From 09e857bbf6b029588a824fc0192e770ff94c4e43 Mon Sep 17 00:00:00 2001
From: Hui Lan <lanhui@zjnu.edu.cn>
Date: Fri, 2 Oct 2020 23:02:27 +0800
Subject: [PATCH 1/2] A better way to store mysql credentials.

---
 Header.php                |  3 +-
 Script.php                |  3 +-
 batch_insert.php          |  9 ++++--
 get_mysql_credentials.php |  5 ++++
 test.php                  | 61 ---------------------------------------
 5 files changed, 15 insertions(+), 66 deletions(-)
 create mode 100644 get_mysql_credentials.php
 delete mode 100644 test.php

diff --git a/Header.php b/Header.php
index e867e1e..a5787c3 100644
--- a/Header.php
+++ b/Header.php
@@ -3,7 +3,8 @@ session_start();
 error_reporting(0);
 date_default_timezone_set('Asia/Shanghai');
 
-$con = mysqli_connect("localhost","username","password","lrr");
+include "get_mysql_credentials.php";
+$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
 
 // Check database connection
 if (mysqli_connect_errno()) {
diff --git a/Script.php b/Script.php
index b0225ea..cc9fa3b 100644
--- a/Script.php
+++ b/Script.php
@@ -12,7 +12,8 @@ session_start();
 date_default_timezone_set('Asia/Shanghai');
 
 // Connect to MySQL database
-$con = mysqli_connect("localhost","username","password","lrr");
+include "get_mysql_credentials.php";
+$con = mysqli_connect("localhost",  $mysql_username, $mysql_password, "lrr");
 
 // Check connection
 if (mysqli_connect_errno())
diff --git a/batch_insert.php b/batch_insert.php
index 664bf66..00dad1b 100644
--- a/batch_insert.php
+++ b/batch_insert.php
@@ -2,9 +2,12 @@
 
 // Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
 //数据库信息
+
+
+include "get_mysql_credentials.php";
 $servername = "localhost";
-$username = "username";
-$password = "password";
+$username = $mysql_username;
+$password = $mysql_password;
 $dbname = "lrr";
 
 // 创建连接
@@ -52,4 +55,4 @@ $result->free();
 //中断连接
 mysqli_close($conn);
 
-?>
\ No newline at end of file
+?>
diff --git a/get_mysql_credentials.php b/get_mysql_credentials.php
new file mode 100644
index 0000000..c520376
--- /dev/null
+++ b/get_mysql_credentials.php
@@ -0,0 +1,5 @@
+<?php
+$csv = array_map('str_getcsv', file('./../../lrr_submission/KeepItSafe.txt'));
+$mysql_username = $csv[0][0];
+$mysql_password = $csv[0][1];
+?>
diff --git a/test.php b/test.php
deleted file mode 100644
index 4780387..0000000
--- a/test.php
+++ /dev/null
@@ -1,61 +0,0 @@
-<?php
-
-
-
-error_reporting(E_ALL);
-ini_set('display_errors', 'on');
-
-
-
-
-
-echo phpversion();
-
-$hashed_password1 = hash('sha512', '123a');
-$hashed_password2 = hash('sha512', '123a');
-echo "Hash1=".$hashed_password1;
-echo "<hr>Hash2=".$hashed_password2;
-
-
-
-
-$con=mysqli_connect("localhost","username","password","lrr");
-// Check connection
-if (mysqli_connect_errno())
-  {
-  echo "Failed to connect to MySQL: " . mysqli_connect_error();
-  }
-else
-{
-echo "Connected ";
-}
-
-mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
-$query  = "SELECT * from users_table;";
-$result = mysqli_query($con, $query);
-
-
-if (mysqli_num_rows($result) > 0) {
-
-    echo "<table>";
-
-    while ($row = mysqli_fetch_assoc($result)) {
-
-$id=$row["User_ID"];
-$pass=$row["Password"];
-$hash_pass=hash('sha512', $pass);
-$inner_query  = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
-if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>";  }
-
-        //echo "<tr>";
-        //echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
-        //echo "</tr>";
-
-    }
-
-    echo "</table>";
-
-
-}
-
-

From 69355029a8f2d059e8f981e2ceee3baafa17a38b Mon Sep 17 00:00:00 2001
From: Hui Lan <lanhui@zjnu.edu.cn>
Date: Tue, 22 Dec 2020 17:42:29 +0800
Subject: [PATCH 2/2] Script.php: increase attachment size to 3MB.

---
 Script.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Script.php b/Script.php
index cc9fa3b..b00e8d5 100644
--- a/Script.php
+++ b/Script.php
@@ -528,7 +528,7 @@ function checksize($file)
 {
     $result = $_FILES["$file"]['size']/(1024*1024);
       
-    if($result > 1)
+    if($result > 3)
     {
         return FALSE;
     }