logburn/rwv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Luke Ogburn
2019-03-30 23:28:27 -04:00
commit c4c52ce522
18 changed files with 725 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.gitignore vendored Normal file
View File

@@ -0,0 +1,8 @@
bluepill.html
redpill.html
admin/
i/
bb||!bb.txt
conn.php
google8cc71dc338784f6e.html

0
.htaccess Normal file
View File

1
403.shtml Normal file
View File

@@ -0,0 +1 @@
<h1 style="text-align: center; font-family: monospace; position: relative; top: 20%;">Error 403: Forbidden.<br>You are forbidden from this corner of the internet.<br>Now turn back before I track your IP address and Geolocation.<br><br><!--#echo var="REMOTE_ADDR" --></h1>

1
404.shtml Normal file
View File

@@ -0,0 +1 @@
<h1 style="font-family: monospace; text-align: center; position: relative; top: 20%;">Err...<br>Can't seem to find that page.<br>Try another one, perhaps?</h1>

1
cheater.html Normal file
View File

@@ -0,0 +1 @@
<?php session_start(); ?><h1 style="text-align:center;font-family:monospace;margin-top:40vh;">Don't underestimate me again.</h1>

35
crtusr.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
session_start();
//conntecting to database
require "conn.php";
//setting some vars
$user = $_POST['username'];
$pass = $_POST['password'];
$pass = password_hash($pass, PASSWORD_DEFAULT);
//making sure the username isn't already in use
$stmt = $conn->prepare("SELECT * FROM users WHERE username=:usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$array = $stmt->fetch(PDO::FETCH_ASSOC);
if($array != ""){
header('Location: signup.php?userexists=true');
} else {
//inserting the new user
//preparing statement against injection
$stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (:unm, :psw)");
$stmt->bindParam(":unm", $user);
$stmt->bindParam(":psw", $pass);
$stmt->execute();
$_SESSION["user"] = $user;
//getting user level and putting it in url for $_GET
$stmt = $conn->prepare("SELECT level FROM users WHERE username=:usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$array = $stmt->fetch(PDO::FETCH_ASSOC);
$lvl = $array['level'];
header("Location: https://lukeogburn.com/rwv/vamos.php?level=".$lvl);
}
?>

54
how-to-play.html Normal file
View File

@@ -0,0 +1,54 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Riddles Without Vitae</title>
<link rel="icon" href="\i\favicon.ico" type="image/x-icon">
<link rel="stylesheet" href=index.css type="text/css">
</head>
<body>
<div id="top">
<div id=top1>
<h1>
WELCOME
</h1>
<h3>
to the Riddles Without Vitae
</h3>
</div>
<ul id="nav">
<a href="/"><li class="nav"><span>Home Page</span></li></a>
<a href="how-to-play.html" id=current><li class="nav"><span>How To Play</span></li></a>
<a href="signup.php"><li class="nav"><span>New Player</span></li></a>
<a href="signin.php"><li class="nav"><span>Returning Player</span></li></a>
</ul>
</div>
<div id="content">
<h2>
Gameplay
</h2>
<p>
The objective of web riddles is to reach the final level. To do this, you must use the information given to you in order to find a password. Sometimes, an "egg", or clue, will display instead in order to help you along.</p>
<ul>
<li>Right click, view-source</li>
<li>You will need to use google</li>
<li><b>Use a computer</b>. This would be very difficult on mobile</li>
</ul>
<p>
If you are stuck, try one of these:
</p>
<ul>
<li>Keep guessing the password</li>
<li>Take a break, refresh your brain</li>
<li>Smear an avocado on the screen</li>
</ul>
<p>
And with that, I bid thee good luck!
</p>
<p style="font-size: 1.3em; margin-left: 10px;">
- &#580;
</p>
</div>
</body>
</html>

44
index.css Normal file
View File

@@ -0,0 +1,44 @@
body{
margin: 0;
}
#top{
background-color: #04043c;
color: white;
}
#top1{
padding-left: 10em;
}
#top1>h1{
padding-top: 0.5em;
margin: 0;
}
#nav{
display: grid;
grid-template-columns: repeat(4, 1fr);
list-style-type: none;
text-align: center;
padding: 0;
padding-left: 40%;
height: 3em;
font-family: sans-serif;
}
#nav>a{
height: 100%;
color: inherit;
margin: 0;
text-decoration: none;
}
.nav{
height: 100%;
line-height: 3em;
background-color: inherit;
color: inherit;
}
#content{
width: 70%;
margin: 0 auto;
}
#current{
background-color: white !important;
color: black !important;
}

58
index.php Normal file
View File

@@ -0,0 +1,58 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Riddles Without Vitae</title>
<link rel="icon" href="\i\favicon.ico" type="image/x-icon">
<link rel="stylesheet" href=index.css type="text/css">
</head>
<body>
<div id="top">
<div id=top1>
<h1>
WELCOME
</h1>
<h3>
to the Riddles Without Vitae
</h3>
</div>
<ul id="nav">
<a href="/" id="current"><li class="nav"><span>Home Page</span></li></a>
<a href="how-to-play.html"><li class="nav"><span>How To Play</span></li></a>
<a href="signup.php"><li class="nav"><span>New Player</span></li></a>
<a href="signin.php"><li class="nav"><span>Returning Player</span></li></a>
</ul>
</div>
<div id="content">
<h3>
Congratulations to Sabrina and Harrison, respectively: the first two to reach the end!
</h3>
<h2>
What RWV is
</h2>
<p>
This is a web riddle series similar to <a href="http://oddpawn.com/" target="_blank">Oddpawn</a> and <a href="http://notpron.org/notpron/" target="_blank">Notpron</a> Web riddles are logic puzzles, in which you figure out a password to reach the next level. You can stay here and read about how and why it was made, learn more about how to play, or just jump right in.
</p>
<h2>
Why RWV was made
</h2>
<p>
The Riddles Without Vitae is my most recent and most extensive riddle series. I learned about the existance of web riddles by stumbling upon notpron, which I fell in love with. Sadly, I did not reacht the end, but I also found Oddpawn. After having a stab at both, I looked for more but didn't find anything to write home about. I decided that I had to join the ranks and create my own, and thus began working on my own riddles. My riddles are a gift to the world of Web Riddling, and I hope that many people out there enjoy them.
</p>
<h2>
How RWV was made
</h2>
<p>
The Riddles without Vitae has gone through many phases. It's predecessor, the Riddles Without Polarity, were a batch of thirty-four roughly strewn together riddles that I pieced together for a single person to solve. At that time, I did not know how to code anything. I used Wix to create the riddles, and Imgur to communicate with their solver. The whole thing fell apart when she decided to stop and focus on schoolwork. But after that, they were opened up to the world and about four hundered people started, thirty of which managed to get to level three. No-one finished. I learned to make webpages, and started making the riddles a lot better, which resulted in a similar product to what it is now. The difference, however, is that those riddles were secured with javascript, which means that you could simply type "view-source:" in front of the URL and see the password. It was so simple, but I am lucky that no-one did it. I learned PHP, and created a secured version of the riddles, however it was less user friendly that I liked. So I worked on a new version, a better one. Now the password input is on the same page as the riddle - in fact the entire riddles are on a single page.
</p>
<h2>
What's next?
</h2>
<p>
This riddle series is constantly evolving. I'm changing riddles to make them better, adding more on, and creating new features. The future of RWV depends on the users: the more users I have the more content the riddles will have. Right now there are 28 riddles. I'm also working on some other riddle series, but those may never see the light of day.
</p>
</div>
</body>
</html>

5
profile.php Normal file
View File

@@ -0,0 +1,5 @@
<?php
session_start();
$user = $_SESSION['user'];
?>

31
pwdchk.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
session_start();
//connecting to the db
require "conn.php";
//Getting vars from $_POST
$formPass = $_POST['password'];
$user = $_POST["username"];
//checking the username and password
//Getting the real, hashed password
$stmt = $conn->prepare("SELECT password FROM users WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
$array = $stmt->fetch(PDO::FETCH_ASSOC);
$hashedPass = $array['password'];
//checking password, starting session, redirecting
if(password_verify($formPass, $hashedPass)){
$_SESSION["user"] = $user;
//getting user level and putting it in url for $_GET
$stmt = $conn->prepare("SELECT level FROM users WHERE username=:usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$array = $stmt->fetch(PDO::FETCH_ASSOC);
$lvl = $array['level'];
header("Location: vamos.php?level=".$lvl);
}else{
header("Location: signin.php?usrpass=incorrect");
}
?>

76
sign.css Normal file
View File

@@ -0,0 +1,76 @@
/*Signin/Signup page*/
body{
font-family: Trebuchet MS;
font-size: 1.1em;
}
form{
margin: auto;
padding-top: 5%;
padding-bottom: 5%;
margin-top: 5%;
border: 2px solid black;
border-radius: 3px;
width: 40%;
}
form>*{
display: block;
margin: auto;
text-align: center;
}
form>h1{
margin-bottom: 40px;
}
input:not(#submit){
width: 40%;
height: 1.2em;
text-align: left;
font-size: 1.2em;
outline-width: 0;
}
.p{
margin-bottom: 7px;
}
#submit{
width: 120px;
height: 45px;
background-color: #04043c;
color: white;
border: 0px solid white;
font-size: 1em;
}
#submit:hover{
cursor: pointer;
}
#username{
margin-bottom: 15px;
}
#password{
margin-bottom: 20px;
}
#cookies{
position: fixed;
bottom: 0;
left: 0;
width: 100%;
background-color: #252525;
color: white;
text-align: center;
padding: 2% 0;
font-family: sans-serif;
}
#cookies>p{
width: 80%;
margin: 0 auto;
}
#cookies>a{
font-size: 0.9em;
color: white;
}

38
signin.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
if(isset($_GET["usrpass"])){
$note = "<small style='color: red;'>Incorrect username or password</small><br>";
}else{
$note = "";
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Riddles Without Vitae</title>
<link rel="icon" href="\i\favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="sign.css" type="text/css">
</head>
<body class="body">
<form method="POST" action="pwdchk.php">
<h1>SIGN IN</h1>
<p class="p">Username:</p>
<input id="username" type="text" name="username" autocomplete="off" autofocus>
<p class="p">Password:</p>
<input id="password" type="password" name="password" autocomplete="off">
<?php echo $note; ?>
<input id="submit" type="submit" name="submit" value="SUBMIT"><br>
<p class="p">Need an account? <a href="signup.php" style="color:blue;text-decoration:none;">Sign up.</a></p>
</form>
<?php
if(!(isset($_GET["dismiss"])) && $_GET["dismiss"]!="cookies"){
echo "
<div id=cookies>
<p>This site uses a cookie in order to keep you logged in between levels.<br> By signing in to use the website, you agree to the usage of this cookie.<br>No other cookies are used.</p>
<a href='?dismiss=cookies'>[ I understand, dismiss this banner]</a>
<br><a href=https://www.i-dont-care-about-cookies.eu/ target=_blank>Don't care about cookies?</a>
</div>";
}
?>
</body>
</html>

38
signup.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
if(isset($_GET["userexists"])){
$note = "<small style='color: red;'>That username is already in use.<br>Please choose another.</small><br>";
}else{
$note = "";
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Riddles Without Vitae</title>
<link rel="icon" href="\i\favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="sign.css" type="text/css">
</head>
<body class="body">
<form method="POST" action="crtusr.php">
<h1>SIGN UP</h1>
<p class="p">Username:</p>
<input id="username" type="text" name="username" autocomplete="off" autofocus>
<?php if($note != ""){echo $note;} ?>
<p class="p">Password:</p>
<input id="password" type="password" name="password" autocomplete="off">
<input id="submit" type="submit" name="submit" value="SUBMIT"><br>
<p class="p">Have an account? <a href="signin.php" style="color:blue;text-decoration:none;">Sign in.</a></p>
</form>
<?php
if(!(isset($_GET["dismiss"])) && $_GET["dismiss"]!="cookies"){
echo "
<div id=cookies>
<p>This site uses a cookie in order to keep you logged in between levels.<br> By signing up to use the website, you agree to the usage of this cookie.<br>No other cookies are used.</p>
<a href='?dismiss=cookies'>[ I understand, dismiss this banner]</a>
<br><a href=https://www.i-dont-care-about-cookies.eu/ target=_blank>Don't care about cookies?</a>
</div>";
}
?>
</body>
</html>

40
style.css Normal file
View File

@@ -0,0 +1,40 @@
body{
display: grid;
grid-template-columns: 2fr 3fr;
min-width: 0;
min-height: 0;
font-family: sans-serif;
font-size: 1.1em;
}
img{
width: 100%; /*This makes it only take the width of the parent column, thus not expanding it*/
border: 1px solid black;
}
input{
font-size: 1em;
margin-bottom: 0.4em;
background-color: rgba(0,0,0,0);
border: 1px solid gray;
color: black;
}
#info{
display: grid;
grid-template-columns: 1fr 1fr;
position: relative;
}
#info>*{
margin: 0;
margin-top: 0;
}
#right{
margin-left: 1em;
position: relative;
}
#answer{
position: absolute;
bottom: 0;
}
#lr{
position: absolute;
right: 0; /*float username right*/
}

11
user.css Normal file
View File

@@ -0,0 +1,11 @@
body{
text-align: center;
font-family: monospace;
font-size: 1.3em;
}
a{
text-decoration: none;
}
a:hover{
text-decoration: underline;
}

70
user.php Normal file
View File

@@ -0,0 +1,70 @@
<?
session_start();
//connecting to the db
require "conn.php";
$user = $_SESSION["user"];
$stmt = $conn->prepare("SELECT * FROM users WHERE username = :usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$userInfo = $stmt->fetch(PDO::FETCH_OBJ);
function del(){
$stmt = $conn->prepare("DELETE FROM users WHERE username=:usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
if($stmt){
header('Location: ');
}else{
header('Location: ?act=error');
}
}
function res(){
$stmt = $conn->prepare("UPDATE users SET level = 1 WHERE username = :usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
if($stmt){
header('Location: ?act=done');
}else{
header('Location: ?act=error');
}
}
if(isset($_GET["act"])){
$act = $_GET["act"];
switch($act){
case "del":
del();
break;
case "res":
res();
break;
case "error":
echo "<h1>Something went wrong</h1>";
break;
default:
echo "<h1>Something went wrong</h1>";
break;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Riddles Without Vitae</title>
<link rel="stylesheet" type="text/css" href="user.css" />
<meta name="viewport" content="width=device-width,initial-scale=1">
</head>
<body>
<h1><?=$user?></h1>
<p>This is your profile page. There will never be clues here.</p>
<p>You are on <a href=/rwv/vamos.php?level=<?=$userInfo->level?>>level <?=$userInfo->level?></a>.</p>
<br>
<br>
<h2>Danger Zone</h2>
<h3><a id=del href="?act=del">Delete account</a></h3>
<h3><a id=res href="?act=res">Reset progress</a></h3>
</body>
</html>

214
vamos.php Normal file
View File

@@ -0,0 +1,214 @@
<?php
session_start();
require "conn.php";
//Getting rid of error messages
$guess = "whatever, just can't be an answer";
$urlLevel = $_GET['level'];
$urlLevel = intval($urlLevel);
$user = $_SESSION["user"];
$stmt = $conn->prepare("SELECT level, stamp FROM users WHERE username=:usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$array = $stmt->fetch(PDO::FETCH_ASSOC);
$level = $array['level'];
$level = intval($level);
$stamp = $array['stamp'];
$timeDiff = time()-strtotime($stamp);
$minsDiff = $timeDiff/60;
//SQL level crap
$stmt = $conn->prepare("SELECT password, image, title, paragraph, comment, unoxidized FROM root WHERE level=:lvl");
$stmt->bindParam(':lvl', $urlLevel);
$stmt->execute();
//getting the level info returned by sql
$levelArray = $stmt->fetch(PDO::FETCH_ASSOC);
//Actual useful info ($user, $level already defined)
$pass = $levelArray['password'];
$head = $levelArray['title'];
$paragraph = $levelArray['paragraph'];
$image = $levelArray['image'];
$comment = $levelArray['comment'];
$unoxidized = $levelArray['unoxidized'];
//amount of guesses the user has left
$stmt = $conn->prepare("SELECT * FROM users WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
$guessesArray = $stmt->fetch(PDO::FETCH_ASSOC);
$guesses = $guessesArray['guesses'];
$menos = false; //I guess this belongs here, with $guesses
//Variables not reliant on input
$next = intval($level)+1;
$urlNext = $urlLevel+1;
$suffix = ".jpg";
//making the $suffix .jpeg instead of .jpg if the .jpeg exists
if(file_exists($_SERVER['DOCUMENT_ROOT'].'/i/'.$image.'.jpeg')){
$suffix = '.jpeg';
}
//Making the $numeral
switch($urlLevel){
case 1: $numeral = "I"; break;
case 2: $numeral = "II"; break;
case 3: $numeral = "III"; break;
case 4: $numeral = "IIII"; break;
case 5: $numeral = "V"; break;
case 6: $numeral = "VI"; break;
case 7: $numeral = "VII"; break;
case 8: $numeral = "VIII"; break;
case 9: $numeral = "IX"; break;
case 10: $numeral = "X"; break;
case 11: $numeral = "XI"; break;
case 12: $numeral = "XII"; break;
case 13: $numeral = "XIII"; break;
case 14: $numeral = "XIV"; break;
case 15: $numeral = "XV"; break;
case 16: $numeral = "XVI"; break;
case 17: $numeral = "XVII"; break;
case 18: $numeral = "XVIII"; break;
case 19: $numeral = "XIX"; break;
case 20: $numeral = "XX"; break;
case 21: $numeral = "XXI"; break;
case 22: $numeral = "XXII"; break;
case 23: $numeral = "XXIII"; break;
case 24: $numeral = "XXIV"; break;
case 25: $numeral = "XXV"; break;
case 26: $numeral = "XXVI"; break;
case 27: $numeral = "XXVII"; break;
case 28: $numeral = "XXVIII"; break;
case 29: $numeral = "XXIX"; break;
case 30: $numeral = "XXX"; break;
default: $numeral = "[error]"; break;
}
//resetting the $guesses if it's been two hours
if($minsDiff>=120 && $guesses<0){
$guesses = 50;
$stmt = $conn->prepare("UPDATE users SET guesses=$guesses WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
}
if(isset($_POST['guess']) && $guesses>0){
//updating the user's timestamp
$stmt =$conn->prepare("UPDATE users SET stamp=now() WHERE username = :usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
//getting $guess as lowercase
$guess = $_POST['guess'];
$guess = strtolower($guess);
/*Egg checking*/
for($n=1; $n<8; $n++){
$eggToCheck = "egg".$n;
$stmt = $conn->prepare("SELECT egg".$n." FROM eggs WHERE level=:url");
$stmt->bindParam(":url", $urlLevel);
$stmt->execute();
$eggArray = $stmt->fetch(PDO::FETCH_ASSOC);
$egg = $eggArray[$eggToCheck];
if($guess===$egg){
//fetching eggtext
$stmt = $conn->prepare("SELECT eggtext".$n." FROM eggs WHERE level=:url");
$stmt->bindParam(":url", $urlLevel);
$stmt->execute();
$eggtextArray = $stmt->fetch(PDO::FETCH_ASSOC);
$eggtext = $eggtextArray['eggtext'.$n];
$menos = true;
$n = 8; //Ending the loop to only give the one egg
}
}
}
//Letting the users skip through their solved levels
elseif(intval($urlLevel)<intval($level)){
$eggtext = "You've solved this.<br>Want the <a href='vamos.php?level=" . intval(intval($urlLevel)+1) . "'>next level</a> or your <a href='vamos.php?level=".intval($level)."'>current level?</a>";
}
//guesses limit and password checking
if($guesses<1){
$eggtext = "You're out of guesses. Come back in ".(120-round($minsDiff, 0))." minutes.";
}elseif($pass===$guess){
//guesses should be updated reguardless of level acheived
$stmt = $conn->prepare("UPDATE users SET guesses=50 WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
//Making sure the user is on their current level before advancing them
if(intval($urlLevel)===intval($level)){
$stmt = $conn->prepare("UPDATE users SET level=$next WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
}
header('Location: vamos.php?level='.$urlNext);
}elseif($menos === false && $guess!=null) {
$guesses -= 1;
if($guesses===0){
$stmt =$conn->prepare("UPDATE users SET stamp=now() WHERE username = :usr");
$stmt->bindParam(":usr", $user);
$stmt->execute();
$guesses-=1;
$eggtext = "You're out of guesses. Try again in two hours!";
}
//update the user's table
$stmt = $conn->prepare("UPDATE users SET guesses=$guesses WHERE username=:unm");
$stmt->bindParam(":unm", $user);
$stmt->execute();
//give eggtext
if($guesses>0){
$eggtext = "Guesses left: ".$guesses;
}
}
//End of Riddles
if(intval($level) === 26 && intval($urlLevel) === 26){
$eggtext="So what will it be?";
if(strpos($guess, "blue")!==false){
header('Location: bluepill.html');
}elseif(strpos($guess, "red")!==false){
header('Location: redpill.html');
}
}
//making sure user is signed in, then checking for cheating
if($user === null){
header('Location: signin.php');
}elseif (intval($urlLevel)>intval($level)){
header('Location: cheater.html');
}
//CSS
$css="rwv.css";
?>
<?php if($unoxidized!=null){echo "<!--".$unoxidized."-->";} ?>
<html>
<head>
<meta charset='utf-8'>
<title>Riddles Without Vitae</title>
<link rel='icon' href='/i/favicon.ico' type='image/x-icon'>
<link rel='stylesheet' href=style.css type='text/css' />
</head>
<body>
<div id='left'>
<img src='<?php echo "i/".$image.$suffix; ?>'>
<div id=info>
<h3 id="ll">Level: <?php echo $numeral; ?></h3>
<h3 id="lr"><?php echo $user; ?></h3>
</div>
</div>
<div id='right'>
<h2><?php echo $head; ?></h2>
<p><?php echo $paragraph;?></p>
<!--Answer form-->
<div id="answer">
<h3 id="eggy"><?php echo $eggtext; ?></h3>
<form method='POST' action=''>
<input id="guess" size="40" type='text' name='guess' autocomplete=off autofocus>
</form>
</div>
</div>
</body>
</html>
<?php if($comment!=null){echo "<!--".$comment."-->";} ?>