Encoding
Content-Length: 191
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
t8anq292b2sl5a2i2jrree04q6<br>
<br>
COOKIE62A<br>
PASSWORD62<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/062\$
062/output03.txt
32<br>
10<br>
54<br>
52<br>
37<br>
4<br>
36<br>
17<br>
25<br>
53<br>
8<br>
55<br>
29<br>
15<br>
62<br>
39<br>
58<br>
6<br>
1<br>
45<br>
12<br>
47<br>
16<br>
9<br>
44<br>
18<br>
33<br>
24<br>
61<br>
30<br>
40<br>
19<br>
56<br>
60<br>
49<br>
42<br>
31<br>
35<br>
43<br>
34<br>
<br><br>
32<br>
10<br>
54<br>
52<br>
37<br>
4<br>
36<br>
17<br>
25<br>
53<br>
8<br>
55<br>
29<br>
15<br>
62<br>
39<br>
58<br>
6<br>
1<br>
3<br>
47<br>
63<br>
50<br>
19<br>
0<br>
12<br>
59<br>
11<br>
20<br>
18<br>
51<br>
9<br>
45<br>
<br><br>
45<br>
12<br>
47<br>
16<br>
9<br>
44<br>
18<br>
33<br>
24<br>
61<br>
30<br>
40<br>
19<br>
56<br>
60<br>
32<br>
49<br>
17<br>
42<br>
31<br>
35<br>
43<br>
34<br>
15<br>
3<br>
63<br>
39<br>
50<br>
1<br>
0<br>
59<br>
11<br>
20<br>
51<br>
<br><br>
32<br>
17<br>
<br><br>
15<br>
39<br>
1<br>
<br><br>
45<br>
12<br>
47<br>
9<br>
18<br>
19<br>
<br><br>
1<br>
9<br>
12<br>
15<br>
18<br>
19<br>
39<br>
45<br>
47<br>
<br><br>
1<br>
9<br>
12<br>
15<br>
18<br>
19<br>
39<br>
45<br>
47<br>
<br><br>
9<br>
12<br>
17<br>
18<br>
19<br>
32<br>
45<br>
47<br>
<br><br>
9<br>
12<br>
17<br>
18<br>
19<br>
32<br>
45<br>
47<br>
<br><br>
1<br>
4<br>
6<br>
8<br>
10<br>
15<br>
17<br>
25<br>
29<br>
32<br>
36<br>
37<br>
39<br>
52<br>
53<br>
54<br>
55<br>
58<br>
62<br>
<br><br>
1<br>
15<br>
17<br>
32<br>
39<br>
<br><br>
062/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity62", \$handle);
mysql_select_db ("quantity62", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
062/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test063", \$handle);
mysql_query ("INSERT INTO b VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.name1 = b.name3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["name1"] . " " . \$row ["name2"] . " " . \$row ["name3"] . " " . \$row ["name4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.name1 = b.name3", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
mysql_close (\$handle);
?>
063/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
setcookie ("COOKIE63", "COOKIE63", time () + 120);
echo session_id () . "<br>n";
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE63"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE63A"]) . "<br>n";
session_destroy ();
?>
063/form1.php
POST /063/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE63A=COOKIE63A
Content-Type: application/x-www-form-urlencoded
Content-Length: 14
pwd1=PASSWORD1
063/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 787
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test063;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE test063;
Database changed
MariaDB [test063]> CREATE TABLE a (name1 VARCHAR (4), name2 VARCHAR (4));
Query OK, 0 rows affected (0.059 sec)
MariaDB [test063]> CREATE TABLE b (name3 VARCHAR (4), name4 VARCHAR (4));
Query OK, 0 rows affected (0.049 sec)
MariaDB [test063]> INSERT INTO a (name1, name2) VALUES ("001", "001");
Query OK, 1 row affected (0.028 sec)
MariaDB [test063]> INSERT INTO a (name1, name2) VALUES ("001", "002");
Query OK, 1 row affected (0.027 sec)
MariaDB [test063]> INSERT INTO a (name1, name2) VALUES ("002", "001");
Query OK, 1 row affected (0.031 sec)
MariaDB [test063]> INSERT INTO a (name1, name2) VALUES ("002", "002");
Query OK, 1 row affected (0.027 sec)
MariaDB [test063]> INSERT INTO b (name3, name4) VALUES ("001", "001");
Query OK, 1 row affected (0.030 sec)
MariaDB [test063]> INSERT INTO b (name3, name4) VALUES ("001", "002");
Query OK, 1 row affected (0.035 sec)
MariaDB [test063]> SELECT * FROM a;
+-------+-------+
| name1 | name2 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
| 002 | 001 |
| 002 | 002 |
+-------+-------+
4 rows in set (0.001 sec)
MariaDB [test063]> SELECT * FROM b;
+-------+-------+
| name3 | name4 |
+-------+-------+
| 001 | 001 |
| 001 | 002 |
+-------+-------+
2 rows in set (0.001 sec)
MariaDB [test063]> SELECT * FROM a JOIN b;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
+-------+-------+-------+-------+
8 rows in set (0.001 sec)
MariaDB [test063]> SELECT * FROM a INNER JOIN b ON a.name1 = b.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test063]> SELECT * FROM a RIGHT JOIN b ON a.name1 = b.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+-------+-------+-------+-------+
4 rows in set (0.002 sec)
MariaDB [test063]> SELECT * FROM a LEFT JOIN b ON a.name1 = b.name3;
+-------+-------+-------+-------+
| name1 | name2 | name3 | name4 |
+-------+-------+-------+-------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | NULL | NULL |
| 002 | 002 | NULL | NULL |
+-------+-------+-------+-------+
6 rows in set (0.002 sec)
MariaDB [test063]> QUIT
Bye
david@intel-compute-stick:~\$
063/output01.txt
001 001 001 001<br>
001 002 001 001<br>
001 001 001 002<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
001 001 001 001<br>
001 002 001 001<br>
001 001 001 002<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
063/output02.txt
david@intel-compute-stick:/var/www/html/063\$ telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '\^]'.
POST /063/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE63A=COOKIE63A
Content-Type: application/x-www-form-urlencoded
Content-Length: 14
pwd1=PASSWORD1
HTTP/1.1 200 OK
Date: Tue, 07 Jun 2022 11:21:25 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=3g32e4i7couk5tgb93ocmbll64; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE63=COOKIE63; expires=Tue, 07-Jun-2022 11:23:25 GMT; Max-Age=120
Vary: Accept-Encoding
Content-Length: 190
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
3g32e4i7couk5tgb93ocmbll64<br>
PASSWORD1<br>
<br>
COOKIE63A<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/063\$
063/output03.txt
20<br>
51<br>
30<br>
54<br>
15<br>
40<br>
62<br>
55<br>
52<br>
23<br>
11<br>
38<br>
0<br>
10<br>
50<br>
31<br>
36<br>
19<br>
5<br>
9<br>
18<br>
60<br>
4<br>
61<br>
59<br>
25<br>
45<br>
32<br>
63<br>
53<br>
44<br>
42<br>
33<br>
21<br>
56<br>
41<br>
<br><br>
60<br>
19<br>
4<br>
54<br>
11<br>
31<br>
38<br>
61<br>
59<br>
25<br>
45<br>
32<br>
63<br>
53<br>
44<br>
42<br>
33<br>
21<br>
56<br>
30<br>
41<br>
27<br>
26<br>
10<br>
9<br>
24<br>
58<br>
49<br>
8<br>
62<br>
16<br>
13<br>
34<br>
15<br>
48<br>
47<br>
36<br>
<br><br>
20<br>
51<br>
30<br>
54<br>
15<br>
40<br>
62<br>
55<br>
52<br>
23<br>
11<br>
38<br>
0<br>
10<br>
50<br>
31<br>
36<br>
19<br>
5<br>
9<br>
18<br>
27<br>
26<br>
24<br>
21<br>
4<br>
58<br>
53<br>
49<br>
8<br>
41<br>
16<br>
13<br>
34<br>
48<br>
47<br>
<br><br>
30<br>
54<br>
11<br>
38<br>
31<br>
19<br>
<br><br>
30<br>
15<br>
62<br>
10<br>
36<br>
9<br>
<br><br>
4<br>
53<br>
21<br>
30<br>
41<br>
<br><br>
4<br>
9<br>
10<br>
15<br>
21<br>
30<br>
36<br>
41<br>
53<br>
62<br>
<br><br>
4<br>
9<br>
10<br>
15<br>
21<br>
30<br>
36<br>
41<br>
53<br>
62<br>
<br><br>
4<br>
11<br>
19<br>
21<br>
30<br>
31<br>
38<br>
41<br>
53<br>
54<br>
<br><br>
4<br>
11<br>
19<br>
21<br>
30<br>
31<br>
38<br>
41<br>
53<br>
54<br>
<br><br>
9<br>
10<br>
11<br>
15<br>
19<br>
30<br>
31<br>
36<br>
38<br>
54<br>
62<br>
<br><br>
9<br>
10<br>
11<br>
15<br>
19<br>
30<br>
31<br>
36<br>
38<br>
54<br>
62<br>
<br><br>
063/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity63", \$handle);
mysql_select_db ("quantity63", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 24; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
b OR c
a OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
063/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test064", \$handle);
mysql_query ("INSERT INTO b VALUES ("002", "002")", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["n1"] . " " . \$row ["n2"] . " " . \$row ["n3"] . " " . \$row ["n4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
mysql_close (\$handle);
?>
064/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
<?php
setcookie ("COOKIE64", "COOKIE64", time () + 1200);
echo session_id () . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE64"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE64A"]) . "<br>n";
echo htmlentities (\$_POST ["txt1"]) . "<br>n";
session_destroy ();
?>
064/form1.php
POST /064/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE64=COOKIE64
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
txt1=T64
064/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 844
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test064;
Query OK, 1 row affected (0.002 sec)
MariaDB [(none)]> USE test064;
Database changed
MariaDB [test064]> CREATE TABLE a (n1 VARCHAR (4), n2 VARCHAR (4));
Query OK, 0 rows affected (0.057 sec)
MariaDB [test064]> CREATE TABLE b (n3 VARCHAR (4), n4 VARCHAR (4));
Query OK, 0 rows affected (0.058 sec)
MariaDB [test064]> INSERT INTO a (n1, n2) VALUES ("001", "001");
Query OK, 1 row affected (0.030 sec)
MariaDB [test064]> INSERT INTO a (n1, n2) VALUES ("001", "002");
Query OK, 1 row affected (0.026 sec)
MariaDB [test064]> INSERT INTO a (n1, n2) VALUES ("002", "001");
Query OK, 1 row affected (0.028 sec)
MariaDB [test064]> INSERT INTO a (n1, n2) VALUES ("002", "002");
Query OK, 1 row affected (0.030 sec)
MariaDB [test064]> INSERT INTO b (n3, n4) VALUES ("001", "001");
Query OK, 1 row affected (0.029 sec)
MariaDB [test064]> INSERT INTO b (n3, n4) VALUES ("001", "002");
Query OK, 1 row affected (0.030 sec)
MariaDB [test064]> SELECT * FROM a;
+------+------+
| n1 | n2 |
+------+------+
| 001 | 001 |
| 001 | 002 |
| 002 | 001 |
| 002 | 002 |
+------+------+
4 rows in set (0.001 sec)
MariaDB [test064]> SELECT * FROM b
-> ;
+------+------+
| n3 | n4 |
+------+------+
| 001 | 001 |
| 001 | 002 |
+------+------+
2 rows in set (0.001 sec)
MariaDB [test064]> SELECT * FROM a JOIN b;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | 001 | 001 |
| 002 | 001 | 001 | 002 |
| 002 | 002 | 001 | 001 |
| 002 | 002 | 001 | 002 |
+------+------+------+------+
8 rows in set (0.001 sec)
MariaDB [test064]> SELECT * FROM a INNER JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+------+------+------+------+
4 rows in set (0.002 sec)
MariaDB [test064]> SELECT * FROM a RIGHT JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 001 | 001 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 001 |
| 001 | 002 | 001 | 002 |
+------+------+------+------+
4 rows in set (0.002 sec)
MariaDB [test064]> SELECT * FROM a LEFT JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 001 | 001 | 001 | 001 |
| 001 | 002 | 001 | 001 |
| 001 | 001 | 001 | 002 |
| 001 | 002 | 001 | 002 |
| 002 | 001 | NULL | NULL |
| 002 | 002 | NULL | NULL |
+------+------+------+------+
6 rows in set (0.002 sec)
MariaDB [test064]> QUIT
Bye
david@intel-compute-stick:~\$
064/output01.txt
001 001 001 001<br>
001 002 001 001<br>
001 001 001 002<br>
001 002 001 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
002 001 002 002<br>
002 002 002 002<br>
001 001 001 001<br>
002 001 001 001<br>
001 002 001 002<br>
002 002 001 002<br>
001 002 002 002<br>
002 002 002 002<br>
001 002 002 002<br>
002 002 002 002<br>
001 002 002 002<br>
002 002 002 002<br>
064/output02.txt
david@intel-compute-stick:/var/www/html/064\$ telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '\^]'.
POST /064/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE64=COOKIE64
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
txt1=T64
HTTP/1.1 200 OK
Date: Wed, 08 Jun 2022 08:47:57 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=jeq8fb65mq9ddvivp63143gd00; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE64=COOKIE64; expires=Wed, 08-Jun-2022 09:07:58 GMT; Max-Age=1200
Vary: Accept-Encoding
Content-Length: 179
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
jeq8fb65mq9ddvivp63143gd00<br>
COOKIE64<br>
<br>
T64<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/064\$
064/output03.txt
23<br>
15<br>
22<br>
8<br>
57<br>
55<br>
17<br>
53<br>
48<br>
33<br>
60<br>
38<br>
2<br>
46<br>
10<br>
61<br>
50<br>
37<br>
25<br>
62<br>
6<br>
45<br>
42<br>
24<br>
43<br>
1<br>
16<br>
18<br>
0<br>
31<br>
59<br>
12<br>
56<br>
36<br>
28<br>
3<br>
40<br>
41<br>
32<br>
49<br>
39<br>
27<br>
4<br>
44<br>
47<br>
5<br>
30<br>
51<br>
63<br>
<br><br>
23<br>
15<br>
22<br>
8<br>
57<br>
55<br>
17<br>
53<br>
48<br>
33<br>
60<br>
38<br>
2<br>
46<br>
10<br>
61<br>
50<br>
37<br>
25<br>
62<br>
6<br>
45<br>
42<br>
24<br>
43<br>
1<br>
16<br>
18<br>
0<br>
31<br>
28<br>
58<br>
49<br>
40<br>
35<br>
32<br>
44<br>
36<br>
9<br>
11<br>
14<br>
5<br>
59<br>
13<br>
<br><br>
59<br>
37<br>
23<br>
12<br>
56<br>
36<br>
28<br>
3<br>
42<br>
2<br>
17<br>
40<br>
48<br>
41<br>
32<br>
49<br>
39<br>
50<br>
27<br>
25<br>
24<br>
55<br>
4<br>
44<br>
47<br>
5<br>
30<br>
53<br>
51<br>
57<br>
16<br>
61<br>
63<br>
1<br>
58<br>
62<br>
35<br>
8<br>
9<br>
46<br>
11<br>
14<br>
43<br>
15<br>
60<br>
31<br>
45<br>
33<br>
6<br>
13<br>
<br><br>
23<br>
57<br>
55<br>
17<br>
53<br>
48<br>
2<br>
61<br>
50<br>
37<br>
25<br>
42<br>
24<br>
1<br>
16<br>
<br><br>
15<br>
8<br>
57<br>
53<br>
33<br>
60<br>
46<br>
61<br>
50<br>
37<br>
62<br>
6<br>
45<br>
42<br>
43<br>
31<br>
<br><br>
59<br>
37<br>
36<br>
28<br>
42<br>
40<br>
32<br>
49<br>
50<br>
44<br>
5<br>
53<br>
57<br>
61<br>
<br><br>
<br><br>
5<br>
6<br>
8<br>
15<br>
28<br>
31<br>
32<br>
33<br>
36<br>
37<br>
40<br>
42<br>
43<br>
44<br>
45<br>
46<br>
49<br>
50<br>
53<br>
57<br>
59<br>
60<br>
61<br>
62<br>
<br><br>
1<br>
2<br>
3<br>
4<br>
5<br>
12<br>
16<br>
17<br>
23<br>
24<br>
25<br>
27<br>
28<br>
30<br>
32<br>
36<br>
37<br>
39<br>
40<br>
41<br>
42<br>
44<br>
47<br>
48<br>
49<br>
50<br>
51<br>
53<br>
55<br>
56<br>
57<br>
59<br>
61<br>
63<br>
<br><br>
1<br>
2<br>
5<br>
16<br>
17<br>
23<br>
24<br>
25<br>
28<br>
32<br>
36<br>
37<br>
40<br>
42<br>
44<br>
48<br>
49<br>
50<br>
53<br>
55<br>
57<br>
59<br>
61<br>
<br><br>
1<br>
2<br>
6<br>
8<br>
15<br>
16<br>
17<br>
23<br>
24<br>
25<br>
31<br>
33<br>
37<br>
42<br>
43<br>
45<br>
46<br>
48<br>
50<br>
53<br>
55<br>
57<br>
60<br>
61<br>
62<br>
<br><br>
1<br>
2<br>
6<br>
8<br>
15<br>
16<br>
17<br>
23<br>
24<br>
25<br>
31<br>
33<br>
37<br>
42<br>
43<br>
45<br>
46<br>
48<br>
50<br>
53<br>
55<br>
57<br>
60<br>
61<br>
62<br>
<br><br>
064/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity64", \$handle);
mysql_select_db ("quantity64", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 20; \$i++) {
mysql_query ("INSERT INTO a VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO b VALUES ("" . rand () % 64 . "")", \$handle);
mysql_query ("INSERT INTO c VALUES ("" . rand () % 64 . "")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
064/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test065", \$handle);
mysql_query ("INSERT INTO b VALUES (1, 1)", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["n1"] . " " . \$row ["n2"] . " " . \$row ["n3"] . " " . \$row ["n4"] . "<br>n";;
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4", \$handle);
while (\$row = mysql_fetch_row (\$result)) {
for (\$i = 0; \$i < 4; \$i++)
echo \$row [\$i] . " ";
echo "<br>n";
}
?>
065/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
<?php
setcookie ("COOKIE65", "COOKIE65", time () + 3600);
echo htmlentities (\$_POST ["txt1"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE65"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE65a"]) . "<br>n";
echo session_id () . "<br>n";
session_destroy ();
?>
065/form1.php
POST /065/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE65=COOKIE65
Content-Length: 11
Content-Type: application/x-www-form-urlencoded
txt1=TEXT65
065/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 894
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test065;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE test065;
Database changed
MariaDB [test065]> CREATE TABLE a (n1 INTEGER, n2 INTEGER);
Query OK, 0 rows affected (0.059 sec)
MariaDB [test065]> CREATE TABLE b (n3 INTEGER, n4 INTEGER);
Query OK, 0 rows affected (0.064 sec)
MariaDB [test065]> INSERT INTO a VALUES (0, 0);
Query OK, 1 row affected (0.032 sec)
MariaDB [test065]> INSERT INTO a VALUES (0, 1);
Query OK, 1 row affected (0.029 sec)
MariaDB [test065]> INSERT INTO a VALUES (1, 0);
Query OK, 1 row affected (0.028 sec)
MariaDB [test065]> INSERT INTO a VALUES (1, 1);
Query OK, 1 row affected (0.028 sec)
MariaDB [test065]> INSERT INTO a VALUES (0, 2);
Query OK, 1 row affected (0.035 sec)
MariaDB [test065]> INSERT INTO b VALUES (0, 0);
Query OK, 1 row affected (0.032 sec)
MariaDB [test065]> INSERT INTO b VALUES (0, 1);
Query OK, 1 row affected (0.033 sec)
MariaDB [test065]> INSERT INTO b VALUES (0, 2);
Query OK, 1 row affected (0.004 sec)
MariaDB [test065]> SELECT * FROM a;
+------+------+
| n1 | n2 |
+------+------+
| 0 | 0 |
| 0 | 1 |
| 1 | 0 |
| 1 | 1 |
| 0 | 2 |
+------+------+
5 rows in set (0.001 sec)
MariaDB [test065]> SELECT * FROM b;
+------+------+
| n3 | n4 |
+------+------+
| 0 | 0 |
| 0 | 1 |
| 0 | 2 |
+------+------+
3 rows in set (0.001 sec)
MariaDB [test065]> SELECT * FROM a JOIN b;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 0 | 0 | 2 |
| 0 | 1 | 0 | 0 |
| 0 | 1 | 0 | 1 |
| 0 | 1 | 0 | 2 |
| 1 | 0 | 0 | 0 |
| 1 | 0 | 0 | 1 |
| 1 | 0 | 0 | 2 |
| 1 | 1 | 0 | 0 |
| 1 | 1 | 0 | 1 |
| 1 | 1 | 0 | 2 |
| 0 | 2 | 0 | 0 |
| 0 | 2 | 0 | 1 |
| 0 | 2 | 0 | 2 |
+------+------+------+------+
15 rows in set (0.001 sec)
MariaDB [test065]> SELECT * FROM a INNER JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 0 | 0 | 2 |
| 0 | 1 | 0 | 0 |
| 0 | 1 | 0 | 1 |
| 0 | 1 | 0 | 2 |
| 0 | 2 | 0 | 0 |
| 0 | 2 | 0 | 1 |
| 0 | 2 | 0 | 2 |
+------+------+------+------+
9 rows in set (0.002 sec)
MariaDB [test065]> SELECT * FROM a RIGHT JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 0 | 0 | 2 |
| 0 | 1 | 0 | 0 |
| 0 | 1 | 0 | 1 |
| 0 | 1 | 0 | 2 |
| 0 | 2 | 0 | 0 |
| 0 | 2 | 0 | 1 |
| 0 | 2 | 0 | 2 |
+------+------+------+------+
9 rows in set (0.002 sec)
MariaDB [test065]> SELECT * FROM a LEFT JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 1 | 0 | 0 |
| 0 | 2 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 1 | 0 | 1 |
| 0 | 2 | 0 | 1 |
| 0 | 0 | 0 | 2 |
| 0 | 1 | 0 | 2 |
| 0 | 2 | 0 | 2 |
| 1 | 0 | NULL | NULL |
| 1 | 1 | NULL | NULL |
+------+------+------+------+
11 rows in set (0.002 sec)
MariaDB [test065]> SQUKT
-> ;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'SQUKT' at line 1
MariaDB [test065]> QUIT;
Bye
david@intel-compute-stick:~\$
065/output01.txt
0 0 0 0<br>
0 0 0 1<br>
0 0 0 2<br>
0 1 0 0<br>
0 1 0 1<br>
0 1 0 2<br>
1 0 1 1<br>
1 1 1 1<br>
0 2 0 0<br>
0 2 0 1<br>
0 2 0 2<br>
0 0 0 0 <br>
1 0 0 0 <br>
0 1 0 1 <br>
1 1 0 1 <br>
0 2 0 2 <br>
0 1 1 1 <br>
1 1 1 1 <br>
065/output02.txt
david@intel-compute-stick:/var/www/html/065\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /065/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE65=COOKIE65
Content-Length: 11
Content-Type: application/x-www-form-urlencoded
txt1=TEXT65
HTTP/1.1 200 OK
Date: Thu, 09 Jun 2022 16:08:17 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=k12hs7dlrj8r3rcq1r0k3be5k5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE65=COOKIE65; expires=Thu, 09-Jun-2022 17:08:18 GMT; Max-Age=3600
Vary: Accept-Encoding
Content-Length: 182
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
TEXT65<br>
COOKIE65<br>
<br>
k12hs7dlrj8r3rcq1r0k3be5k5<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/065\$
065/output03.txt
10<br>
47<br>
51<br>
37<br>
2<br>
58<br>
55<br>
43<br>
24<br>
39<br>
23<br>
11<br>
12<br>
60<br>
40<br>
8<br>
6<br>
31<br>
61<br>
36<br>
30<br>
35<br>
45<br>
29<br>
16<br>
26<br>
0<br>
<br><br>
10<br>
47<br>
51<br>
37<br>
2<br>
58<br>
55<br>
43<br>
24<br>
39<br>
23<br>
11<br>
12<br>
13<br>
15<br>
52<br>
1<br>
33<br>
53<br>
31<br>
36<br>
32<br>
5<br>
45<br>
59<br>
27<br>
<br><br>
60<br>
37<br>
40<br>
8<br>
6<br>
31<br>
61<br>
36<br>
30<br>
35<br>
45<br>
29<br>
16<br>
26<br>
0<br>
2<br>
13<br>
15<br>
47<br>
52<br>
1<br>
10<br>
33<br>
53<br>
32<br>
5<br>
59<br>
27<br>
<br><br>
37<br>
2<br>
<br><br>
10<br>
47<br>
<br><br>
31<br>
36<br>
45<br>
<br><br>
10<br>
31<br>
36<br>
45<br>
47<br>
<br><br>
<br><br>
2<br>
31<br>
36<br>
37<br>
45<br>
<br><br>
<br><br>
2<br>
10<br>
37<br>
47<br>
<br><br>
<br><br>
065/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity65", \$handle);
mysql_select_db ("quantity65", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 16; \$i++) {
mysql_query ("INSERT INTO a VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO b VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO c VALUES (" . rand () % 64 . ")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
INTERSECT
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
INTERSECT
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
INTERSECT
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
065/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test066", \$handle);
mysql_query ("INSERT INTO b VALUES (2, 2)", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["n1"] . " ". \$row ["n2"] . " " . \$row ["n3"] . " " . \$row ["n4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4", \$handle);
while (\$row = mysql_fetch_row (\$result)) {
for (\$i = 0; \$i < 4; \$i++)
echo \$row [\$i] . " ";
echo "<br>n";
}
mysql_close (\$handle);
?>
066/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
echo htmlentities (\$_POST ["txt1"]) . "<br>n";
setcookie ("COOKIE66", "COOKIE66", time () + 1200);
echo htmlentities (\$_COOKIE ["COOKIE66"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE66A"]) . "<br>n";
session_destroy ();
?>
066/form1.php
POST /066/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE66A=COOKIE66A
Content-Length: 10
Content-Type: application/x-www-form-urlencoded
txt1=TXT66
066/httprequest.txt
0 1 0 0<br>
0 1 0 1<br>
0 0 0 0<br>
0 0 0 1<br>
2 0 2 2<br>
0 0 0 0 <br>
1 0 0 0 <br>
2 0 0 0 <br>
0 1 0 1 <br>
1 1 0 1 <br>
066/output01.txt
david@intel-compute-stick:/var/www/html/066\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /066/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE66A=COOKIE66A
Content-Length: 10
Content-Type: application/x-www-form-urlencoded
txt1=TXT66
HTTP/1.1 200 OK
Date: Fri, 10 Jun 2022 08:48:24 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=s4hraaoqja4k48ea87mo4c3vr2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE66=COOKIE66; expires=Fri, 10-Jun-2022 09:08:25 GMT; Max-Age=1200
Vary: Accept-Encoding
Content-Length: 182
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="text" name="txt1"></input>
<input type="submit"></input>
</form>
s4hraaoqja4k48ea87mo4c3vr2<br>
TXT66<br>
<br>
COOKIE66A<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/066\$
066/output03.txt
17<br>
33<br>
35<br>
41<br>
10<br>
42<br>
47<br>
25<br>
45<br>
22<br>
52<br>
29<br>
11<br>
46<br>
20<br>
21<br>
6<br>
36<br>
38<br>
16<br>
28<br>
54<br>
1<br>
13<br>
12<br>
56<br>
18<br>
24<br>
26<br>
48<br>
63<br>
32<br>
3<br>
44<br>
23<br>
53<br>
62<br>
58<br>
7<br>
27<br>
9<br>
30<br>
51<br>
57<br>
<br><br>
17<br>
33<br>
35<br>
41<br>
10<br>
42<br>
47<br>
25<br>
45<br>
22<br>
52<br>
29<br>
11<br>
46<br>
20<br>
21<br>
6<br>
36<br>
38<br>
16<br>
28<br>
54<br>
1<br>
13<br>
12<br>
24<br>
5<br>
3<br>
43<br>
55<br>
57<br>
49<br>
39<br>
63<br>
15<br>
26<br>
53<br>
48<br>
14<br>
4<br>
60<br>
18<br>
<br><br>
56<br>
35<br>
18<br>
24<br>
16<br>
26<br>
48<br>
25<br>
33<br>
46<br>
63<br>
32<br>
3<br>
44<br>
54<br>
23<br>
53<br>
62<br>
22<br>
58<br>
7<br>
27<br>
9<br>
30<br>
51<br>
57<br>
29<br>
5<br>
41<br>
45<br>
43<br>
55<br>
49<br>
21<br>
39<br>
15<br>
42<br>
11<br>
12<br>
13<br>
36<br>
14<br>
4<br>
28<br>
60<br>
<br><br>
33<br>
35<br>
25<br>
22<br>
29<br>
46<br>
16<br>
54<br>
<br><br>
41<br>
42<br>
45<br>
22<br>
29<br>
11<br>
46<br>
21<br>
36<br>
28<br>
13<br>
12<br>
<br><br>
18<br>
24<br>
26<br>
48<br>
46<br>
63<br>
3<br>
53<br>
22<br>
57<br>
29<br>
<br><br>
3<br>
11<br>
12<br>
13<br>
18<br>
21<br>
22<br>
24<br>
26<br>
28<br>
29<br>
36<br>
41<br>
42<br>
45<br>
46<br>
48<br>
53<br>
57<br>
63<br>
<br><br>
3<br>
11<br>
12<br>
13<br>
18<br>
21<br>
22<br>
24<br>
26<br>
28<br>
29<br>
36<br>
41<br>
42<br>
45<br>
46<br>
48<br>
53<br>
57<br>
63<br>
<br><br>
3<br>
16<br>
18<br>
22<br>
24<br>
25<br>
26<br>
29<br>
33<br>
35<br>
46<br>
48<br>
53<br>
54<br>
57<br>
63<br>
<br><br>
3<br>
16<br>
18<br>
22<br>
24<br>
25<br>
26<br>
29<br>
33<br>
35<br>
46<br>
48<br>
53<br>
54<br>
57<br>
63<br>
<br><br>
11<br>
12<br>
13<br>
16<br>
21<br>
22<br>
25<br>
28<br>
29<br>
33<br>
35<br>
36<br>
41<br>
42<br>
45<br>
46<br>
54<br>
<br><br>
11<br>
12<br>
13<br>
16<br>
21<br>
22<br>
25<br>
28<br>
29<br>
33<br>
35<br>
36<br>
41<br>
42<br>
45<br>
46<br>
54<br>
<br><br>
066/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity66", \$handle);
mysql_select_db ("quantity66", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 16; \$i++) {
mysql_query ("INSERT INTO a VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO b VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO c VALUES (" . rand () % 64 . ")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
066/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test067", \$handle);
mysql_query ("INSERT INTO a VALUES (2, 2)", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . " " . \$row [1] . " " . \$row [2] . " " . \$row [3] . "<br>n";
\$result = mysql_query ("SELECT * FROM a RIGHT JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_row (\$result)) {
for (\$i = 0; \$i < 3; \$i++)
echo \$row [\$i] . " ";
echo "<br>n";
}
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["n1"] . " " . \$row ["n2"] . " " . \$row ["n3"] . " " . \$row ["n4"] . "<br>n";
mysql_close (\$handle);
?>
067/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("COOKIE67", "COOKIE67", time () + 1200);
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE67"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE67A"]) . "<br>n";
session_destroy ();
?>
067/form1.php
POST /067/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE67=COOKIE67
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
pwd1=***
067/httprequest.txt
david@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 975
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test067;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE test067;
Database changed
MariaDB [test067]> CREATE TABLE a (n1 INTEGER, n2 INTEGER);
Query OK, 0 rows affected (0.056 sec)
MariaDB [test067]> CREATE TABLE b (n3 INTEGER, n4 INTEGER);
Query OK, 0 rows affected (0.060 sec)
MariaDB [test067]> INSERT INTO a VALUES (0, 0);
Query OK, 1 row affected (0.032 sec)
MariaDB [test067]> INSERT INTO a (n1, n2) VALUES (0, 1);
Query OK, 1 row affected (0.029 sec)
MariaDB [test067]> INSERT INTO a (n1, n2) VALUES (1, 0);
Query OK, 1 row affected (0.030 sec)
MariaDB [test067]> INSERT INTO a (n1, n2) VALUES (1, 1);
Query OK, 1 row affected (0.031 sec)
MariaDB [test067]> INSERT INTO a (n1, n2) VALUES (2, 0);
Query OK, 1 row affected (0.031 sec)
MariaDB [test067]> INSERT INTO b (n3, n4) VALUES (0, 0);
Query OK, 1 row affected (0.029 sec)
MariaDB [test067]> INSERT INTO b (n3, n4) VALUES (0, 1);
Query OK, 1 row affected (0.026 sec)
MariaDB [test067]> SELECT * FROM a;
+------+------+
| n1 | n2 |
+------+------+
| 0 | 0 |
| 0 | 1 |
| 1 | 0 |
| 1 | 1 |
| 2 | 0 |
+------+------+
5 rows in set (0.001 sec)
MariaDB [test067]> SELECT * FROM b;
+------+------+
| n3 | n4 |
+------+------+
| 0 | 0 |
| 0 | 1 |
+------+------+
2 rows in set (0.001 sec)
MariaDB [test067]> SELECT * FROM a JOIN b;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 1 | 0 | 0 |
| 0 | 1 | 0 | 1 |
| 1 | 0 | 0 | 0 |
| 1 | 0 | 0 | 1 |
| 1 | 1 | 0 | 0 |
| 1 | 1 | 0 | 1 |
| 2 | 0 | 0 | 0 |
| 2 | 0 | 0 | 1 |
+------+------+------+------+
10 rows in set (0.001 sec)
MariaDB [test067]> SELECT * FROM a INNER JOIN b a.n1 = b.n3;
ERROR 1066 (42000): Not unique table/alias: 'a'
MariaDB [test067]> SELECT * FROM a INNER JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 1 | 0 | 0 |
| 0 | 1 | 0 | 1 |
+------+------+------+------+
4 rows in set (0.002 sec)
MariaDB [test067]> SELECT * FROM a LEFT JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 1 | 0 | 0 |
| 0 | 0 | 0 | 1 |
| 0 | 1 | 0 | 1 |
| 1 | 0 | NULL | NULL |
| 1 | 1 | NULL | NULL |
| 2 | 0 | NULL | NULL |
+------+------+------+------+
7 rows in set (0.002 sec)
MariaDB [test067]> SELECT * FROM a RIGHT JOIN b ON a.n2 = b.n4;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 0 |
| 0 | 1 | 0 | 1 |
| 1 | 0 | 0 | 0 |
| 1 | 1 | 0 | 1 |
| 2 | 0 | 0 | 0 |
+------+------+------+------+
5 rows in set (0.002 sec)
MariaDB [test067]> QUIT
Bye
david@intel-compute-stick:~\$
067/output01.txt
0 0 0 0<br>
0 0 0 1<br>
0 1 0 0<br>
0 1 0 1<br>
0 0 0 <br>
0 0 0 <br>
0 1 0 <br>
0 1 0 <br>
0 0 0 0<br>
1 0 0 0<br>
2 0 0 0<br>
0 1 0 1<br>
1 1 0 1<br>
2 2 <br>
067/output02.txt
david@intel-compute-stick:/var/www/html/067\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /067/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE67=COOKIE67
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
pwd1=***
HTTP/1.1 200 OK
Date: Sat, 11 Jun 2022 09:59:32 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=mdtnc2j9ul804g4km5lj9ka4v5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE67=COOKIE67; expires=Sat, 11-Jun-2022 10:19:32 GMT; Max-Age=1200
Vary: Accept-Encoding
Content-Length: 183
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
mdtnc2j9ul804g4km5lj9ka4v5<br>
***<br>
COOKIE67<br>
<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/067\$
067/output03.txt
59<br>
38<br>
34<br>
14<br>
39<br>
47<br>
36<br>
56<br>
31<br>
50<br>
62<br>
12<br>
44<br>
21<br>
61<br>
25<br>
13<br>
58<br>
19<br>
29<br>
41<br>
49<br>
23<br>
17<br>
33<br>
1<br>
9<br>
52<br>
24<br>
22<br>
16<br>
2<br>
37<br>
54<br>
32<br>
4<br>
35<br>
28<br>
53<br>
<br><br>
59<br>
38<br>
34<br>
14<br>
39<br>
47<br>
36<br>
56<br>
31<br>
50<br>
62<br>
12<br>
44<br>
21<br>
61<br>
25<br>
13<br>
58<br>
19<br>
29<br>
41<br>
49<br>
23<br>
11<br>
40<br>
32<br>
17<br>
10<br>
54<br>
63<br>
16<br>
0<br>
5<br>
37<br>
42<br>
57<br>
43<br>
51<br>
3<br>
27<br>
<br><br>
17<br>
47<br>
25<br>
33<br>
1<br>
9<br>
44<br>
52<br>
31<br>
29<br>
24<br>
62<br>
22<br>
61<br>
16<br>
2<br>
37<br>
12<br>
54<br>
32<br>
4<br>
38<br>
35<br>
28<br>
53<br>
11<br>
40<br>
10<br>
63<br>
0<br>
58<br>
59<br>
5<br>
42<br>
57<br>
43<br>
23<br>
19<br>
51<br>
3<br>
27<br>
<br><br>
38<br>
47<br>
31<br>
62<br>
12<br>
44<br>
61<br>
25<br>
29<br>
<br><br>
59<br>
38<br>
31<br>
12<br>
25<br>
58<br>
19<br>
29<br>
23<br>
<br><br>
17<br>
25<br>
31<br>
29<br>
16<br>
37<br>
12<br>
54<br>
32<br>
38<br>
<br><br>
12<br>
16<br>
17<br>
19<br>
23<br>
25<br>
29<br>
31<br>
32<br>
37<br>
38<br>
54<br>
58<br>
59<br>
<br><br>
12<br>
16<br>
17<br>
19<br>
23<br>
25<br>
29<br>
31<br>
32<br>
37<br>
38<br>
54<br>
58<br>
59<br>
<br><br>
12<br>
16<br>
17<br>
25<br>
29<br>
31<br>
32<br>
37<br>
38<br>
44<br>
47<br>
54<br>
61<br>
62<br>
<br><br>
12<br>
16<br>
17<br>
25<br>
29<br>
31<br>
32<br>
37<br>
38<br>
44<br>
47<br>
54<br>
61<br>
62<br>
<br><br>
12<br>
19<br>
23<br>
25<br>
29<br>
31<br>
38<br>
44<br>
47<br>
58<br>
59<br>
61<br>
62<br>
<br><br>
12<br>
19<br>
23<br>
25<br>
29<br>
31<br>
38<br>
44<br>
47<br>
58<br>
59<br>
61<br>
62<br>
<br><br>
067/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity067", \$handle);
mysql_select_db ("quantity067", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 16; \$i++) {
mysql_query ("INSERT INTO a VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO b VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO c VALUES (" . rand () % 64 . ")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["x"] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
067/quantity.php
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("test068", \$handle);
mysql_query ("INSERT INTO b VALUES (2, 2)", \$handle);
\$result = mysql_query ("SELECT * FROM a INNER JOIN b ON a.n1 = b.n3", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo \$row ["n1"] . " " . \$row ["n2"] . " " . \$row ["n3"] . " " . \$row ["n4"] . "<br>n";
\$result = mysql_query ("SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4", \$handle);
while (\$row = mysql_fetch_row (\$result)) {
for (\$i = 0; \$i < 4; \$i++)
echo \$row [\$i] . " ";
echo "<br>n";
}
mysql_close (\$handle);
?>
068/database.php
<?php
session_start ();
?>
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
<?php
echo session_id () . "<br>n";
setcookie ("COOKIE68", "COOKIE68", time () + 600);
echo htmlentities (\$_POST ["pwd1"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE68"]) . "<br>n";
echo htmlentities (\$_COOKIE ["COOKIE68A"]) . "<br>n";
session_destroy ();
?>
068/form1.php
POST /068/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE68=COOKIE68
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
pwd1=P68
068/httprequest.txt
id@intel-compute-stick:~\$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 1038
Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE test068;
Query OK, 1 row affected (0.002 sec)
MariaDB [(none)]> USE test068;
Database changed
MariaDB [test068]> CREATE TABLE a (n1 INTEGER, n2 INTEGER);
Query OK, 0 rows affected (0.057 sec)
MariaDB [test068]> CREATE TABLE b (n3 INTEGER, n4 INTEGER);
Query OK, 0 rows affected (0.052 sec)
MariaDB [test068]> INSERT INTO a VALUES (0, 0);
Query OK, 1 row affected (0.027 sec)
MariaDB [test068]> INSERT INTO a (n1, n2) VALUES ( 0, 1);
Query OK, 1 row affected (0.028 sec)
MariaDB [test068]> INSERT INTO a (n1, n2) VALUES (1, 0);
Query OK, 1 row affected (0.036 sec)
MariaDB [test068]> INSERT INTO a (n2, n1) VALUES (1, 1);
Query OK, 1 row affected (0.028 sec)
MariaDB [test068]> INSERT INTO a (n1, n2) VALUES (0, 2);
Query OK, 1 row affected (0.029 sec)
MariaDB [test068]> INSERT INTO b (n3, n4) VALUES (0, 1);
Query OK, 1 row affected (0.033 sec)
MariaDB [test068]> INSERT INTO b (n3, n4) VALUES (1, 0);
Query OK, 1 row affected (0.027 sec)
MariaDB [test068]> SELECT * FROM a;
+------+------+
| n1 | n2 |
+------+------+
| 0 | 0 |
| 0 | 1 |
| 1 | 0 |
| 1 | 1 |
| 0 | 2 |
+------+------+
5 rows in set (0.001 sec)
MariaDB [test068]> SELECT * FROM b;
+------+------+
| n3 | n4 |
+------+------+
| 0 | 1 |
| 1 | 0 |
+------+------+
2 rows in set (0.001 sec)
MariaDB [test068]> SELECT * FROM a JOIN b;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 1 |
| 0 | 0 | 1 | 0 |
| 0 | 1 | 0 | 1 |
| 0 | 1 | 1 | 0 |
| 1 | 0 | 0 | 1 |
| 1 | 0 | 1 | 0 |
| 1 | 1 | 0 | 1 |
| 1 | 1 | 1 | 0 |
| 0 | 2 | 0 | 1 |
| 0 | 2 | 1 | 0 |
+------+------+------+------+
10 rows in set (0.001 sec)
MariaDB [test068]> SELECT * FROM a INNER JOIN b ON a.n1 = b.n3;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 0 | 1 |
| 0 | 1 | 0 | 1 |
| 1 | 0 | 1 | 0 |
| 1 | 1 | 1 | 0 |
| 0 | 2 | 0 | 1 |
+------+------+------+------+
5 rows in set (0.001 sec)
MariaDB [test068]> SELECT * FROM a LEFT JOIN b ON a.n2 = b.n4;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 1 | 0 | 1 |
| 1 | 1 | 0 | 1 |
| 0 | 0 | 1 | 0 |
| 1 | 0 | 1 | 0 |
| 0 | 2 | NULL | NULL |
+------+------+------+------+
5 rows in set (0.002 sec)
MariaDB [test068]> SELECT * FROM a RIGHT JOIN b ON a.n2 = b.n4;
+------+------+------+------+
| n1 | n2 | n3 | n4 |
+------+------+------+------+
| 0 | 0 | 1 | 0 |
| 0 | 1 | 0 | 1 |
| 1 | 0 | 1 | 0 |
| 1 | 1 | 0 | 1 |
+------+------+------+------+
4 rows in set (0.002 sec)
MariaDB [test068]> QUIT
Bye
david@intel-compute-stick:~\$
068/output01.txt
0 0 0 1<br>
0 1 0 1<br>
1 0 1 0<br>
1 1 1 0<br>
0 2 0 1<br>
0 1 0 1 <br>
1 1 0 1 <br>
0 0 1 0 <br>
1 0 1 0 <br>
0 2 2 2 <br>
068/output02.txt
david@intel-compute-stick:/var/www/html/068\$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '\^]'.
POST /068/form1.php HTTP/1.1
host: localhost
Cookie: COOKIE68=COOKIE68
Content-Length: 8
Content-Type: application/x-www-form-urlencoded
pwd1=P68
HTTP/1.1 200 OK
Date: Sun, 12 Jun 2022 16:43:43 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: PHPSESSID=1l9dg64r8t18dtstc0psfjvs63; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: COOKIE68=COOKIE68; expires=Sun, 12-Jun-2022 16:53:43 GMT; Max-Age=600
Vary: Accept-Encoding
Content-Length: 183
Content-Type: text/html; charset=UTF-8
<form method="POST" action="./form1.php">
<input type="password" name="pwd1"></input>
<input type="submit"></input>
</form>
1l9dg64r8t18dtstc0psfjvs63<br>
P68<br>
COOKIE68<br>
<br>
Connection closed by foreign host.
david@intel-compute-stick:/var/www/html/068\$
068/output03.txt
57<br>
33<br>
32<br>
44<br>
24<br>
13<br>
21<br>
2<br>
63<br>
25<br>
3<br>
55<br>
8<br>
34<br>
40<br>
53<br>
20<br>
30<br>
29<br>
10<br>
47<br>
28<br>
23<br>
41<br>
<br><br>
57<br>
33<br>
32<br>
44<br>
24<br>
13<br>
21<br>
2<br>
63<br>
25<br>
3<br>
55<br>
8<br>
34<br>
40<br>
51<br>
17<br>
26<br>
6<br>
30<br>
1<br>
22<br>
23<br>
10<br>
<br><br>
53<br>
55<br>
8<br>
2<br>
20<br>
30<br>
29<br>
10<br>
47<br>
28<br>
21<br>
23<br>
3<br>
41<br>
51<br>
17<br>
26<br>
6<br>
57<br>
1<br>
25<br>
63<br>
33<br>
22<br>
13<br>
44<br>
<br><br>
21<br>
2<br>
3<br>
55<br>
8<br>
<br><br>
57<br>
33<br>
44<br>
13<br>
21<br>
63<br>
25<br>
<br><br>
30<br>
10<br>
21<br>
23<br>
<br><br>
10<br>
13<br>
21<br>
23<br>
25<br>
30<br>
33<br>
44<br>
57<br>
63<br>
<br><br>
10<br>
13<br>
21<br>
23<br>
25<br>
30<br>
33<br>
44<br>
57<br>
63<br>
<br><br>
2<br>
3<br>
8<br>
10<br>
21<br>
23<br>
30<br>
55<br>
<br><br>
2<br>
3<br>
8<br>
10<br>
21<br>
23<br>
30<br>
55<br>
<br><br>
2<br>
3<br>
8<br>
13<br>
21<br>
25<br>
33<br>
44<br>
55<br>
57<br>
63<br>
<br><br>
2<br>
3<br>
8<br>
13<br>
21<br>
25<br>
33<br>
44<br>
55<br>
57<br>
63<br>
<br><br>
068/output04.txt
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("localhost", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("CREATE DATABASE quantity68", \$handle);
mysql_query ("USE quantity68", \$handle);
mysql_query ("CREATE TABLE a (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE b (x INTEGER)", \$handle);
mysql_query ("CREATE TABLE c (x INTEGER)", \$handle);
for (\$i = 0; \$i < 16; \$i++) {
mysql_query ("INSERT INTO a VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO b VALUES (" . rand () % 64 . ")", \$handle);
mysql_query ("INSERT INTO c VALUES (" . rand () % 64 . ")", \$handle);
}
/*
a OR b
a OR c
b OR c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
a AND b
a AND c
b AND c
*/
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR b) AND c = a AND c OR b AND c
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM b) x
INTERSECT
SELECT x FROM c
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM c) x
UNION
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM c) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(a OR c) AND b = a AND b OR c AND b
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM b
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM a INTERSECT SELECT x FROM b) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM b) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
/*
(b OR c) AND a = b AND a OR c AND a
*/
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b UNION SELECT x FROM c) x
INTERSECT
SELECT x FROM a
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
\$result = mysql_query ("SELECT x FROM (
SELECT x FROM (SELECT x FROM b INTERSECT SELECT x FROM a) x
UNION
SELECT x FROM (SELECT x FROM c INTERSECT SELECT x FROM a) x
) x ORDER BY x", \$handle);
while (\$row = mysql_fetch_row (\$result))
echo \$row [0] . "<br>n";
echo "<br><br>nn";
mysql_close (\$handle);
?>
068/quantity.php
#!/bin/bash
rm all.txt
l=\$(ls)
for s in \$l
do
if [ -d \$s ]
then
k=\$(ls \$s/*)
for t in \$k
do
cat "\$t" >> all.txt
echo "\$t" >> all.txt
done
else
cat "\$s" >> all.txt
echo "\$s" >> all.txt
fi
done
all.sh
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Apache2 Debian Default Page: It works</title>
<style type="text/css" media="screen">
* {
margin: 0px 0px 0px 0px;
padding: 0px 0px 0px 0px;
}
body, html {
padding: 3px 3px 3px 3px;
background-color: #D8DBE2;
font-family: Verdana, sans-serif;
font-size: 11pt;
text-align: center;
}
div.main_page {
position: relative;
display: table;
width: 800px;
margin-bottom: 3px;
margin-left: auto;
margin-right: auto;
padding: 0px 0px 0px 0px;
border-width: 2px;
border-color: #212738;
border-style: solid;
background-color: #FFFFFF;
text-align: center;
}
div.page_header {
height: 99px;
width: 100%;
background-color: #F5F6F7;
}
div.page_header span {
margin: 15px 0px 0px 50px;
font-size: 180%;
font-weight: bold;
}
div.page_header img {
margin: 3px 0px 0px 40px;
border: 0px 0px 0px;
}
div.table_of_contents {
clear: left;
min-width: 200px;
margin: 3px 3px 3px 3px;
background-color: #FFFFFF;
text-align: left;
}
div.table_of_contents_item {
clear: left;
width: 100%;
margin: 4px 0px 0px 0px;
background-color: #FFFFFF;
color: #000000;
text-align: left;
}
div.table_of_contents_item a {
margin: 6px 0px 0px 6px;
}
div.content_section {
margin: 3px 3px 3px 3px;
background-color: #FFFFFF;
text-align: left;
}
div.content_section_text {
padding: 4px 8px 4px 8px;
color: #000000;
font-size: 100%;
}
div.content_section_text pre {
margin: 8px 0px 8px 0px;
padding: 8px 8px 8px 8px;
border-width: 1px;
border-style: dotted;
border-color: #000000;
background-color: #F5F6F7;
font-style: italic;
}
div.content_section_text p {
margin-bottom: 6px;
}
div.content_section_text ul, div.content_section_text li {
padding: 4px 8px 4px 16px;
}
div.section_header {
padding: 3px 6px 3px 6px;
background-color: #8E9CB2;
color: #FFFFFF;
font-weight: bold;
font-size: 112%;
text-align: center;
}
div.section_header_red {
background-color: #CD214F;
}
div.section_header_grey {
background-color: #9F9386;
}
.floating_element {
position: relative;
float: left;
}
div.table_of_contents_item a,
div.content_section_text a {
text-decoration: none;
font-weight: bold;
}
div.table_of_contents_item a:link,
div.table_of_contents_item a:visited,
div.table_of_contents_item a:active {
color: #000000;
}
div.table_of_contents_item a:hover {
background-color: #000000;
color: #FFFFFF;
}
div.content_section_text a:link,
div.content_section_text a:visited,
div.content_section_text a:active {
background-color: #DCDFE6;
color: #000000;
}
div.content_section_text a:hover {
background-color: #000000;
color: #DCDFE6;
}
div.validator {
}
</style>
</head>
<body>
<div class="main_page">
<div class="page_header floating_element">
<img src="/icons/openlogo-75.png" alt="Debian Logo" class="floating_element"/>
<span class="floating_element">
Apache2 Debian Default Page
</span>
</div>
<!-- <div class="table_of_contents floating_element">
<div class="section_header section_header_grey">
TABLE OF CONTENTS
</div>
<div class="table_of_contents_item floating_element">
<a href="#about">About</a>
</div>
<div class="table_of_contents_item floating_element">
<a href="#changes">Changes</a>
</div>
<div class="table_of_contents_item floating_element">
<a href="#scope">Scope</a>
</div>
<div class="table_of_contents_item floating_element">
<a href="#files">Config files</a>
</div>
</div>
-->
<div class="content_section floating_element">
<div class="section_header section_header_red">
<div id="about"></div>
It works!
</div>
<div class="content_section_text">
<p>
This is the default welcome page used to test the correct
operation of the Apache2 server after installation on Debian systems.
If you can read this page, it means that the Apache HTTP server installed at
this site is working properly. You should <b>replace this file</b> (located at
<tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server.
</p>
<p>
If you are a normal user of this web site and don't know what this page is
about, this probably means that the site is currently unavailable due to
maintenance.
If the problem persists, please contact the site's administrator.
</p>
</div>
<div class="section_header">
<div id="changes"></div>
Configuration Overview
</div>
<div class="content_section_text">
<p>
Debian's Apache2 default configuration is different from the
upstream default configuration, and split into several files optimized for
interaction with Debian tools. The configuration system is
<b>fully documented in
/usr/share/doc/apache2/README.Debian.gz</b>. Refer to this for the full
documentation. Documentation for the web server itself can be
found by accessing the <a href="/manual">manual</a> if the <tt>apache2-doc</tt>
package was installed on this server.
</p>
<p>
The configuration layout for an Apache2 web server installation on Debian systems is as follows:
</p>
<pre>
/etc/apache2/
|-- apache2.conf
| `-- ports.conf
|-- mods-enabled
| |-- *.load
| `-- *.conf
|-- conf-enabled
| `-- *.conf
|-- sites-enabled
| `-- *.conf
</pre>
<ul>
<li>
<tt>apache2.conf</tt> is the main configuration
file. It puts the pieces together by including all remaining configuration
files when starting up the web server.
</li>
<li>
<tt>ports.conf</tt> is always included from the
main configuration file. It is used to determine the listening ports for
incoming connections, and this file can be customized anytime.
</li>
<li>
Configuration files in the <tt>mods-enabled/</tt>,
<tt>conf-enabled/</tt> and <tt>sites-enabled/</tt> directories contain
particular configuration snippets which manage modules, global configuration
fragments, or virtual host configurations, respectively.
</li>
<li>
They are activated by symlinking available
configuration files from their respective
*-available/ counterparts. These should be managed
by using our helpers
<tt>
a2enmod,
a2dismod,
</tt>
<tt>
a2ensite,
a2dissite,
</tt>
and
<tt>
a2enconf,
a2disconf
</tt>. See their respective man pages for detailed information.
</li>
<li>
The binary is called apache2. Due to the use of
environment variables, in the default configuration, apache2 needs to be
started/stopped with <tt>/etc/init.d/apache2</tt> or <tt>apache2ctl</tt>.
<b>Calling <tt>/usr/bin/apache2</tt> directly will not work</b> with the
default configuration.
</li>
</ul>
</div>
<div class="section_header">
<div id="docroot"></div>
Document Roots
</div>
<div class="content_section_text">
<p>
By default, Debian does not allow access through the web browser to
<em>any</em> file apart of those located in <tt>/var/www</tt>,
<a href="http://httpd.apache.org/docs/2.4/mod/mod_userdir.html" rel="nofollow">public_html</a>
directories (when enabled) and <tt>/usr/share</tt> (for web
applications). If your site is using a web document root
located elsewhere (such as in <tt>/srv</tt>) you may need to whitelist your
document root directory in <tt>/etc/apache2/apache2.conf</tt>.
</p>
<p>
The default Debian document root is <tt>/var/www/html</tt>. You
can make your own virtual hosts under /var/www. This is different
to previous releases which provides better security out of the box.
</p>
</div>
<div class="section_header">
<div id="bugs"></div>
Reporting Problems
</div>
<div class="content_section_text">
<p>
Please use the <tt>reportbug</tt> tool to report bugs in the
Apache2 package with Debian. However, check <a
href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?ordering=normal;archive=0;src=apache2;repeatmerged=0"
rel="nofollow">existing bug reports</a> before reporting a new bug.
</p>
<p>
Please report bugs specific to modules (such as PHP and others)
to respective packages, not to the web server itself.
</p>
</div>
</div>
</div>
<div class="validator">
</div>
</body>
</html>
index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<form method="GET" action="createaccount.php">
Nickname: <input type="text" name="nickname"></input><br>
Name: <input type="text" name="vorname"></input><br>
Nachname: <input type="text" name="nachname"></input><br>
Mail: <input type="text" name="mail"></input><br>
Passwort: <input type="password" name="passwort1"></input><br>
Passwort best\&auml;tigen: <input type="password" name="passwort2"></input><br>
<input type="submit"></input>
</form>
</body>
</html>
mysocial/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
?>
mysocial/createaccount.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<form action="./login.php" method="GET">
Nickname: <input type="text" name="nickname"></input><br>
Passwort: <input type="password" name="passwort"></input><br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</html>
mysocial/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial/post.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . \$row ["nickname"] . "">" . \$row ["nickname"] . "</a><br>";
mysql_close (\$handle);
?>
mysocial/search.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
?>
mysocial/threadextern.php
<?php
session_start ();
?>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
if (isset (\$_SESSION ["name"])) {
echo "<form action="./post.php" method="GET" rows="20"><input type="text" name="content"></input><input type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$_SESSION ["name"] .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
mysocial/thread.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<form method="GET" action="createaccount.php">
Nickname: <input type="text" name="nickname"></input><br>
Name: <input type="text" name="vorname"></input><br>
Nachname: <input type="text" name="nachname"></input><br>
Mail: <input type="text" name="mail"></input><br>
Passwort: <input type="password" name="passwort1"></input><br>
Passwort best\&auml;tigen: <input type="password" name="passwort2"></input><br>
<input type="submit"></input>
</form>
</body>
</html>
mysocial20220329/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220329/createaccount.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220329/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<form action="./login.php" method="GET">
Nickname: <input type="text" name="nickname"></input><br>
Passwort: <input type="password" name="passwort"></input><br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</html>
mysocial20220329/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220329/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$public = htmlentities(mysql_real_escape_string (\$public, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220329/post.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "">" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>";
mysql_close (\$handle);
?>
mysocial20220329/search.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
?>
mysocial20220329/threadextern.php
<?php
session_start ();
?>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><input type="text" name="content"></input><input type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
mysocial20220329/thread.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="GET" action="createaccount.php">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="submit"></input>
</form>
</div>
</body>
</html>
mysocial20220329a/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220329a/createaccount.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220329a/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</div>
</html>
mysocial20220329a/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220329a/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220329a/post.php
<?php
session_start ();
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "">" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>";
mysql_close (\$handle);
?>
</div>
mysocial20220329a/search.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
mysql_close ();
?>
</div>
mysocial20220329a/threadextern.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220329a/thread.php
mysocial20220329a/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<form method="GET" action="createaccount.php">
Nickname: <input type="text" name="nickname"></input><br>
Name: <input type="text" name="vorname"></input><br>
Nachname: <input type="text" name="nachname"></input><br>
Mail: <input type="text" name="mail"></input><br>
Passwort: <input type="password" name="passwort1"></input><br>
Passwort best\&auml;tigen: <input type="password" name="passwort2"></input><br>
<input type="submit"></input>
</form>
</body>
</html>
mysocial20220329-bak/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220329-bak/createaccount.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220329-bak/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<form action="./login.php" method="GET">
Nickname: <input type="text" name="nickname"></input><br>
Passwort: <input type="password" name="passwort"></input><br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</html>
mysocial20220329-bak/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = mysql_real_escape_string (\$nickname, \$handle);
\$passwort = mysql_real_escape_string (\$passwort, \$handle);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220329-bak/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = mysql_real_escape_string (\$content, \$handle);
\$public = mysql_real_escape_string (\$public, \$handle);
\$nickname = mysql_real_escape_string (\$nickname, \$handle);
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220329-bak/post.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . mysql_real_escape_string(\$row ["nickname"], \$handle) . "">" . mysql_real_escape_string(\$row ["nickname"], \$handle) . "</a><br>";
mysql_close (\$handle);
?>
mysocial20220329-bak/search.php
<?php
session_start ();
?>
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = mysql_real_escape_string(\$name, \$handle);
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
?>
mysocial20220329-bak/threadextern.php
<?php
session_start ();
?>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><input type="text" name="content"></input><input type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = mysql_real_escape_string (\$sessionname, \$handle);
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01">" . \$row ["datetime"] . "<br><hr><br>" . \$row ["content"] ."</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
mysocial20220329-bak/thread.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="GET" action="createaccount.php">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="submit"></input>
</form>
</div>
</body>
</html>
mysocial20220401/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220401/createaccount.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220401/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220401/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</div>
</html>
mysocial20220401/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220401/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220401/post.php
<?php
session_start ();
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "">" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users");
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
?>
</div>
mysocial20220401/search.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220401/sendfriendship.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
mysql_close ();
?>
</div>
mysocial20220401/threadextern.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220401/thread.php
mysocial20220401/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="GET" action="createaccount.php">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="submit"></input>
</form>
</div>
</body>
</html>
mysocial20220401-bak/createaccount.html
<?php
session_start ();
?>
<?php
\$passwort1 = \$_GET ["passwort1"];
\$passwort2 = \$_GET ["passwort2"];
\$nickname = \$_GET ["nickname"];
\$vorname = \$_GET ["vorname"];
\$nachname = \$_GET ["nachname"];
\$mail = \$_GET ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220401-bak/createaccount.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220401-bak/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220401-bak/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.html">Registrieren</a>
</div>
</html>
mysocial20220401-bak/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220401-bak/login.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220401-bak/post.php
<?php
session_start ();
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
?>
</div>
mysocial20220401-bak/search.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220401-bak/sendfriendship.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
mysql_close ();
?>
</div>
mysocial20220401-bak/threadextern.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220401-bak/thread.php
mysocial20220401-bak/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
<?php
session_start ();
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220408/createaccount.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220408/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220408/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220408/login.html
<?php
session_start ();
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ('127.0.0.1', \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220408/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220408/photoupload2.php
<?php
session_start ();
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE mysocial_database", \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220408/post.php
<?php
session_start ();
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE mysocial_database");
\$result = mysql_query ("SELECT * FROM users");
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users");
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
?>
</div>
mysocial20220408/search.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE mysocial_database", \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220408/sendfriendship.php
<?php
include ('/home/david/mysqldata.php');
\$handle2 = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db ("mysocial_database", \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220408/showphoto.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
include ('/home/david/mysqldata.php');
\$name = \$_GET ["searchname"];
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
?>
</div>
mysocial20220408/threadextern.php
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
include ('/home/david/mysqldata.php');
\$handle = mysql_connect ("127.0.0.1", \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use mysocial_database", \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220408/thread.php
mysocial20220408/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220408/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
<?php
session_start ();
?>
<?php
include ('./config.php');
echo "<h1>".\$title."</h1><code>".\$subscription."</code><br>";
?>
mysocial20220410/banner.php
<?php
\$secretdatafilename = '/home/david/mysqldata.php';
include (\$secretdatafilename);
\$databasename = 'mysocial_database';
\$title = 'Dave Vajdas MySoc';
\$server = '127.0.0.1';
\$subscription = 'Das ist MySoc';
?>
mysocial20220410/config.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE ".\$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220410/createaccount.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE ".\$databasename);
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220410/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220410/index.html
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="./install.php">
<input type="text" name="databasename"></input>Datenbankname<br>
<input type="text" name="secretdata"></input>Name der Datei mit geheimen Daten<br>
<input type="text" name="benutzername"></input>Benutzername der Datenbank<br>
<input type="password" name="passwort"></input>Passwort des DBMS<br>
<input type="text" name="server"></input>Name des Servers auf dem das DBMS l\&auml;ft<br>
<input type="text" name="title"></input>Titel des sozialen Netzwerkes<br>
<input type="text" name="subscription"></input>Beschreibung des sozialen Netzes<br>
<input type="submit"></input>
</form>
<?php
\$databasename = htmlentities (\$_POST ["databasename"]);
\$secretdatafilename = htmlentities (\$_POST ["secretdata"]);
\$username = htmlentities (\$_POST ["benutzername"]);
\$password = htmlentities (\$_POST ["passwort"]);
\$server = htmlentities (\$_POST ["server"]);
\$title = htmlentities (\$_POST ["title"]);
\$subscription = htmlentities (\$_POST ["subscription"]);
\$configfilename = "./config.php";
\$config_file_input_str = "<?phpnn";
\$config_file_input_str .= "\$secretdatafilename = '/home/david/mysqldata.php';n";
\$config_file_input_str .= "include (\$secretdatafilename);n";
\$config_file_input_str .= "\$databasename = '" . \$databasename . "';n";
//\$config_file_input_str .= "\$secretdatafilename = '" . \$secretdatafilename . "';n";
\$config_file_input_str .= "\$title = '" . \$title . "';n";
\$config_file_input_str .= "\$server = '" . \$server . "';n";
\$config_file_input_str .= "\$subscription = '" . \$subscription . "';n";
\$config_file_input_str .= "?>n";
\$secretdatafilestr = "<?phpnn";
\$secretdatafilestr .= "\$MYSQL_NAME='" . \$username . "';n";
\$secretdatafilestr .= "\$MYSQL_PASSWORD='" . \$password . "';n";
\$secretdatafilestr .= "?>n";
\$config_file_input_str = \$config_file_input_str;
\$secretdatafilestr = \$secretdatafilestr;
file_put_contents (\$configfilename, \$config_file_input_str);
//file_put_contents (\$secretdatafilename, \$secretdatafilestr);
\$handle = mysql_connect (\$server, \$username, \$password);
mysql_query ("CREATE DATABASE " . \$databasename, \$handle);
mysql_select_db (\$databasename, \$handle);
mysql_query ("CREATE TABLE users (nickname VARCHAR(64), vorname VARCHAR(64), nachname VARCHAR(64) , mail VARCHAR(128), passwort VARCHAR(128),photo MEDIUMBLOB)", \$handle);
mysql_query ("CREATE TABLE freunde (freund1 VARCHAR (64), freund2 VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE freundschaftsanfrage (nicknamevon VARCHAR (64), nicknamezu VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE postings (nickname VARCHAR (64), content TEXT, datetime DATETIME, public TINYINT (1))", \$handle);
mysql_close (\$handle);
?>
mysocial20220410/install.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220410/login.html
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE " . \$databasename);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220410/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220410/photoupload2.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220410/post.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users", \$handle);
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
?>
</div>
mysocial20220410/search.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE " . \$databasename, \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220410/sendfriendship.php
<?php
include ('./config.php');
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db (\$databasename, \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220410/showphoto.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
?>
</div>
mysocial20220410/threadextern.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220410/thread.php
mysocial20220410/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220410/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
<?php
session_start ();
?>
<?php
include ('./config.php');
echo "<h1>".\$title."</h1><code>".\$subscription."</code><br>";
?>
mysocial20220411/banner.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<ul>
<li><a href="./login.html">login</a></li>
<li><a href="./register.php">register</a></li>
<li><a href="./thread.php">thread</a></li>
<li><a href="./search.php">list users</a></li>
<li>
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle);
\$sessionname = \$_SESSION ["name"];
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="friendname[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button style="width:64px;height:32px" formaction="./threadfriends.php"></button>n";
echo "<FORM><br>n";
mysql_close (\$handle);
?>
</li>
<li>
<?php
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle2);
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="searchname[]" MULTIPLE>n";
\$result6 = mysql_query ("SELECT * FROM freunde", \$handle2);
while (\$row6 = mysql_fetch_assoc (\$result6)) {
echo "<OPTION>" . \$row6 ["freund1"] . "." . \$row6 ["freund2"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button style="width:65px;height:32px" formaction="./threadexternfriends.php"></button>n";
echo "<FORM><br>n";
mysql_close (\$handle2);
?>
</li>
</ul>
</body>
mysocial20220411/collection.php
<?php
\$secretdatafilename = '/home/david/mysqldata.php';
include (\$secretdatafilename);
\$databasename = 'mysocial_database';
\$title = 'Dave Vajdas MySoc';
\$server = '127.0.0.1';
\$subscription = 'Das ist MySoc';
?>
mysocial20220411/config.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE ".\$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220411/createaccount.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE ".\$databasename);
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220411/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220411/index.html
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="./install.php">
<input type="text" name="databasename"></input>Datenbankname<br>
<input type="text" name="secretdata"></input>Name der Datei mit geheimen Daten<br>
<input type="text" name="benutzername"></input>Benutzername der Datenbank<br>
<input type="password" name="passwort"></input>Passwort des DBMS<br>
<input type="text" name="server"></input>Name des Servers auf dem das DBMS l\&auml;ft<br>
<input type="text" name="title"></input>Titel des sozialen Netzwerkes<br>
<input type="text" name="subscription"></input>Beschreibung des sozialen Netzes<br>
<input type="submit"></input>
</form>
<?php
\$databasename = htmlentities (\$_POST ["databasename"]);
\$secretdatafilename = htmlentities (\$_POST ["secretdata"]);
\$username = htmlentities (\$_POST ["benutzername"]);
\$password = htmlentities (\$_POST ["passwort"]);
\$server = htmlentities (\$_POST ["server"]);
\$title = htmlentities (\$_POST ["title"]);
\$subscription = htmlentities (\$_POST ["subscription"]);
\$configfilename = "./config.php";
\$config_file_input_str = "<?phpnn";
\$config_file_input_str .= "\$secretdatafilename = '/home/david/mysqldata.php';n";
\$config_file_input_str .= "include (\$secretdatafilename);n";
\$config_file_input_str .= "\$databasename = '" . \$databasename . "';n";
//\$config_file_input_str .= "\$secretdatafilename = '" . \$secretdatafilename . "';n";
\$config_file_input_str .= "\$title = '" . \$title . "';n";
\$config_file_input_str .= "\$server = '" . \$server . "';n";
\$config_file_input_str .= "\$subscription = '" . \$subscription . "';n";
\$config_file_input_str .= "?>n";
\$secretdatafilestr = "<?phpnn";
\$secretdatafilestr .= "\$MYSQL_NAME='" . \$username . "';n";
\$secretdatafilestr .= "\$MYSQL_PASSWORD='" . \$password . "';n";
\$secretdatafilestr .= "?>n";
\$config_file_input_str = \$config_file_input_str;
\$secretdatafilestr = \$secretdatafilestr;
file_put_contents (\$configfilename, \$config_file_input_str);
//file_put_contents (\$secretdatafilename, \$secretdatafilestr);
\$handle = mysql_connect (\$server, \$username, \$password);
mysql_query ("CREATE DATABASE " . \$databasename, \$handle);
mysql_select_db (\$databasename, \$handle);
mysql_query ("CREATE TABLE users (nickname VARCHAR(64), vorname VARCHAR(64), nachname VARCHAR(64) , mail VARCHAR(128), passwort VARCHAR(128),photo MEDIUMBLOB)", \$handle);
mysql_query ("CREATE TABLE freunde (freund1 VARCHAR (64), freund2 VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE freundschaftsanfrage (nicknamevon VARCHAR (64), nicknamezu VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE postings (nickname VARCHAR (64), content TEXT, datetime DATETIME, public TINYINT (1))", \$handle);
mysql_close (\$handle);
?>
mysocial20220411/install.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220411/login.html
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE " . \$databasename);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220411/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220411/photoupload2.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$friendname = \$_GET ["sendfriend"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="".\$nickname."" AND freund2="".\$friendname."" OR freund1="".\$friendname."" AND freund2 ="".\$nickname.""", \$handle);
if (mysql_fetch_row (\$result)) {
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "." . \$friendname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
}
else
echo "Sie sind keine Freunde<br>n";
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./threadfriends.php";
</script>
mysocial20220411/postfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220411/post.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users", \$handle);
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
?>
</div>
mysocial20220411/search.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE " . \$databasename, \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220411/sendfriendship.php
<?php
include ('./config.php');
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db (\$databasename, \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220411/showphoto.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name3 = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$name = explode (".", \$name3) [0];
\$name2 = explode (".", \$name3) [1];
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name2 .""", \$handle);
if (\$row3 = mysql_fetch_assoc (\$result3));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name . "." . \$name2 ."" OR nickname="" . \$name2 . "." . \$name .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
if (strcmp (\$row ["nickname"], \$name . "." . \$name2) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$name2 . "." . \$name) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name2 . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name2.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
?>
</div>
mysocial20220411/threadexternfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
?>
</div>
mysocial20220411/threadextern.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
\$friendname = \$_GET ["friendname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
echo "<form action="./postfriends.php" method="GET" rows="20">";
echo "<textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input>";
echo "\&nbsp;<SELECT MULTIPLE name="sendfriend[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT></form><br>n";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname . "." . \$friendname ."" OR nickname="" . \$friendname . "." . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$friendname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
if (\$row3 = mysql_fetch_assoc (\$result3)) {
while (\$row = mysql_fetch_assoc (\$result)) {
if (strcmp (\$row ["nickname"], \$sessionname . "." . \$friendname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$friendname . "." . \$sessionname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$friendname . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$friendname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
}
}
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220411/threadfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
?>
</div>
mysocial20220411/thread.php
mysocial20220411/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220411/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
<?php
session_start ();
?>
<?php
include ('./config.php');
echo "<h1>".\$title."</h1><code>".\$subscription."</code><br>";
?>
mysocial20220411b/banner.php
<?php
session_start ();
?>
<?php
include ('./config.php');
?>
<link rel="stylesheet" href="./styles/extern.css">
<div class="dropdown">
<button class="dropbtn">Menue</button>
<div class="dropdown-content">
<a href="./login.html">login</a>
<a href="./createaccount.php">register</a>
<a href="./thread.php">thread</a>
<a href="./search.php">list users</a>
</div>
</div>
<ul>
<li><a href="./login.html">login</a></li>
<li><a href="./createaccount.php">register</a></li>
<li><a href="./thread.php">thread</a></li>
<li><a href="./search.php">list users</a></li>
</ul>
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle);
\$sessionname = \$_SESSION ["name"];
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="friendname[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund1"]."); background-repeat: no-repeat;">" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund2"]."); background-repeat: no-repeat;">" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button formaction="./threadfriends.php">Freunde unterhalten</button><br>n";
echo "<FORM><br>n";
mysql_close (\$handle);
?>
<?php
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle2);
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="searchname[]" MULTIPLE>n";
\$result6 = mysql_query ("SELECT * FROM freunde", \$handle2);
while (\$row6 = mysql_fetch_assoc (\$result6)) {
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund1"]."); background-repeat: no-repeat;">" . \$row6 ["freund1"] . "." . \$row6 ["freund2"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button formaction="./threadexternfriends.php">Freunde Unterhaltung extern</button><br>n";
echo "<FORM><br>n";
mysql_close (\$handle2);
?>
mysocial20220411b/collection.php
<?php
\$secretdatafilename = '/home/david/mysqldata.php';
include (\$secretdatafilename);
\$databasename = 'mysocial_database';
\$title = 'Dave Vajdas MySoc';
\$server = '127.0.0.1';
\$subscription = 'Das ist MySoc';
?>
mysocial20220411b/config.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE ".\$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220411b/createaccount.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE ".\$databasename);
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220411b/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./search.php";
</script>
</body>
</html>
mysocial20220411b/index.html
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220411b/login.html
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE " . \$databasename);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220411b/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220411b/photoupload2.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$friendname = \$_GET ["sendfriend"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="".\$nickname."" AND freund2="".\$friendname."" OR freund1="".\$friendname."" AND freund2 ="".\$nickname.""", \$handle);
if (mysql_fetch_row (\$result)) {
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "." . \$friendname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
}
else
echo "Sie sind keine Freunde<br>n";
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./threadfriends.php";
</script>
mysocial20220411b/postfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220411b/post.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users", \$handle);
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle))."); background-repeat: no-repeat;">" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
include("./collection.php");
?>
</div>
mysocial20220411b/search.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE " . \$databasename, \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220411b/sendfriendship.php
<?php
include ('./config.php');
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db (\$databasename, \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220411b/showphoto.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name3 = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$name = explode (".", \$name3) [0];
\$name2 = explode (".", \$name3) [1];
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name2 .""", \$handle);
if (\$row3 = mysql_fetch_assoc (\$result3));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name . "." . \$name2 ."" OR nickname="" . \$name2 . "." . \$name .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
if (strcmp (\$row ["nickname"], \$name . "." . \$name2) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$name2 . "." . \$name) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name2 . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name2.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
include("./collection.php");
?>
</div>
mysocial20220411b/threadexternfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<iframe="./collection.php"></iframe>
<div class="overall">
<?php
\$name = \$_GET ["searchname"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
include("./collection.php");
?>
</div>
mysocial20220411b/threadextern.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
\$friendname = \$_GET ["friendname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
echo "<form action="./postfriends.php" method="GET" rows="20">";
echo "<textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input>";
echo "\&nbsp;<SELECT MULTIPLE name="sendfriend[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT></form><br>n";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname . "." . \$friendname ."" OR nickname="" . \$friendname . "." . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$friendname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
if (\$row3 = mysql_fetch_assoc (\$result3)) {
while (\$row = mysql_fetch_assoc (\$result)) {
if (strcmp (\$row ["nickname"], \$sessionname . "." . \$friendname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$friendname . "." . \$sessionname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$friendname . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$friendname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
}
}
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
include("./collection.php");
?>
</div>
mysocial20220411b/threadfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
include("./collection.php");
?>
</div>
mysocial20220411b/thread.php
mysocial20220411b/styles:
extern.css
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220411b/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
Screenshot_20220412_044110_1.png
Screenshot_20220412_044110.png
Screenshot_20220412_050816.png
Screenshot_20220412_050826.png
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
Tux.png
<?php
session_start ();
?>
<?php
include ('./config.php');
echo "<h1>".\$title."</h1><code>".\$subscription."</code><br>";
?>
mysocial20220412a/banner.php
<?php
session_start ();
?>
<?php
include ('./config.php');
?>
<link rel="stylesheet" href="./styles/extern.css">
<div class="dropdown">
<button class="dropbtn">Menue</button>
<div class="dropdown-content">
<a href="./login.html">login</a>
<a href="./register.php">register</a>
<a href="./thread.php">thread</a>
<a href="./search.php">list users</a>
</div>
</div>
<ul>
<li><a href="./login.html">login</a></li>
<li><a href="./register.php">register</a></li>
<li><a href="./thread.php">thread</a></li>
<li><a href="./search.php">list users</a></li>
</ul>
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle);
\$sessionname = \$_SESSION ["name"];
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="friendname[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund1"]."); background-repeat: no-repeat;">" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund2"]."); background-repeat: no-repeat;">" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button formaction="./threadfriends.php">Freunde unterhalten</button><br>n";
echo "<FORM><br>n";
mysql_close (\$handle);
?>
<?php
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle2);
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="searchname[]" MULTIPLE>n";
\$result6 = mysql_query ("SELECT * FROM freunde", \$handle2);
while (\$row6 = mysql_fetch_assoc (\$result6)) {
echo "<OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".\$row6["freund1"]."); background-repeat: no-repeat;">" . \$row6 ["freund1"] . "." . \$row6 ["freund2"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button formaction="./threadexternfriends.php">Freunde Unterhaltung extern</button><br>n";
echo "<FORM><br>n";
mysql_close (\$handle2);
?>
mysocial20220412a/collection.php
<?php
\$secretdatafilename = '/home/david/mysqldata.php';
include (\$secretdatafilename);
\$databasename = 'mysocial_database';
\$title = 'Dave Vajdas MySoc';
\$server = '127.0.0.1';
\$subscription = 'Das ist MySoc';
?>
mysocial20220412a/config.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE ".\$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220412a/createaccount.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE ".\$databasename);
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220412a/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./search.php";
</script>
</body>
</html>
mysocial20220412a/index.html
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="./install.php">
<input type="text" name="databasename"></input>Datenbankname<br>
<input type="text" name="secretdata"></input>Name der Datei mit geheimen Daten<br>
<input type="text" name="benutzername"></input>Benutzername der Datenbank<br>
<input type="password" name="passwort"></input>Passwort des DBMS<br>
<input type="text" name="server"></input>Name des Servers auf dem das DBMS l\&auml;ft<br>
<input type="text" name="title"></input>Titel des sozialen Netzwerkes<br>
<input type="text" name="subscription"></input>Beschreibung des sozialen Netzes<br>
<input type="submit"></input>
</form>
<?php
\$databasename = htmlentities (\$_POST ["databasename"]);
\$secretdatafilename = htmlentities (\$_POST ["secretdata"]);
\$username = htmlentities (\$_POST ["benutzername"]);
\$password = htmlentities (\$_POST ["passwort"]);
\$server = htmlentities (\$_POST ["server"]);
\$title = htmlentities (\$_POST ["title"]);
\$subscription = htmlentities (\$_POST ["subscription"]);
\$configfilename = "./config.php";
\$config_file_input_str = "<?phpnn";
\$config_file_input_str .= "\$secretdatafilename = '/home/david/mysqldata.php';n";
\$config_file_input_str .= "include (\$secretdatafilename);n";
\$config_file_input_str .= "\$databasename = '" . \$databasename . "';n";
//\$config_file_input_str .= "\$secretdatafilename = '" . \$secretdatafilename . "';n";
\$config_file_input_str .= "\$title = '" . \$title . "';n";
\$config_file_input_str .= "\$server = '" . \$server . "';n";
\$config_file_input_str .= "\$subscription = '" . \$subscription . "';n";
\$config_file_input_str .= "?>n";
\$secretdatafilestr = "<?phpnn";
\$secretdatafilestr .= "\$MYSQL_NAME='" . \$username . "';n";
\$secretdatafilestr .= "\$MYSQL_PASSWORD='" . \$password . "';n";
\$secretdatafilestr .= "?>n";
\$config_file_input_str = \$config_file_input_str;
\$secretdatafilestr = \$secretdatafilestr;
file_put_contents (\$configfilename, \$config_file_input_str);
//file_put_contents (\$secretdatafilename, \$secretdatafilestr);
\$handle = mysql_connect (\$server, \$username, \$password);
mysql_query ("CREATE DATABASE " . \$databasename, \$handle);
mysql_select_db (\$databasename, \$handle);
mysql_query ("CREATE TABLE users (nickname VARCHAR(64), vorname VARCHAR(64), nachname VARCHAR(64) , mail VARCHAR(128), passwort VARCHAR(128),photo MEDIUMBLOB)", \$handle);
mysql_query ("CREATE TABLE freunde (freund1 VARCHAR (64), freund2 VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE freundschaftsanfrage (nicknamevon VARCHAR (64), nicknamezu VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE postings (nickname VARCHAR (64), content TEXT, datetime DATETIME, public TINYINT (1))", \$handle);
mysql_close (\$handle);
?>
mysocial20220412a/install.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220412a/login.html
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE " . \$databasename);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220412a/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220412a/photoupload2.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$friendname = \$_GET ["sendfriend"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="".\$nickname."" AND freund2="".\$friendname."" OR freund1="".\$friendname."" AND freund2 ="".\$nickname.""", \$handle);
if (mysql_fetch_row (\$result)) {
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "." . \$friendname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
}
else
echo "Sie sind keine Freunde<br>n";
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./threadfriends.php";
</script>
mysocial20220412a/postfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220412a/post.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users", \$handle);
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION style=" #FF0000; background-size: 100%;background-image: url(./showphoto.php?name=".htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle))."); background-repeat: no-repeat;">" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
include("./collection.php");
?>
</div>
mysocial20220412a/search.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE " . \$databasename, \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220412a/sendfriendship.php
<?php
include ('./config.php');
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db (\$databasename, \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220412a/showphoto.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name3 = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$name = explode (".", \$name3) [0];
\$name2 = explode (".", \$name3) [1];
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name2 .""", \$handle);
if (\$row3 = mysql_fetch_assoc (\$result3));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name . "." . \$name2 ."" OR nickname="" . \$name2 . "." . \$name .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
if (strcmp (\$row ["nickname"], \$name . "." . \$name2) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$name2 . "." . \$name) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name2 . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name2.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
include("./collection.php");
?>
</div>
mysocial20220412a/threadexternfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<iframe="./collection.php"></iframe>
<div class="overall">
<?php
\$name = \$_GET ["searchname"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
include("./collection.php");
?>
</div>
mysocial20220412a/threadextern.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
\$friendname = \$_GET ["friendname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
echo "<form action="./postfriends.php" method="GET" rows="20">";
echo "<textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input>";
echo "\&nbsp;<SELECT MULTIPLE name="sendfriend[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT></form><br>n";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname . "." . \$friendname ."" OR nickname="" . \$friendname . "." . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$friendname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
if (\$row3 = mysql_fetch_assoc (\$result3)) {
while (\$row = mysql_fetch_assoc (\$result)) {
if (strcmp (\$row ["nickname"], \$sessionname . "." . \$friendname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$friendname . "." . \$sessionname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$friendname . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$friendname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
}
}
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
include("./collection.php");
?>
</div>
mysocial20220412a/threadfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
include("./collection.php");
?>
</div>
mysocial20220412a/thread.php
mysocial20220412a/styles:
extern.css
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220412a/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
<?php
session_start ();
?>
<?php
include ('./config.php');
echo "<h1>".\$title."</h1><code>".\$subscription."</code><br>";
?>
mysocial20220412.bad/banner.php
<?php
session_start ();
?>
<?php
include ('./config.php');
?>
<ul>
<li><a href="./login.html">login</a></li>
<li><a href="./register.php">register</a></li>
<li><a href="./thread.php">thread</a></li>
<li><a href="./search.php">list users</a></li>
<li>
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle);
\$sessionname = \$_SESSION ["name"];
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="friendname[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button style="width:64px;height:32px" formaction="./threadfriends.php"></button>Freunde unterhalten<br>n";
echo "<FORM><br>n";
mysql_close (\$handle);
?>
</li>
<li>
<?php
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("use " . \$databasename, \$handle2);
echo "<FORM METHOD="GET">n";
echo "\&nbsp;<SELECT MULTIPLE name="searchname[]" MULTIPLE>n";
\$result6 = mysql_query ("SELECT * FROM freunde", \$handle2);
while (\$row6 = mysql_fetch_assoc (\$result6)) {
echo "<OPTION>" . \$row6 ["freund1"] . "." . \$row6 ["freund2"] . "</OPTION>";
}
echo "</SELECT>\&nbsp;";
echo "<button style="width:65px;height:32px" formaction="./threadexternfriends.php"></button>Freunde Unterhaltung extern<br>n";
echo "<FORM><br>n";
mysql_close (\$handle2);
?>
</li>
</ul>
mysocial20220412.bad/collection.php
<?php
\$secretdatafilename = '/home/david/mysqldata.php';
include (\$secretdatafilename);
\$databasename = 'mysocial_database';
\$title = 'Dave Vajdas MySoc';
\$server = '127.0.0.1';
\$subscription = 'Das ist MySoc';
?>
mysocial20220412.bad/config.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="createaccount.php" enctype="multipart/form-data">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="text" name="vorname"></input> :Vorname<br>
<input type="text" name="nachname"></input> :Nachname<br>
<input type="text" name="mail"></input> :Mail<br>
<input type="password" name="passwort1"></input> :Passwort<br>
<input type="password" name="passwort2"></input> :Passwort best\&auml;tigen<br>
<input type="file" name="datei"></input> :Photo<br>
<input type="submit"></input>
</form>
</div>
</body>
<?php
\$passwort1 = \$_POST ["passwort1"];
\$passwort2 = \$_POST ["passwort2"];
\$nickname = \$_POST ["nickname"];
\$vorname = \$_POST ["vorname"];
\$nachname = \$_POST ["nachname"];
\$mail = \$_POST ["mail"];
/* Dieser Code - fuer die Ueberpruefung der Mail-Addresse stammt nicht von mir */
/* Er wurde von https://www.php.de/forum/webentwicklung/php-einsteiger/php-tipps-2009/56554-e-mail-adresse-mit-regul"aren-ausdr"ucken-"uberpr"ufen uebernommen */
/* In dem PHP-Kurs werden Regulaere Ausdruecke auch gelernt - ich werde sie lrnen und bald mein eigenes anwenden.*/
function valid_mail(\$mail){
/*******************************************************************
* RegEx by *
* CK1@wwwtech.de *
* http://wwwtech.de/ *
* http://aktuell.de.selfhtml.org/artikel/programmiertechnik/email/ *
*******************************************************************/
// RegEx begin
\$nonascii = "x80-xff"; # Non-ASCII-Chars are not allowed
\$nqtext = "[^\$nonascii512"]";
\$qchar = "[\^\$nonascii]";
\$protocol = '(?:mailto:)';
\$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
\$quotedstring = ""(?:\$nqtext|\$qchar)+"";
\$user_part = "(?:\$normuser|\$quotedstring)";
\$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
\$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
\$dom_tldpart = '[a-zA-Z]{2,5}';
\$domain_part = "\$dom_subpart\$dom_mainpart\$dom_tldpart";
\$regex = "\$protocol?\$user_part@\$domain_part";
// RegEx end
return preg_match("/\^\$regex\$/",\$mail);
}
if (strcmp(\$passwort1, \$passwort2) != 0)
echo "Die Passw\&ouml;rter sind nicht identisch";
else {
if ((strlen (\$nickname) == 0) || (strlen (\$vorname) == 0) || (strlen (\$nachname) == 0) || (strlen (\$mail) == 0) || (strlen (\$passwort1) == 0))
echo "Sie m\&uuml;ssen alle Felder vollst\&auml;ndig ausf\&uuml;llen<br>";
else {
if (strlen (\$passwort1) < 5)
echo "Passwoerter muessen mindestens 5 Zeichen lang sein";
else {
if (!valid_mail (\$mail))
echo "Es sieht so aus, als sei die von ihnen eingebene Mail-Addresse nicht konform mit dem Aufgabe von Mail-Addressen<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$passwort1 = htmlentities(mysql_real_escape_string (\$passwort1, \$handle));
\$passwort2 = htmlentities(mysql_real_escape_string (\$passwort2, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$vorname = htmlentities(mysql_real_escape_string (\$vorname, \$handle));
\$nachname = htmlentities(mysql_real_escape_string (\$nachname, \$handle));
\$mail = htmlentities(mysql_real_escape_string (\$mail, \$handle));
mysql_query ("USE ".\$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
echo mysql_num_rows (\$result);
if (mysql_num_rows (\$result) != 0)
echo "Dieser Benutzername ist leider schon vergeben";
else {
\$reault = mysql_query ("SELECT * FROM users WHERE mail="" . \$mail . """, \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Diese Mail-Addresse wird leider schon von einem anderen Nutzer verwendet";
else {
include ('./photoupload2.php');
mysql_query ("INSERT INTO users VALUES ("" . \$nickname . "","" . \$vorname . "","". \$nachname . "","". \$mail . "","". md5(\$passwort1) . "",0x" . bin2hex(file_get_contents (\$new_path)) . ")", \$handle);
}
\$_SESSION ["name"] = \$nickname;
echo "<script>window.location="./post.php?content=welcome";</script>";
}
mysql_close (\$handle);
}
}
}
}
?>
mysocial20220412.bad/createaccount.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset(\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>n";
else {
include ('/home/david/mysqldata.php');
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE ".\$databasename);
\$myname = htmlentities (mysql_real_escape_string (\$_SESSION ["name"], \$handle));
\$str = \$_GET ["freundschaftsanfrage"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities (mysql_real_escape_string(\$str [\$i], \$handle));
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamevon="" . \$str1 . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo \$str1 . " hat ihnen keine Freundschaftanfrage gesendet<br>n";
else {
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$str1 . "" AND freund2="" . \$myname ."" OR freund2="" . \$str1 . "" AND freund1="" . \$myname .""", \$handle);
if (mysql_num_rows (\$result) != 0)
echo "Ihr seid bereits Freunde<br>n";
else
mysql_query ("INSERT INTO freunde VALUES ("". \$myname ."","" . \$str1 . "")", \$handle);
}
}
mysql_close (\$handle);
}
?>
mysocial20220412.bad/freundschaftsanfragebestaetigen.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
<script>
window.location="./login.html";
</script>
</body>
</html>
mysocial20220412.bad/index.html
<?php
session_start ();
?>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form method="POST" action="./install.php">
<input type="text" name="databasename"></input>Datenbankname<br>
<input type="text" name="secretdata"></input>Name der Datei mit geheimen Daten<br>
<input type="text" name="benutzername"></input>Benutzername der Datenbank<br>
<input type="password" name="passwort"></input>Passwort des DBMS<br>
<input type="text" name="server"></input>Name des Servers auf dem das DBMS l\&auml;ft<br>
<input type="text" name="title"></input>Titel des sozialen Netzwerkes<br>
<input type="text" name="subscription"></input>Beschreibung des sozialen Netzes<br>
<input type="submit"></input>
</form>
<?php
\$databasename = htmlentities (\$_POST ["databasename"]);
\$secretdatafilename = htmlentities (\$_POST ["secretdata"]);
\$username = htmlentities (\$_POST ["benutzername"]);
\$password = htmlentities (\$_POST ["passwort"]);
\$server = htmlentities (\$_POST ["server"]);
\$title = htmlentities (\$_POST ["title"]);
\$subscription = htmlentities (\$_POST ["subscription"]);
\$configfilename = "./config.php";
\$config_file_input_str = "<?phpnn";
\$config_file_input_str .= "\$secretdatafilename = '/home/david/mysqldata.php';n";
\$config_file_input_str .= "include (\$secretdatafilename);n";
\$config_file_input_str .= "\$databasename = '" . \$databasename . "';n";
//\$config_file_input_str .= "\$secretdatafilename = '" . \$secretdatafilename . "';n";
\$config_file_input_str .= "\$title = '" . \$title . "';n";
\$config_file_input_str .= "\$server = '" . \$server . "';n";
\$config_file_input_str .= "\$subscription = '" . \$subscription . "';n";
\$config_file_input_str .= "?>n";
\$secretdatafilestr = "<?phpnn";
\$secretdatafilestr .= "\$MYSQL_NAME='" . \$username . "';n";
\$secretdatafilestr .= "\$MYSQL_PASSWORD='" . \$password . "';n";
\$secretdatafilestr .= "?>n";
\$config_file_input_str = \$config_file_input_str;
\$secretdatafilestr = \$secretdatafilestr;
file_put_contents (\$configfilename, \$config_file_input_str);
//file_put_contents (\$secretdatafilename, \$secretdatafilestr);
\$handle = mysql_connect (\$server, \$username, \$password);
mysql_query ("CREATE DATABASE " . \$databasename, \$handle);
mysql_select_db (\$databasename, \$handle);
mysql_query ("CREATE TABLE users (nickname VARCHAR(64), vorname VARCHAR(64), nachname VARCHAR(64) , mail VARCHAR(128), passwort VARCHAR(128),photo MEDIUMBLOB)", \$handle);
mysql_query ("CREATE TABLE freunde (freund1 VARCHAR (64), freund2 VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE freundschaftsanfrage (nicknamevon VARCHAR (64), nicknamezu VARCHAR (64))", \$handle);
mysql_query ("CREATE TABLE postings (nickname VARCHAR (64), content TEXT, datetime DATETIME, public TINYINT (1))", \$handle);
mysql_close (\$handle);
?>
mysocial20220412.bad/install.php
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<title>My Social Network - ituenix.de</title>
</head>
<body>
<header></header>
<main></main>
<footer></footer>
</body>
<link rel="stylesheet" href="./styles/styles.css">
<img src="./styles/ituenix.png" width="40%">
<img src="./styles/mysocial.png" width="20%">
<div class="overall1">
<form action="./login.php" method="GET">
<input type="text" name="nickname"></input> :Nickname<br>
<input type="password" name="passwort"></input> :Passwort<br>
<input type="submit"></input>
</form>
<br><hr><br>
<a href="./createaccount.php">Registrieren</a>
</div>
</html>
mysocial20220412.bad/login.html
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
\$nickname = \$_GET ["nickname"];
\$passwort = \$_GET ["passwort"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$passwort = htmlentities(mysql_real_escape_string (\$passwort, \$handle));
mysql_query ("USE " . \$databasename);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$nickname . """, \$handle);
if (mysql_num_rows (\$result) == 0)
echo "Diesen Benutzer gibt es nicht<br>";
else {
\$row = mysql_fetch_assoc (\$result);
if (strcmp(md5 (\$passwort), \$row ["passwort"]) != 0)
echo "Ihr Passwort ist falsch - probieren sie zu hacken?<br>";
else {
\$_SESSION ["name"] = \$nickname;
}
echo "<script>window.location="./thread.php";</script>";
}
?>
mysocial20220412.bad/login.php
<?php
\$upload_folder = 'upload/'; //Das Upload-Verzeichnis
\$filename = pathinfo(\$_FILES['datei']['name'], PATHINFO_FILENAME);
\$extension = strtolower(pathinfo(\$_FILES['datei']['name'], PATHINFO_EXTENSION));
//"Uberpr"ufung der Dateiendung
\$allowed_extensions = array('png', 'jpg', 'jpeg', 'gif');
if(!in_array(\$extension, \$allowed_extensions)) {
die("Ung"ultige Dateiendung. Nur png, jpg, jpeg und gif-Dateien sind erlaubt");
}
//"Uberpr"ufung der Dateigr"o"se
\$max_size = 500*1024; //500 KB
if(\$_FILES['datei']['size'] > \$max_size) {
die("Bitte keine Dateien gr"o"ser 500kb hochladen");
}
//"Uberpr"ufung dass das Bild keine Fehler enth"alt
if(function_exists('exif_imagetype')) { //Die exif_imagetype-Funktion erfordert die exif-Erweiterung auf dem Server
\$allowed_types = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
\$detected_type = exif_imagetype(\$_FILES['datei']['tmp_name']);
if(!in_array(\$detected_type, \$allowed_types)) {
die("Nur der Upload von Bilddateien ist gestattet");
}
}
//Pfad zum Upload
\$new_path = \$upload_folder.\$filename.'.'.\$extension;
//Neuer Dateiname falls die Datei bereits existiert
if(file_exists(\$new_path)) { //Falls Datei existiert, h"ange eine Zahl an den Dateinamen
\$id = 1;
do {
\$new_path = \$upload_folder.\$filename.'_'.\$id.'.'.\$extension;
\$id++;
} while(file_exists(\$new_path));
}
//Alles okay, verschiebe Datei an neuen Pfad
move_uploaded_file(\$_FILES['datei']['tmp_name'], \$new_path);
echo 'Bild erfolgreich hochgeladen: <a href="'.\$new_path.'">'.\$new_path.'</a>';
?>
mysocial20220412.bad/photoupload2.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$friendname = \$_GET ["sendfriend"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="".\$nickname."" AND freund2="".\$friendname."" OR freund1="".\$friendname."" AND freund2 ="".\$nickname.""", \$handle);
if (mysql_fetch_row (\$result)) {
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "." . \$friendname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
}
else
echo "Sie sind keine Freunde<br>n";
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./threadfriends.php";
</script>
mysocial20220412.bad/postfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
if(!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein";
else {
\$content = \$_GET ["content"];
\$datetime = date('Y-m-d H:i:s');
\$public = true;
\$pblc = \$_GET ["choosepublic"];
\$nickname = \$_SESSION ["name"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$content = htmlentities(mysql_real_escape_string (\$content, \$handle));
\$pblc = htmlentities(mysql_real_escape_string (\$pblc, \$handle));
\$nickname = htmlentities(mysql_real_escape_string (\$nickname, \$handle));
if (strcmp (\$pblc, "privat") == 0)
\$public = 0;
else
\$public = 1;
if (strlen (\$content) > 0) {
mysql_query ("USE " . \$databasename, \$handle);
mysql_query ("INSERT INTO postings VALUES ("" . \$nickname . "","" . \$content . "","" . \$datetime ."","" . \$public . "")", \$handle);
mysql_close (\$handle);
}
}
?>
<script>
window.location = "./thread.php";
</script>
mysocial20220412.bad/post.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<?php
include ('./styles/head.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<div class="overall1">
<?php
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_query ("USE " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM users", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><img width="10%" src="showphoto.php?name=" . \$row ["nickname"] . "">". htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</a><br>n";
\$result = mysql_query ("SELECT * FROM users", \$handle);
echo "<FORM ACTION="./sendfriendship.php" METHOD="GET">n";
echo "<SELECT NAME="friends[]" MULTIPLE>n";
while (\$row = mysql_fetch_assoc (\$result))
echo "<a href="./threadextern.php?searchname=" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . ""><OPTION>" . htmlentities(mysql_real_escape_string(\$row ["nickname"], \$handle)) . "</OPTION></a><br>n";
echo "</SELECT><br>n";
echo "Um mehrere Freundsanfragen zu senden [strg] gedr\&uuml;ckt halten<br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfrage senden</INPUT>n";
echo "</FORM>n";
mysql_close (\$handle);
include("./collection.php");
?>
</div>
mysocial20220412.bad/search.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<br><br>
<?php
if (!isset (\$_SESSION ["name"]))
echo "Sie m\&uuml;ssen angemeldet sein<br>";
else {
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$myname = htmlentities (mysql_real_escape_string(\$_SESSION ["name"], \$handle));
mysql_query ("USE " . \$databasename, \$handle);
\$str = \$_GET ["friends"];
for (\$i = 0; \$i < sizeof (\$str); \$i++) {
\$str1 = htmlentities(mysql_real_escape_string (\$str [\$i], \$handle));
//\$result = mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle);
if (mysql_num_rows(mysql_query ("SELECT * FROM users WHERE nickname="". \$str1 .""", \$handle)) == 0)
echo "Benutzer "" . \$str1 . "" existiert nicht<br>n";
else {
if (mysql_num_rows (mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="". \$str1 . "" AND nicknamevon="" . \$myname . "" OR nicknamevon="". \$str1 . "" AND nicknamezu="" . \$myname . """, \$handle)) != 0)
echo "Sie haben bereits eine Freundschaftsanfrage an " . \$str1 . " gesendet <br>n";
else {
mysql_query ("INSERT INTO freundschaftsanfrage VALUES ("" . \$myname . "","" . \$str1 . "")", \$handle);
}
}
}
mysql_close (\$handle);
}
?>
mysocial20220412.bad/sendfriendship.php
<?php
include ('./config.php');
\$handle2 = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
mysql_select_db (\$databasename, \$handle2);
\$result = mysql_query ("SELECT * FROM users WHERE nickname="" . \$_GET ["name"] . """, \$handle2);
if (\$row = mysql_fetch_assoc (\$result))
echo \$row ["photo"];
else
echo "error<br>n";
mysql_close (\$handle2);
?>
mysocial20220412.bad/showphoto.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$name = \$_GET ["searchname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name3 = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$name = explode (".", \$name3) [0];
\$name2 = explode (".", \$name3) [1];
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name2 .""", \$handle);
if (\$row3 = mysql_fetch_assoc (\$result3));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name . "." . \$name2 ."" OR nickname="" . \$name2 . "." . \$name .""", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
if (strcmp (\$row ["nickname"], \$name . "." . \$name2) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$name2 . "." . \$name) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name2 . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name2.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
echo "<div style="width:100;clear:both;">";
include("./collection.php");
echo "</div>";
?>
</div>
mysocial20220412.bad/threadexternfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<?php
include ('./styles/head.php');
?>
<iframe="./collection.php"></iframe>
<div class="overall">
<?php
\$name = \$_GET ["searchname"];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$name = htmlentities(mysql_real_escape_string(\$name, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$name .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "This user doesn't exist<br>";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$name ."" AND public="1"", \$handle);
while (\$row = mysql_fetch_assoc (\$result))
//echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatettimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div>n</div>nn";
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$name . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$name.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
mysql_close ();
echo "<div style="width:100;clear:both;">";
include("./collection.php");
echo "</div>";
?>
</div>
mysocial20220412.bad/threadextern.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
\$friendname = \$_GET ["friendname"][0];
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
\$friendname = htmlentities(mysql_real_escape_string (\$friendname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
echo "<form action="./postfriends.php" method="GET" rows="20">";
echo "<textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input>";
echo "\&nbsp;<SELECT MULTIPLE name="sendfriend[]" MULTIPLE>n";
\$result5 = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. """, \$handle);
while (\$row5 = mysql_fetch_assoc (\$result5)) {
if (strcmp (\$row5 ["freund1"], \$sessionname) == 0)
echo "<OPTION>" . \$row5 ["freund2"] . "</OPTION>";
else
echo "<OPTION>" . \$row5 ["freund1"] . "</OPTION>";
}
echo "</SELECT></form><br>n";
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname . "." . \$friendname ."" OR nickname="" . \$friendname . "." . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
\$result3 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$friendname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
if (\$row3 = mysql_fetch_assoc (\$result3)) {
while (\$row = mysql_fetch_assoc (\$result)) {
if (strcmp (\$row ["nickname"], \$sessionname . "." . \$friendname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
else if (strcmp (\$row ["nickname"], \$friendname . "." . \$sessionname) == 0)
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$friendname . "<br><hr><br><code>" . \$row3 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$friendname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
}
}
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
echo "<div style="width:100;clear:both;">";
include("./collection.php");
echo "</div>";
?>
</div>
mysocial20220412.bad/threadfriends.php
<?php
session_start ();
?>
<?php
include ('./config.php');
include ('./banner.php');
?>
<link rel="stylesheet" href="./styles/styles.css">
<script src="./styles/styles.js"></script>
<a href="./search.php">Andere Nutzer anzeigen</a>
<?php
include ('./styles/head.php');
?>
<div class="overall">
<?php
\$i = 0;
if (isset (\$_SESSION ["name"])) {
\$sessionname = \$_SESSION ["name"];
echo "<form action="./post.php" method="GET" rows="20"><textarea class="contentinputbox01" name="content"></textarea><select name="choosepublic" class="select01"><option>privat</option><option>\&ouml;ffentlich</option></select><input class="submit01" type="submit"></input></form>";
\$handle = mysql_connect (\$server, \$MYSQL_NAME, \$MYSQL_PASSWORD);
\$sessionname = htmlentities(mysql_real_escape_string (\$sessionname, \$handle));
mysql_query ("use " . \$databasename, \$handle);
\$result = mysql_query ("SELECT * FROM postings WHERE nickname="" . \$sessionname .""", \$handle);
\$result2 = mysql_query ("SELECT * FROM users WHERE nickname="" . \$sessionname .""", \$handle);
if (\$row2 = mysql_fetch_assoc (\$result2));
else
echo "Error: You are not a registered user";
while (\$row = mysql_fetch_assoc (\$result))
echo "<div class="post01" id="postid" . \$i . "">n<div class="postdatetime01" id="postdatetimeid" . \$i . "">" . \$row ["datetime"] . "</div>n<br><hr><br>n<div class="postcontent01"><div class="usercontent01">" . \$sessionname . "<br><hr><br><code>" . \$row2 ["mail"] . "</code><br><hr><br><img width="50%"src="showphoto.php?name=".\$sessionname.""></div><div class="postcontent02" id="postcontentid" . \$i++ . "">" . \$row ["content"] ."</div></div></div>nn";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM action="freundschaftsanfragebestaetigen.php" METHOD="GET">n";
echo "<SELECT name="freundschaftsanfrage[]" MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freundschaftsanfrage WHERE nicknamezu="" . \$sessionname . """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["nicknamevon"] . "</OPTION>";
echo "</SELECT><br><br>n";
echo "<INPUT TYPE="submit">Freundschaftsanfragen bestaetigen</INPUT><br>";
echo "</FORM>n";
echo "</div>";
echo "<div class="freundschaftsanfrage01">n";
echo "<FORM>n";
echo "<SELECT MULTIPLE>n";
\$result = mysql_query ("SELECT * FROM freunde WHERE freund1="" . \$sessionname . "" OR freund2="" .\$sessioname. "" OR freund2="" . \$sessionname . "" OR freund1="" .\$sessioname. """, \$handle);
while (\$row = mysql_fetch_assoc (\$result))
echo "<OPTION>" . \$row ["freund1"] . "." . \$row ["freund2"] . "</OPTION>";
echo "</SELECT><br>n";
echo "</FORM>n";
echo "</div>";
mysql_close ();
}
else
echo "Sie m\&uuml;ssen eingeloggt sein<br>";
echo "<div style="width:100;clear:both;">";
include("./collection.php");
echo "</div>";
?>
</div>
mysocial20220412.bad/thread.php
mysocial20220412.bad/styles:
head.php
ituenix.png
mysocial.png
styles.css
styles.js
mysocial20220412.bad/upload:
131272203_104210458235048_6777244190350661537_n.jpg
274005496_1403601580089505_3432883904414152884_n.jpg
myimage.php
test.html
testz_10.png
testz_11.png
testz_1.png
testz_2.png
testz_3.png
testz_4.png
testz_5.png
testz_6.png
testz_7.png
testz_8.png
testz_9.png
testz.png
<html>
<head><title></title></head>
<body>
<form action="php2022-03-08-form-setcookie.php" method="GET">
<textarea name="textarea2">Hallo dies wird im Cookie stehen</textarea>
<input type="submit" name="submit2"></input>
</form>
</body>
</html>
php2022-03-08-form-cookie.html
<?php
echo \$_COOKIE ["Cookie8"];
?>
php2022-03-08-form-getcookie.php
<html>
<head><title></title></head>
<body>
<form action="./php2022-03-08-form.php" method="POST">
<textarea name="textarea1">Hallo Welt</textarea>
<input type="submit" name="submit1"></input>
</form>
</body>
</html>
php2022-03-08-form.html
<?php
echo \$_POST ["textarea1"];
?>
php2022-03-08-form.php
<?php
setcookie ("Cookie8", \$_GET ["textarea2"], time () + 3600);
echo "<a href="./php2022-03-08-form-getcookie.php">php2022-03-08-form-getcookie.php</a>";
?>
php2022-03-08-form-setcookie.php
<?php
echo \$_COOKIE ["Cookie7"];
?>
php2022-03-08-getcookie.php
<?php
setcookie ("Cookie7", "Hallo dies ist ein Cookie", time () + 3600);
echo "<a href="./php2022-03-08-getcookie.php">./php2022-03-08-getcookie.php</a>";
?>
php2022-03-08-setcookie.php