readme

README.md

@@ -1,8 +1,12 @@
+Prerequisites
+
+Python >= 3.5
+
 INSTALL
 
 pip install -r requirements.txt
 
 RUN
 
-gunicorn --workers=2 vulnapp 
+python vulnapp 
  

requirements.txt

@@ -1 +1,3 @@
 web.py==0.40
+mysql-connector==2.2.9
+

static/sql/init.sql

@@ -0,0 +1,9 @@
+
+create database db;
+
+CREATE TABLE `db`.`users` (
+  `userid` INT NOT NULL,
+  `username` VARCHAR(45) NULL,
+  `password` VARCHAR(45) NULL,
+  PRIMARY KEY (`userid`));
+

templates/index.html

@@ -1,4 +1,4 @@
-$def with (name)
+$def with (friends)
 
 <head>
     <title>Friends</title>
@@ -12,12 +12,16 @@ $def with (name)
     <h1>Friends</h1>
 
     <img src="static/images/friends.jpeg" alt="Friends">
-    
-    $if name:
-        <p>I just wanted to say <em>hello</em> to $name.</p>
-    $else:
-        <p><em>Hello</em>, world!</p>
 
-    <h3>Login, or become a Friend!</h3>
+    <h3>Login, or become a friend!</h3>
+
+    <h3>Regitered friends:</h3>
+    
+    
+    <ul>
+        $for name in friends:
+            <li id="t$name.userid">$name.username</li>
+        </ul>
+    
 
 </body>

vulnapp.py

@@ -5,12 +5,22 @@ urls = (
     '/', 'application'
 )
 
+db = web.database(
+    dbn="mysql",
+    host='127.0.0.1',
+    port=3306,
+    user='kalle',
+    pw='123p',
+    db='db'
+)
+
 class application():
 
     def GET(self):
         name = 'Bob'
-        return render.index(name)
-        
+        friends = db.select('users')
+        return render.index(friends)
+
 if __name__ == "__main__":
     app = web.application(urls, globals())
     app.run()