diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..6cd2c47
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,34 @@
+name: Build
+on:
+ push:
+ branches:
+ - master
+ - test
+ - release-*
+ pull_request:
+ types: [opened, synchronize, reopened]
+jobs:
+ sonarcloud:
+ name: SonarCloud
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+ - name: SonarCloud Scan
+ uses: SonarSource/sonarcloud-github-action@master
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ - name: SonarCloud Quality Gate
+ uses: SonarSource/sonarqube-quality-gate-action@master
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+
+
+
+
+
+
diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..26d3352
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,3 @@
+# Default ignored files
+/shelf/
+/workspace.xml
diff --git a/.idea/Vulnerable-Web-Application.iml b/.idea/Vulnerable-Web-Application.iml
new file mode 100644
index 0000000..d6ebd48
--- /dev/null
+++ b/.idea/Vulnerable-Web-Application.iml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
new file mode 100644
index 0000000..639900d
--- /dev/null
+++ b/.idea/misc.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..2882444
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..35eb1dd
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
new file mode 100644
index 0000000..3305c2b
--- /dev/null
+++ b/.idea/workspace.xml
@@ -0,0 +1,396 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 1645149159021
+
+
+ 1645149159021
+
+
+ 1645149212473
+
+
+
+ 1645149212473
+
+
+ 1645149663335
+
+
+
+ 1645149663335
+
+
+ 1645149917618
+
+
+
+ 1645149917618
+
+
+ 1645207967412
+
+
+
+ 1645207967412
+
+
+ 1645208602592
+
+
+
+ 1645208602592
+
+
+ 1645208848636
+
+
+
+ 1645208848636
+
+
+ 1645211480802
+
+
+
+ 1645211480802
+
+
+ 1645213997297
+
+
+
+ 1645213997297
+
+
+ 1645215290283
+
+
+
+ 1645215290283
+
+
+ 1645216066659
+
+
+
+ 1645216066659
+
+
+ 1645216088872
+
+
+
+ 1645216088872
+
+
+ 1645216166909
+
+
+
+ 1645216166909
+
+
+ 1645216653317
+
+
+
+ 1645216653317
+
+
+ 1645216824768
+
+
+
+ 1645216824768
+
+
+ 1645217051424
+
+
+
+ 1645217051424
+
+
+ 1645544310739
+
+
+
+ 1645544310739
+
+
+ 1645544803941
+
+
+
+ 1645544803941
+
+
+ 1645544896484
+
+
+
+ 1645544896484
+
+
+ 1645545435448
+
+
+
+ 1645545435448
+
+
+ 1645546040245
+
+
+
+ 1645546040245
+
+
+ 1645546194007
+
+
+
+ 1645546194007
+
+
+ 1645546719917
+
+
+
+ 1645546719917
+
+
+ 1645547139336
+
+
+
+ 1645547139336
+
+
+ 1645547427177
+
+
+
+ 1645547427177
+
+
+ 1645547654309
+
+
+
+ 1645547654309
+
+
+ 1645548186657
+
+
+
+ 1645548186657
+
+
+ 1645548924931
+
+
+
+ 1645548924931
+
+
+ 1645551993758
+
+
+
+ 1645551993758
+
+
+ 1645552029033
+
+
+
+ 1645552029033
+
+
+ 1645552145975
+
+
+
+ 1645552145975
+
+
+ 1645552170630
+
+
+
+ 1645552170630
+
+
+ 1645552821183
+
+
+
+ 1645552821183
+
+
+ 1645554286859
+
+
+
+ 1645554286859
+
+
+ 1645554408714
+
+
+
+ 1645554408714
+
+
+ 1645555888504
+
+
+
+ 1645555888504
+
+
+ 1646073709451
+
+
+
+ 1646073709451
+
+
+ 1646074069847
+
+
+
+ 1646074069847
+
+
+ 1646075273858
+
+
+
+ 1646075273858
+
+
+ 1646075317923
+
+
+
+ 1646075317923
+
+
+ 1646075427388
+
+
+
+ 1646075427388
+
+
+ 1646075613273
+
+
+
+ 1646075613273
+
+
+ 1646161623086
+
+
+
+ 1646161623086
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Jenkinsfile b/Jenkinsfile
new file mode 100644
index 0000000..38fa356
--- /dev/null
+++ b/Jenkinsfile
@@ -0,0 +1,21 @@
+pipeline {
+ agent any
+ stages{
+ stage('Checkout Code from GitHub Repository'){
+ steps{
+ git 'https://github.com/Shobika/Vulnerable-Web-Application.git'
+ }
+ }
+ stage('SonarQube Analysis') {
+ environment {
+ SCANNER_HOME = tool 'sonarscanner6'
+ }
+ steps {
+ withSonarQubeEnv('sonar6') {
+ sh "${SCANNER_HOME}/bin/sonar-scanner"
+ }
+ }
+ }
+ }
+ }
+
diff --git a/SQL/sql1.php b/SQL/sql1.php
index 57f60ec..8308634 100644
--- a/SQL/sql1.php
+++ b/SQL/sql1.php
@@ -28,6 +28,8 @@
// Create connection
$conn = mysqli_connect($servername,$username,$password,$db);
+ $conn = mysqli_connect($servername,$username,$password,$db);
+
// Check connection
if (!$conn) {
@@ -37,7 +39,7 @@
if(isset($_POST["submit"])){
$firstname = $_POST["firstname"];
- $sql = "SELECT lastname FROM users WHERE firstname='$firstname'";//String
+ $sql = "SELECT username FROM admin WHERE username = '$user_name' AND password = '$pass'";
$result = mysqli_query($conn,$sql);
if (mysqli_num_rows($result) > 0) {
diff --git a/SQL/sql2.php b/SQL/sql2.php
index 0023712..f844b93 100644
--- a/SQL/sql2.php
+++ b/SQL/sql2.php
@@ -27,6 +27,7 @@
// Create connection
$conn = new mysqli($servername, $username, $password,$db);
+ $conn = mysqli_connect($servername,$username,$password,$db);
// Check connection
if ($conn->connect_error) {
diff --git a/SQL/sql3.php b/SQL/sql3.php
index 773619f..d73dba7 100644
--- a/SQL/sql3.php
+++ b/SQL/sql3.php
@@ -20,6 +20,8 @@
+
+
-
+
connect_error) {
die("Connection failed: " . $conn->connect_error);
- }
+ }
//echo "Connected successfully";
$source = "";
if(isset($_GET["submit"])){
@@ -44,6 +44,6 @@
}
}
-?>
+?>