From 5f8fe438f944b89ad5eff107be93324a2dc29161 Mon Sep 17 00:00:00 2001
From: Git-Admin <admin@ctf.arrobe.fr>
Date: Tue, 13 Jan 2026 11:36:51 +0000
Subject: [PATCH] Initial commit - Release v1.0

---
 .gitignore |   3 ++
 index.php  | 116 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 login.php  |  53 ++++++++++++++++++++++++
 3 files changed, 172 insertions(+)
 create mode 100755 .gitignore
 create mode 100755 index.php
 create mode 100755 login.php

diff --git a/.gitignore b/.gitignore
new file mode 100755
index 0000000..eb72aa1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+uploads/*
+!uploads/.gitkeep
+db_config.php
diff --git a/index.php b/index.php
new file mode 100755
index 0000000..64523a0
--- /dev/null
+++ b/index.php
@@ -0,0 +1,116 @@
+<?php
+session_start();
+// On charge la config externe
+require_once 'db_config.php';
+
+// Connexion avec les variables du fichier de config
+$conn = new mysqli($db_host, $db_user, $db_pass, $db_name);
+
+$msg = "";
+// On vérifie que le formulaire est envoyé
+if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['content'])) {
+
+    // 1. Vérification du Timer (1 minute)
+    if (isset($_SESSION['last_post_time']) && (time() - $_SESSION['last_post_time'] < 60)) {
+        $msg = "Erreur : Vous devez attendre 1 minute entre chaque post.";
+    } else {
+
+        $content = htmlspecialchars($_POST['content']);
+        $ip = $_SERVER['REMOTE_ADDR'];
+        $target_file = NULL; // Par défaut, pas d'image
+        $process_sql = true; 
+
+        // LOGIQUE IMAGE FACULTATIVE
+        if (!empty($_FILES["fileToUpload"]["name"])) {
+            $target_dir = "uploads/";
+            $filename = basename($_FILES["fileToUpload"]["name"]);
+            // Nettoyage du nom de fichier
+            $filename = preg_replace("/[^a-zA-Z0-9.]/", "", $filename);
+            $target_file_path = $target_dir . time() . "_" . $filename;
+            $imageFileType = strtolower(pathinfo($target_file_path, PATHINFO_EXTENSION));
+
+            if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg") {
+                $msg = "Erreur : Seuls les fichiers JPG, JPEG, PNG sont autorisés.";
+                $process_sql = false;
+            } 
+            elseif (!move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file_path)) {
+                $msg = "Erreur technique upload (Permissions ?).";
+                $process_sql = false;
+            } else {
+                $target_file = $target_file_path;
+            }
+        }
+
+        // INSERTION BDD
+        if ($process_sql) {
+            $stmt = $conn->prepare("INSERT INTO posts (content, image_path, ip_address) VALUES (?, ?, ?)");
+            $stmt->bind_param("sss", $content, $target_file, $ip);
+
+            if ($stmt->execute()) {
+                $_SESSION['last_post_time'] = time();
+                $msg = "Message posté avec succès !";
+            } else {
+                $msg = "Erreur SQL."; // On évite d'afficher l'erreur précise aux utilisateurs
+            }
+        }
+    }
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Mini Forum CTF</title>
+    <style>
+        body { font-family: sans-serif; max-width: 800px; margin: auto; padding: 20px; }
+        .post { border: 1px solid #ccc; padding: 10px; margin-bottom: 10px; background: #f9f9f9; }
+        .meta { color: #555; font-size: 0.9em; }
+        img { max-width: 200px; display: block; margin-top: 10px; }
+        .menu { margin-bottom: 20px; padding: 10px; background: #eee; }
+        .alert { color: red; font-weight: bold; }
+    </style>
+</head>
+<body>
+
+<div class="menu">
+    <a href="index.php">Accueil (Forum)</a> | 
+    <a href="login.php">Espace Admin (Flag)</a>
+</div>
+
+<h1>Bienvenue sur le Dev Web</h1>
+
+<?php if($msg) echo "<p class='alert'>$msg</p>"; ?>
+
+<div style="border: 2px solid #333; padding: 15px;">
+    <h3>Poster un message</h3>
+    <form action="index.php" method="post" enctype="multipart/form-data">
+        <textarea name="content" rows="4" cols="50" required placeholder="Votre message..."></textarea><br><br>
+        Image (JPG/PNG, Min 2Mo possible) : <input type="file" name="fileToUpload"<br><br>
+        <input type="submit" value="Envoyer">
+    </form>
+</div>
+
+<hr>
+
+<h2>Derniers messages</h2>
+<?php
+$sql = "SELECT * FROM posts ORDER BY id DESC";
+$result = $conn->query($sql);
+
+if ($result->num_rows > 0) {
+    while($row = $result->fetch_assoc()) {
+        echo "<div class='post'>";
+        echo "<div class='meta'>Posté par IP: <strong>" . $row["ip_address"] . "</strong> le " . $row["created_at"] . "</div>";
+        echo "<p>" . nl2br($row["content"]) . "</p>";
+        if ($row["image_path"]) {
+            echo "<img src='" . $row["image_path"] . "' alt='Image user'>";
+        }
+        echo "</div>";
+    }
+} else {
+    echo "Aucun message pour le moment.";
+}
+?>
+
+</body>
+</html>
diff --git a/login.php b/login.php
new file mode 100755
index 0000000..9e1c323
--- /dev/null
+++ b/login.php
@@ -0,0 +1,53 @@
+<?php
+session_start();
+require_once 'db_config.php'; 
+
+$msg = "";
+
+// Vérification Login
+if (isset($_POST['username'])) {
+    if ($_POST['username'] == $admin_user && $_POST['password'] == $admin_pass) {
+        $_SESSION['logged_in'] = true;
+    } else {
+        $msg = "Identifiants incorrects.";
+    }
+}
+
+if (isset($_GET['logout'])) {
+    session_destroy();
+    header("Location: login.php");
+    exit();
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head><title>Admin Login</title></head>
+<body style="font-family:sans-serif; padding:20px; text-align:center;">
+
+<a href="index.php">Retour au Forum</a>
+
+<?php if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true): ?>
+
+    <div style="border: 2px solid green; padding: 20px; margin-top:20px; background: #dff0d8;">
+        <h2>Félicitations !</h2>
+        <p>Voici le flag du challenge Web :</p>
+        <h1 style="color:crimson;"><?php echo $flag_dev_web; ?></h1>
+        <br>
+        <a href="login.php?logout=true">Déconnexion</a>
+    </div>
+
+<?php else: ?>
+
+    <h2>Espace Administration</h2>
+    <?php if($msg) echo "<p style='color:red'>$msg</p>"; ?>
+    <form method="post" style="border:1px solid #ccc; display:inline-block; padding:20px;">
+        User: <input type="text" name="username"><br><br>
+        Pass: <input type="password" name="password"><br><br>
+        <input type="submit" value="Se connecter">
+    </form>
+
+<?php endif; ?>
+
+</body>
+</html>