From a0fac730db73591ff4f5f57e4700104e5ed4c7f0 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 16:40:49 +0530
Subject: [PATCH 1/8] Update routes.py

---
 routes.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/routes.py b/routes.py
index 25dde68..22f7db8 100644
--- a/routes.py
+++ b/routes.py
@@ -36,7 +36,7 @@ def login():
             db = get_db()
 
             # Intentionally vulnerable to SQL Injection in the username field
-            query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{hashed_password}'"
+            query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{hashed_password}' "
             print(f"Executing SQL Query: {query}")  # Debug the SQL query being executed
 
             result = db.execute(query).fetchone()
@@ -235,4 +235,4 @@ def create_ticket():
 
     @app.route('/admin/tickets')
     def view_tickets():
-        return render_template('admin_tickets.html', tickets=tickets)
\ No newline at end of file
+        return render_template('admin_tickets.html', tickets=tickets)

From 735be3efeb6804f26fc91d2ef245b28727b85e7e Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 16:50:05 +0530
Subject: [PATCH 2/8] Update routes.py

---
 routes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes.py b/routes.py
index 22f7db8..f76ba20 100644
--- a/routes.py
+++ b/routes.py
@@ -93,7 +93,7 @@ def search_user():
                 # Search user by ID
                 user_id = request.form.get('user_id')
                 try:
-                    query = f"SELECT * FROM users WHERE id = {user_id}"
+                    query = f"SELECT * FROM users WHERE id = {user_id} "
                     print(f"Executing SQL Query: {query}")
                     result = db.execute(query).fetchall()
                     if result:

From 0a21594a7c221797304434c304c4fff488489378 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 16:51:36 +0530
Subject: [PATCH 3/8] Update routes.py

---
 routes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes.py b/routes.py
index f76ba20..7f17cd6 100644
--- a/routes.py
+++ b/routes.py
@@ -69,7 +69,7 @@ def search_user():
                 # Add new user
                 new_username = request.form['new_username']
                 new_password = request.form['new_password']
-                existing_user = db.execute("SELECT * FROM users WHERE username = ?", (new_username,)).fetchone()
+                existing_user = db.execute("SELECT * FROM users WHERE username = ? ", (new_username,)).fetchone()
                 if existing_user:
                     flash("User already exists!")
                 else:

From 208b9c9142874b9e453014f755b4077f2d6ea9e7 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 16:55:24 +0530
Subject: [PATCH 4/8] Update routes.py

---
 routes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes.py b/routes.py
index 7f17cd6..f76ba20 100644
--- a/routes.py
+++ b/routes.py
@@ -69,7 +69,7 @@ def search_user():
                 # Add new user
                 new_username = request.form['new_username']
                 new_password = request.form['new_password']
-                existing_user = db.execute("SELECT * FROM users WHERE username = ? ", (new_username,)).fetchone()
+                existing_user = db.execute("SELECT * FROM users WHERE username = ?", (new_username,)).fetchone()
                 if existing_user:
                     flash("User already exists!")
                 else:

From ec3411fea93f96f1ea15d881fe9791aa3a18f5a1 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 16:57:57 +0530
Subject: [PATCH 5/8] Update xss_demo.html

---
 templates/xss_demo.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/xss_demo.html b/templates/xss_demo.html
index e5145e8..d2747d2 100644
--- a/templates/xss_demo.html
+++ b/templates/xss_demo.html
@@ -60,7 +60,7 @@ <h1 class="text-center mb-4">XSS Vulnerability Demonstration</h1>
     <script>
       // DOM-based XSS demo: directly evaluate hash content
       if (location.hash) {
-        const payload = decodeURIComponent(location.hash.slice(1));
+        const payload = decodeURIComponent(location.hash.slice(1)) ;
         // Intentionally using eval for demonstration
         eval(payload);
       }
@@ -68,4 +68,4 @@ <h1 class="text-center mb-4">XSS Vulnerability Demonstration</h1>
     <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
     <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.5.2/dist/js/bootstrap.bundle.min.js"></script>
   </body>
-</html>
\ No newline at end of file
+</html>

From ce55c34194fbb3bcb5bf8d544f3500ccc740fd7a Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 21 Aug 2025 17:03:32 +0530
Subject: [PATCH 6/8] Update xss_demo.html

---
 templates/xss_demo.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/xss_demo.html b/templates/xss_demo.html
index d2747d2..1af1e24 100644
--- a/templates/xss_demo.html
+++ b/templates/xss_demo.html
@@ -60,9 +60,9 @@ <h1 class="text-center mb-4">XSS Vulnerability Demonstration</h1>
     <script>
       // DOM-based XSS demo: directly evaluate hash content
       if (location.hash) {
-        const payload = decodeURIComponent(location.hash.slice(1)) ;
+        const data = decodeURIComponent(location.hash.slice(1));
         // Intentionally using eval for demonstration
-        eval(payload);
+        eval(data);
       }
     </script>
     <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>

From a1bdf51fa4f5722d819bfedd694192fa1fd2121d Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Fri, 22 Aug 2025 11:39:36 +0530
Subject: [PATCH 7/8] Update routes.py

---
 routes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes.py b/routes.py
index f76ba20..cd80171 100644
--- a/routes.py
+++ b/routes.py
@@ -85,7 +85,7 @@ def search_user():
                 if admin_user:
                     flash("Cannot delete the admin user!")
                 else:
-                    db.execute("DELETE FROM users WHERE id = ?", (user_id,))
+                    db.execute("DELETE FROM users WHERE id = ? ", (user_id,))
                     db.commit()
                     flash("User deleted successfully!")
 

From ca1a709e39e2b5e59a9ebe51e27b9462ea1b22e5 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Fri, 22 Aug 2025 11:45:15 +0530
Subject: [PATCH 8/8] Update routes.py

---
 routes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes.py b/routes.py
index cd80171..8c4338e 100644
--- a/routes.py
+++ b/routes.py
@@ -81,7 +81,7 @@ def search_user():
             elif 'delete_user' in request.form:
                 # Delete user
                 user_id = request.form.get('user_id_to_delete')
-                admin_user = db.execute("SELECT * FROM users WHERE id = ? AND username = 'admin'", (user_id,)).fetchone()
+                admin_user = db.execute("SELECT * FROM users WHERE id = ? AND username = 'admin' ", (user_id,)).fetchone()
                 if admin_user:
                     flash("Cannot delete the admin user!")
                 else: