Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- * Tracker Suite v0.1
- * Requires: PHP & MySQL
- * ---------
- * Most hosting providers will usually say if they have PHP or not.
- * If you want to locally host it, I recommend LAMP for Linux, or Xampp for winblows.
- *
- */
- /* README
- * The user and password you define below shouldn't already exist. These will be created.
- * You will be prompted once to provide a username and password that can create a user
- * and delegate privileges.
- */
- // MySQL defines:
- $SQL_HOSTNAME = "localhost";
- $SQL_DBNAME = "tracker102";
- $SQL_USER = "tracker102";
- $SQL_PASS = "lawLingbawling";
- // Functions
- function check_for_db($_host,$_user,$_pass,$_dbname) {
- $link = mysqli_connect($_host,$_user,$_pass,$_dbname);
- if(!$link) {
- echo "<div class='track_error'>MySQL connect error (" . mysqli_connect_errno() . ") : " . mysqli_connect_error() . ".</div></br></br>";
- return mysqli_connect_errno();
- }
- else {
- return 0;
- }
- }
- function tracker_setup($setup_host, $setup_user, $setup_pass, $setup_dbname) {
- if ( isset($_POST['_sqluser']) && isset($_POST['_sqlpass']) && isset($_POST['_sqlhost']) ) {
- $setuplink = mysqli_connect($_POST['_sqlhost'], $_POST['_sqluser'], $_POST['_sqlpass']);
- if ( !$setuplink ) {
- echo "<div class='track_error'>MySQL connect error (" . mysqli_connect_errno() . ") : " . mysqli_connect_error() . ".</br></br>";
- echo "<b>Press the back button and please correct the error.</b></br>";
- return mysqli_connect_errno();
- }
- echo "Attempting to create user...</br>";
- if ( mysqli_query($setuplink, "CREATE USER '{$setup_user}'@'{$setup_host}' IDENTIFIED BY '{$setup_pass}'") == FALSE ) {
- echo "<div class='track_error'>User creation failed</br>" . mysqli_error($setuplink) . "</div>";
- return -1;
- }
- echo "<div class='track_success'>User created successfully!</div></br>Attempting to create database...</br>";
- if ( mysqli_query($setuplink, "CREATE DATABASE {$setup_dbname}") == FALSE ) {
- echo "<div class='track_error'>Database creation failed!</br>" . mysqli_error($setuplink) . "</div>";
- return -1;
- }
- echo "<div class='track_success'>Database created successfully!</div></br>Attempting to grant permissions to the new user...</br>";
- if ( mysqli_real_query($setuplink, "GRANT ALL ON {$setup_dbname}.* TO {$setup_user}@{$setup_host}") == FALSE ) {
- echo "<div class='track_error'>Granting permissions to '{$setup_user}' failed!</br>" . mysqli_error($setuplink) . "</div>";
- return -1;
- }
- echo "<div class='track_success'>All queries are successful!</br>You can now create a new tracker using the nav bar at the top of the page.</div>";
- }
- else {
- echo "
- <b>Please enter existing account details that can setup a database, create users, and delegate privileges.</br>
- This will use a personal account only once to create a user and a database just for interacting with software and the databases it creates.</br>
- </b>
- *Make sure you have correctly set your MySQL defines in the source code before attempting this.</br></br>
- <form action='' method='POST'>
- Username <input type='text' name='_sqluser' /></br>
- Password <input type='password' name='_sqlpass' /></br>
- Hostname <input type='text' name='_sqlhost' /></br>
- <input type='submit' />
- </form>
- ";
- }
- }
- ?>
- <html>
- <head>
- <title>Tracker Suite</title>
- <style>
- html, body {
- margin:0;
- padding:0;
- }
- body {
- }
- header {
- display:block;
- padding:1%;
- text-align:center;
- font-size: 2em;
- font-weight:bold;
- border-bottom:2px double black;
- }
- nav {
- display:block;
- padding:0.2%;
- font-size:1.1em;
- border-bottom:2px double black;
- }
- .nav_button {
- padding-right:4%;
- padding-left:4%;
- margin-right:0.1%;
- margin-left:0.1%;
- background-color:blue;
- color:black;
- border:1px solid black;
- text-decoration:none;
- }
- .nav_button:hover {
- background-color:gray;
- text-decoration:underline;
- }
- article {
- margin:0.5%;
- padding:0.5%;
- height:80%;
- border:2px double black;
- }
- footer {
- position:absolute;
- width:100%;
- bottom:0;
- left:0;
- text-align:center;
- font-size:12px;
- background-color:gray;
- border-top:1px solid black;
- }
- .nav_button, article {
- /* Firefox Curved Borders */
- -moz-border-radius:3px;
- /* Chrome Curved Borders */
- border-radius:3px;
- }
- .track_error {
- display: block;
- padding: 0.5%;
- width: 99%;
- background-color:black;
- color:red;
- font-weight:bold;
- font-size:16px;
- border-bottom:1px solid black;
- text-align: center;
- }
- .track_success {
- display:block;
- color:brightgreen;
- background-color:lightblue;
- font-weight:bold;
- width: 50%;
- text-align:center;
- }
- </style>
- </head>
- <body>
- <header>Tracker Suite</header>
- <nav><a class="nav_button" href="?action=new">New</a><a class="nav_button" href="?action=load">Load</a></nav>
- <article>
- <?php
- $x = check_for_db($SQL_HOSTNAME, $SQL_USER, $SQL_PASS, $SQL_DBNAME);
- if( $x != 0 ) {
- // If it is a permission error, then that account is most likely not set up.
- if ( $x == 1045 || $x == 1046 ) {
- tracker_setup($SQL_HOSTNAME, $SQL_USER, $SQL_PASS, $SQL_DBNAME);
- }
- else {
- // I have no idea what happened, so let them fix / deal with it. :)
- die("Please address the error above.");
- }
- }
- else {
- if($_GET['action'] == "new") {
- echo "blah blah mooose</br></br></br>";
- }
- elseif($_GET['action'] == "load") {
- // load a selection
- }
- }
- ?>
- </article>
- <footer>Tracker Suite || Code and design by Machiavelli @ breakingsec.org</footer>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement