Git-Admin/DevWeb
2
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Suppression de fichiers

Browse Source
This commit is contained in:
Git-Admin
2026-01-12 22:54:33 +00:00
parent d765127189
commit 0f47eb016e
3 changed files with 0 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@@ -1,2 +0,0 @@
ADMIN_USER=lmao
ADMIN_PASS=F^!3'?1^MTzKTcV%dHVh'|;Am

118
index.php.bak
View File

@@ -1,118 +0,0 @@
<?php
session_start();
// Connexion BDD
$conn = new mysqli("127.0.0.1", "dev_user", "zZu,YFy16%;,tmz2`@QOD$@5i", "dev_forum");
$msg = "";
// On vérifie que le formulaire est envoyé
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['content'])) {
// 1. Vérification du Timer (1 minute)
if (isset($_SESSION['last_post_time']) && (time() - $_SESSION['last_post_time'] < 60)) {
$msg = "Erreur : Vous devez attendre 1 minute entre chaque post.";
} else {
// --- LOGIQUE DE L'IMAGE FACULTATIVE ---
$content = htmlspecialchars($_POST['content']);
$ip = $_SERVER['REMOTE_ADDR'];
$target_file = ""; // Par défaut, on dit qu'il n'y a pas d'image
$upload_success = true; // On part du principe que c'est bon
// On ne traite l'image QUE si un fichier a été envoyé
if (!empty($_FILES["fileToUpload"]["name"])) {
$target_dir = "uploads/";
$filename = basename($_FILES["fileToUpload"]["name"]);
$target_file_path = $target_dir . time() . "_" . $filename;
$imageFileType = strtolower(pathinfo($target_file_path, PATHINFO_EXTENSION));
// Vérif extension
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg") {
$msg = "Erreur : Seuls les fichiers JPG, JPEG, PNG sont autorisés.";
$upload_success = false; // On bloque l'insertion
}
// Tentative d'upload
elseif (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file_path)) {
// Si ça marche, on met à jour la variable pour la BDD
$target_file = $target_file_path;
} else {
$msg = "Erreur technique lors de l'upload.";
$upload_success = false;
}
}
// --- INSERTION EN BASE DE DONNÉES ---
// On insère seulement si l'étape d'upload (si elle a eu lieu) est valide
if ($upload_success) {
$stmt = $conn->prepare("INSERT INTO posts (content, image_path, ip_address) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $content, $target_file, $ip);
if ($stmt->execute()) {
$_SESSION['last_post_time'] = time();
$msg = "Message posté avec succès !";
} else {
$msg = "Erreur SQL : " . $conn->error;
}
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Mini Forum CTF</title>
<style>
body { font-family: sans-serif; max-width: 800px; margin: auto; padding: 20px; }
.post { border: 1px solid #ccc; padding: 10px; margin-bottom: 10px; background: #f9f9f9; }
.meta { color: #555; font-size: 0.9em; }
img { max-width: 200px; display: block; margin-top: 10px; }
.menu { margin-bottom: 20px; padding: 10px; background: #eee; }
.alert { color: red; font-weight: bold; }
</style>
</head>
<body>
<div class="menu">
<a href="index.php">Accueil (Forum)</a> |
<a href="login.php">Espace Admin (Flag)</a>
</div>
<h1>Bienvenue sur le Dev Web</h1>
<?php if($msg) echo "<p class='alert'>$msg</p>"; ?>
<div style="border: 2px solid #333; padding: 15px;">
<h3>Poster un message</h3>
<form action="index.php" method="post" enctype="multipart/form-data">
<textarea name="content" rows="4" cols="50" required placeholder="Votre message..."></textarea><br><br>
Image (JPG/PNG, Min 2Mo possible) : <input type="file" name="fileToUpload"<br><br>
<input type="submit" value="Envoyer">
</form>
</div>
<hr>
<h2>Derniers messages</h2>
<?php
$sql = "SELECT * FROM posts ORDER BY id DESC";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<div class='post'>";
echo "<div class='meta'>Posté par IP: <strong>" . $row["ip_address"] . "</strong> le " . $row["created_at"] . "</div>";
echo "<p>" . nl2br($row["content"]) . "</p>";
if ($row["image_path"]) {
echo "<img src='" . $row["image_path"] . "' alt='Image user'>";
}
echo "</div>";
}
} else {
echo "Aucun message pour le moment.";
}
?>
</body>
</html>

55
login.php.bak
View File

@@ -1,55 +0,0 @@
<?php
session_start();
$msg = "";
// Login en dur (Hardcoded)
$valid_user = "lmao";
$valid_pass = "F^!3'?1^MTzKTcV%dHVh'|;Am"; // Tu peux mettre ce que tu veux ici
if ($_POST['username'] == $valid_user && $_POST['password'] == $valid_pass) {
$_SESSION['logged_in'] = true;
}
if (isset($_GET['logout'])) {
session_destroy();
header("Location: login.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Espace Admin</title>
<style>body { font-family: sans-serif; max-width: 800px; margin: auto; padding: 20px; }</style>
</head>
<body>
<div class="menu" style="margin-bottom: 20px; padding: 10px; background: #eee;">
<a href="index.php">Accueil (Forum)</a> |
<a href="login.php">Espace Admin (Flag)</a>
</div>
<?php if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true): ?>
<div style="border: 2px solid green; padding: 20px; text-align: center; background: #dff0d8;">
<h2>Accès autorisé !</h2>
<p>Voici votre récompense :</p>
<h1>{CTFM1:lebeurredecacahuetesestsouscoté}</h1>
<br>
<a href="login.php?logout=true">Se déconnecter</a>
</div>
<?php else: ?>
<h2>Connexion Requise</h2>
<form method="post">
User: <input type="text" name="username"><br><br>
Pass: <input type="password" name="password"><br><br>
<input type="submit" value="Se connecter">
</form>
<p><em>(Tu peux tenter: admin / supersecret)</em></p>
<?php endif; ?>
</body>
</html>