From f0c641beb840d80d49817b7b40bc5e9754abedc0 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Tue, 4 Mar 2014 14:27:38 +0100 Subject: [PATCH 1/7] Added reflected XSS attack page --- bank/index_xss.php | 63 ++++++++++++++++++++++++++++++++++++++++++++++ bank/message.php | 56 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 119 insertions(+) create mode 100644 bank/index_xss.php create mode 100644 bank/message.php diff --git a/bank/index_xss.php b/bank/index_xss.php new file mode 100644 index 0000000..19001a1 --- /dev/null +++ b/bank/index_xss.php @@ -0,0 +1,63 @@ + + + + Poespas Bank + + + + + + + + + + + + + + + +
+
+
+ + +

Welkom bij de Poespas Bank. De bank die u kunt vertrouwen.

+

Vul alleen uw gegevens in als u zeker weet dat u zich op de echte Poespas site bevind.

+ +
+ + +
+
+
+ +
+ + + + + + diff --git a/bank/message.php b/bank/message.php new file mode 100644 index 0000000..8621505 --- /dev/null +++ b/bank/message.php @@ -0,0 +1,56 @@ + + + + + Poespas Bank + + + + + + + + + + + + + + + +
+
+
+ + +

Welkom bij de Poespas Bank. De bank die u kunt vertrouwen.

+

Vul alleen uw gegevens in als u zeker weet dat u zich op de echte Poespas site bevind.

+ +
+ +
+ +
+ +
+
+
+ +
+ + + + + + From 8345da16791692a61c1b4561d24e86a92e1fc088 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Tue, 4 Mar 2014 15:57:15 +0100 Subject: [PATCH 2/7] First simple XSS vulnerable webpages are now ready --- bank/message.php | 4 -- webshop/image_zoom escapehtml.php | 61 +++++++++++++++++++++++++++++++ webshop/image_zoom.php | 61 +++++++++++++++++++++++++++++++ webshop/product_detail.php | 2 + 4 files changed, 124 insertions(+), 4 deletions(-) create mode 100644 webshop/image_zoom escapehtml.php create mode 100644 webshop/image_zoom.php diff --git a/bank/message.php b/bank/message.php index 8621505..c156094 100644 --- a/bank/message.php +++ b/bank/message.php @@ -31,10 +31,6 @@
- -

Welkom bij de Poespas Bank. De bank die u kunt vertrouwen.

-

Vul alleen uw gegevens in als u zeker weet dat u zich op de echte Poespas site bevind.

-
diff --git a/webshop/image_zoom escapehtml.php b/webshop/image_zoom escapehtml.php new file mode 100644 index 0000000..4b03136 --- /dev/null +++ b/webshop/image_zoom escapehtml.php @@ -0,0 +1,61 @@ + + + + + Lekkende Kranen Empirium + + + + + + + + + + + + + + + + +
+
+
+ +
+ + ' style="width:50%; margin: 0 auto;"/> + +
+
+ + + diff --git a/webshop/image_zoom.php b/webshop/image_zoom.php new file mode 100644 index 0000000..a3d935d --- /dev/null +++ b/webshop/image_zoom.php @@ -0,0 +1,61 @@ + + + + + Lekkende Kranen Empirium + + + + + + + + + + + + + + + + +
+
+
+ +
+ + + +
+
+ + + diff --git a/webshop/product_detail.php b/webshop/product_detail.php index 171ee33..95b477d 100644 --- a/webshop/product_detail.php +++ b/webshop/product_detail.php @@ -72,7 +72,9 @@ $connection->close();

From 3c8d541d05e1dc46172ab43007d0704882ea3989 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Wed, 5 Mar 2014 15:37:32 +0100 Subject: [PATCH 3/7] Added mock news site (only html for now) --- index.php | 6 +-- nieuws/index.php | 49 +++++++++++++++++++++ themes/css/nieuws.css | 89 +++++++++++++++++++++++++++++++++++++++ themes/images/nieuws.png | Bin 0 -> 11534 bytes themes/images/school.jpg | Bin 0 -> 25657 bytes webshop/image_zoom.php | 2 +- 6 files changed, 142 insertions(+), 4 deletions(-) create mode 100644 nieuws/index.php create mode 100755 themes/css/nieuws.css create mode 100644 themes/images/nieuws.png create mode 100644 themes/images/school.jpg diff --git a/index.php b/index.php index 340acc6..3112317 100644 --- a/index.php +++ b/index.php @@ -1,10 +1,10 @@ De virtuele machine werkt! Lees de opgave om te beginnen met hacken. -

SQL Injection

-

Bank

-Bank (multi_query) +Bank (multi_query)
+Bank (xss)

Webshop

Webshop (replace) +

Nieuws

\ No newline at end of file diff --git a/nieuws/index.php b/nieuws/index.php new file mode 100644 index 0000000..a3fdca6 --- /dev/null +++ b/nieuws/index.php @@ -0,0 +1,49 @@ + + + + + Nieuws.nl + + + + + + + + + + + + + + +
+
Woensdag 5 maart 2014. Het laatste nieuws het eerst op NIEUWS.nl
+ +
Algemeen / Binnenland
+ +
+
Gepubliceerd: 23 oktober 2012 06:35
+
Laatste update: 23 oktober 2012 06:35
+ +

Avans opnieuw beste hogeschool

+ +

LEIDEN - Hogeschool Avans in Noord-Brabant is opnieuw de beste grote hbo-instelling van Nederland.

+ + +

Dat staat in de dinsdag verschenen Keuzegids Hbo Voltijd 2013. Deze gids vergelijkt hogescholen op basis van statistieken over studiesucces, oordeel van deskundigen uit de accreditatie en het oordeel van studenten.

+ +

Avans krijgt 71 punten, evenveel als vorig jaar. Ook de nummer 2 is onveranderd: Hogeschool Zeeland in Vlissingen. De NHTV in Breda is de nieuwe nummer 3. Hogeschool InHolland is net als vorig jaar de hekkensluiter van de lijst met 51 punten.

+ +

Bij de middelgrote hogescholen met gemiddeld ongeveer 2000 studenten moet de Christelijke Hogeschool Ede (81 punten) voor het eerst in jaren de bovenste plaats afstaan aan een ander.

+ +

De Gereformeerde Hogeschool uit Zwolle wordt met 85,5 punten beter beoordeeld. De Hotelschool Den Haag is een opvallende stijger, mede door een bijzonder gunstig deskundigenoordeel klommen zij van de tiende naar de vijfde plaats.

De hoogste scores zijn nog steeds te vinden bij de kleinste scholen. De Katholieke Pabo Zwolle en het IVA in Driebergen voeren al jaren de ranglijst aan met respectievelijk 92 en 88 punten. In de Keuzegids staat dat dat met name te danken is aan het feit dat zij slechts één hbo-opleiding aanbieden, die ook nog eens uitstekend verzorgd is. ''Eigen identiteit en - daardoor - een sterke binding met de studenten zijn belangrijke troeven",' zo valt te lezen in de gids.

+ + Door: ANP +
+ +
+ + + diff --git a/themes/css/nieuws.css b/themes/css/nieuws.css new file mode 100755 index 0000000..7229c86 --- /dev/null +++ b/themes/css/nieuws.css @@ -0,0 +1,89 @@ +body { + font-size: 62.5%; + font-family: Arial,helvetica,sans-serif; +} + +img { + float: left; +} + +img#logo { + margin: 30px; +} + +article img { + margin-right: 15px; +} + +section { + float: left; + width: 600px; +} + +#datum { + height: 30px; + line-height: 28px; + color: #05054c; + border-top: 1px dotted black; + border-bottom: 1px dotted black; + margin-bottom: 10px; + margin-top: 20px; +} + +#category { + height: 24px; + line-height: 24px; + color: white; + font-size: 1.5em; + font-weight: bold; + padding-left: 5px; + + background-image: -webkit-gradient( + linear, + left top, + left bottom, + color-stop(0, #98C4E5), + color-stop(1, #7AA2C1) + ); + background-image: -o-linear-gradient(bottom, #98C4E5 0%, #7AA2C1 100%); + background-image: -moz-linear-gradient(bottom, #98C4E5 0%, #7AA2C1 100%); + background-image: -webkit-linear-gradient(bottom, #98C4E5 0%, #7AA2C1 100%); + background-image: -ms-linear-gradient(bottom, #98C4E5 0%, #7AA2C1 100%); + background-image: linear-gradient(to bottom, #98C4E5 0%, #7AA2C1 100%); +} + +article { + background-color: #eaf0fa; + margin-top: 5px; + padding: 5px; + margin-bottom: 20px; +} + +#published, #update { + color: #445774; + line-height: 1.5em; + font-size: 10px; +} + +h1 { + font-size: 30px; + color: #020051; + margin-bottom: 8px; +} + +h2.summary { + font-size: 13px; + line-height: 18px; + color: rgb(68, 87, 117); +} + +p { + color: rgb(2, 0, 81); + font-size: 13px; + line-height: 18px; + padding-bottom: 10px; +} +a { + color: rgb(2, 0, 81); + text-decoration: underline; +} \ No newline at end of file diff --git a/themes/images/nieuws.png b/themes/images/nieuws.png new file mode 100644 index 0000000000000000000000000000000000000000..cef6608d02a582433c38118886c8431b11e1ad89 GIT binary patch literal 11534 zcmV+pE%DNcP)a<`jF@VGE2e&5xzF?Sas|Ax$2W56Mc)URfhNGY&=PR?Bq1WMo2-#0fj;YtGVbT0q zpy4>!`$;Pdy8N(a={)Fndca;{Gz_@>j83Os!639~$3OP=l+LbNK;Ew(7;pv24TL!j zS8gvctrtllw?tpSs#L~MBznx_3+x1h^uPApk#;fl)117CS8aG5h@)2pwR|)WYqOte^gHE%LJXkz^=m5hhTc#wi z81iHi5J_x6*yZ%YZN1kz-GOtv`<_8OX&69wW>sy(sQtaiH|#>USClEuBM-dCuXME@0E0m{V7D0Gi^O7&n)JHu z9IFZmA|7$r8DLGCl4uo;I$`=m5w8qJqE`}=d1WNdHweA}fFLFso|qvCJVvNF zvr!7p@>|B|6gaio#P<}ugyq74Fob=<^1&X*735m3h{brGfd3VpM*S=??Jp6Kxyg5u zDa3dNSSQugC76i?o@dM4-r)6aU+9|yE^jT>J<0Q15;M6?&8aZeV0fA$Y|;TMRn4^0by^O>k?8qE zGu`C&2QTA8(S-h?`iN6yVW3POXR{(U|clLNGj>mc`#dK(E5kOe}Q`8Ddxh){2- zF1P)sL9h9pnq?h4ADeb^Y|;UX>L;R`KoGvy_+fd@F2v1&Okc?diMEG43xn!KckSJ&(CKEGq{ zkykx~o`q67NM2pGM!{)b8!G5Ujt*#J!EjiflR(WpG5=T)RgQkwZSU_r>h$=7H<=7N zNft~+fj{BEB0!S7JPpSpe=zc+<88giy1V)}OK79v0)&PmpLxw%F#aXcggtZ0nD zn{j^1&O{D`+>rkjK$No=Sj~;2ihsvvj z$x~$ray$kNmI(qp3YNh#fsJHdV-6tGuan`Ep4Og*y@%WP54!z7qwJ0pIVPtFuxO>| zNaYA3zNM|B?~|Uk-g^3UN}!Sr79>9R ztiA65ad0YVKO{mkz)Hpr5g7Cub$hS#RRXGqq)MbuB}xw)pgiUakAlTek)|tK!{-7x zmZ|xW0!^3PmdFNy)RW)kTSSU(L}hhD-6Fb$HarI1Wu$YHEpV95qBtia65F|7p%n1(1cM1KkbeBAu$BgA|B4K6s zqJToAGRmwbaQj1F?H}|Ua34(h(5t{-o{Mj+V|p#v{>;{=8y@cP>^L zgA2~-5z1j2T)^9utG#fJuu6umNU}Ze4J`Sump|z0b$ZS*>a~+j)U#s^D{B9ZdL8UO z-2PnqvChv+PZ?z@jEi6yER)5QFyL4*q8u@fWdcn>+zcngj@vUiR3TZfjA^Is4iMHqIYP4*p zqz55OAeYp!DB%phNj{x7t$;;cU;5$&;qPKR{yBU?ouDF~R5Z>FD(Bd8`zSFe&ytWE z6O&PQ!<)Q8-hUQNd0-{IKiWkTj70w)i$pJlC;=llD2^Vm7?t3xuVSI%tB!^+f@TUZk4X_O|W; zIM~wtKxZ(b6E~9SrYiznA(lXS%(fCB$~lgL`%9%D#f3%tk90h< zdP&1&Ri##Gu<%5gMAlYfRJ4Q9pn>iI&w|~%4!tA|;ItSML$74(D4azzp**@QS7VMv zemcr=ZA#--O16_ zW;IbBFUqE2(keg>wJQRz+$6z5;(06_j+4Mv!$C)BehT6mUfR;udzWf<^*z)}98b<- z?N(DkwyG?%!fWq-{L8_%-ucL8R^U$OGapKWo^nD0xx7Cmo?aogDkhigB(YWcHB)j> zbMW_OFU0Z&w&mS7Mt7K_RDra>OG#d$+_Pw>|-{WpS zAR6-$aS@eyvMYJKb<=2Ac)agB{hAUJm-MvuTr;cE`pk;ObGA}&jR$M7`wn;H)>fPf z2A#eywe>hQAZjwjY%!mFl{s~WE1evVcA_6FIkByx<+{ z0U2z07O#-bO{G?IW$o?#_e=9pF-(s1Vl)G)DT%j4_`&b>m-X}w-cem)|8X!pw*81~ z=}`D!xRlvU@b->_H}|#mn56JR&h+9_NmorXjffJ=)!FB|@w9oh4`?-2J56wX4xii22fMSi%ou}Jt*Y0_h8#s%S)~I`UBzkm;o!j&qx}< zOc=@&ie8_8giS`CHl6|1)Cq}XOg>`LLsv)ttdEx83Q3^Fg3+OA~4eOpagSuJ3QBF4ce#aiXUSFEVF62n}#mK(b41hzllKT zXw!dZ%H(7)e4^GOgfi&zUc6|2?Fw6oVGmtSWz@iGs4Yu`7#N0z8El7+cKnkRVweHV zG%|$++L8c^kH(>`d+>ABmDWAs$mm&%^(6zOdg3AU4|*>4xc%nr!?tc)w51{sXR1|zi5_EDGy>vSI_vW=usr^dw2GF`AG|0KikPy` z2|AYfR5NArgdoyBB z4n%ZRC=7QvI-$C19vp}fXOB)>RbVa~w%_HY(e^blD%O&-@ZNjlrLg&;v$F2+&>xAClyrPo`WcPI)&U;BNbwV!khKpTNi4Xc7DjUp_L2BDQtj4zdw1Hra*IKbodoGzI` ztwu71wKZk1u&E*I4p(j7FalV#@^fvQD*28_OL|ARoa2r5JaW#FZySStujd6+s?cq|f7^BN_3Jjl4d4H@G8U79;dC}e6=*cv zZnnhqreDpyR%X(}7aap|oe+S9tO44IE;pzc*+a&dD=t_CTBCjq&}b_zjKwonEjlI4 zPTzn#Z$qXE1%OiU7bbI6M z+Y*!6wCXgI_IuZq8s2=o-Uh#c0a&gPp#y0W=1+kFVs;-mUg{5q77qtS^Y5+KY2mwH zI(OOwtEYcZ)^?d`N7+hsMd{G{`3?CSomzu$efdHOB*hfkKDU4Ub9pe8SihPE!b@!C z<954cb)02y*q}xS{y577PiX`2AEr1vSA}LBkD*z8ST$S4pi+i*`5E*wW)?~UONDX0 zbI_xe2202!y7SLj1>?7N;N&P>-Hw8+Ld)4}3o}+_xpnA$J}s6i=bW`H@9(?z9D+fo zC$AaL2`VCa=u9wbt@>Hfpqsm*-1^arE9>Ej8Xc@dv9&~--*vp-`Ce!9feyr~I)LX} zdAIY35RJSOZfV_u1#uZ-=_GskSH)mjdtD0{wOWz4w{iVSQnBV~?H#stj_#<9hAYn_>}oan&3+ z*KU}9-09wSti5ALI2^fKj6~M*E^_}!C50exEMglqq}Baex`dimKSyqAe8s-~+aHXnlxX;{MF2@dAX#v;_9pHCb*m9q3?Ld&An}{zsA7;pk#L*VJhhblK;mf@I~uh zt0Pua1R)f-5c+Yu%3%Hq;#H)nKS+4{D&qZFOh4#4+}XR)rU%#dj*ENte0V>n z(Mq670SKXVVo8FF08R+_fG+&bnhBeVJYh67@e(n_9X*f5dj|%!bL+MU>A|Ls2b;eG!JU%vBkd4W(u z8hV{(Z$!;Lajtt1EFVX>{jHskLNo%5o{$P2nSUiQlLRnPdQYSA>aq%8G#ZFG28d~7 zByGiT8W4g$@bB392wQG{iPrcbzwp`g^xD3{OO9uDp**pgWVo{J(DrZkOUNIIb1Q(4=5xCS)@isql|FWFso5< z&qB1b;|d&$KSlit>9j6i5Jq-BD=WnY@}@#5vE0p`~Lz$XEfnbE*V$4RVDO{7?F@3P@v7)Hj@Z>MI- z7t5jzX)~Q>EmKWo7f)==RwZX1FhK=nqP>ZOPPR zX$T<(u3|Wt%(5H{e4Ni%5-xY4Hzmgvo-T#Pl$1o*X}3(F4(x1&rWvOS&4SH$&QxGD zGxU5`&e;3dye-!y;UkSVl{7`7v?pK!-V2TvKs$`{MZRw!GgXV}Uu`LjNA$Gi#_jT(I3 zV9lq8S{J>(^C0Nd>RoJE`F`r{rTYI8hAJ6)pyLDSdpZd&?TAjMs|&s$0nTi&ue}sF zdnxf2Lqlpxs&X6PP(;y9?b`Fnlm<&?YVl}dS(zopR&s^5(rxpF zD6;bn1~C$a^6Jtr49=|wM_DOUG&TN?nly=Vs7J@BBya@w9|NA4PLgs3LihIn~6AQV(~lF zHD$kfFU&hGZ)*5W|B+9>67TL^1svkc)_esIoX~AgRT=y&Ts!sKJ%nP6iT#NW(+G|TJ-Wo^Q8X4t1dlL zW{uHBnsm_D*>Bpt?J>DO=>v5vEdsB-R@mjh;b;nK)i~WP3p+uXPRRhg|o?3-bzITIlerVoN&nd~&2+_I{b+iBy(DF1DrpgE##1{PS=>_QaI%$q9)3@+nJW=YrQb;z4J;RDt))NL)X$zpkajHBh#jV(w)7K` z&WQ!`;#ia298$p3Xgt+javO#Mkv2vymtRiGa5fVrmvz!(Sn1&h8fmA4CzN=Jv~MwI z=z@BHb_=}x;`>$4{O-Bk+A?d^{RRs>hz;?m&HgWos>`hn7UR{HvWl(5#O)w}dXs?b zO=1&w5-`2MXf$6?8BI1~68|6Z8vThmv2vVhkK)&N;9+P%OC`pPd#tmU+Ce zszeKGDy%TS?GW_F1aR;OSWW}#sv6)2`=$OsMyCVTVukRrqacKQP_kho=$AEt;15Fm zO;;t(xaRU7z_H`KFMGZIi-yM*&SW@D`$7RmN57N5HFXu;AmTec{?MPR=hul1B?hp( z^*(&JRtIxA0a~#ZaA^f#kCSM54j6r5U@>Q`Xo98lX9ZFxnJLo>J-NS^R;Ex((e>`* z-8J1kj>kjMSYO!Tez&Ei`@7G&Vz9C$20v(zL8TA^JreUwT9j2|mBXC+%GV{&P>N;E zu+=F8Hk@3Yf~KaE_9tFpS=Z5yvt0wOe_pn3DVR^IhsWw0;IGy>Fjq}XBEbiii7oa> zOE;Y=a)+tZ0)Cedvd@^DVW(%x6a`d)zTo5%D3%KQ&c@l5P#cPXA2IN20fRZ{hRtdW z-DLlm3<$6<{bMiaH0u2f!|VbTQ()N145+47k-GqVTA|T)QT*Uodq2eEycBGp!G}A| z2I!CI;mgPkKBBS01(=KN{In}UiE8cz!d7ceTpMR*Rj=t``qD?b=deD+TT~O1SZ+7( zV%2J*j1t{^)DQI&OgusayjQTowcdWPu^bGBJivs!pp8aBM}8O5=7(oDZCVFf4F_&d zp!LlU4kXSwA}4wVP}7IC3bd&|1a%8$x1M|E;=TT0WWg z5wfc+vpnC@+IuCWG6-jYHI0OO0jPGztb$mHfG8+1X>PxL*7+w?k(%W5$`>2$bno@t2b z=n>`+?nEzfME($c^`b$ifiYRH(4E$^9tcHpb3lcETLaMBJw}=#nF)7dF;DU1l|dUlSP{ zU}@Nqv)^(m222|6cOZyo&nzT99X-S}P)R8?7_@3`&%VPQPk*@o_?Q_f))N>x(%0<| zfxXP~RC$&Crvn4-I+}<-1FoqKCY(L|fD>M#)oS_!ouyAjm}{)W4}0ZBCyw?gx0~@B z_I-~(`^;;1p&9RR3WF)v?>O<+9|n7+eem)N*FH-lOoAYc*_ALnFF@wY;q<}kW%D1N zHNVae-XP4(L^IXJdSHSX}?f418;*5tloq$K%l1Ls~rOi=aSMjSsmlt@2vt}1Gg)hIeH|q~-mW7xg{8U$N zy*v_*u8_KUX0(<9ft>IAY~3y6eI02<8p4I)l8q~Wv!J2M>u~u;9S}VMSYi&a1fx-~ znhmgi)q)3Je{bKD(z0_ZW{Nasw%;ZqY?5cqyk}dgG-JZbdnB;!l?6ldX{oWxe784VeqP2nr|8VHww-g(v64>t28 zHHqj%x4I}6z%m&!myVO``j3XJu(IE&VCQ*gS}^;LKrqzS-8VSqf_((AVtirY7LCUU zYnkF3H!QpPnP>W6gIp$Y!n=U-d0hF-qFm8m>~^?_YsWG?$RZhxrkeZwP+42CwZ69e zv2Zv79LJ7p%dlpnLDq(G0mJIW4X=APt$XmLm$u&q0+%*#>5wQZvO?sVrEL4;Nw>{9 z)i_qbCRpb6;v()rZZ0|=1;CQiKoVVLu$P3++pzowJ&`iup{YT~5m!flS`w>v<`b%E(>NDL>vA=X++&~|?0^bvmyZbxd3(4B<}B7UW*m=( ziO6finTx-)w5hgp!0DrD=;IHp_dYr-dt>UBGKhf%3ua&Gc6yJ*y?$F_t;0Nwf{Qf) z<1PLRofqe6utMx3m$~HtT<*5nSrPZUVcGhn53O3`XHBRBi9i0d-1mGMVFdcQ% z=Y$1o7w)+33mb1!Aq-sl-0tHItkW0OE0@gV+Lkuez3p&%Z{7Cddk>*RcXn6V$#zTO~c%B*c)*tG8a#=3Io>T`is zGjX9J*5eBo0W1Wun3LFQ!>>&ZHO7F~|1)C96Z3*&IlvfeeF0faFDhW}MiZaHMX(Q2 zV1`iq5{8-M=B2M5mH zzxT)`QYtf(?R|tE7U+)0EV(% zSFVr-QowY@hB!dp10zjK#DKljdOpiAZ@7KIWOE?t??k+Ytuab0&sxk&TKtfJDH@N1 zNw3|c(rdS#aE78lBDa687y+ECF|mxpjU19LpZSmi(97K>%Qex3k~G};r_;L+WX?DoVmkAXp6AQ%;p2|3Oq z4r$BJiWt8kVmRqZzhjnQMM;X9MV&^y*=jexfT*pH3CSm0PDSN<@=>13A4BnvKw+a| zh2{*)IG)n`!IGw;QxEC1+<63GZ^9%g%vd)J&F`wVTP|C=tnq&&FEK7CWRyY;Hck;f ztoVmfoCp*xsDX-y~aB2;~}#HgEPF0;O* zp~KB`Chsd1_2W^Ys0eTr0FiGKo}M@RA0Je;hbA(WS9z15amSJbET_f>(DL+Y$(UMsgid8l%Pdp_Ja7VlR{)_sSO2 zK{6T_=U_Ngj5|0=5sqZwE64t{E|PU)FdLwLZp}Sry>F049!-Nw5qZgJc4y5DAUd zsG4M<*`A~hR2sII)X7%}v!B7LRQu=(UucR=ad6UxHYc2%7^qaL_Udx$=hYgnUT4y8 z=Ol3-%g|p?go#taaz$WPvH8Qfzm`VOh@dyAyJxqUeiSEl5{n6=dUQ@{U}csV&jZUcuTGjGc@ZMNMR!n1U!_FhLaCh?$8KrU6qD;mH^i0XkjSgF&hRtJVBIVWlk;R3@XwP3NMD5wOwl zftoJi2Gg^!Q{pP6WI`;>kx9KI@^-ha#JJmN(0<=+s6V5};W@9pXJ9okqvw)FD-kJ6 z(4~mg>~MsddYN3>XSu_)GDrQSW|YB6&6iq7hJZ<{*AhH4A7fE`L9f$nBMiH()M~;Nd#iFM942kSiyI`rEY4$`?a? zeZd-*L8nJ~!H!rY<>*TQqmBR_3rRqVJ$}M2gkI<cMa_7?sFY3v6US5 z`a_3x8crbEFQQeeffoe{mkAM$CGelh<$nbj0ACsB`pW@Y<^TWy07*qoM6N<$g6CNr A9RL6T literal 0 HcmV?d00001 diff --git a/themes/images/school.jpg b/themes/images/school.jpg new file mode 100644 index 0000000000000000000000000000000000000000..bb8c5478534b71119fec9966a8e73f100e1e55c3 GIT binary patch literal 25657 zcmb4pRahKNwC&*T?kFmUIqXK1qHbNxB&mw0a5@&cz6VOI79>l1SBLxWK>)< zR1_3cB5WKCTry$`ax!94Qc7Aj21;rc8d6e5J|N2{4sLF43I+iYeokRFE^f~M27y9C zLPAABB}79b#0 zX(TmVdI@Q{q-C_fg%$Sg?s4- z2I@cP52FOu2k-|J0s=G~G#uPV7bw6-6$_i{Kh$J6Txt!|f>};U=iu7iYdlSO8mVu+ zDL1rQE`@dYT%XP7{;dH}VLo2Lg24ia0qPjy+whk9(x3y-xn9+o0DsJx3ia?V!kD?` zqv!9 zY^`iu`$q!{37XEmY^P&wYY{HGlVxv}uGjMOSk?h%RmziA8o#Ug*?mnn)&N!e;TSV2 z(b2k@&AnmN;-BC%-%C0vSSEOh7h4io*4fZexVf`vrePv4w|=UY8!%NvP*PZ555Uum zdx-y6wrDIMxo-y|FvLbKc2u#=aV47+`fg(sC(=7Y|JQ2!K`rBw$$Gl?1US32O`UU_ zc#-jqu1jj`CzOD;Ao-PrZ!XcyMJ3!bV56aRujPBWFQS9x8TsJL?pEwr_CzYdd5TQs$iRC6~ zAsFXA+|6qa;*1kRp@4t+R>@C(TJUqKDOm%ZR5D_Zy&b9~B!w}|KsPh2#w6;5y@n>K z7*Q^cHwAE86QvJSs#!a(Pv%q&#jIE7IN%CI0UtcQ=I! zP|=zP%-g}dGb!g7^&V747(XpiUJ?EA_&wf4Wc$vjOmU_iRkYE2P!kR4Vy{4RP8H|Q z;VM09N)n{Uk%C#NKy^-anLUVzMjUz9jBJ@KQpaRn$D8HYph5Yxe#lVv2I+Jbj}d{9 zO+lZrIV4Tsbh`FF8s>3;di|ADhj)ADV?CiHIxnF)v|E&#-HctO5Y|`yST>Q7gdfV& zKqot+!4+TQ^R)2N$uHV-P#xh%I7&%@C)0SEiF$gtX>r1j!EMkNq1D0oS08BvHc{eH zTX<+rLhw>2Aq8T&m%wG(0iC*s-a6+~!3|$sV`-2ZbJ{LVIMSE&6AC8H%t@SvyAMBZ z1)yerY1S^Ef$kOVIIACG7fo%LsbLmIKG_g{7Y>b%T)V%$tulmP=snPMtsVPBVCQ0Q zOYE~rS8lQ8;5{NQ2_4PUb0k2!7Y#Q=!kXZDoTm_tp*zqrow8LSbtUdEv54Y>IoBUe zs3M4Nh?C>Et%e(qfz3zFc|A!}LaUoyX?Wpp(RecN7!Unhm3kRre1|iBL&Ego4$mb17SZ6%O!O75B2h=la~vt@0aNOd3b z(k#Twc;BMi-~LqMQlE5qj>!N~w*5glL9>(4CIP>kU%78C`7KE!AXvfrWUBh51U=t{ z#YnbqWV6t0!(RSa&)Ebh%OoN{?Qb1{3fZpcImxlZ$?w}Db|*lQ@kjhS#;f%vS{`bH zfxG#x+P5fY`UK&fT1>;^F4Q@~{^Wel%}dBt@BXLCIk#ybLvT4F_leo`p+WV*YE|?4 zrKDeTFU3>eX;7ZZli7=6)ZXkAw*=X&(l2KFPx^6|3^`=i&}-xy%c~2Kc%NGO#v%EH zW*Z~NHyW-Rxykm(@1Fzvw(!4;8rUKXaMlFgRB?#AQ)q49z+BVHl2{h($TzUgT%2IsI)zhlHv}z>s?Y4W< z5>MwI1dWduNfd%RDW^(yX*BR(H80A&#px8GCXxivL6_iCRy5Y}9gs4I0Pe5dL^SPE z?DwOU^FY2jYo*E?FT%6<6J-`!QySK_k~IY`;*z;vZ&c}HS;?GpO^dY>ikYGlnzG8U z-*F7`Cz-*ZSpKpf{h_Wzn)XKfpA}-X{Bj5Pfm6bZw83$CL0=U0rPGQkexx9wMU&dO z&8L*uG&NYXtz|Skf?W=2TcCgF5=wrOR~IhohFLdEC^mW2sR@j#B<~y6^$I8Izc90n ztWX;~DI04VL%ukWQ_WcmQKcF=!Lm?S5%| z2X)Hiw?F7LXC%(*@WkImq;S7Q>}*g0&s`twsRr>dG1#C;TVbCT3ro!ddg@>gvgI7= zx(KJ{JtlPy+j0l!N$gm7apyM1BLQ~F8(d#fctj$CukzciK9d`zv9(zGGJ##svqOK zkh@(L(eEtc1so%%PFRX1G1xOEdxXbU4)TipVzhe+i4rSx#$FFxo*84SU$lPlh@F7<`5vUs$@mIZB0%T^1E0tiOJXT z@UK58V~QfCLx6LWG-RV+X{dSvKLMTvDwWWw2aiW-zO#Bza>@Q7o0FTifGy6S(qDY2 zC_a_+zdNX4Cg)?>H$L%a08=Q@pyAMVXg#wt7IWv;fNsnD1| zy`EKML9a*h=f`IV&ztdAe=AoyvwkeqDm!Ew^!m%o8LgltEI|S`&MM~}RW*Dn^IfV; zb_vW?DroBSCQcCEfqEHzg>x17Q32g#paave#+p1&$JVl!gxfXCuSRPg7w0y`q@+zokIfVNe5~!dUTMW$s~-B8 z+%tob8II+S6C2(|juLFNDnwSHF>w6KMzia9TQ(Xi^X*K0(T{X4-5==ILia??8g-^` zq>;c0FW#&DJjAi=lTDchfgO?C5x-YDS=+VaHFh?g>HqE26e$@<<=y+RkGF8Nhu;a( zKc_zp*m^J6WOd^#tYcGxACQLrX?UcL%rLc4Y?5$A99!t|Y3I&?$l!Mw{dsa2(`&Wh z*t3yjQXzCr!G_P5UW8ADN9ozPxi*7BzRiu6j6r9#iuMhU71M{wDI!0HtB6w#4fpNw za%Prd!%LjzBbMU7mSVZ25o>wQ?WK^3AK6cknwvk6?G-=D$1-I5L0gIhp^tP=Ds1sH z`xy?tZt`O9SH2aM8>r;Ok$>a5I2`glxwI=0r$0;ffvoh+)i-f^v@U`vytZV{`&mO0t}YJP zZIYagF%a3VDf^vLW6d&#DTSwJVWx!eVsmUHQsmX2zg3uO_VYBolJ+nLMW6ZQAl8>> z_}t-(Q1Qk4lwgaK1ZwHHQn<0B)A_&3(HKD4fQ#Du@ZMx2h z5K(P(wnG&)q`l*AbE15j;U9pKNu`Y7k!++wwjQlMs%`IH7RQI_#7XsTc<}*7pGmBC zBfZ_+jY>8bZ9qVWw@4x2kebu!7WAA{QipfrscQT;&11pTfdzdz!Z!H^`X9hbPcXUf z-TZVcySb(zAuo_^s}Rn%lKA{u=p6`4>)W4Y@`UW(qNW=bp_K|MXI2M_47h}9@<_E@ z-IuHeIvs)H3;+DQ&sZZssW*if@}EZ|D*kwzllgNs1)LN|Lx7s@Wg7{Rp_&vTMu|oG z(+oWDicJkY61J&U!b*gYP%a@x$sw&QDyW`NLgDYwdhg+$1! zLSv|P9a(1Cp|8!k**l-SQIHV29HXf>+jmO%h-kwo08JpN4P@-bxK=t)!!D!#! zi-x=um!anmh7xhzo@q$g%gahm0g9xQx^>?hgEB7R zVOoUiI`$M7KkJRYwJTdW!KjB3x}lNm7#oyuE9vva!pmep`fZtnB(~lccyGN$B?26& z-Y5~E>s%UhU}C1YJr=lkFXOEaTj9RdTH*g5ON0A`Ob{Jup!`|f?ZlNl9BN`)unl~u8_A3tJhpXN7G^ROqjIRIl~k>xhCj*Zc}NHx9CZo+8sjHkPVDi z_>s!RfSP8RP7rRWC$Dz^%OC_}bQZMs%&t$)e}c8?{M`JwzlYtzZ!RS9`l2|;VsTixcd;qY z;VZ-8bP?^2#t+sq!SOm55MKQ>Od1D=&;|C~G5F*cqx6+zL}L z8PI{ds_Xj3GFPP)L&H%kxPg)WM9)tcS@})%)*pXZ>vUR+oX(kTyIkGTW#l}sPY^_o z!K((PBNca5Lk*_HHrH%SNaQTwcm4HEm&dI#ZS`p$agf!tq|Q(eI3(kPilc~YA1m@Z z0O+RQx<3?0amYr&^LMRF3{DhsAnkl7U2I;lf9H6m9f{L^m!%_PP{Fvr6(>Nm&57~K z_f&~e-D>-djQ}MwQJ=-r@UNZdg99yL4wfo~o7$2#8kQ8g9Wm&(7vWK7iO*G^4 z#g~{aVFb9KZ^JZZ7REB$C zcGF$knaAAh-6FCgajnytY@j=pS`+W{w*L(F>_5)HKW?1KnzCsXL(>Go8i8XQ&?rMHw zMAnr-X~GZflBb#Tc#M&|uY{p*ROT!|S;V-OS!%*xN2h88($WoP;A{9fPeA<=t56QKb9wzG z=N7!vmIuF*Mur&pLj^Vn+;loW;oRCwi#m_&9Xz_9qNDRwt#0)bcc^O1f-+A@j>=VYh~^fS!9f0?M9h#THzTr$W^1j_pAlYi%0pFS-AP zk3#IA`Qru8qeOYPk+*s_`ZFT8`>xPT+(GgrmW;`#|K&D~(H|K)*d!>1935 zmOEa9VA>r#sk^nNJP-kN>Eipe?W}8BPHF0OGyavQT~2}zsietP@-$ld4{%P+D3~M+qi)#_X^vx()%03igkA?iD%#5u8lJr|kG6T%L~f znb&B^T)iF{6{JbMy-7M6vNaUPKM3*EK4i^Z=>-ji8N?}jp#4aSoa8t+A>?DLbeXoP zKNipK>a@H+S<`u?}J1hO&N2{6aSF*-#0;w z2-(e_?%U`80Il*+wVAtm0y{9cQ_&WjYCM-eJB z`lGc#2?a5ITR{27?#N3uJvu@bb?3Ca>R>x>puEDnd^KA6mMqO_{WB@DpZ|<2V0vd? zOi;`tzP^J%?*h8$ft)C%=>#w$+V>t`z_c7~RS#i_K_Emu=daTx!)*i=sqQ-PI2> zckedbXjAema6)9&?_*pU_gYt#j)l;pH{cD!U1B*T*gen-wxqu!A5!j%=4egygwHX` zEmY_D7L+!8s^%ksywzzT{N*kfcJCIoB~yTZh~0u*ZC>F(*bbR9s2qX9tGyc0L;hsU zbx&4?a80y~^Qo<1X06zgdP z%=Y*a@$?-qn0HABbw$M2S~h)mi6JAqw!RMZz1CTp37q%foOK-=K3uv*AchcQagg|3 z0PuR+_=N>t*|4siWIW;iOzpMnf2RN#1@K1Dnow5N)X4G;CCL~-nP{0R;x!9 zI_shPDlOGkKCC|zbfsC&Ovq#62q35y(L~~5?vNV1)U#Z_PCcHo>lwX9X+0KR%`rp0 z^<1fT`=I;OZOtZyU^JXT9d4QoSTS3z1qIe!U|>BW5FsE^0M-xmlWbfyra53#_a9*J zdw`GVA)obk3yf7}l0T5AY1xgUhFBh`OHd5_i|J+eyU8m^Z(NA!dKpvXVeWiFOB3$d z-W8m5#hH>i&j14(|K2#N!@O@P#bafL?lN&~Ob$AWmx(&P9gkHJbfG=KIU80*zTN%? zH+BgV!pYdt`%sQC2Oa7G5Hx|32{U zlz{qO%vpD4zjDYkl=8wm8}E21j??hqPk4;(cA%`BYB zs+-I)it#w^H_FIh0_{BJLGsp6Y(&KT{XEI{Pu23Y>P8XrdU*e3qTfFN+}iVL*P$h> zAsdF9Tk^aT*WIB1nhBzwQ{KRS?$IF=i`5GcoXZmCC}%o!g7b35&#NLrlKJyZ6Fcpg zJe-q+QAUqVye%~ZKC>~^Vo;UX&Af4Y}) zBV5T2B?S8<`4vR?`=Lqap`y@g<3shTV$ScRp$OB)|1LsjZ9TIGErd5DYnkI2ykUiF zj$$S%$1^3A8t#-T*OI4Wj}>)v)CZm1t#tlNn!m(p@px3RDtiMK0rB2NHrv|DXQBSx zreDGLkk8P^RxGs5!I00aku0-dV86j4cq(5`Bf7T=Hvt{N$}f3o>N+kD&6<3$WV1=u zvtC?Qj5-Bu;!ewGo=0DdBOM;_t|?Ro~vSTX0^)0-wsacI-d?f146LGj_p zJ=#BMzsd$S_{CL+k*b104LTEHK>#gFRf!jYvIl6i0SE>6rWI){bbLlH2}_7K{fGra zz-LOAw;zxaSsLlMus6G6<37iTjd^Y-?6I_PrejvGx0K+}`x!kde2iN}43j6nx!FH> zCW#`WA~nv)c9fqE+{zpBrvQ14e3~6Kd{&Ob%q7_Mc-OG^*QyFEha()Le-&+17uqD0 zKmDyez_c)Zf(Gs+q#{wZ*q1U0fo)!vRco@A*777QXLASEbYQAns9X9S8cA8{gfFCI zIsGY9TfiWH4psc!X_5yz2-{`@LjpJ$gbU|^-97L=rUw5GL?{_eu*-QL06MQO0w zxh&jb$N{G~=i?(&v2blSyEtOr8s0jdv<82wQv>sbehg)nafdfeQ4Wp`C_#x0{^hzK z)V9l^h2vj-Kp?~anrA_M1$7>VIg!4K@D8dD6BZv5`V#?g~4gi4ps zDpf8w%vBSt{!qqZ8QJqBgg=uQ5oK2ey#gg+h&&(jl{(ikpXgB07J;1q0?5mS8aAAC zZ_tovl)p&Mhv>%I+4#CcJ#vvYGHV#lGbZDLu#c{~YJ?@th=3E@CG`f!Fftzd!TV-s zs~A5ASMKqUg-%3-qH)LV#9Xy~Cm&q8DsSDo}37D6iwCo2WAsdwYLB+DNSV;krxz z0bCf)qmi8oI$3T<z4uSN8agD}dR01>64C!5Uth$o7Co-tr=0F2v?^UGc>Xysd?VYq)9 zjnFX0bk^y+NasOT%ew~|i&N(>_Vb@g{{ZM;-MdSYKypnKu;)}JgEb&uP< z4xbED=bNYjt!?VvZalkY^n_gFg#Vj=}l|IQqJ(*ccee z-WKq4>w`Q>ZKxp$1^|b{!u>(LSHfbV)?}ZTVmFGjpX5}&8u5_&_?3V4D07bAzdLFz zivG2i{+_G}_~7@1&vRWD^n6~-#4YuEGJwtv37x|#R7BP&bY>H7p^C`bi@4>(08Og0t zs*w*R8CL52r5jFqby(fZI|wUdg;r?QSi7s$G2C~7_tdEKK|YEJv8L@UJomR#PS`Q5 zI<pG$0ZrH7O< zh|mX#WA=*~7am$wI&h!TuGpGpU9XcFh;u>pNAaGYA&kstD{+l5gPO zsbP>=o$G?pRG){iDRmPjAwKjx4(q@!~?F^#$g6QaJR!q^LR2 zc_Y<5cz}McMWkE^8#Ah7bNEM~M{Xl6>B^-vbBS$uFfve>u}fC+b2!5!ZQc+|B+@fU z<*2UV<$%MX<82WP@lwz+%9~nbf9%2ur`oq}qNXSX(qy#zNY^cZ1kJkKbKX#huDmeZ zc^k?qc$m9Ahhjltv+=XqeTL>kVZ@TNSu0QoYKy>Lm}OBr`y3_OhT~Qb(Kn4*k0DLM zz*ID*6%xlq&!7LIu*V@V)!Fl0v3YxR)it+t>TPtJR=!X!bdb8du9+bG?bxS1Kb*VS zkXEj9(179Ql0Q9Lopg})92X&KYGu0*vUD!pGtWbW2r?B~{PCCY^amTz1U!+Gvak9x z_2fue={|ZJ=lSbf)oIggf0p?%a-$k8q5N=yR$!&x%ZI#kbq{hk+ajHJcN$jX$y*W{ zo>}1A5R(Lk8|0o3UFAkT>jPUl=v0xfE+Rm0-i(TqktBx^wBUq8_} z8)?f=O|&aSblg+v{J{pqzXt4-?~GMEk4p?L2yZ{=t{R7mK0!73qk3Z@xZZKKSsJ>E$iFZ1wo@Vc?d+N#K+g2-&j2W>&g^U@F zC>chbnD8qlj7BYtQ4*I5txS>#mkKqJ7&AgP{u}1VO#!0)z9i=QP#D|)-fRD-K3x)C zIWBBA8?s)Rmu#oz-fVy&xb-$!mZBoRatuN6bk`u(`$WKP9yzrhq+*=`U$rz!Djv~3 z5J}TE7P8AVT7QL_gXac-n(x?4n-J>bfIA~iq$o*4340018escAe?QZR`rjjUwFQtC z+h2={&$KD2u`P^_O(4MnD#YKdz(%+1ujjmexYXX}loBffFv=1CKvB(#kv#*E++`~8 zGevsx(ORYC+@4)W;r(%r4u`YCI-o4Ikw1>kEz)ISsAjR){Oje1rt#|+jh$DXg|Cq@ z+i!WY?^QwC>`!QI0lYcN@54W2bt2nvkVwUslC{?%Um?i$Y_!#I8?FpOar-uB5py~G z36b80i|QQl14HqW&KSmL1lrJ7&6sHk9;2?Lqtnh;*JTQOo1`wwoK+)Ku8v_quF3}o zc=l$D*T(TBvMu4UQtik#Y;;>z{rv6Mp!K&4HI@Aj(@xZjn&rNfdeLu=Ka+-8j5u{aF}cZw4ENkm8~paN7U(1tSs$*V@|Ov=l( zs0^IH`vKvmnza|E+vz>u)lK`;oxBhzsC)WlEkfbY=J<`{4xcH~vsaD+s&| zF|A4ZsnQRdL%QEhA?+cAXhpS}eI?Xoo4}uC>5Ae)jdJns}Je;uk)jhP%-7& z@eiY1ZSvnT#vMyhuzxXC{{hPUK}ddnV}cDLGg<8eMo#g`Wej-aK_)2y3YA|6p36s- zF$vJ*E2DijOE)AIToDy&IB|AQOS_~NAYKJ#znnYS_){SQ62u{T(*+bBsT7G>zfWtO zcaLar9RnhUWFx$-tDTb#r_J=;!8a>I>Z+p=QXz57; ze#lMmojxiF)>bJRt}|axJ62ES_;sO+HX%<)SHMyB>P4Ihtvm2U<*-l3N_YEG{ZLU1iH6ez^!cJBXGL8gcUI+}wss8}+s#f#h`CX4!hNQ;tIP|nEHb~XYTj1OH&LSTjg`NhU;rHb4 zw(*{D(kP1>lEJ-jOLzIRFxJ`mGfFPmcy}gTidL&&TCNL`BSu%Z@Rd=r*NB;Y8rZ6%^1hpJ zFNsYlm}9)1O}WiDGOyr3=kQo9UbG+VEv?6#_eTTK%9$j7OV)?Gi3l^%GkG2%9o5^c z8=nXe8|ZBAjM(!s7%Bv-=$oUx#NQb;Koi;!?DQ%p^56x1(z^Kmq#>_lF zH)hsE;y3}5CQ4>wkJUKkBzOcFi&~q3LfSAwsmM~(Y?3#5x}!BaD;s-UryVLUmCP5g z_<={5hQz3&qRL&CFOI--ya#)5*sf8}+|XDP^wKa@e($kD%jUYX~z3Rxj4BwaDwf3l{3ynxM4dkqyr_rJ)GE=G2z)!~nMd>p zgub)b)M|qE{$Xjna97E6UD$RYEu_SCjiNFC}c&flDZ6TAG1d8NC;h86D*OQ zo=m4K7RiT=y?UVgtH8oSxD*f6}SI znyIad^F(rT))BAGPuS|%aDDng(O#YlX?x9EdRMBSmzt~GIo>C~C1dKlgYJ_J>pD!> z;dhv2aiV9xFOxw9Cc1i;rI#njUf>;^>5FSdAwcO)`#S{`C?Qzy4+@m}Phq7n^e+9< z{(G$~ny3D_6afA>5QKeByHia0n^hf=;EPH6S0RQ;LJDQ+cc6^RTDVLv;p&s}Sf=UX;0P#iL~bIVV@R2wWG80B04Op9n}^-2=3%^0vE7KK%n^ zn#EMFn`AT8;LlOFdL!~8&NGSWkzw?H7qX>D zjA9NAsykwJ+4Y&FPtq>iap8Pc;M-ua;)!v2=bZIQ>KAzba7vdl1NnDBXh2w9QlK=Wo%GZV`bjOnf4qqYZv$UXzYVfkF` zF9yOkZwP{U^~lOa1<9cNV}4V6Tb0O6%j2)TY=Pn`c5@+n3-7bZ)R!}#Dv{Yyhcy*o z9XDHgA{DlNZJ*R{0jX%mDfyEm|AryLai`=I-Z|qZW0^&lwbb%Uhk8<3YnL3L6-HE2 zA>f56Q%W3dR^cE!4IwEful@d}O21(XL6_PFO%KS2IQXZEV+|q(9wXa8 z0{sKRI>9c<9NDI9hEhAI`&WnKWs)(5qewEKmff375JrJ6Xr!hO?SL6XV;8so4?uG} zPq^YvksoZirMPwS*(#oY`_iLC{RLU=C0=Px+}*@riSCM~yY$?tQ1CU`Ti+VaMx^2q z;B)Fw0A8q}sZ!k1`n|@op{KOtODB+);7;Izz7Lzv4Hbmbt+0>#M3!vf{|onJxsZE7 zeu8@6GU|I;8s|R%Qym!X&1c!r-qc}q{|leeO}0XoXXKjt2};sox`2281o%)q^>%Rp z3w{?3U;e`bI`xA4yFhFx)!$t^e;cWaN(F0NWOXw-+N$wPgfeZP$Gd$p$~6O44iY{- z(~Q)#vup5vSTP~fnl#!rf09WKaIv{7Gu89S3WxhJ+N=)ZFrpCykaXdM--J`I<+cgA zYqiTkpHF|6cW7^QZ}ygA6$~05)1ME=^iC0wn?A_5C!tSWvyw>b@lcrm?ldg}uYK3_ z88bO`?C!_2ccq6iG3^@vm9cl*cmz8}OFCvm5}2xq3)B>(0wDVbfV8Tx@Y?(a;AG{` z3f^-2OQA!#@xd#WS@--tk`zb~-gq;*nO~nvu2tDok$;S@?Q2FdFlo-9GK1ag@IPVBLTodqskYM1#81k)Th;Y2@{v@AD$uD(;H zjg~O}Ss~h?L z!eAXP1Qf|Amaz#X-Jvb&3!jRzM z^p)>7lMI9d-Mv+faY->kAB`>eZ*2(+-^vCqbjI=ILWH0QZ zDXP7HI@;p;yO7w_kUU68)@w?tJFhYo(>_5|OGhnK%vyFCi7WZUfFxu_#>C1mj?NTZ z9LwUfY@OlLN{uQx4`Al_rzq`g?UYz z%!M*0J(iBS1Z0&z8>n92YHO2N4rNEs?bRf#)hJPMf;je-ztv+lDXu;$9;R%TR?igM zFdHNe$F1AyWhDy8%OR8(!$MVPEPs`zF0I*;#hCXQ{V#a$-vA3#DIWw(&HVH>v}QK< z)z9T+6;w4sEa;kDV>Ar&nwG^39>K(DZC{3V$#FeKy&nKU)e-N{*Y|VdT-2t%2@uJ3ReMH&5iNvl8^G_t6j`XiEUTn><~mZ%{aTer zBijI0X)Iw(6PVYz zQexlWyHgt*y+(;H)E}2sPa8V_0jP@>zHSQl8S};_ll}E=b>ITptI#n!0ZvqqR5>Mv z){n`C+N>+~%NZ;kEr?DgC~-RV8g8p63=LAo)$l=fhVf*|1s!n!t;@5~9w?z>*G6}X ziX-H5zu;*<|3NV#MU818Wr0=3r#o`{X0n|n>_&;EAyOJfCWJk(NWm*Jl4LD!zl*(# zFhtyDUy`HSWVg6ZvIom{X!=#z>q{>IvP(9VH-feEjX zJn5FFDycT^WaFIzx#~2<{oGN7lk?|0zknFKg;(Zk;eB-Q5J;mTCmg*nWM=mp2pg>r z2s|W|N4}yx4~XHCQOsVdsyjrK;-(S+&FzV{oB^5ac0f6yCkR~;9RfeYs;T;Rc?&pk zKO`Bj+u`<>;yR92!fbI4e~vjQH<~>quEyD#sJqFqzF$BzbK&W4_H z8!4;DIbn$u^lI;J$VaHxJOdl*)Ne? zI-K|_ou58};%tcOtUb=yQX1I?@&cp-_Br>~mjF$B@=N z$}f9w7e0Hddq2Yzz!q2bP*6yl@`@A4S_&aM3LuN7eFLRr0y3l%q;9q|$V$l)N#Q!M zIg3mArz__-8?A)Z!wv5vQH##B3N6}p_AyDEnpx!R2=vteK{=%Cln?8KTQvg9lR{bJ zMqr`rqH6r#O7z$B0S1$6T@!o)1lZJRW2CyhC{$kwQ9+^I3aO8!E0lg}Gt=H;HBK({ z#R;#oYzWXkQW} zKPNJD$JnnrP;wlsv7&9z*v;^MG1)YHuckV$)#w`GVD$$&0BnWZZ&3XGTL14oT|I`% z+Fscu`O~1S?(>H-lPoJ_h_dZ`4TZt|N6uX!2NMu*+|D~v~VhYkceIDN_ zhCy?hsVI12S6$-v<_)tyZUuq!xGyTiUS07H?eI~Oj3hpJ3?Aw8#V{=&axPEGTgmeOD zaaqM$c(tz|YMJaL&U=wN8oNwgF_86oXzNmj&qXLuP5^IV%;xOqAAmEdE$8Z1E4Y{F zE?57HNx<41HW)15+H{-lo4kWi(oSw`@NHaZ{J6qE z3)HF3y2`$;NDjk+zqU!q6<%+zK?OByQ?ir2EELr)nKewm1?j@TL(gLo!j8Y>WDZH5 zH`Du-_$jjn>Fu~%>6$KcfRyqbUf7#V3Y2isP}_d;wEfnnJR1xv>+|fevCX1Jo)ZC^ zXR-_Abp5^2v)y+a7^Vy9H6|14V$sKuQ6H)73N z%pk1~$Ryul(Zw+9>Avy@Y;s~7CU?c%iCRvkO`279rayg@Ca73K0?j0i0M!T zQXh>SAt6gAB_kLB4TrG!*Q)l&$b>96AaCNiSXf?Mas>G$eeb=rGL1Gi?nHKn>#v?2 z5mruQ^IiLTaG`Ei%~bQ{$ogh-dC|z~8*PN8&<;m7Rorv(*QrBCRZhafK?jK?MoFM9 z4jP4G(k&Z3tx#UK3v`zhr=4XjfRw29$s1=F^mtdd2rX@ixm?na;v5F3mn$BfyFc%g zh)%fT!enAP!jMidr4(}|SWacCJV>Dk)GR`TAwm$XLKGni5QPXrgdtdj zC_)q=aL|RqC|ZhBScG28R#|P)fgX5zGlsnxW`E&Xp4*OR(=(F*&RcD6#F0MU>;=Yf_dm=VNM^ zj0Y01y5h;`DDkSLTvCz-Ye2dd8-3L3UlA|1KHIa9i9d)XT)m=8Y4bDOLCN%kNhEnL zs(C;-O47A%k(+w7sx7uuSg)5k(ILpeYDRuGJHa{XoEo{$RmKgLK`T|Tvtqyye4vK3cX>w6Z9j2ybn9kRw-iqPkE&r)-+^qdLH#%jB)Qr|nO@4vTy^rYXMFYTj-5+;9d7gf za=*5)#@-3rJBFn$jYU0VcDEVJK9|&gT}jb!U6Its?B8kWC8KyPtW_;KJ{=u3cb$!>kCpy=8-fHL#}=5 ziGsUxzd0woJOXl!TWTjMoiq;u`=5HIVy___s&(=?i*CkJHf@ zBH$Ett5YT0{n;=WF|Gvt}0SKCI+BW!pML3iOVT7Ma?e>hbb z0yd|B)MgX&Fcn(2M>OEhqt*=5{T}OIMc}%594#_24*cs{T6)0RC zd+tvmBE(yeOS!Bso>1E|bxrAjP@v;)PRR>N4DLYRY;RDONds=detxT_2FBxO z<;hd^IF9UuN<`x&_c9$TbDc-P=ySg@j7b(W>G#Y9_m@_bn6_^mYh zl9AuAuB;;WTw%l~zX>|m_|J6t!mDtEVk*5hbgPudW=)Xni7u;|$6ZlUlzk-DtWD@b z=ovVnXcsn12>BW2q{g~iO>ujr5eToLC)rA6vZH9Py()`ai#u~4`DskxDh`jn^&uBc zIQp<&<@Ji^lC(E+sOa!L`Pe8^hLMhQy^ z+!X6PEK|qLyP$vZ=k?bEx_mcS{QkD5bq;3!Y6_A?!z92zqYa8#BJRlpV>I11A1)}hJI6d zxxp6_lMpgOiZjj5l6-v?X*zQRG0TJ6zmZ7DTeNt;1mS!jnVh$EK^~UBwxmCZW5JCZYAlWLk;*IQM{C|q9V z-$dBk+yv!AYOdHLs6UEK#85cq6}v!?(l{GkaK%vkp<9eBG_D)bRUK&=8~Uq5!belQ z3+j@=@TO6+6f8o7Awm(*%ZtfFYF0YnW|X)MN_NKgXceGp`E&15a2uQ}VOxZxuNgpCYsJhC=ts!@A6H{YOY1Tub(7-_(k%BUO zKAP^PmO7S~H0k23$GGN2lg$;U?z*k%1~bqjF&rnI$J^>oZ~z;ghNo0whydbld{aJL z8?LPG@QUi~-YoBa?SF{?6o!^Lut^(xYAvmau(~0?#c@dD>6;~uf|>jQy{7>edul-N zLWktEg4~0BK66MCu>`7mIoIg%9e|?BO}v%^hrTDCyCfi~T8W^zNhjt2Qxk z^G9183a;u@-SoS$(=~CPOX(#Jvyw78gOQMT6-enKf3m8{@#qytO3Aoh_?0cFrGz^z zASq7gkqJlypQ61=nrOuf7~^0*>xGhGsgd8CmaOiLzJHR`uv`9aqx$Q{5mJq8et%`t z*3WdLhK3Gv{<3qmdvNr0Ew)RRO4$yXB(1Sy zF3SA1+*(xhs42*9pZ(rXZ3A%GyNI&dSAf%VnvZqlsE`?1pff;C@RnA zMsR&fsGgjQkLUVU_PdD(xGtq6rM*XPN$x$1pJ}IWPQng#29vY z6d-WZS+J*{e%yt)>B_S)pF7vNqH6j_0M@%8mY6xDx=l)$g{5_ky{^fvKEjjCSG=~m z`0Pb-Ni8gn#AVHP2|yOIt>3tRu5R~NX1iowR02Q}TUG!V8im)UuB z5lJM4%^50v=D~H-(or7m1=y}FJjn|iD0&Fk*P{hYQ;bnM>y_+tGH_9~bcj%dC_?o= z!JLt}vfFd$x{e$5)O^e^GA} zy?$*4MNlhji7kw!y+(T;R1go}?VtZ9hYp4chOb&b=2D+R4N1QK#lQ z;&ikLjuk8R*OvsWgSH0a18)kwRRq(sW?h#HW%Wqfm;;N!AeCbL8@);W-p6!`d|0_M zuswv=oBA}Z(XA??y@THJNV%b|N;wYS5Pc<;eM+qTI-q|@Cmkanhnk^rGT$pt+u<<# z^OmU&6#*$J00fSpf_L7#dOnfy$XxaY3(H+5-OfMQ6n|YK zsii;sb-j8nAsKc{(<40B*D>7Pzpu(^M@LTY=z;MoI_z9RqTMvzvNO)hoeJ`~Pd<5? zc}Z-A5^_`$laH3YxS^_SVWhR7X^}tWaXzV-vduZPzj)K}a~9Z!AUfilOD0$V|?N3NjUb3nds>nbATU%l|^J+LQq=uDpWB#W(Vim+!Z52chjDK zWZh~WAsoZhDcHXHk6ioO?I%!i{)4%XMV)FcAy>6Nk-6$7qatdqt4wmGC&}#YlfFDp zqP-dj>M2W%aO=h2Wyw_NW&mQfl~v9it&fYRb!?(MAqIi^39nc_wc6nv&!Xco(~o$R z+7Axy-c;+;bf%(IQb=W%nZtw9r4;_H>!L$AXbiRZ?&PM{#9T=x-fB@CF>U_<-fdYF z{{XCl90TM6xXisE-*u0J59apfPzBsx{~RP1-BQ+9bP)3VVn*CA{;2jnZw zQ2f#k$3B{CELt^(ipX_oMd^l`Y^#^IZ*E`GPlx{i>{cSm?2GIva*)(Hthh^QbR`M| zsVAWxBB48^j?TAa?@q>o6tWLG0je~I3xtOvyNcYFBCSCPDkEXmmRE?|iq}BRAgL{l z`E&BuBdcwsXOZ+xhsAKoM^KD|(_>2N@-$($=Nlsk;-6QhriBPxQRPV|xMqYdHZa;p zekejU2ttG*LJ*+|oz0UX3ffODRnwcLLZ!H)vPZNzq!de21(=}=9&$+o)mcp2MjEma zX4yZkl|;(yn2NQ(<;ZDl1fF2(In(lB=8@nQoJ!Q@K_J-@4~9yC7{eEKnzb<%5YhwE zTxXR5z%$BnI{Dc3Z(K0|=j1Y8rA*Qo@XF#&>)$1Y@pk&<-&Z)%mD;x$awQ2?Qr}FE z4EWb`Z>e5W>;;0)snn363r*mJ`7t%yY{w)uB>}e(Re-I>)7~i^s8ndkuUDiD1K&+# zh}DZ1XhP)+P@xMq;_Zq={VePD)bdDeK~EOO7PkAwM)bNIlLh8gu*5eLF(ED}Z{+SM zsAtv=O>0i#u!O4@`Hj3CX|u?kiU9L{o)xQZoefHfPN%kEfTU-YPP7~Y*`B_dQV7v) z!CKaq(lc&QtrupWYEv$>3f7WRT0F;?0qE(qRkb0p;7%+S+Z73BJ8dBaC_+L~JrxVz zRWg^!9XIvSnh`-!UowFJ>_&671GSTeMG2#fxRsQGqMqUauNrD6hmbJa{(yZ`2W7vS zB2wTyq$|*N`zZw+pAUp%{{YEbi}LDQHS{VdW`rc(Id7Nqh)>FBS`w5jLWChg5TOWG zAtND#$Y{2*Kt1U=B9+Y!7AaoP@nVY>I%2oTl@q>6QOPxoW&va}Fu`D#$nh0Rrd7>L zt1UK5ROxaiwowERC`&5~aSA611tV}tBd#hl6YMuqtq>m3URRmK?MUUuQ}CvF3lF+n zG1)>&a!-FSIVZoyo;aGu;Rup09M%E>257$>CG#vEgHtqE>?L3#)7#VLet8&)%mI&$LOX=r)gH9LJ+J%%6PC=Dble@IS9`DkpcJJuGFxhrVlR;jzZg&TL0HcolpILETI z%rtImFt0`EEiUGh(=A&UC2y=PPAN+03C6>~ZCKl!$_X=|zxh@7 z>TaH!_YddEdZ1KqU`|BcXy2S;KkD*@{{ZkBCQ~B~uhHu*mRNeKvSSgDzW1&o! zvOQmnqi+ZAA1_2&PumEO>Wy@k90T8G)yi-@)}N43~b^1P9) z`r}x+38x3X@={0csh1-Q$9~Gi6F4>GZLQ&w$gJi9V!z2f{5jSsAbBn5e>{`+)Up2n z_CN7WVf#qw*ZQmxnAgq!0NbQdiT?oeANZ}p-`Yp`LDeIyd+`2x{{Y!pick50$a<~8 zAMO5fMfgb6gR583{Q2LzO?kh3avrI0#rtTg;%=d73R{Nwgbu1y<$wpZ6vJ*!guwiV zs=^={nACfGSJds=`JB036#BV>9`c+gJ==2ck6!iETQQd><(5|au3T{laTeyY=jA^o z_nvvxxa-O*b!s^)B;=FhzV+6)5;P$S5V{U1Lg`s43CX~$vfGpw+#9Bb4=t=3P?So^ijil_U0 z*KWd}f*%dqfPVSDeQ?6bzB?F`Xgga;+iLpI*IFo*?M~-4nK4@^eJTca_1dtjx%iUU|qv^(Lgp6 zDQ~;QI2>7YD{G8#>Gzqhyvow`^8CGxTkfvJ1r5f5u5U8u1P9gsRM&{{X^_t$+^BWmdi)b(m4*Hu5{O6n(YXgT-;<9p9>vXO8#vGL<_z zBW@ArBi`)e+80o9m^#6rkB`}Ox2q9%8x-14AGK3%Vlv=7p7kytC(+JotPdl%l8lBR zdl{s^WEQgj05@y-vHR5cRPi^0G50}h0scGieNko0upf0`~6r0N?}xKCuE+)pQ5^{E;;+nv_jDo%&H zCN06}PN{xP84e%-HYzLFpJ4jy-|1*W;0|aQi3a`_UR@K;GTY<@yw-v5?YEaJbPRRo zNzHuURGRq(>4Fko{{UH1uR2pnJ^9T)RH!2+rnpL{P*~NE+mXp5^Nk^+sqU4C;_qg_ z<&eoFbqcKN)f@`KR7Rb|RJKQqy;nU;Hjx&Ei9O{E zqsiSX2ujK1Ct$Ag^;g<}(s2z}&zwM5=#ZyKff(yT5TOWAgeXE3A!~d+fd(d?OovD9 znMx~BP~0RE5(mb?6bK3cawBe>z*mlTp?74s>`Qvm za~-04k03v)wX#YMrDcLiyJeYSIf}sBy`=q=&Yqxq$C?XA1zgpSTkLJckj1VG%{Zc! zb26Tz2N~|j&3gS66Y8Z6q`z(UW#-o3@+CEJB5^mDTr=MmzB z5-SjpQWS-9sU;`Cj8>s?ge8#@Ly6`@cUGSippilm6p)k3q^Kx$2D3EXm7s8<&cvJY z?$TTB8h`?uN`^sj^gh9p>&0`=CJ}{nK@f4ej%mw!&&H4kr6B&g;c%32Uh;4ZP@mma zGIP2HMN7BA770`;8d4S8JV@#Iyb<)$ks&s)=C;XHNNKhfw7lwyQcv!EDN7t&0Ul{w z>jG3po^4E-PB{5VaE-!Bg0|0JZFbjKmbIexUUdUaoa4PqxcYI0N$7jqHNqHo4>joo zRQ7Hhso{)wpwkk`sKvw}0EM8D-O6h)lc-oiPE3~>Va0Z> z{9VT>@aas(2RLMr`82A`Yh>y1z+yRl#E^wHo!5dglaCJXWqR+Ck=@QV3&3k$@n9~M zV@ci>EvDarB0FnX3U$N~5RtA&)x=PCYTdS%*#k+t~&AB|V6G<5jU?g7GCfqORy4g+(aU9CbZqXdD+@qVmkr3I!hh~?YPiwx! zER_t8M_&r}qY@Sn$*%4s18pgu4?pEXpu-3`)8o>W#C%CZv3ASci=PSxqg($)r(dv7|GB0)E@ zu~@EZ({j|yOuEl(fYiR#&WE{401qD%*0|hEqZRHqTmAhPTn7WP`Jml~?aDK3oP2W~ z&$6auZx!rgXx^P6j?Kk3@>G?e^jb(M_8R7Mj-fsHAg;%J9f9gA1|^{`rd$b6BzKgP zxjmWQuy~c12+2c;8CqQC&H&^+K1x$#q6r8+$^a@j&rm_EZPp}I5)Z}zV`^|pV3R6m zI8%wwQN1;txGhVz<0Gn(gT8sG9M>Tg>1-C3o^XA;nj0Ig3d<+D5fPQD;3Wu1JnB(S zI^iVJbe1zt>;7h=fvp(@Y1el}#%XD9k*4FPok}Mh$~_09`OiP4eVX_}`OotzJMNT-Pr4!VXUhy|vDLTXgo80unsu!Kp| z8)?-x%2KkOio2^~jFERJ&sZ98vo##!s&wU8_E$h?3xY{qCS?>YNl8dJ2d!;^N*>@W z3UJHCN#s31>r-=guDE6{7zzskU3Z`xEPF$>TJ@?DH75v~Y$+@yCN`ukSqyhD<>=zb)>q@5NU`))aF2Q0b< zR=_)rzbPB^>N~tE<@#5loh-d>jNy=SKYt^=b;CXkoubv;wP^i$6SnN)Tv|~I=Vj6q zlZK?fcpzCHE5CqpU5;@5bOT)8g7TO)0Ig$DNpG?LqrhSM>nxJhkc{PtUP0FB45 zefrl^e~N3tX*M8hmcO0~U0H=vZrlsF$978X*Cu2~OML95)bhBs{$a+$ZvOzFSG7<4 zSqsBNtRUYzX>L4zN_|n+$gI}lf4>Zs5C9&oFiJ>9O~3_>p=S`>oslMm#B^?{{V$Hl?I(O zmUS-`jqw^)ukf8tLyVTv<0x8#I0@$59fzvDzKk-<4ku-qOh|}fa%;nvkoLNV%902} zr+?5jZjxaXuK9gb_RVpyO}LFQ-+kssd0BOD>@m@_k2DXLKAd_hzoT3Y3_-j+?!0Q2 z{{TJ2swH))Awm$L2vCG%D4{@uSVhw@#jdzVTaKZ_l@LdTU;u?z$s=Ex%q0^fDFqG= zqZt&XmNyEmsl?L9?_1rX*P|d?BQkAJA8nzxbeYlRZ%~iAkzB0|o&DysZ~n;N*-j?uQ}30%LO$vt znW2?{Y}Rq=h~L>mr0G-dmAyhS?xUf4B<_nfqvojlDtk_p8okKsQH=syvC-=p_ma_% z_*8wBool3rzERZ~!8y0NWP=Le&8j0!Bap~jEOaCcY&(hAZBvlc&uzKC0)8mih`p8P zOO($lxX5|7Omw)idoFD9@6x|Og{6_Tq~60-^YW1Ak_D48qN9}(Po&inB^Z+YS3{BB zai<4GHlmaAidV6(7I3&)2^uR5J|XJpAt9YXIE3s2j&_6kS+6=yhM<$$h From 3a5093af5d6f10d848e67e6cd1119732462ae4da Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Wed, 5 Mar 2014 16:35:50 +0100 Subject: [PATCH 4/7] Added more pieces to the xss puzzle --- nieuws/admincheck.php | 1 + nieuws/index.php | 56 +++++++++++++++++++++++++++++++++++++++---- nieuws/login.php | 41 +++++++++++++++++++++++++++++++ themes/css/nieuws.css | 40 +++++++++++++++++++++++++++---- 4 files changed, 129 insertions(+), 9 deletions(-) create mode 100644 nieuws/admincheck.php create mode 100644 nieuws/login.php diff --git a/nieuws/admincheck.php b/nieuws/admincheck.php new file mode 100644 index 0000000..ba0a729 --- /dev/null +++ b/nieuws/admincheck.php @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/nieuws/index.php b/nieuws/index.php index a3fdca6..423f906 100644 --- a/nieuws/index.php +++ b/nieuws/index.php @@ -1,8 +1,15 @@ - + - Nieuws.nl + NIEUWS.nl @@ -18,8 +25,16 @@ -
-
Woensdag 5 maart 2014. Het laatste nieuws het eerst op NIEUWS.nl
+
+
. Het laatste nieuws het eerst op NIEUWS.nl
+ + +
+ Welkom terug administrator! De geheime code is: "Setec Astronomy". +
+
Algemeen / Binnenland
@@ -43,7 +58,38 @@ Door: ANP -
+
+ Jouw reactie: +
+
+ +
+ +
+
+ een tijdje geleden door Paul Wagener +
+

Hoera!

+
+
+
+ een tijdje geleden door Paul Wagener +
+

Hoera!

+
+ +
+ +
+ +
+ Problemen met de website? Laat het de administrator weten en hij komt een kijkje nemen op deze pagina! + +
+ +
+
+
diff --git a/nieuws/login.php b/nieuws/login.php new file mode 100644 index 0000000..0d1ca56 --- /dev/null +++ b/nieuws/login.php @@ -0,0 +1,41 @@ + + + + + NIEUWS.nl + + + + + + + + + + + + + + + + +
+
. Het laatste nieuws het eerst op NIEUWS.nl
+ + +
+ + + diff --git a/themes/css/nieuws.css b/themes/css/nieuws.css index 7229c86..531171c 100755 --- a/themes/css/nieuws.css +++ b/themes/css/nieuws.css @@ -1,5 +1,4 @@ body { - font-size: 62.5%; font-family: Arial,helvetica,sans-serif; } @@ -15,13 +14,14 @@ article img { margin-right: 15px; } -section { +section#middle { float: left; width: 600px; } #datum { height: 30px; + font-size: 11px; line-height: 28px; color: #05054c; border-top: 1px dotted black; @@ -34,7 +34,7 @@ section { height: 24px; line-height: 24px; color: white; - font-size: 1.5em; + font-size: 15px; font-weight: bold; padding-left: 5px; @@ -52,6 +52,11 @@ section { background-image: linear-gradient(to bottom, #98C4E5 0%, #7AA2C1 100%); } +textarea { + width: 60%; + height: 100px; +} + article { background-color: #eaf0fa; margin-top: 5px; @@ -86,4 +91,31 @@ p { a { color: rgb(2, 0, 81); text-decoration: underline; -} \ No newline at end of file +} + +.comment { + border: 1px solid rgb(217, 226, 240); + margin-bottom: 10px; +} + +.comment-header { + background-color: rgb(217, 226, 240); + color: rgb(71, 91, 117); + font-size: 11px; + padding: 2px; + padding-left: 20px; +} + +.comment-header .author { + color: rgb(57, 73, 95); + font-weight: bold; +} + +.comment p { + margin: 0; + padding: 10px; +} + +#admincheck { + margin-top: 20px; +} From bab3713f61091874047f1d7e104f2d479dab9055 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Wed, 5 Mar 2014 22:43:34 +0100 Subject: [PATCH 5/7] All scaffolding now up --- nieuws/admincheck.js | 6 +++++ nieuws/admincheck.php | 58 ++++++++++++++++++++++++++++++++++++++++++- nieuws/index.php | 40 ++++++++++++++++++----------- nieuws/reset.php | 9 +++++++ themes/css/nieuws.css | 1 + 5 files changed, 98 insertions(+), 16 deletions(-) create mode 100644 nieuws/admincheck.js create mode 100644 nieuws/reset.php diff --git a/nieuws/admincheck.js b/nieuws/admincheck.js new file mode 100644 index 0000000..737a4d5 --- /dev/null +++ b/nieuws/admincheck.js @@ -0,0 +1,6 @@ +var page = require('webpage').create(); +page.open('http://localhost/nieuws/', function() { + setTimeout(function(){ + phantom.exit(); + }, 1000); +}); \ No newline at end of file diff --git a/nieuws/admincheck.php b/nieuws/admincheck.php index ba0a729..5e79623 100644 --- a/nieuws/admincheck.php +++ b/nieuws/admincheck.php @@ -1 +1,57 @@ - \ No newline at end of file +query("INSERT INTO commentaar SET auteur='anoniem', bericht='".$connection->real_escape_string($_POST['comment'])."'"); +} +?> + + + + NIEUWS.nl + + + + + + + + + + + + + + +
+
. Het laatste nieuws het eerst op NIEUWS.nl
+ + +
+De administrator heeft op '.date('r').' een kijkje op de reactie pagina genomen
'; +} +?> + + Problemen met de website? Laat het de administrator weten en hij komt een kijkje nemen op de reactie pagina. +
+ +
+
+ + + diff --git a/nieuws/index.php b/nieuws/index.php index 423f906..2da3c91 100644 --- a/nieuws/index.php +++ b/nieuws/index.php @@ -1,10 +1,19 @@ query("INSERT INTO commentaar SET auteur='anoniem', bericht='".$connection->real_escape_string($_POST['comment'])."'"); +} ?> @@ -60,35 +69,36 @@ if(@$_SESSION['admin']) {
Jouw reactie: -
+
- +
+query("SELECT * FROM commentaar ORDER BY id DESC") + or die('Query error: ' . $connection->error); -
-
- een tijdje geleden door Paul Wagener -
-

Hoera!

-
+ while ($row = $result->fetch_array()) { + ?>
- een tijdje geleden door Paul Wagener + door
-

Hoera!

+

+ close(); + ?> +
- Problemen met de website? Laat het de administrator weten en hij komt een kijkje nemen op deze pagina! - -
- -
+ Meld een probleem met deze website
diff --git a/nieuws/reset.php b/nieuws/reset.php new file mode 100644 index 0000000..74108ea --- /dev/null +++ b/nieuws/reset.php @@ -0,0 +1,9 @@ +query("TRUNCATE commentaar"); + +?> +Alle reacties weggehaald. \ No newline at end of file diff --git a/themes/css/nieuws.css b/themes/css/nieuws.css index 531171c..1f93ff0 100755 --- a/themes/css/nieuws.css +++ b/themes/css/nieuws.css @@ -118,4 +118,5 @@ a { #admincheck { margin-top: 20px; + margin-bottom: 30px; } From 0a955bab411a2cedd09f7c0dcb7f8981cc4c7c96 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Wed, 5 Mar 2014 23:12:36 +0100 Subject: [PATCH 6/7] Added nieuws database --- build-vm/database.sql | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/build-vm/database.sql b/build-vm/database.sql index efb0616..4f0b266 100644 --- a/build-vm/database.sql +++ b/build-vm/database.sql @@ -1,4 +1,4 @@ --- Don't look here for answers you cheater. +-- Don't look here for answers you cheater. -- Go out there and actually hack those sites! @@ -26,6 +26,7 @@ END ;$$ DELIMITER ; CALL `temp`.`drop_user_if_exists`('webshop') ; CALL `temp`.`drop_user_if_exists`('bank') ; +CALL `temp`.`drop_user_if_exists`('nieuws') ; DROP DATABASE temp; CREATE USER 'webshop'@'localhost' IDENTIFIED BY 'pass'; @@ -86,3 +87,19 @@ INSERT INTO `gebruikers` (`gebruikersnaam`, `wachtwoord`, `balans`) VALUES ('Bob', '123456', 10.00), ('Carol', 'cuteasabuttonintheeyes', 42.00); +CREATE USER 'nieuws'@'localhost' IDENTIFIED BY 'pass'; +GRANT ALL PRIVILEGES ON `nieuws`.* TO 'nieuws'@'localhost'; + +DROP DATABASE IF EXISTS nieuws; +CREATE DATABASE nieuws; +USE nieuws; + +CREATE TABLE `commentaar` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `auteur` varchar(255) NOT NULL, + `bericht` text NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; + +INSERT INTO `commentaar` (`id`, `auteur`, `bericht`) VALUES +(1, 'Paul', 'Hoera!'); \ No newline at end of file From d4eeb469ba7662e3c0cf8b87bd74a7c7939bc6b0 Mon Sep 17 00:00:00 2001 From: Paul Wagener Date: Wed, 5 Mar 2014 23:24:49 +0100 Subject: [PATCH 7/7] Make the admin login as admin --- nieuws/admincheck.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nieuws/admincheck.js b/nieuws/admincheck.js index 737a4d5..b864e96 100644 --- a/nieuws/admincheck.js +++ b/nieuws/admincheck.js @@ -1,5 +1,5 @@ var page = require('webpage').create(); -page.open('http://localhost/nieuws/', function() { +page.open('http://localhost/nieuws/', 'post', 'email=admin@nieuws.nl&password=sesame', function() { setTimeout(function(){ phantom.exit(); }, 1000);