Merge pull request #58 from sudebozkurt/main

API_Hacking_Revised_4
Yavuzlar · Feb 18, 2024 · 843ec0d · 843ec0d
2 parents adf1679 + 023e70f
commit 843ec0d
Show file tree

Hide file tree

Showing 8 changed files with 90 additions and 7 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -5,7 +5,7 @@ LABEL Description="Web Vulnerability Lab by Yavuzlar." \
 	Usage="docker run -d -p [HOST PORT NUMBER]:80 yavuzlar/vulnlab" \
 	Version="1.0"
 
-ENV TZ=Asia/Turkey
+ENV TZ=Asia/Dubai
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
 
 RUN apt update

diff --git a/app/lab/api-hacking/api-hacking1/all_wallpapers.php b/app/lab/api-hacking/api-hacking1/all_wallpapers.php
@@ -0,0 +1,52 @@
+<?php
+require("../../../lang/lang.php");
+$strings = tr();
+
+$uploadDirectory = '../api-hacking1/api/uploads/';
+$images = scandir($uploadDirectory);
+
+$images = array_diff($images, array('..', '.'));
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>API Hacking</title>
+    <!-- Bootstrap CSS -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+</head>
+<body>
+
+<div class="container mt-5">
+    <button type="button" class="btn btn-primary mt-2" onclick="backToLoginPage()"><?php echo $strings['backtologin']; ?></button>
+    <p></p>
+    <div class="row">
+        <?php foreach ($images as $image) : ?>
+            <div class="col-md-4 mb-4">
+                <div class="card h-100">
+                    <img src="<?= $uploadDirectory . $image ?>" class="card-img-top" alt="<?= $image ?>">
+                    <div class="card-body text-center">
+                        <h5 class="card-title"><?= $image ?></h5>
+                    </div>
+                </div>
+            </div>
+        <?php endforeach; ?>
+    </div>
+
+    <div class="mt-3">
+    </div>
+</div>
+
+<!-- Bootstrap JS and Popper.js (required for Bootstrap JavaScript plugins) -->
+<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+<script id="VLBar" title="<?= $strings['title'] ?>" category-id="13" src="/public/assets/js/vlnav.min.js"></script>
+<script>
+    function backToLoginPage() {
+        window.location.href = 'index.php'; 
+    }
+</script>
+</body>
+</html>
diff --git a/app/lab/api-hacking/api-hacking1/api/logout.php b/app/lab/api-hacking/api-hacking1/api/logout.php
@@ -0,0 +1,8 @@
+<?php
+session_start();
+
+session_unset();
+session_destroy();
+
+$response = array('success' => true);
+echo json_encode($response);
diff --git a/app/lab/api-hacking/api-hacking1/dashboard.php b/app/lab/api-hacking/api-hacking1/dashboard.php
@@ -45,6 +45,7 @@
         <h1 class="mb-4"><?php echo $strings['labtitle']; ?> </h1>
 
         <button type="button" class="btn btn-secondary mt-2" onclick="resetImages()"><?php echo $strings['resetlab'] ?></button>
+        <button type="button" class="btn btn-danger mt-2" onclick="logout()"><?php echo $strings['logout']; ?></button>
 
 
         <!-- Image Upload Form -->
@@ -166,6 +167,23 @@ function resetImages() {
                 .catch(error => console.error('Hata:', error));
         }
 
+        function logout() {
+        fetch('api/logout.php')
+            .then(response => {
+                if (response.ok) {
+                    return response.json();
+                }
+            })
+            .then(data => {
+                if (data.success) {
+                    window.location.href = 'index.php'; 
+                } else {
+                    alert('<?php echo $strings['logouterr'] ?>');
+                }
+            })
+            .catch(error => console.error('Error:', error));
+    }
+
 
         // Initial fetch to display uploaded images on page load
         fetchImages();

diff --git a/app/lab/api-hacking/api-hacking1/en.ini b/app/lab/api-hacking/api-hacking1/en.ini
@@ -22,4 +22,7 @@ requestmethod = "Invalid request method."
 reset = "The images have been successfully reset."
 resetlab = "Reset Lab"
 allwallpapers = "All Wallpapers" 
-filename = "File Name: "
+filename = "File Name: "
+logouterr = "Çıkış yapılamadı. Tekrar deneyiniz."
+backtologin = "Back to Login Page"
+logout = "Log Out"
diff --git a/app/lab/api-hacking/api-hacking1/fr.ini b/app/lab/api-hacking/api-hacking1/fr.ini
@@ -23,3 +23,6 @@ reset = "Les images ont été réinitialisées avec succès."
 resetlab = "Le aboratoire a été réinitialisé."
 allwallpapers = "Tous les fonds d'écran"
 filename = "Nom de fichier: "
+logouterr = "La déconnexion a échoué. Veuillez réessayer."
+backtologin = "Retour à la page de connexion."
+logout = "Se déconnecter" 
diff --git a/app/lab/api-hacking/api-hacking1/index.php b/app/lab/api-hacking/api-hacking1/index.php
@@ -30,7 +30,6 @@
 }
 ?>
 
-
 <!DOCTYPE html>
 <html lang="<?= $strings['lang']; ?>">
 <head>
@@ -40,7 +39,6 @@
     <!-- Bootstrap CSS -->
     <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
     <script src="https://code.jquery.com/jquery-3.6.4.min.js"></script>
-<!-- ... -->
 
 <script>
     $(document).ready(function() {
@@ -66,8 +64,6 @@
     });
 </script>
 
-<!-- ... -->
-
 </head>
 <body>
 

diff --git a/app/lab/api-hacking/api-hacking1/tr.ini b/app/lab/api-hacking/api-hacking1/tr.ini
@@ -22,4 +22,7 @@ requestmethod = "Geçersiz istek yöntemi."
 reset = "Resimler başarıyla sıfırlandı."
 resetlab = "Laboratuvarı sıfırla"
 allwallpapers = "Tüm Duvar Kağıtları"
-filename = "Dosya Adı: "
+filename = "Dosya Adı: "
+logouterr = "Çıkış yapılamadı. Tekrar deneyiniz."
+backtologin = "Giriş Yap Sayfasına Dön"
+logout = "Çıkış Yap"