{% extends "introduction/base.html" %}
{% block content %}
{% block title %}
<title>SSRF LAB</title>
{% endblock %}

<div style="display:flex;flex-direction:column;align-items:center">
    <div>
        <h1> Read Blog </h2>
            <br>
    </div>
    <div style="display:flex;flex-direction:row;align-items:center;margin:15px">
        <form method="post" action="/ssrf_lab">
            {% csrf_token %}
            <input type="hidden" name="blog" value="templates/Lab/ssrf/blogs/blog1.txt">
            <button type="submit" class="btn btn-info"> Blog1 </button>
        </form>
        <form method="post" action="/ssrf_lab">
            {% csrf_token %}
            <input type="hidden" name="blog" value="templates/Lab/ssrf/blogs/blog2.txt">
            <button type="submit" class="btn btn-info"> Blog2 </button>
        </form>
        <form method="post" action="/ssrf_lab">
            {% csrf_token %}
            <input type="hidden" name="blog" value="templates/Lab/ssrf/blogs/blog3.txt">
            <button type="submit" class="btn btn-info"> Blog3 </button>
        </form>
        <form method="post" action="/ssrf_lab">
            {% csrf_token %}
            <input type="hidden" name="blog" value="templates/Lab/ssrf/blogs/blog4.txt">
            <button type="submit" class="btn btn-info"> Blog4 </button>
        </form>
    </div>
    <div>
        {{ blog }}
    </div>
</div>

<button class="coll2 btn btn-info" style= "position : fixed ; right :330px; bottom : 7px">Hint</button>
<div class="lab code">
    Try to find a .env file
</div>

<button class="coll2 btn btn-info" style= "position : fixed ; right :200px; bottom : 7px">View Code</button>

<div class="lab code">
   <code>   
    def ssrf_lab(request):</br>
&emsp;if request.user.is_authenticated:</br>
&emsp;&emsp;if request.method=="GET":</br>
&emsp;&emsp;&emsp;return render(request,"Lab/ssrf/ssrf_lab.html",{"blog":"Read Blog About SSRF"})</br>
&emsp;&emsp;else:</br>
&emsp;&emsp;&emsp;file=request.POST["blog"]</br>
&emsp;&emsp;&emsp;try :</br>
&emsp;&emsp;&emsp;&emsp;dirname = os.path.dirname(__file__)</br>
&emsp;&emsp;&emsp;&emsp;filename = os.path.join(dirname, file)</br>
&emsp;&emsp;&emsp;&emsp;file = open(filename,"r")</br>
&emsp;&emsp;&emsp;&emsp;data = file.read()</br>
&emsp;&emsp;&emsp;&emsp;return render(request,"Lab/ssrf/ssrf_lab.html",{"blog":data})</br>
&emsp;&emsp;&emsp;except:</br>
&emsp;&emsp;&emsp;&emsp;return render(request, "Lab/ssrf/ssrf_lab.html", {"blog": "No blog found"})</br>
&emsp;else:</br>    
&emsp;&emsp;return redirect('login')</br>
   </code>
    
</div>
<div>

<div style= "position : fixed ; right : 7px; bottom : 7px"> <button class="btn btn-info" type="button" onclick="window.location.href='/ssrf'">Back to Lab
    Details</button></div>

{% endblock %}