commit c4c52ce52202e7e7f7e2fa748848d33446074097 Author: Luke Ogburn Date: Sat Mar 30 23:28:27 2019 -0400 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7a71492 --- /dev/null +++ b/.gitignore @@ -0,0 +1,8 @@ +bluepill.html +redpill.html +admin/ +i/ +bb||!bb.txt +conn.php +google8cc71dc338784f6e.html + diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..e69de29 diff --git a/403.shtml b/403.shtml new file mode 100644 index 0000000..f3ceaa1 --- /dev/null +++ b/403.shtml @@ -0,0 +1 @@ +

Error 403: Forbidden.
You are forbidden from this corner of the internet.
Now turn back before I track your IP address and Geolocation.

\ No newline at end of file diff --git a/404.shtml b/404.shtml new file mode 100644 index 0000000..c04e08e --- /dev/null +++ b/404.shtml @@ -0,0 +1 @@ +

Err...
Can't seem to find that page.
Try another one, perhaps?

\ No newline at end of file diff --git a/cheater.html b/cheater.html new file mode 100644 index 0000000..8249269 --- /dev/null +++ b/cheater.html @@ -0,0 +1 @@ +

Don't underestimate me again.

\ No newline at end of file diff --git a/crtusr.php b/crtusr.php new file mode 100644 index 0000000..9a7f239 --- /dev/null +++ b/crtusr.php @@ -0,0 +1,35 @@ +prepare("SELECT * FROM users WHERE username=:usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $array = $stmt->fetch(PDO::FETCH_ASSOC); + if($array != ""){ + header('Location: signup.php?userexists=true'); + } else { +//inserting the new user + //preparing statement against injection + $stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (:unm, :psw)"); + $stmt->bindParam(":unm", $user); + $stmt->bindParam(":psw", $pass); + $stmt->execute(); + + $_SESSION["user"] = $user; + //getting user level and putting it in url for $_GET + $stmt = $conn->prepare("SELECT level FROM users WHERE username=:usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $array = $stmt->fetch(PDO::FETCH_ASSOC); + $lvl = $array['level']; + header("Location: https://lukeogburn.com/rwv/vamos.php?level=".$lvl); + } +?> \ No newline at end of file diff --git a/how-to-play.html b/how-to-play.html new file mode 100644 index 0000000..0c34714 --- /dev/null +++ b/how-to-play.html @@ -0,0 +1,54 @@ + + + + + Riddles Without Vitae + + + + +
+
+

+ WELCOME +

+

+ to the Riddles Without Vitae +

+
+ +
+
+

+ Gameplay +

+ +

+ The objective of web riddles is to reach the final level. To do this, you must use the information given to you in order to find a password. Sometimes, an "egg", or clue, will display instead in order to help you along.

+ +

+ If you are stuck, try one of these: +

+ +

+ And with that, I bid thee good luck! +

+

+ - Ʉ +

+
+ + \ No newline at end of file diff --git a/index.css b/index.css new file mode 100644 index 0000000..89eee66 --- /dev/null +++ b/index.css @@ -0,0 +1,44 @@ +body{ + margin: 0; +} +#top{ + background-color: #04043c; + color: white; +} +#top1{ + padding-left: 10em; +} +#top1>h1{ + padding-top: 0.5em; + margin: 0; +} +#nav{ + display: grid; + grid-template-columns: repeat(4, 1fr); + list-style-type: none; + text-align: center; + padding: 0; + padding-left: 40%; + height: 3em; + font-family: sans-serif; +} +#nav>a{ + height: 100%; + color: inherit; + margin: 0; + text-decoration: none; +} +.nav{ + height: 100%; + line-height: 3em; + background-color: inherit; + color: inherit; +} +#content{ + width: 70%; + margin: 0 auto; +} +#current{ + background-color: white !important; + color: black !important; +} \ No newline at end of file diff --git a/index.php b/index.php new file mode 100644 index 0000000..8e53c37 --- /dev/null +++ b/index.php @@ -0,0 +1,58 @@ + + + + + Riddles Without Vitae + + + + +
+
+

+ WELCOME +

+

+ to the Riddles Without Vitae +

+
+ +
+
+

+ Congratulations to Sabrina and Harrison, respectively: the first two to reach the end! +

+

+ What RWV is +

+

+ This is a web riddle series similar to Oddpawn and Notpron Web riddles are logic puzzles, in which you figure out a password to reach the next level. You can stay here and read about how and why it was made, learn more about how to play, or just jump right in. +

+

+ Why RWV was made +

+

+ The Riddles Without Vitae is my most recent and most extensive riddle series. I learned about the existance of web riddles by stumbling upon notpron, which I fell in love with. Sadly, I did not reacht the end, but I also found Oddpawn. After having a stab at both, I looked for more but didn't find anything to write home about. I decided that I had to join the ranks and create my own, and thus began working on my own riddles. My riddles are a gift to the world of Web Riddling, and I hope that many people out there enjoy them. +

+ +

+ How RWV was made +

+

+ The Riddles without Vitae has gone through many phases. It's predecessor, the Riddles Without Polarity, were a batch of thirty-four roughly strewn together riddles that I pieced together for a single person to solve. At that time, I did not know how to code anything. I used Wix to create the riddles, and Imgur to communicate with their solver. The whole thing fell apart when she decided to stop and focus on schoolwork. But after that, they were opened up to the world and about four hundered people started, thirty of which managed to get to level three. No-one finished. I learned to make webpages, and started making the riddles a lot better, which resulted in a similar product to what it is now. The difference, however, is that those riddles were secured with javascript, which means that you could simply type "view-source:" in front of the URL and see the password. It was so simple, but I am lucky that no-one did it. I learned PHP, and created a secured version of the riddles, however it was less user friendly that I liked. So I worked on a new version, a better one. Now the password input is on the same page as the riddle - in fact the entire riddles are on a single page. +

+ +

+ What's next? +

+

+ This riddle series is constantly evolving. I'm changing riddles to make them better, adding more on, and creating new features. The future of RWV depends on the users: the more users I have the more content the riddles will have. Right now there are 28 riddles. I'm also working on some other riddle series, but those may never see the light of day. +

+
+ + \ No newline at end of file diff --git a/profile.php b/profile.php new file mode 100644 index 0000000..1c1cd50 --- /dev/null +++ b/profile.php @@ -0,0 +1,5 @@ + + diff --git a/pwdchk.php b/pwdchk.php new file mode 100644 index 0000000..e898e41 --- /dev/null +++ b/pwdchk.php @@ -0,0 +1,31 @@ +prepare("SELECT password FROM users WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + $array = $stmt->fetch(PDO::FETCH_ASSOC); + $hashedPass = $array['password']; + + //checking password, starting session, redirecting + if(password_verify($formPass, $hashedPass)){ + $_SESSION["user"] = $user; + //getting user level and putting it in url for $_GET + $stmt = $conn->prepare("SELECT level FROM users WHERE username=:usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $array = $stmt->fetch(PDO::FETCH_ASSOC); + $lvl = $array['level']; + header("Location: vamos.php?level=".$lvl); + }else{ + header("Location: signin.php?usrpass=incorrect"); + } +?> \ No newline at end of file diff --git a/sign.css b/sign.css new file mode 100644 index 0000000..d0557bd --- /dev/null +++ b/sign.css @@ -0,0 +1,76 @@ +/*Signin/Signup page*/ +body{ + font-family: Trebuchet MS; + font-size: 1.1em; +} +form{ + margin: auto; + padding-top: 5%; + padding-bottom: 5%; + margin-top: 5%; + border: 2px solid black; + border-radius: 3px; + width: 40%; +} +form>*{ + display: block; + margin: auto; + text-align: center; +} +form>h1{ + margin-bottom: 40px; +} +input:not(#submit){ + width: 40%; + height: 1.2em; + text-align: left; + font-size: 1.2em; + outline-width: 0; +} +.p{ + margin-bottom: 7px; +} +#submit{ + width: 120px; + height: 45px; + background-color: #04043c; + color: white; + border: 0px solid white; + font-size: 1em; +} +#submit:hover{ + cursor: pointer; +} +#username{ + margin-bottom: 15px; +} +#password{ + margin-bottom: 20px; +} +#cookies{ + position: fixed; + bottom: 0; + left: 0; + width: 100%; + background-color: #252525; + color: white; + text-align: center; + padding: 2% 0; + font-family: sans-serif; +} +#cookies>p{ + width: 80%; + margin: 0 auto; +} +#cookies>a{ + font-size: 0.9em; + color: white; +} + + + + + + + + diff --git a/signin.php b/signin.php new file mode 100644 index 0000000..1ed35e8 --- /dev/null +++ b/signin.php @@ -0,0 +1,38 @@ +Incorrect username or password
"; + }else{ + $note = ""; + } +?> + + + + + Riddles Without Vitae + + + + +
+

SIGN IN

+

Username:

+ +

Password:

+ + +
+

Need an account? Sign up.

+
+ +

This site uses a cookie in order to keep you logged in between levels.
By signing in to use the website, you agree to the usage of this cookie.
No other cookies are used.

+ [ I understand, dismiss this banner] +
Don't care about cookies? + "; + } + ?> + + \ No newline at end of file diff --git a/signup.php b/signup.php new file mode 100644 index 0000000..d1b0e65 --- /dev/null +++ b/signup.php @@ -0,0 +1,38 @@ +That username is already in use.
Please choose another.
"; + }else{ + $note = ""; + } +?> + + + + + Riddles Without Vitae + + + + +
+

SIGN UP

+

Username:

+ + +

Password:

+ +
+

Have an account? Sign in.

+
+ +

This site uses a cookie in order to keep you logged in between levels.
By signing up to use the website, you agree to the usage of this cookie.
No other cookies are used.

+ [ I understand, dismiss this banner] +
Don't care about cookies? + "; + } + ?> + + \ No newline at end of file diff --git a/style.css b/style.css new file mode 100644 index 0000000..23b8c33 --- /dev/null +++ b/style.css @@ -0,0 +1,40 @@ +body{ + display: grid; + grid-template-columns: 2fr 3fr; + min-width: 0; + min-height: 0; + font-family: sans-serif; + font-size: 1.1em; +} +img{ + width: 100%; /*This makes it only take the width of the parent column, thus not expanding it*/ + border: 1px solid black; +} +input{ + font-size: 1em; + margin-bottom: 0.4em; + background-color: rgba(0,0,0,0); + border: 1px solid gray; + color: black; +} +#info{ + display: grid; + grid-template-columns: 1fr 1fr; + position: relative; +} +#info>*{ + margin: 0; + margin-top: 0; +} +#right{ + margin-left: 1em; + position: relative; +} +#answer{ + position: absolute; + bottom: 0; +} +#lr{ + position: absolute; + right: 0; /*float username right*/ +} \ No newline at end of file diff --git a/user.css b/user.css new file mode 100644 index 0000000..ff8be7d --- /dev/null +++ b/user.css @@ -0,0 +1,11 @@ +body{ + text-align: center; + font-family: monospace; + font-size: 1.3em; +} +a{ + text-decoration: none; +} +a:hover{ + text-decoration: underline; +} \ No newline at end of file diff --git a/user.php b/user.php new file mode 100644 index 0000000..b6b02b5 --- /dev/null +++ b/user.php @@ -0,0 +1,70 @@ +prepare("SELECT * FROM users WHERE username = :usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $userInfo = $stmt->fetch(PDO::FETCH_OBJ); + + function del(){ + $stmt = $conn->prepare("DELETE FROM users WHERE username=:usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + if($stmt){ + header('Location: '); + }else{ + header('Location: ?act=error'); + } + } + function res(){ + $stmt = $conn->prepare("UPDATE users SET level = 1 WHERE username = :usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + if($stmt){ + header('Location: ?act=done'); + }else{ + header('Location: ?act=error'); + } + } + + if(isset($_GET["act"])){ + $act = $_GET["act"]; + switch($act){ + case "del": + del(); + break; + case "res": + res(); + break; + case "error": + echo "

Something went wrong

"; + break; + default: + echo "

Something went wrong

"; + break; + } + } +?> + + + + + Riddles Without Vitae + + + + +

+

This is your profile page. There will never be clues here.

+

You are on level?>>level level?>.

+
+
+

Danger Zone

+

Delete account

+

Reset progress

+ + \ No newline at end of file diff --git a/vamos.php b/vamos.php new file mode 100644 index 0000000..e69e47e --- /dev/null +++ b/vamos.php @@ -0,0 +1,214 @@ +prepare("SELECT level, stamp FROM users WHERE username=:usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $array = $stmt->fetch(PDO::FETCH_ASSOC); + $level = $array['level']; + $level = intval($level); + $stamp = $array['stamp']; + $timeDiff = time()-strtotime($stamp); + $minsDiff = $timeDiff/60; + + //SQL level crap + $stmt = $conn->prepare("SELECT password, image, title, paragraph, comment, unoxidized FROM root WHERE level=:lvl"); + $stmt->bindParam(':lvl', $urlLevel); + $stmt->execute(); + //getting the level info returned by sql + $levelArray = $stmt->fetch(PDO::FETCH_ASSOC); + + //Actual useful info ($user, $level already defined) + $pass = $levelArray['password']; + $head = $levelArray['title']; + $paragraph = $levelArray['paragraph']; + $image = $levelArray['image']; + $comment = $levelArray['comment']; + $unoxidized = $levelArray['unoxidized']; + + //amount of guesses the user has left + $stmt = $conn->prepare("SELECT * FROM users WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + $guessesArray = $stmt->fetch(PDO::FETCH_ASSOC); + $guesses = $guessesArray['guesses']; + $menos = false; //I guess this belongs here, with $guesses + + //Variables not reliant on input + $next = intval($level)+1; + $urlNext = $urlLevel+1; + $suffix = ".jpg"; + //making the $suffix .jpeg instead of .jpg if the .jpeg exists + if(file_exists($_SERVER['DOCUMENT_ROOT'].'/i/'.$image.'.jpeg')){ + $suffix = '.jpeg'; + } + + //Making the $numeral + switch($urlLevel){ + case 1: $numeral = "I"; break; + case 2: $numeral = "II"; break; + case 3: $numeral = "III"; break; + case 4: $numeral = "IIII"; break; + case 5: $numeral = "V"; break; + case 6: $numeral = "VI"; break; + case 7: $numeral = "VII"; break; + case 8: $numeral = "VIII"; break; + case 9: $numeral = "IX"; break; + case 10: $numeral = "X"; break; + case 11: $numeral = "XI"; break; + case 12: $numeral = "XII"; break; + case 13: $numeral = "XIII"; break; + case 14: $numeral = "XIV"; break; + case 15: $numeral = "XV"; break; + case 16: $numeral = "XVI"; break; + case 17: $numeral = "XVII"; break; + case 18: $numeral = "XVIII"; break; + case 19: $numeral = "XIX"; break; + case 20: $numeral = "XX"; break; + case 21: $numeral = "XXI"; break; + case 22: $numeral = "XXII"; break; + case 23: $numeral = "XXIII"; break; + case 24: $numeral = "XXIV"; break; + case 25: $numeral = "XXV"; break; + case 26: $numeral = "XXVI"; break; + case 27: $numeral = "XXVII"; break; + case 28: $numeral = "XXVIII"; break; + case 29: $numeral = "XXIX"; break; + case 30: $numeral = "XXX"; break; + default: $numeral = "[error]"; break; + } + + //resetting the $guesses if it's been two hours + if($minsDiff>=120 && $guesses<0){ + $guesses = 50; + $stmt = $conn->prepare("UPDATE users SET guesses=$guesses WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + } + if(isset($_POST['guess']) && $guesses>0){ + //updating the user's timestamp + $stmt =$conn->prepare("UPDATE users SET stamp=now() WHERE username = :usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + + //getting $guess as lowercase + $guess = $_POST['guess']; + $guess = strtolower($guess); + + /*Egg checking*/ + for($n=1; $n<8; $n++){ + $eggToCheck = "egg".$n; + $stmt = $conn->prepare("SELECT egg".$n." FROM eggs WHERE level=:url"); + $stmt->bindParam(":url", $urlLevel); + $stmt->execute(); + $eggArray = $stmt->fetch(PDO::FETCH_ASSOC); + $egg = $eggArray[$eggToCheck]; + if($guess===$egg){ + //fetching eggtext + $stmt = $conn->prepare("SELECT eggtext".$n." FROM eggs WHERE level=:url"); + $stmt->bindParam(":url", $urlLevel); + $stmt->execute(); + $eggtextArray = $stmt->fetch(PDO::FETCH_ASSOC); + $eggtext = $eggtextArray['eggtext'.$n]; + $menos = true; + $n = 8; //Ending the loop to only give the one egg + } + } + } + //Letting the users skip through their solved levels + elseif(intval($urlLevel)next level or your current level?"; + } + //guesses limit and password checking + if($guesses<1){ + $eggtext = "You're out of guesses. Come back in ".(120-round($minsDiff, 0))." minutes."; + }elseif($pass===$guess){ + //guesses should be updated reguardless of level acheived + $stmt = $conn->prepare("UPDATE users SET guesses=50 WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + //Making sure the user is on their current level before advancing them + if(intval($urlLevel)===intval($level)){ + $stmt = $conn->prepare("UPDATE users SET level=$next WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + } + header('Location: vamos.php?level='.$urlNext); + }elseif($menos === false && $guess!=null) { + $guesses -= 1; + if($guesses===0){ + $stmt =$conn->prepare("UPDATE users SET stamp=now() WHERE username = :usr"); + $stmt->bindParam(":usr", $user); + $stmt->execute(); + $guesses-=1; + $eggtext = "You're out of guesses. Try again in two hours!"; + } + //update the user's table + $stmt = $conn->prepare("UPDATE users SET guesses=$guesses WHERE username=:unm"); + $stmt->bindParam(":unm", $user); + $stmt->execute(); + //give eggtext + if($guesses>0){ + $eggtext = "Guesses left: ".$guesses; + } + } + + //End of Riddles + if(intval($level) === 26 && intval($urlLevel) === 26){ + $eggtext="So what will it be?"; + if(strpos($guess, "blue")!==false){ + header('Location: bluepill.html'); + }elseif(strpos($guess, "red")!==false){ + header('Location: redpill.html'); + } + } + + //making sure user is signed in, then checking for cheating + if($user === null){ + header('Location: signin.php'); + }elseif (intval($urlLevel)>intval($level)){ + header('Location: cheater.html'); + } + + //CSS + $css="rwv.css"; +?> +";} ?> + + + + + Riddles Without Vitae + + + + +
+ +
+

Level:

+

+
+
+ + + +";} ?> \ No newline at end of file