Training: RegexMini (Training, Regex)
Regex Mini
We are trying hard to make a secure site.
So far, we got a secure definition of a username.
Unless you prove otherwise.
Again you are given the source, also as highlighted version.
©Softworx(tm) 2011
So far, we got a secure definition of a username.
Unless you prove otherwise.
Again you are given the source, also as highlighted version.
©Softworx(tm) 2011
GeSHi`ed PHP code for regex2/index.php
1 2 3 4 56 7 8 9 1011 12 13 14 1516 17 18 19 2021 22 23 24 2526 27 28 29 3031 32 33 34 3536 37 38 39 4041 42 43 44 4546 47 48 49 5051 52 53 54 5556 57 58 59 6061 62 63 64 6566 67 68 69 7071 72 73 74 7576 77 78 79 8081 82 83 84 8586 87 88 89 9091 92 93 94 95 | <?php # Show src if (isset($_GET['show'])) { # http://en.wikipedia.org/wiki/Quine_%28computing%29 header('Content-Type: text/plain'); die(file_get_contents('index.php')); } # Headerchdir('../../../'); define('GWF_PAGE_TITLE', 'Training: RegexMini'); require_once('challenge/html_head.php'); if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) { $chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/training/regex2/index.php', false);} $chall->showHeader(); # Info box echo GWF_Box::box($chall->lang('info', array('index.php?show=source', 'index.php?highlight=christmas')), $chall->lang('title')); # Show highlighted src if (isset($_GET['highlight'])) { $source = '[PHP title=regex2/index.php]'.file_get_contents('challenge/training/regex2/index.php').''; echo GWF_Box::box(GWF_Message::display($source, true, false)); } # Submitted? if (isset($_POST['submit'])){ # Check it! $error = ludde_is_satisfied($chall); # Oooops! if ($error === true) { $chall->onChallengeSolved(GWF_Session::getUserID()); } # All normal and ok elseif ($error === false) { echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('msg_ok', array($_POST['username'])), false); } # Error! else { echo GWF_HTML::error(GWF_PAGE_TITLE, $error, false); } } # Check it! function ludde_is_satisfied(WC_Challenge $chall){ # Missing POST var? if (!isset($_POST['username'])) { return $chall->lang('err_missing_var'); } # Submitted a string? if (!is_string($_POST['username'])) { return $chall->lang('err_var_type'); } # Valid username? if (!preg_match('/^[a-zA-Z]{1,16}$/', $_POST['username'])) { return $chall->lang('err_illegal_username', array(1, 16)); } # WTF! WTF! WTF! if (strlen($_POST['username']) > 16) { return true; } # Normal, OK and no error :) return false; } ?> <div id="EUISM" class="box box_c"> <form id="Every User Input Seems Malicious" action="index.php" method="post"> <label for="username"><?php echo $chall->lang('username'); ?></label>: <input type="text" name="username" value="" size="16" /> <input type="submit" name="submit" value="<?php echo $chall->lang('submit'); ?>" /> </form> </div><?php # Copyright + Footer echo $chall->copyrightFooter(); require_once('challenge/html_foot.php'); ?> |
© 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by ludde