fixes issue #24
This commit is contained in:
Ken Johnson
@@ -6,6 +6,10 @@ class TutorialsController < ApplicationController
|
||||
def index
|
||||
end
|
||||
|
||||
def credentials
|
||||
render :partial => "layouts/tutorial/credentials/creds"
|
||||
end
|
||||
|
||||
def show
|
||||
render "injection"
|
||||
end
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
<!-- Want to use this template whether auth'd or not so I've got some code to determine how to render below -->
|
||||
<header>
|
||||
|
||||
<% if not current_user %>
|
||||
<ul class="mini-nav">
|
||||
<li>
|
||||
@@ -19,5 +18,21 @@
|
||||
</li>
|
||||
</ul>
|
||||
<% end %>
|
||||
<ul class="mini-nav">
|
||||
<li>
|
||||
<%= button_to "Tutorial Credentials", "#", {:id => "show_creds_btn", :class => "btn btn-danger", :method => "get"} %>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
</header>
|
||||
|
||||
<div id="modal_div" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myAlert" aria-hidden="true">
|
||||
</div>
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
$('#show_creds_btn').click(function() {
|
||||
$("#modal_div").load(<%= credentials_tutorials_path.inspect.html_safe %>);
|
||||
$("#modal_div").modal("show");
|
||||
});
|
||||
</script>
|
||||
@@ -0,0 +1,96 @@
|
||||
<!-- Begin Modal -->
|
||||
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">
|
||||
×
|
||||
</button>
|
||||
<h4 id="myModalLabel1">
|
||||
Application Credentials (Spoiler)
|
||||
</h4>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<div class="row-fluid">
|
||||
<div class="span8">
|
||||
<p>Warning, this is a spoiler</p>
|
||||
<p>Are you sure you want to see the credentials?</p>
|
||||
<div id="creds_hidden" style="display:none">
|
||||
<table class="table table-striped table-hover table-bordered pull-left" id="data-table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Email
|
||||
</th>
|
||||
<th>
|
||||
Password
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td style="word-wrap:break-word;">
|
||||
admin@metacorp.com
|
||||
</td>
|
||||
<td>
|
||||
admin1234
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="word-wrap:break-word;">
|
||||
jack@metacorp.com
|
||||
</td>
|
||||
<td>
|
||||
yankeessuck
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="word-wrap:break-word;">
|
||||
jim@metacorp.com
|
||||
</td>
|
||||
<td>
|
||||
alohaowasp
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="word-wrap:break-word;">
|
||||
mike@metacorp.com
|
||||
</td>
|
||||
<td>
|
||||
motorcross1445
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="word-wrap:break-word;">
|
||||
ken@metacorp.com
|
||||
</td>
|
||||
<td>
|
||||
citrusblend
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row-fluid">
|
||||
</div>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button class="btn" data-dismiss="modal" aria-hidden="true">
|
||||
Close
|
||||
</button>
|
||||
<button id="understood" class="btn btn-primary" aria-hidden="true">
|
||||
I understand
|
||||
</button>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- End Modal -->
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
$('#understood').click(function() {
|
||||
$("#creds_hidden").show();
|
||||
});
|
||||
|
||||
</script>
|
||||
@@ -34,6 +34,7 @@ get "download" => "benefit_forms#download"
|
||||
|
||||
resources :tutorials do
|
||||
collection do
|
||||
get "credentials"
|
||||
get "injection"
|
||||
get "xss"
|
||||
get "broken_auth"
|
||||
|
||||
+2
-1
@@ -5,7 +5,8 @@
|
||||
users = [
|
||||
{
|
||||
:email => "admin@metacorp.com",
|
||||
:admin => true, :password => "admin1234",
|
||||
:admin => true,
|
||||
:password => "admin1234",
|
||||
:first_name => "Admin",
|
||||
:last_name => "",
|
||||
:user_id =>1
|
||||
|
||||
Reference in New Issue
Block a user