From 8efa6c3f824535e09efafc320f2e9a094c2b4bf7 Mon Sep 17 00:00:00 2001
From: User Kill3rs4 <kill3rs4@s49.mydevil.net>
Date: Mon, 24 Jan 2022 20:42:47 +0100
Subject: [PATCH] zwiekszenie bezpieczenstwa

---
 .env                  | 10 ++++++++++
 .env.local            | 10 ++++++++++
 app.js                | 15 ++++++++++-----
 config.js             | 16 ++++++++++++++++
 public/home.html      |  4 ++--
 public/komunikat.html | 34 ++++++++++++++++++++++++++++++++++
 public/plan.html      | 35 +++++++++++++++++++++++++++++++++++
 public/plan.js        | 26 ++++++++++++++++++++++++++
 routes/plan.js        | 13 +++++++++++++
 routes/users.js       | 13 +++++++++++++
 views/plan.ejs        | 36 ++++++++++++++++++++++++++++++++++++
 11 files changed, 205 insertions(+), 7 deletions(-)
 create mode 100644 .env
 create mode 100644 .env.local
 create mode 100755 config.js
 create mode 100644 public/komunikat.html
 create mode 100644 public/plan.html
 create mode 100644 public/plan.js
 create mode 100644 routes/plan.js
 create mode 100644 routes/users.js
 create mode 100644 views/plan.ejs

diff --git a/.env b/.env
new file mode 100644
index 0000000..0201721
--- /dev/null
+++ b/.env
@@ -0,0 +1,10 @@
+APP_NAME=BezDziennik
+APP_ENV=local
+APP_URL=https://kill3rs4.usermd.net
+
+DB_HOST=mysql49.mydevil.net
+DB_USERNAME=m1344_dziennik
+DB_PASSWORD=K8T2nB>_vgX6qvw8(zBuw4B318cmw8
+DB_DATABASE=m1344_dziennik
+DB_CONNECTION=mysql
+
diff --git a/.env.local b/.env.local
new file mode 100644
index 0000000..0201721
--- /dev/null
+++ b/.env.local
@@ -0,0 +1,10 @@
+APP_NAME=BezDziennik
+APP_ENV=local
+APP_URL=https://kill3rs4.usermd.net
+
+DB_HOST=mysql49.mydevil.net
+DB_USERNAME=m1344_dziennik
+DB_PASSWORD=K8T2nB>_vgX6qvw8(zBuw4B318cmw8
+DB_DATABASE=m1344_dziennik
+DB_CONNECTION=mysql
+
diff --git a/app.js b/app.js
index 17baa64..352260c 100755
--- a/app.js
+++ b/app.js
@@ -1,22 +1,27 @@
 var mysql = require('mysql');
+var config = require('./config.js');
 var express = require('express');
 var session = require('express-session');
 var bodyParser = require('body-parser');
 var path = require('path');
 
 var connection = mysql.createConnection({
-	host     : 'mysql49.mydevil.net',
-	user     : 'm1344_dziennik',
-	password : 'K8T2nB>_vgX6qvw8(zBuw4B318cmw8',
-	database : 'm1344_dziennik'
+	host     : config.db.host,
+	user     : config.db.username,
+	password : config.db.password,
+	database : config.db.dbname
 });
 
+
 var app = express();
 app.use(session({
 	secret: 'secret',
 	resave: true,
 	saveUninitialized: true
 }));
+
+
+
 app.use(bodyParser.urlencoded({extended : true}));
 app.use(bodyParser.json());
 
@@ -29,7 +34,7 @@ app.post('/auth', function(request, response) {
 	var active = request.body.active;
 	var password = request.body.password;
 	if (username && password) {
-		connection.query('SELECT * FROM accounts WHERE username = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) {
+		connection.query('SELECT * FROM accounts WHERE login = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) {
 			if (results.length > 0) {
 				request.session.loggedin = true;
 				request.session.username = username;
diff --git a/config.js b/config.js
new file mode 100755
index 0000000..50d6b8d
--- /dev/null
+++ b/config.js
@@ -0,0 +1,16 @@
+var config = {};
+config.db = {};
+
+config.db.type = 'mysql';
+config.db.charset = 'utf8';
+
+config.db.username = 'm1344_dziennik';
+config.db.password = 'Julian2020!';
+config.db.host = 'mysql49.mydevil.net';
+config.db.dbname = 'm1344_dziennik'; // DB name
+
+config.db.users_tbl = 'users'; // table name
+// config.db.another_tbl = 'next_table'; // ...
+
+// export
+module.exports = config;
diff --git a/public/home.html b/public/home.html
index 0ee6572..44a9021 100644
--- a/public/home.html
+++ b/public/home.html
@@ -9,7 +9,7 @@
 	<body>
 	<script src="showMenu.js"></script>
 	<script src="witaj.js"></script>
-	<script src="logout.ks"></script>
+	<script src="logout.js"></script>
 	<div id="menu" class="menu">
 	<button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
 		<i class="menu-bar menu-bar-1"></i>
@@ -29,6 +29,6 @@
 		</ul>
 	</div>	
 	</div>
-	alert("<?php echo $_SESSION['fullname'];?>");
+	<h1><center>work in progress</h1></center>
 	</body>
 </html>
diff --git a/public/komunikat.html b/public/komunikat.html
new file mode 100644
index 0000000..0132d0d
--- /dev/null
+++ b/public/komunikat.html
@@ -0,0 +1,34 @@
+<html>
+	<head>
+		<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
+	<title>BezVulcan</title>
+	<meta charset="utf-8">
+	<link rel="stylesheet" href="menu.css">
+	</head>
+
+	<body>
+	<script src="showMenu.js"></script>
+	<script src="witaj.js"></script>
+	<script src="logout.ks"></script>
+	<div id="menu" class="menu">
+	<button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
+		<i class="menu-bar menu-bar-1"></i>
+		<i class="menu-bar menu-bar-2"></i>
+		<i class="menu-bar menu-bar-3"></i>
+	</button>
+	
+	<div>
+		<h3>Menu</h3>
+		<ul>
+			<li><a href="komunikat">Komunikaty</a></li>
+			<li><a href="plan">Plan lekcji</a></li>
+			<li><a href="oceny">Oceny</a></li>
+			<li><a href="wychowawca">Wychowawca</a></li>
+			<li><a href="uwagi">Uwagi ucznia</a></li>
+			<li><a href="testy">Sprawdziany, kartkówki</a></li>
+		</ul>
+	</div>	
+	</div>
+	<center>BRAK KOMUNIKATÓW</center>	
+	</body>
+</html>
diff --git a/public/plan.html b/public/plan.html
new file mode 100644
index 0000000..9e48c36
--- /dev/null
+++ b/public/plan.html
@@ -0,0 +1,35 @@
+<html>
+	<head>
+		<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
+	<title>BezVulcan</title>
+	<meta charset="utf-8">
+	<link rel="stylesheet" href="menu.css">
+	</head>
+
+	<body>
+	<script src="showMenu.js"></script>
+	<script src="witaj.js"></script>
+	<script src="plan.js></script>
+	<script src="logout.js"></script>
+	<div id="menu" class="menu">
+	<button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
+		<i class="menu-bar menu-bar-1"></i>
+		<i class="menu-bar menu-bar-2"></i>
+		<i class="menu-bar menu-bar-3"></i>
+	</button>
+	
+	<div>
+		<h3>Menu</h3>
+		<ul>
+			<li><a href="komunikat">Komunikaty</a></li>
+			<li><a href="plan">Plan lekcji</a></li>
+			<li><a href="oceny">Oceny</a></li>
+			<li><a href="wychowawca">Wychowawca</a></li>
+			<li><a href="uwagi">Uwagi ucznia</a></li>
+			<li><a href="testy">Sprawdziany, kartkówki</a></li>
+		</ul>
+	</div>	
+	</div>
+		
+	</body>
+</html>
diff --git a/public/plan.js b/public/plan.js
new file mode 100644
index 0000000..a0a262c
--- /dev/null
+++ b/public/plan.js
@@ -0,0 +1,26 @@
+var mysql = require('mysql');
+var config = require('./config.js');
+
+var db_access = {
+    host     : config.db.host,
+    user     : config.db.username,
+    password : config.db.password,
+    database : config.db.dbname
+};
+
+var tbl = plan;
+
+var conn = mysql.createConnection(db_access);
+conn.connect();
+
+var queryString = 'SELECT * FROM ' + tbl;
+
+conn.query(queryString, function (err, rows, fields) {
+    if (err) { throw err; }
+
+    for (var i in rows) {
+        console.log('TESTDUPA: ', rows[i].name);
+    }
+});
+
+conn.end();
diff --git a/routes/plan.js b/routes/plan.js
new file mode 100644
index 0000000..81f99ef
--- /dev/null
+++ b/routes/plan.js
@@ -0,0 +1,13 @@
+var express = require('express');
+var router = express.Router();
+var db=require('../database');
+// another routes also appear here
+// this script to fetch data from MySQL databse table
+router.get('/plan', function(req, res, next) {
+    var sql='SELECT id_plan FROM plan';
+    db.query(sql, function (err, data, fields) {
+    if (err) throw err;
+    res.render('plan', { title: 'Plan lekcji', userData: data});
+  });
+});
+module.exports = router;
diff --git a/routes/users.js b/routes/users.js
new file mode 100644
index 0000000..16a3f50
--- /dev/null
+++ b/routes/users.js
@@ -0,0 +1,13 @@
+var express = require('express');
+var router = express.Router();
+var db=require('../database');
+// another routes also appear here
+// this script to fetch data from MySQL databse table
+router.get('/user-list', function(req, res, next) {
+    var sql='SELECT * FROM plan';
+    db.query(sql, function (err, data, fields) {
+    if (err) throw err;
+    res.render('user-list', { title: 'Plan', userData: data});
+  });
+});
+module.exports = router;
diff --git a/views/plan.ejs b/views/plan.ejs
new file mode 100644
index 0000000..d151bc3
--- /dev/null
+++ b/views/plan.ejs
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Dziennik Ucznia BezVulcan</title>
+</head>
+<body>
+    <div class="table-data">
+<h2>Display Data using Node.js & MySQL</h2>
+    <table border="1">
+        <tr>
+            <th>Godzina</th>
+            <th>Dzien tygodnia</th>
+            <th>Przedmiot</th>
+        </tr>
+        
+        <%
+        if(userData.length!=0){
+        var i=1;
+        userData.forEach(function(data){
+        %>
+        <tr>
+            <td><%=i; %></td>
+            <td><%=plan.id_hour %></td>
+            <td><%=plan.id_day %></td>
+            <td><%=plan.id_lession %></td>
+        </tr>
+        <%  i++; }) %>
+        <% } else{ %>
+            <tr>
+                <td colspan="4">No Data Found</td>
+            </tr>
+        <% } %>
+    </table>
+    </div>
+</body>
+</html>