refactor
switch, join SQL commands
This commit is contained in:
39
admin.go
39
admin.go
@@ -8,32 +8,37 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func adminLoginHandler(w http.ResponseWriter, r *http.Request) {
|
func adminLoginHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method == http.MethodGet {
|
switch r.Method {
|
||||||
|
case http.MethodGet:
|
||||||
http.ServeFile(w, r, "templates/adminLogin.html")
|
http.ServeFile(w, r, "templates/adminLogin.html")
|
||||||
return
|
case http.MethodPost:
|
||||||
} else if r.Method == http.MethodPost {
|
if err := r.ParseForm(); err != nil {
|
||||||
err := r.ParseForm()
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Error parsing form", http.StatusBadRequest)
|
http.Error(w, "Error parsing form", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
username := r.FormValue("username")
|
username := r.FormValue("username")
|
||||||
password := r.FormValue("password")
|
password := r.FormValue("password")
|
||||||
err = db.QueryRow("SELECT 1 FROM admins WHERE username=? AND PASSWORD=?", username, hashPassword(password)).Scan(new(int))
|
err := db.QueryRow(
|
||||||
if err == sql.ErrNoRows {
|
"SELECT 1 FROM admins WHERE username=? AND PASSWORD=?",
|
||||||
|
username, hashPassword(password),
|
||||||
|
).Scan(new(int))
|
||||||
|
switch {
|
||||||
|
case err == sql.ErrNoRows:
|
||||||
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
||||||
return
|
case err != nil:
|
||||||
} else if err != nil {
|
|
||||||
http.Error(w, "Database error", http.StatusInternalServerError)
|
http.Error(w, "Database error", http.StatusInternalServerError)
|
||||||
return
|
default:
|
||||||
|
http.SetCookie(w, &http.Cookie{
|
||||||
|
Name: "admin_session",
|
||||||
|
Value: base64.StdEncoding.EncodeToString([]byte(username + ":" + hashPassword(password))),
|
||||||
|
Path: "/admin/",
|
||||||
|
HttpOnly: true,
|
||||||
|
MaxAge: 3600,
|
||||||
|
})
|
||||||
|
http.Redirect(w, r, "/admin/", http.StatusSeeOther)
|
||||||
}
|
}
|
||||||
http.SetCookie(w, &http.Cookie{Name: "admin_session",
|
default:
|
||||||
Value: base64.StdEncoding.EncodeToString([]byte(username + ":" + hashPassword(password))),
|
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
|
||||||
Path: "/admin/",
|
|
||||||
HttpOnly: true,
|
|
||||||
MaxAge: 3600})
|
|
||||||
http.Redirect(w, r, "/admin/", http.StatusSeeOther)
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
65
klice.go
65
klice.go
@@ -22,43 +22,42 @@ func hashPassword(password string) string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method == http.MethodPost {
|
switch r.Method {
|
||||||
// Handle login logic here
|
case http.MethodPost:
|
||||||
if err := r.ParseForm(); err != nil {
|
if err := r.ParseForm(); err != nil {
|
||||||
http.Error(w, "Could not parse form", http.StatusBadRequest)
|
http.Error(w, "Could not parse form", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
password := r.FormValue("password")
|
password := r.FormValue("password")
|
||||||
hashedPassword := hashPassword(password)
|
hashedPassword := hashPassword(password)
|
||||||
var teamID int
|
|
||||||
|
|
||||||
err := db.QueryRow("SELECT id FROM teams WHERE password = ?", hashedPassword).Scan(&teamID)
|
err := db.QueryRow("SELECT 1 FROM teams WHERE password = ?", hashedPassword).Scan(new(int))
|
||||||
if err == sql.ErrNoRows {
|
switch {
|
||||||
|
case err == sql.ErrNoRows:
|
||||||
http.Error(w, "No team found", http.StatusUnauthorized)
|
http.Error(w, "No team found", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
} else if err != nil {
|
case err != nil:
|
||||||
http.Error(w, "Could not retrieve team", http.StatusInternalServerError)
|
http.Error(w, "Could not retrieve team", http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
default:
|
||||||
|
sessionID := hashedPassword
|
||||||
|
cookie := &http.Cookie{
|
||||||
|
Name: "session_id",
|
||||||
|
Value: sessionID,
|
||||||
|
Path: "/",
|
||||||
|
}
|
||||||
|
http.SetCookie(w, cookie)
|
||||||
|
|
||||||
var sessionID string
|
redir, err := r.Cookie("url")
|
||||||
sessionID = hashedPassword
|
if err == nil {
|
||||||
cookie := &http.Cookie{
|
redir.MaxAge = -1
|
||||||
Name: "session_id",
|
http.SetCookie(w, redir)
|
||||||
Value: sessionID,
|
http.Redirect(w, r, redir.Value, http.StatusSeeOther)
|
||||||
Path: "/",
|
} else {
|
||||||
|
http.Redirect(w, r, "/team", http.StatusSeeOther)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
http.SetCookie(w, cookie)
|
case http.MethodGet:
|
||||||
|
|
||||||
redir, err := r.Cookie("url")
|
|
||||||
if err == nil {
|
|
||||||
redir.MaxAge = -1
|
|
||||||
http.SetCookie(w, redir)
|
|
||||||
http.Redirect(w, r, redir.Value, http.StatusSeeOther)
|
|
||||||
} else {
|
|
||||||
http.Redirect(w, r, "/team", http.StatusSeeOther)
|
|
||||||
}
|
|
||||||
} else if r.Method == http.MethodGet {
|
|
||||||
loginPage, err := os.Open("templates/login.html")
|
loginPage, err := os.Open("templates/login.html")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, "Could not open login page", http.StatusInternalServerError)
|
http.Error(w, "Could not open login page", http.StatusInternalServerError)
|
||||||
@@ -67,6 +66,8 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
defer loginPage.Close()
|
defer loginPage.Close()
|
||||||
|
|
||||||
io.Copy(w, loginPage)
|
io.Copy(w, loginPage)
|
||||||
|
default:
|
||||||
|
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -118,21 +119,15 @@ func isLoggedIn(w http.ResponseWriter, r *http.Request) (bool, int) {
|
|||||||
func teamInfoHandler(w http.ResponseWriter, r *http.Request) {
|
func teamInfoHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if loggedIn, teamID := isLoggedIn(w, r); loggedIn {
|
if loggedIn, teamID := isLoggedIn(w, r); loggedIn {
|
||||||
var teamName string
|
var teamName string
|
||||||
var difficultyLevelID int
|
|
||||||
var difficultyLevel string
|
var difficultyLevel string
|
||||||
var lastCipher int
|
var lastCipher int
|
||||||
var penalty int
|
var penalty int
|
||||||
|
|
||||||
err := db.QueryRow("SELECT name, difficulty_level, last_cipher, penalty FROM teams WHERE id = ?", teamID).Scan(&teamName, &difficultyLevelID, &lastCipher, &penalty)
|
err := db.QueryRow("SELECT name, level_name, last_cipher, penalty FROM teams JOIN difficulty_levels ON teams.difficulty_level = difficulty_levels.id WHERE teams.id = ?", teamID).Scan(&teamName, &difficultyLevel, &lastCipher, &penalty)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, "Could not retrieve team info", http.StatusInternalServerError)
|
http.Error(w, "Could not retrieve team info", http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err = db.QueryRow("SELECT level_name FROM difficulty_levels WHERE id = ?", difficultyLevelID).Scan(&difficultyLevel)
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Could not retrieve difficulty level", http.StatusInternalServerError)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
TeamTemplateData := TeamTemplateS{
|
TeamTemplateData := TeamTemplateS{
|
||||||
TeamName: teamName,
|
TeamName: teamName,
|
||||||
@@ -259,8 +254,7 @@ func qrHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
} else if r.FormValue("help") == "2" && help == 1 { // give up
|
} else if r.FormValue("help") == "2" && help == 1 { // give up
|
||||||
help = 2
|
help = 2
|
||||||
db.Exec("UPDATE penalties SET minutes = 30 WHERE team_id = ? AND task_id = ?", teamID, taskID)
|
db.Exec("UPDATE penalties SET minutes = 30 WHERE team_id = ? AND task_id = ?", teamID, taskID)
|
||||||
db.Exec("UPDATE teams SET penalty = penalty + 30 WHERE id = ?", teamID)
|
db.Exec("UPDATE teams SET penalty = penalty + 30, last_cipher = ? WHERE id = ?", order+1, teamID)
|
||||||
db.Exec("UPDATE teams SET last_cipher = ? WHERE id = ?", order+1, teamID)
|
|
||||||
} else if answer := r.FormValue("solution"); answer != "" { // answer submission
|
} else if answer := r.FormValue("solution"); answer != "" { // answer submission
|
||||||
var correctAnswer string
|
var correctAnswer string
|
||||||
err = db.QueryRow("SELECT solution FROM CIPHERS WHERE id = ?", cipherID).Scan(&correctAnswer)
|
err = db.QueryRow("SELECT solution FROM CIPHERS WHERE id = ?", cipherID).Scan(&correctAnswer)
|
||||||
@@ -279,7 +273,8 @@ func qrHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// find which clues to show
|
// find which clues to show
|
||||||
if help == 1 { // small help
|
switch help {
|
||||||
|
case 1: // small help
|
||||||
var helpText string
|
var helpText string
|
||||||
err = db.QueryRow("SELECT clue FROM CIPHERS WHERE id = ?", cipherID).Scan(&helpText)
|
err = db.QueryRow("SELECT clue FROM CIPHERS WHERE id = ?", cipherID).Scan(&helpText)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
@@ -289,7 +284,7 @@ func qrHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
CipherTemplateData.HelpText = helpText
|
CipherTemplateData.HelpText = helpText
|
||||||
} else if help == 2 { // next cipher
|
case 2: // next cipher
|
||||||
// get end clue
|
// get end clue
|
||||||
var endClue string
|
var endClue string
|
||||||
err = db.QueryRow("SELECT end_clue FROM TASKS WHERE id = ?", taskID).Scan(&endClue)
|
err = db.QueryRow("SELECT end_clue FROM TASKS WHERE id = ?", taskID).Scan(&endClue)
|
||||||
|
|||||||
Reference in New Issue
Block a user