-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.php
81 lines (60 loc) · 1.81 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
include "sqlcon.php";
$db = new database();
$db->connect();
$db->checkLogin();
$error = "";
if(isset($_POST['send'])) {
$error = $_POST['message'];
}
if(isset($_POST['submit-comment'])) {
$db->addComment($_POST['comment-area'], $_POST['users-name']);
}
?>
<html>
<head>
<title>XSS Playground</title>
<link rel="stylesheet" href="style.css" type="text/css">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script src="js/comments.js"></script>
<script src="js/post.js"></script>
</head>
<body>
<br />
<div id="comments">
<form method="post" action="">
<img src="http://awwwards.de/awards/images/2013/01/digital-artwork-mosaic-portraits-charis-tsevis-cover.jpg" /><br />
<textarea cols="50" rows="5" placeholder="Please leave a comment on the artwork here" name="comment-area" ></textarea><br />
<input type="text" placeholder="Please enter name" size="20" name="users-name" /><br />
<input type="submit" value="Leave Comment" name="submit-comment">
</form>
<div id="comment-feed-wrapper">
<table>
<thead align="left">
<tr>
<th>Comment</th>
<th>User</th>
</tr>
<tr><td colspan="2"><hr></td></tr>
</thead>
<tbody id="comment-tbody">
</tbody>
</table>
</div>
</div>
<hr />
<form method="post" action="">
<input type="text" name="message"><br />
<input type="submit" value="Send" name="send"><br />
</form>
<?php echo $error; ?>
<hr />
<form method="post" action="cgi-bin/git.py">
<input type="hidden" value="test" name="data">
<input type="submit" name="sendit" />
</form>
<div id="logout">
<a href="logout.php">Logout</a>
</div>
</body>
</html>