Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/ruby
- require 'webrick'
- require 'sqlite3'
- require 'openssl'
- $db=SQLite3::Database.new "users.db"
- class MyServlet < WEBrick::HTTPServlet::AbstractServlet
- def do_POST(request,response)
- html=""
- print "#{request.query['user']}\n"
- print "#{request.query['password']}\n"
- case request.path
- when "/login"
- rows=$db.execute "SELECT password FROM users WHERE user=\'#{request.query['user'].gsub(/\*|\'/,'')}\'"
- if rows.count==0
- html+="<h3>no such user</h3>"
- else
- if rows[0][0]==request.query["password"]
- html+="<h3>you are successfully logged in</h3>"
- else
- html+="<h3>wrong password</h3>"
- end
- end
- end
- response.status=200
- response.content_type="text/html"
- response.body=html
- end
- def do_GET(request,response)
- html="<html>"
- html+="<body>"
- html+="<script src=\"https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js\"></script>"
- html+="<script src=\"//ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js\"></script>"
- html+="<center>"
- case request.path
- when "/"
- html+="<div><a href='/login'>/login</a></div>"
- html+="<div><a href='/register'>/register</a></div>"
- when "/login"
- if not (request.query["user"] and request.query["password"])
- html+="<h3>login form</h3>"
- html+="<form action='/login' id='f'>"
- html+="<div><input name='user' type='text' placeholder='login' id='usr'></div>"
- html+="<div><input name='password' type='password' placeholder='password' id='pwd'></div>"
- html+="<input type='button' value='login' id='submitButton'>"
- html+="</form>"
- html+=<<-EOF
- <script>
- $("#submitButton").click(function(event) {
- event.preventDefault();
- var usr=CryptoJS.AES.encrypt($("#usr").val(),"123");
- var pwd=CryptoJS.AES.encrypt($("#pwd").val(),"123");
- $.post("/login",
- {
- user: usr.toString(),
- password: pwd.toString()
- },
- function(data,status) {
- });
- });
- </script>
- EOF
- end
- when "/register"
- if not (request.query["user"] and request.query["password"])
- html+="<h3>register form</h3>"
- html+="<form action='/register'>"
- html+="<div><input name='user' type='text' placeholder='login'></div>"
- html+="<div><input name='password' type='password' placeholder='password'></div>"
- html+="<input type='submit' value='register'>"
- html+="</form>"
- else
- rows=$db.execute "SELECT * FROM users WHERE user=\'#{request.query['user']}\'"
- if rows.count==0
- $db.execute "INSERT INTO users (user,password) VALUES (\'#{request.query['user']}\',\'#{request.query['password']}\')"
- html+="<h3>you are registered</h3>"
- else
- html+="<h3>this user is already registered</h3>"
- end
- end
- end
- html+="</center>"
- html+="</body>"
- html+="</html>"
- response.status=200
- response.content_type="text/html"
- response.body=html
- end
- end
- server=WEBrick::HTTPServer.new(:Port=>8080)
- server.mount "/",MyServlet
- trap("INT") {
- server.shutdown
- }
- server.start
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement