<?php

	require('flags.php');

	function authCred($u, $p) {
		if (isset($_POST['user']) && isset($_POST['passw'])) {
			if ($_POST['user'] === $u && $_POST['passw'] === $p) {
				return True;
			} else {
				return False;
			}
		} else {
			return False;
		}
	}


	function checkInj() {
		if (isset($_POST['user']) && isset($_POST['passw'])) {
			if ($_POST['passw'][0] == '"' || $_POST['passw'][0] == "'") {
				return True;
			} else {
				return False;
			}
		} else {
			return False;
		}
	}


	function checkInDatabase($query) {
		$handle = new SQLite3('secretDataBase.db');
		$array['dbhandle'] = $handle;
		$array['query'] = $query;
		$result = $handle->query($query);
		$i = 0;
		while ($result->columnName($i)) {
			$columns[ ] = $result->columnName($i);
			$i++;
		}
		$resx = $result->fetchArray(SQLITE3_ASSOC);
		return $resx;
	}

	switch ($_COOKIE['currentLevel']) {
		case $flag_1:
			if (isset($_POST['thisUser'])) {
				echo $flag_2;
			} else {
				echo '0';
			}
			break;
		case $flag_2:
			$badQuery = 'SELECT * FROM users WHERE username = "' . $_POST['user'] . '" and password = "' . $_POST['passw'] . '";';
			if (strpos(strtoupper($_POST['passw']), 'UPDATE')) {
				$_POST['passw'] = '';
			}
			if (strpos(strtoupper($_POST['passw']), 'DELETE')) {
				$_POST['passw'] = '';
			}
			if (strpos(strtoupper($_POST['passw']), 'DROP')) {
				$_POST['passw'] = '';
			}
			if (strpos(strtoupper($_POST['user']), 'UPDATE')) {
				$_POST['user'] = '';
			}
			if (strpos(strtoupper($_POST['user']), 'DELETE')) {
				$_POST['user'] = '';
			}
			if (strpos(strtoupper($_POST['user']), 'DROP')) {
				$_POST['user'] = '';
			}
			if (checkInDatabase($badQuery)) {
				echo $flag_3;
			} else {
				echo '0';
			}
			break;
		case $flag_3:
			break;
		case $flag_4:
			if (authCred('LarsIX', 'FXrm264!&Rdjka')) {
				echo $flag_5;
			} else {
				echo '0';
			}
			break;
		default:
			if (authCred('admin', 'admin')) {
				echo $flag_1;
			} else {
				echo '0';
			}
	}


?>