package org.owasp.webgoat.plugin;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.ArrayList;
import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.B;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.P;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.apache.ecs.html.TextArea;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.lessons.LessonAdapter;
import org.owasp.webgoat.session.DatabaseUtilities;
import org.owasp.webgoat.session.ECSFactory;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.util.HtmlEncoder;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;

/* loaded from: input_file:WebGoat.war:plugin_lessons/csrf-1.0.jar:org/owasp/webgoat/plugin/CSRF.class */
public class CSRF extends LessonAdapter {
    private static final String TRANSFER_FUNDS_PARAMETER = "transferFunds";
    private static final String TRANSFER_FUNDS_PAGE = "main";
    private static final String MESSAGE = "message";
    private static final int MESSAGE_COL = 3;
    private static final String NUMBER = "Num";
    private static final int NUM_COL = 1;
    private static final String STANDARD_QUERY = "SELECT * FROM messages";
    private static final String TITLE = "title";
    private static final int TITLE_COL = 2;
    private static final int USER_COL = 4;
    private static int count = 1;
    private static final Integer DEFAULT_RANKING = new Integer(121);

    protected void addMessage(WebSession webSession) {
        try {
            String encode = HtmlEncoder.encode(webSession.getParser().getRawParameter("title", ""));
            String rawParameter = webSession.getParser().getRawParameter("message", "");
            PreparedStatement prepareStatement = DatabaseUtilities.getConnection(getNameroot(webSession.getUserName()), webSession.getWebgoatContext()).prepareStatement("INSERT INTO messages VALUES (?, ?, ?, ?, ? )", 1004, 1007);
            int i = count;
            count = i + 1;
            prepareStatement.setInt(1, i);
            prepareStatement.setString(2, encode);
            prepareStatement.setString(3, rawParameter);
            prepareStatement.setString(4, webSession.getUserName());
            prepareStatement.setString(5, getClass().getName());
            prepareStatement.execute();
        } catch (Exception e) {
            webSession.setMessage("Could not add message to database");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.session.Screen
    public Element createContent(WebSession webSession) {
        ElementContainer elementContainer = new ElementContainer();
        if (isTransferFunds(webSession)) {
            elementContainer.addElement(doTransfer(webSession));
        } else {
            addMessage(webSession);
            elementContainer.addElement(makeInput(webSession));
            elementContainer.addElement(new HR());
            elementContainer.addElement(makeCurrent(webSession));
            elementContainer.addElement(new HR());
            elementContainer.addElement(makeList(webSession));
        }
        return elementContainer;
    }

    protected Element doTransfer(WebSession webSession) {
        String encode = HtmlEncoder.encode(webSession.getParser().getRawParameter(TRANSFER_FUNDS_PARAMETER, ""));
        ElementContainer elementContainer = new ElementContainer();
        if (encode.equalsIgnoreCase("main")) {
            elementContainer.addElement(new H1("Electronic Transfer:"));
            Form form = new Form(getLink(), "POST");
            form.addElement(new Input("text", TRANSFER_FUNDS_PARAMETER, "0"));
            form.addElement(new Input("submit"));
            elementContainer.addElement(form);
        } else if (encode.length() != 0) {
            elementContainer.addElement(new H1("Electronic Transfer Complete"));
            elementContainer.addElement(new StringElement("Amount Transfered: " + encode));
            makeSuccess(webSession);
        }
        return elementContainer;
    }

    protected boolean isTransferFunds(WebSession webSession) {
        return webSession.getRequest().getParameterMap().containsKey(TRANSFER_FUNDS_PARAMETER);
    }

    protected Element makeInput(WebSession webSession) {
        Table border = new Table(0).setCellSpacing(0).setCellPadding(0).setBorder(0);
        TR tr = new TR();
        TR tr2 = new TR();
        tr.addElement(new TD(new StringElement("Title: ")));
        tr.addElement(new TD(new Input("TEXT", "title", "")));
        TD td = new TD();
        td.setVAlign("TOP");
        td.addElement(new StringElement("Message: "));
        tr2.addElement(td);
        TD td2 = new TD();
        TextArea textArea = new TextArea("message", 12, 60);
        textArea.addAttribute("wrap", "soft");
        td2.addElement(textArea);
        tr2.addElement(td2);
        border.addElement(tr);
        border.addElement(tr2);
        Element makeButton = ECSFactory.makeButton("Submit");
        ElementContainer elementContainer = new ElementContainer();
        elementContainer.addElement(border);
        elementContainer.addElement(new P().addElement(makeButton));
        return elementContainer;
    }

    public Element makeList(WebSession webSession) {
        Table border = new Table(0).setCellSpacing(0).setCellPadding(0).setBorder(0);
        try {
            PreparedStatement prepareStatement = DatabaseUtilities.getConnection(getNameroot(webSession.getUserName()), webSession.getWebgoatContext()).prepareStatement("SELECT * FROM messages WHERE user_name LIKE ? and lesson_type = ?", 1004, 1007);
            prepareStatement.setString(1, getNameroot(webSession.getUserName()) + QuickTargetSourceCreator.PREFIX_THREAD_LOCAL);
            prepareStatement.setString(2, getClass().getName());
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (executeQuery != null && executeQuery.first()) {
                executeQuery.beforeFirst();
                int i = 0;
                while (executeQuery.next()) {
                    border.addElement(new TR().addElement(new TD().addElement("<a href='" + getLink() + "//" + executeQuery.getInt(1) + "' style='cursor:hand'>" + executeQuery.getString(2) + "</a>")));
                    i++;
                }
            }
        } catch (Exception e) {
            webSession.setMessage("Error while getting message list.");
        }
        ElementContainer elementContainer = new ElementContainer();
        elementContainer.addElement(new H1("Message List"));
        elementContainer.addElement(border);
        if (webSession.getParser().getRawParameter(TRANSFER_FUNDS_PARAMETER, "").length() != 0) {
            makeSuccess(webSession);
        }
        return elementContainer;
    }

    protected Element makeCurrent(WebSession webSession) {
        ElementContainer elementContainer = new ElementContainer();
        try {
            int intParameter = webSession.getParser().getIntParameter(NUMBER, 0);
            PreparedStatement prepareStatement = DatabaseUtilities.getConnection(getNameroot(webSession.getUserName()), webSession.getWebgoatContext()).prepareStatement("SELECT * FROM messages WHERE user_name LIKE ? and num = ? and lesson_type = ?", 1004, 1007);
            prepareStatement.setString(1, getNameroot(webSession.getUserName()) + QuickTargetSourceCreator.PREFIX_THREAD_LOCAL);
            prepareStatement.setInt(2, intParameter);
            prepareStatement.setString(3, getClass().getName());
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (executeQuery != null && executeQuery.first()) {
                elementContainer.addElement(new H1("Message Contents For: " + executeQuery.getString(2)));
                Table border = new Table(0).setCellSpacing(0).setCellPadding(0).setBorder(0);
                TR tr = new TR(new TD(new B(new StringElement("Title:"))));
                tr.addElement(new TD(new StringElement(executeQuery.getString(2))));
                border.addElement(tr);
                String string = executeQuery.getString(3);
                TR tr2 = new TR(new TD(new B(new StringElement("Message:"))));
                tr2.addElement(new TD(new StringElement(string)));
                border.addElement(tr2);
                TR tr3 = new TR(new TD(new StringElement("Posted By:")));
                tr3.addElement(new TD(new StringElement(executeQuery.getString(4))));
                border.addElement(tr3);
                elementContainer.addElement(border);
            } else if (intParameter != 0) {
                elementContainer.addElement(new P().addElement("Could not find message " + intParameter));
            }
        } catch (Exception e) {
            webSession.setMessage("Error generating " + getClass().getName());
            e.printStackTrace();
        }
        return elementContainer;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Category getDefaultCategory() {
        return Category.XSS;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Integer getDefaultRanking() {
        return DEFAULT_RANKING;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected List<String> getHints(WebSession webSession) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("Enter some text and try to include an image in there.");
        arrayList.add("In order to make the picture almost invisible try to add width='1' and height='1'.");
        arrayList.add("The format of the image link in HTML is <pre>&lt;img src='[URL]'&gt;</pre>");
        arrayList.add("Include the img tag in the message: <pre>&lt;img src='" + getServletLink() + "&transferFunds=5000'&gt;</pre>");
        return arrayList;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.session.Screen
    public String getTitle() {
        return "Cross Site Request Forgery (CSRF)";
    }

    private static String getNameroot(String str) {
        String str2 = str;
        if (str2.indexOf(45) != -1) {
            str2 = str2.substring(0, str2.indexOf(45));
        }
        return str2;
    }
}
