William/WMU-CS4430-Project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git.williammiceli.systems/williammiceli-educational/CS4430-Project

Browse Source
This commit is contained in:
Logan McInnis
2019-11-25 10:41:45 -08:00
parent 4f9afcc46f a2e66af73c
commit d4f7ac7387
19 changed files with 458 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Dockerfile
View File

@@ -4,9 +4,12 @@ WORKDIR /var/www
# Installing needed packages
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
mysql-server \
mysql-server-5.7 \
nano \
nginx \
php-fpm \
php7.2-fpm \
php7.2-mysql \
php7.2-cli \
&& rm -rf /var/lib/apt/lists/* \
&& rm -rf /var/www/html \
&& rm /etc/nginx/sites-enabled/default
@@ -14,14 +17,19 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
# Copying in nginx configuration
COPY /etc/ /etc/
# Setting up MySQL --Will come back to later, as it's not necessary and not playing very well with automation
#RUN mysql_secure_installation --use-defaults
# Copying in scripts and making them executable
COPY /scripts/ /scripts/
RUN chmod -R +x /scripts/
# Setting up MySQL
RUN /scripts/mysql_setup.sh
# Copying in startup script
COPY /entrypoint.sh /
# Copying in web files
# Copying in web files and setting default owenership
COPY /var/www/ /var/www/
RUN chown -R www-data:www-data /var/www
# Expose Insecure Web, MySQL Server
EXPOSE 80 3306

39
README.md
View File

@@ -6,12 +6,47 @@
[https://www.sitepoint.com/mysql-3-getting-started-php/]
[https://www.sitepoint.com/publishing-mysql-data-web/]
#### Notes
## Page Responsibilities
### Bryan
- "Search" `search.html`
- "Message Someone" `sendMessage.html`
### Logan
- "Find a New Friend" `findFriend.html`
- "Check Pending Friends" `pendingFriend.html`
### William
- "See Messages" `messages.html`
- "See Friends" `friends.html`
## Notes
- Can use `ps waux | grep nginx` to check if the NGINX service is running
- MySQL's documentation sucks.
- Will be using `mysql_secure_installation --use-default`, for now as I can't find what the defaults actually are.
- [https://dev.mysql.com/doc/refman/5.7/en/mysql-secure-installation.html]
- Use `nginx -s reload` to reload the web server's configurations
- I (William) will host an instance at [https://friends.proxy0.williammiceli.io/] that is publically accessible for testing. If anyone wants me to change the version/image used, just let me know.
##hello
### Traefik Configuration Labels
```
traefik.enable: true
traefik.http.routers.CS4430-Project-router-http.entrypoints: http
traefik.http.routers.CS4430-Project-router-http.rule: Host(`friends.proxy0.williammiceli.io`)
traefik.http.routers.CS4430-Project-router-http.middlewares: CS4430-Project-redirectHttp
traefik.http.routers.CS4430-Project-router-http.service: CS4430-Project-service-http
traefik.http.routers.CS4430-Project-router-https.entrypoints: https
traefik.http.routers.CS4430-Project-router-https.rule: Host(`friends.proxy0.williammiceli.io`)
traefik.http.routers.CS4430-Project-router-https.tls: true
traefik.http.routers.CS4430-Project-router-https.tls.certresolver: letsencrypt
traefik.http.routers.CS4430-Project-router-https.service: CS4430-Project-service-http
traefik.http.middlewares.CS4430-Project-redirectHttp.redirectscheme.permanent: true
traefik.http.middlewares.CS4430-Project-redirectHttp.redirectscheme.scheme: https
traefik.http.services.CS4430-Project-service-http.loadbalancer.passhostheader: true
traefik.http.services.CS4430-Project-service-http.loadbalancer.server.port: "80"
```

11
entrypoint.sh
View File

@@ -1,10 +1,15 @@
#!/bin/sh
echo "[ INFO ] Recursively setting www-data:www-data permissions on root web directory"
chown -R www-data:www-data /var/www
# Starting base services
echo "[ INFO ] Starting MySQL Server"
service mysql start
echo "[ INFO ] Starting PHP 7.2 Service"
service php7.2-fpm start
# Running friendBook database setup script
echo "[ INFO ] Setting up friendBook database"
mysql -u root < /scripts/friendBook.sql
echo "[ INFO ] Starting nginx"
nginx -g "daemon off;" # Foreground

6
etc/nginx/conf.d/cs4430.conf
View File

@@ -3,18 +3,18 @@ server {
listen [::]:80;
root /var/www/;
index index.html index.php;
index landingPage.html
server_name _;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
try_files $uri $uri/ /index.php /index.html =404;
try_files $uri $uri/ /landingPage.html =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
}
}

44
scripts/friendBook.sql Normal file
View File

@@ -0,0 +1,44 @@
use friendBook;
create table login(
username varchar(25),
pword varchar(25),
primary key(username));
create table contacts(
username varchar(25),
fname varchar(25),
lnam varchar(25),
primary key(username),
foreign key(username) references login(username));
create table messages(
messageID int,
sender varchar(25),
recipient varchar(25),
message text,
date date,
haveread varchar(1),
primary key(messageID),
foreign key(sender) references contacts(username),
foreign key(recipient) references contacts(username));
create table friendlist(
username varchar(25),
friend varchar(25),
confirm boolean);
insert into login
values ('user1', 'password1');
insert into login
values ('user2', 'password2');
insert into contacts
values ('user1', 'num1', 'uno');
insert into contacts
values ('user2', 'num2', 'dos');
insert into messages
values ('1', 'user1', 'user2', 'hello, how are you', now(), 'Y');
insert into messages
values ('2', 'user2', 'user1', 'im doing good, thanks', now(), 'N');

19
scripts/mysql_setup.sh Normal file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
service mysql start
# Perform the equivalent of running `mysql_secure_installation`
mysql -u root << EOF
UPDATE mysql.user SET authentication_string=PASSWORD('Password123') WHERE User='root';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.db WHERE Db='test' OR Db='test_%';
FLUSH PRIVILEGES;
EOF
# Setting up the basics
mysql -u root << EOF
CREATE USER 'web'@'localhost' IDENTIFIED BY 'Password456';
CREATE DATABASE friendBook;
GRANT ALL PRIVILEGES ON friendBook . * TO 'web'@'localhost';
FLUSH PRIVILEGES;
EOF

36
var/www/index.html
View File

@@ -1,16 +1,26 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Today&rsquo;s Date</title>
<title>FriendBook</title>
<meta http-equiv="content-type"
content="text/html; charset=utf-8"/>
content="text/html; charset=utf-8"/>
</head>
<body>
<p>Today&rsquo;s date (according to this web server) is
<?php
echo date('l, F dS Y.');
?>
</p>
</body>
</html>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<h2><font color="white">Friendbook</h2>
<button type="button" onclick="window.location.href = 'friends.html'">See Friends</button>
<button type="button" onclick="window.location.href = 'messages.html'">See Messages</button>
<button type="button" onclick="window.location.href = 'contacts.html'">See Contacts</button>
<button type="button" onclick="window.location.href = 'search.php'">Search</button>
<button type="button" onclick="window.location.href = 'sendMessage.php'">Message Someone</button>
<button type="button" onclick="window.location.href = 'findFriend.html'">Find a New Friend</button>
<button type="button" onclick="window.location.href = 'pendingFriend.html'">Check Pending Friends</button>
</body>
</html>

3
var/www/info.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
phpinfo();
?>

4
var/www/landingPage.html
View File

@@ -11,8 +11,8 @@ body {
<button type="button" onclick="window.location.href = 'friends.html'">See Friends</button>
<button type="button" onclick="window.location.href = 'messages.html'">See Messages</button>
<button type="button" onclick="window.location.href = 'contacts.html'">See Contacts</button>
<button type="button" onclick="window.location.href = 'search.html'">Search</button>
<button type="button" onclick="window.location.href = 'sendMessage.html'">Message Someone</button>
<button type="button" onclick="window.location.href = 'search.php'">Search</button>
<button type="button" onclick="window.location.href = 'sendMessage.php'">Message Someone</button>
<button type="button" onclick="window.location.href = 'findFriend.html'">Find a New Friend</button>
<button type="button" onclick="window.location.href = 'pendingFriend.html'">Check Pending Friends</button>

28
var/www/login.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>FriendBook Login</title>
<meta http-equiv="content-type"
content="text/html; charset=utf-8"/>
</head>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<div class="message"><?php if($_SESSION["loginError"]!="") { echo $_SESSION["loginError"]; } ?></div>
<h2><font color="white">Please Login</h2>
<form action="loginCheck.php" method="post">
User&colon;
<input type="text" name="username" placeholder="Username"><br>
Password&colon;
<input type="password" name="password" placeholder="Password"><br>
<input type="submit">
</form>
</body>
</html>

37
var/www/loginCheck.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
session_start();
$server = "localhost";
$database = "friendBook";
$username = "web";
$password = "Password456";
try{
$connection = new PDO("mysql:host=$server;dbname=$database", $username, $password);
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Connected successfully";
if($_POST["Username"] != "" && $_POST["Password"] != ""){
$matchingUsers = $connection->query("SELECT COUNT(*) FROM login WHERE username = '".$_POST["Username"]."' and pword = '".$_POST["Password"]."'");
if($matchingUsers > 0){
// User has been authenticated; set user as logged in
$_SESSION["loggedInUser"] = "".$_POST["Username"]."";
$_SESSION["loginError"] = "";
// Move onto landing page
header("Location: /landingPage.html");
}else{
// No matching users found, send user error
$_SESSION["loginError"] = "Invalid Username or Password";
// Return to login page
header("Location: /login.php");
}
}else{
// Return to login page, as credentials were not captured
$_SESSION["loginError"] = "Login credentials not found, please try again";
header("Location: /login.php");
}
}
catch(PDOException $e){
echo "Error: " . $e->getMessage();
}
$connection = null;
?>

27
var/www/logout.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>FriendBook Logout</title>
<meta http-equiv="content-type"
content="text/html; charset=utf-8"/>
</head>
<body>
<?php
session_unset(); // remove all session variables
session_destroy(); // destroy the session
?>
<style>
body {
background-color: #3B5998;
}
</style>
<h2><font color="white">You have been successfully logged out.</h2>
<button type="button" onclick="window.location.href = 'friends.html'">Login again? (FIXME)</button>
</body>
</html>

3
var/www/sendMessage.html → var/www/messageSender.php
View File

@@ -7,8 +7,7 @@ body {
}
</style>
<h2><font color="white">Heres where you send your dumbass messages</h2>
</body>
</html>

30
var/www/nameSearch.php Normal file
View File

@@ -0,0 +1,30 @@
<html>
<body>
<?php
$fname = $_POST["fname"];
$lname = $_POST["lname"];
$servername = "localhost";
$username = "web";
$password = "Password456";
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
$query = "Select * from contacts where fname = " + $fname + " and lnam = " + $lname;
print $query;
?>
</body>
</html>

63
var/www/phptest.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
session_start();
$server = "localhost";
$database = "friendBook";
$username = "web";
$password = "Password456";
?>
<html>
<head>
</head>
<body>
<h1>PHP Test Page</h1>
<h2>MySQL</h2>
<h3>Creating Connection</h3>
<?php
try{
$connection = new PDO("mysql:host=$server;dbname=$database", $username, $password);
// set the PDO error mode to exception
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Connected successfully".PHP_EOL;
}
catch(PDOException $e){
echo "Connection failed: ".$e->getMessage().PHP_EOL;
}
?>
<h3>Creating and Executing Query</h3>
<?php
try{
$sql = "SELECT messageID, date, message FROM messages WHERE recipient={$_SESSION["loggedInUser"]}";
foreach($connection->query($sql) as $row){
print $row['messageID']."\t";
print $row['date']."\t";
print $row['message']."\t";
}
}
catch(Exception $e){
echo "Error: ".$e->getMessage().PHP_EOL;
}
?>
<h3>$sql</h3>
<?php
echo "<pre>";
print_r($sql);
echo "</pre>";
?>
<h3>$_SESSION</h3>
<?php
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
?>
</body>
</html>
<?php
$connection = null;
?>

25
var/www/search.html
View File

@@ -1,25 +0,0 @@
<!DOCTYPE html>
<html>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<h2><font color="white">Who Would you like to search for</h2>
<input type="radio" name="type" value="number">Search By Number<br>
<input type="radio" name="type" value="name">Search By Name<br>
<textarea autofocus rows="1" cols="50">
</textarea>
<form action="/action_page.php">
<input type="text" name="usrname"><br>
<input type="submit" value="Submit">
</form>
</body>
</html>

33
var/www/search.php Normal file
View File

@@ -0,0 +1,33 @@
<!DOCTYPE html>
<html>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<h2><font color="white">Search by</h2>
<form method="post" action="usernameSearch.php">
Username: <br><input type="text" name="username"><br>
<input type="submit">
</form>
<br>
<h2>Or</h2>
<form action="nameSearch.php" method="post">
First Name: <input type="text" name="fname"><br>
Last Name: <input type="text" name="lname"><br>
<input type="submit">
</form>
<?php
echo $name;
echo "<br>"
?>
</body>
</html>

56
var/www/sendMessage.php Normal file
View File

@@ -0,0 +1,56 @@
<!DOCTYPE html>
<html>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<h2><font color="white">Send a message</h2>
<?php
$name = $message = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$name = "";
} else {
$comment = test_input($_POST["name"]);
}
if (empty($_POST["Message"])) {
$message = "";
} else {
$message = test_input($_POST["message"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Who are you sending it to?: <br><input type="text" name="name" value="<?php echo $name;?>">
<br><br>
Message: <br><textarea name="message" rows="5" cols="40"><?php echo $message;?></textarea>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo $name;
echo "<br>";
echo $message;
echo "<br>";
?>
</body>
</html>

31
var/www/usernameSearch.php Normal file
View File

@@ -0,0 +1,31 @@
<html>
<body>
<style>
body {
background-color: #3B5998;
}
</style>
<?php
$username = $_POST["username"];
$servername = "localhost";
$username = "web";
$password = "Password456";
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
$query = "Select * from contacts where username = " + $username;
print $query;
?>
</body>
</html>