zwiekszenie bezpieczenstwa

This commit is contained in:
User Kill3rs4 2022-01-24 20:42:47 +01:00
parent 84150f8404
commit 8efa6c3f82
11 changed files with 205 additions and 7 deletions

10
.env Normal file
View File

@ -0,0 +1,10 @@
APP_NAME=BezDziennik
APP_ENV=local
APP_URL=https://kill3rs4.usermd.net
DB_HOST=mysql49.mydevil.net
DB_USERNAME=m1344_dziennik
DB_PASSWORD=K8T2nB>_vgX6qvw8(zBuw4B318cmw8
DB_DATABASE=m1344_dziennik
DB_CONNECTION=mysql

10
.env.local Normal file
View File

@ -0,0 +1,10 @@
APP_NAME=BezDziennik
APP_ENV=local
APP_URL=https://kill3rs4.usermd.net
DB_HOST=mysql49.mydevil.net
DB_USERNAME=m1344_dziennik
DB_PASSWORD=K8T2nB>_vgX6qvw8(zBuw4B318cmw8
DB_DATABASE=m1344_dziennik
DB_CONNECTION=mysql

15
app.js
View File

@ -1,22 +1,27 @@
var mysql = require('mysql'); var mysql = require('mysql');
var config = require('./config.js');
var express = require('express'); var express = require('express');
var session = require('express-session'); var session = require('express-session');
var bodyParser = require('body-parser'); var bodyParser = require('body-parser');
var path = require('path'); var path = require('path');
var connection = mysql.createConnection({ var connection = mysql.createConnection({
host : 'mysql49.mydevil.net', host : config.db.host,
user : 'm1344_dziennik', user : config.db.username,
password : 'K8T2nB>_vgX6qvw8(zBuw4B318cmw8', password : config.db.password,
database : 'm1344_dziennik' database : config.db.dbname
}); });
var app = express(); var app = express();
app.use(session({ app.use(session({
secret: 'secret', secret: 'secret',
resave: true, resave: true,
saveUninitialized: true saveUninitialized: true
})); }));
app.use(bodyParser.urlencoded({extended : true})); app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json()); app.use(bodyParser.json());
@ -29,7 +34,7 @@ app.post('/auth', function(request, response) {
var active = request.body.active; var active = request.body.active;
var password = request.body.password; var password = request.body.password;
if (username && password) { if (username && password) {
connection.query('SELECT * FROM accounts WHERE username = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) { connection.query('SELECT * FROM accounts WHERE login = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) {
if (results.length > 0) { if (results.length > 0) {
request.session.loggedin = true; request.session.loggedin = true;
request.session.username = username; request.session.username = username;

16
config.js Executable file
View File

@ -0,0 +1,16 @@
var config = {};
config.db = {};
config.db.type = 'mysql';
config.db.charset = 'utf8';
config.db.username = 'm1344_dziennik';
config.db.password = 'Julian2020!';
config.db.host = 'mysql49.mydevil.net';
config.db.dbname = 'm1344_dziennik'; // DB name
config.db.users_tbl = 'users'; // table name
// config.db.another_tbl = 'next_table'; // ...
// export
module.exports = config;

View File

@ -9,7 +9,7 @@
<body> <body>
<script src="showMenu.js"></script> <script src="showMenu.js"></script>
<script src="witaj.js"></script> <script src="witaj.js"></script>
<script src="logout.ks"></script> <script src="logout.js"></script>
<div id="menu" class="menu"> <div id="menu" class="menu">
<button type="button" id="show-menu" class="show-menu" onclick="showMenu();"> <button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
<i class="menu-bar menu-bar-1"></i> <i class="menu-bar menu-bar-1"></i>
@ -29,6 +29,6 @@
</ul> </ul>
</div> </div>
</div> </div>
alert("<?php echo $_SESSION['fullname'];?>"); <h1><center>work in progress</h1></center>
</body> </body>
</html> </html>

34
public/komunikat.html Normal file
View File

@ -0,0 +1,34 @@
<html>
<head>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<title>BezVulcan</title>
<meta charset="utf-8">
<link rel="stylesheet" href="menu.css">
</head>
<body>
<script src="showMenu.js"></script>
<script src="witaj.js"></script>
<script src="logout.ks"></script>
<div id="menu" class="menu">
<button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
<i class="menu-bar menu-bar-1"></i>
<i class="menu-bar menu-bar-2"></i>
<i class="menu-bar menu-bar-3"></i>
</button>
<div>
<h3>Menu</h3>
<ul>
<li><a href="komunikat">Komunikaty</a></li>
<li><a href="plan">Plan lekcji</a></li>
<li><a href="oceny">Oceny</a></li>
<li><a href="wychowawca">Wychowawca</a></li>
<li><a href="uwagi">Uwagi ucznia</a></li>
<li><a href="testy">Sprawdziany, kartkówki</a></li>
</ul>
</div>
</div>
<center>BRAK KOMUNIKATÓW</center>
</body>
</html>

35
public/plan.html Normal file
View File

@ -0,0 +1,35 @@
<html>
<head>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<title>BezVulcan</title>
<meta charset="utf-8">
<link rel="stylesheet" href="menu.css">
</head>
<body>
<script src="showMenu.js"></script>
<script src="witaj.js"></script>
<script src="plan.js></script>
<script src="logout.js"></script>
<div id="menu" class="menu">
<button type="button" id="show-menu" class="show-menu" onclick="showMenu();">
<i class="menu-bar menu-bar-1"></i>
<i class="menu-bar menu-bar-2"></i>
<i class="menu-bar menu-bar-3"></i>
</button>
<div>
<h3>Menu</h3>
<ul>
<li><a href="komunikat">Komunikaty</a></li>
<li><a href="plan">Plan lekcji</a></li>
<li><a href="oceny">Oceny</a></li>
<li><a href="wychowawca">Wychowawca</a></li>
<li><a href="uwagi">Uwagi ucznia</a></li>
<li><a href="testy">Sprawdziany, kartkówki</a></li>
</ul>
</div>
</div>
</body>
</html>

26
public/plan.js Normal file
View File

@ -0,0 +1,26 @@
var mysql = require('mysql');
var config = require('./config.js');
var db_access = {
host : config.db.host,
user : config.db.username,
password : config.db.password,
database : config.db.dbname
};
var tbl = plan;
var conn = mysql.createConnection(db_access);
conn.connect();
var queryString = 'SELECT * FROM ' + tbl;
conn.query(queryString, function (err, rows, fields) {
if (err) { throw err; }
for (var i in rows) {
console.log('TESTDUPA: ', rows[i].name);
}
});
conn.end();

13
routes/plan.js Normal file
View File

@ -0,0 +1,13 @@
var express = require('express');
var router = express.Router();
var db=require('../database');
// another routes also appear here
// this script to fetch data from MySQL databse table
router.get('/plan', function(req, res, next) {
var sql='SELECT id_plan FROM plan';
db.query(sql, function (err, data, fields) {
if (err) throw err;
res.render('plan', { title: 'Plan lekcji', userData: data});
});
});
module.exports = router;

13
routes/users.js Normal file
View File

@ -0,0 +1,13 @@
var express = require('express');
var router = express.Router();
var db=require('../database');
// another routes also appear here
// this script to fetch data from MySQL databse table
router.get('/user-list', function(req, res, next) {
var sql='SELECT * FROM plan';
db.query(sql, function (err, data, fields) {
if (err) throw err;
res.render('user-list', { title: 'Plan', userData: data});
});
});
module.exports = router;

36
views/plan.ejs Normal file
View File

@ -0,0 +1,36 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>Dziennik Ucznia BezVulcan</title>
</head>
<body>
<div class="table-data">
<h2>Display Data using Node.js & MySQL</h2>
<table border="1">
<tr>
<th>Godzina</th>
<th>Dzien tygodnia</th>
<th>Przedmiot</th>
</tr>
<%
if(userData.length!=0){
var i=1;
userData.forEach(function(data){
%>
<tr>
<td><%=i; %></td>
<td><%=plan.id_hour %></td>
<td><%=plan.id_day %></td>
<td><%=plan.id_lession %></td>
</tr>
<% i++; }) %>
<% } else{ %>
<tr>
<td colspan="4">No Data Found</td>
</tr>
<% } %>
</table>
</div>
</body>
</html>