\chapter{Problem solutions}
The solutions can be downloaded from \url{\ft Solutions}.

\section{WMOTU League}
\subsection{WMOTU League Service}
\url{\ft WMOTULeagueService/index.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTULeagueService/index.php}}

\subsection{WMOTU League}
\subsubsection{\texttt{index.php}}
\url{\ft WMOTULeague/index.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTULeague/index.php}}
\subsubsection{\texttt{style.css}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{css}{WMOTULeague/style.css}}

\section{WMOTU Sorter}
We need to take precautions to prevent someone from hijacking our form and submitting a choice that we have not offered.
Consider the following:

\noindent\url{\ft WMOTUSorter/hijacker.php}
{\scriptsize\inputminted[tabsize=2, linenos=true]{html+php}{WMOTUSorter/hijacker.php}}

\noindent\url{\ft WMOTUSorter/index_vulnerable.php}
{\scriptsize\inputminted[tabsize=2, linenos=true]{html+php}{WMOTUSorter/index_vulnerable.php}}

\noindent\url{\ft WMOTUSorter/index.php}
{\scriptsize\inputminted[tabsize=2, linenos=true]{html+php}{WMOTUSorter/index.php}}

\section{WMOTU Sub}
\subsection{Standard solution}
\url{\ft WMOTUSub/index.php}
{\scriptsize\inputminted[tabsize=2, linenos=true]{html+php}{WMOTUSub/index.php}}

\subsection{Evolved object oriented solution}
Ralph Hermes has developed an improved solution that beautifully illustrates the application of object orientation in PHP. \\
\url{\ft WMOTUSub/Battleship_HerRa036.php}
{\scriptsize\inputminted[tabsize=2, linenos=true]{html+php}{WMOTUSub/Battleship_HerRa036.php}}

\section{WMOTU Mailer}
\subsection{WMOTU Mailer v1}
\url{\ft WMOTUMailerv1/index.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv1/index.php}}
We use an HTML form to submit the data. If no \verb|action| attribute is specified, the current script gets called upon submission. Note that all \verb|input| and \verb|textarea| tags have the \verb|required| attribute set.
This forces the client browser to submit the form only if all fields have been filled in. We therefore do not need to check again on the server side that all fields have been filled in. We do it here nevertheless for illustrative purposes.

Also note how we can not only generate HTML and CSS, but also JavaScript on the server side.

\subsection{WMOTU Mailer v1++}
\subsubsection{\texttt{index.php}}
\url{\ft WMOTUMailerv1++/index.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv1++/index.php}}

\subsubsection{\texttt{sendmail.php}}
\url{\ft WMOTUMailerv1++/sendmail.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv1++/sendmail.php}}
The problem is the browser refresh function. If the user refreshes the page, another email with the same information than the previous one  gets sent immediately. This is no good! The problem originates from our combining the client and server side processing in the same script. This means that the previous values entered by the user are still stored in the \verb|$_POST| array and the sending of another email is triggered automatically. The improved version splits the client and server side processing into two scripts and triggers the send process only after the user has pressed the \verb|submit| button, not after a page reload. Furthermore, the form is empty, given that the form page gets reloaded after the first email submission.

\subsection{WMOTU Mailer v2}
\subsubsection{\texttt{createDB.sql}}
\url{\ft WMOTUMailerv2/createDB.sql}
{\scriptsize \inputminted[tabsize=2, linenos=true]{mysql}{WMOTUMailerv2/createDB.sql}}

Create the database as described in \ref{DBCreation}.
\subsubsection{\texttt{database.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv2/database.php}}

\subsubsection{\texttt{index.php}}
\url{\ft WMOTUMailerv2/index.php}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv2/index.php}}

\subsubsection{\texttt{sendmail.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv2/sendmail.php}}

\subsubsection{\texttt{db\_credentials.php}}
This file contains the credentials for accessing the DB. You need to replace these values with your own in order to access your DB.
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUMailerv2/db_credentials_clean.php}}

\section{WMOTU Quack}
WMOTU has been asked to develop a full-fledged communication platform. \\
\noindent\url{http://wsers.foxi.lu/WAD/WMOTUQuack}

\subsection{DB}
\subsubsection{Structure}
\noindent\includegraphics{WMOTUQuackDB}

\subsubsection{\texttt{createDB.sql}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{mysql}{WMOTUQuack/protected/createDB.sql}}

\subsection{\texttt{database.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php}{WMOTUQuack/protected/database.php}}

\subsection{\texttt{index.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUQuack/index.php}}

\subsection{\texttt{index.js}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{js}{WMOTUQuack/index.js}}

\subsection{\texttt{index.css}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{css}{WMOTUQuack/index.css}}

\subsection{\texttt{main.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{html+php}{WMOTUQuack/main.php}}

\subsection{\texttt{main.js}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{javascript}{WMOTUQuack/main.js}}

\subsection{\texttt{main.css}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{css}{WMOTUQuack/main.css}}

\subsection{\texttt{websocket.js}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{javascript}{WMOTUQuack/websocket.js}}

\subsection{\texttt{checkuser.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/checkuser.php}}

\subsection{\texttt{logout.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/logout.php}}

\subsection{\texttt{deleteprofile.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/deleteprofile.php}}

\subsection{\texttt{deleteprofileimage.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/deleteprofileimage.php}}

\subsection{\texttt{getprofileimage.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/getprofileimage.php}}

\subsection{\texttt{getmember.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/getmember.php}}

\subsection{\texttt{getmembers.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/getmembers.php}}

\subsection{\texttt{stillloggedin.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/stillloggedin.php}}

\subsection{\texttt{updatedescription.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/updatedescription.php}}

\subsection{\texttt{upload.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/upload.php}}

\subsection{\texttt{bouncer.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/protected/bouncer.php}}

\subsection{\texttt{server.php}}
{\scriptsize \inputminted[tabsize=2, linenos=true]{php5}{WMOTUQuack/protected/server.php}}