From f7b09daf01eda25fb411959a84459690fc1f0d33 Mon Sep 17 00:00:00 2001
From: Benjamyn Love <benjamyn.love@gmail.com>
Date: Wed, 26 Feb 2020 14:39:18 +1100
Subject: [PATCH] Fixed potential exploit in the change pass page

---
 shop.py              | 12 +++++++++---
 templates/admin.html |  2 +-
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/shop.py b/shop.py
index 9684625..4a5fd03 100644
--- a/shop.py
+++ b/shop.py
@@ -17,7 +17,7 @@ def createSession(res):
 
 def refreshSession(id):
     list_ids = db.get_list_ids(int(session["id"]))
-    print(list_ids)
+    # print(list_ids)
     session["list_ids"] = None
     session["list_ids"] = list_ids
     # print(session["list_ids"])
@@ -40,7 +40,7 @@ def index():
 
 @application.route('/post', methods=['POST'])
 def handle_data():
-    print(request.form)
+    # print(request.form)
     if "addValue" in request.form:
         for x in request.form:
             if request.form[x] == '':
@@ -69,9 +69,15 @@ def handle_data():
         db.add_user(userData)
         return redirect(url_for("admin"))
 
-    if "newpass" in request.form:
+    if "adminpass" in request.form:
         user_id = request.form['updatepass']
+        newpass = request.form['adminpass']
+        db.update_pass(user_id, newpass)
+        return redirect(url_for("admin"))
+
+    if "newpass" in request.form:
         newpass = request.form['newpass']
+        user_id = session["id"]
         db.update_pass(user_id, newpass)
         return redirect(url_for("index"))
 
diff --git a/templates/admin.html b/templates/admin.html
index f558587..a218704 100644
--- a/templates/admin.html
+++ b/templates/admin.html
@@ -18,7 +18,7 @@
                     <td>{% if x[1] == 1 %} Yes {% else %} No {% endif %}</td>
                     <td align="right">
                         <form action="/post" method="POST"><input style="width: 70%; display: inline;"
-                                class="form-control" type="text" name="newpass" id="addbox"><button
+                                class="form-control" type="text" name="adminpass" id="addbox"><button
                                 class="btn btn-secondary" type="submit" name="updatepass" value="{{x[2]}}"> Change
                                 Password </button></form>
                     </td>