From d25a0536ba607a5c15ef708e6661a611538630e0 Mon Sep 17 00:00:00 2001
From: alisolarflare <alisunderstorm@gmail.com>
Date: Thu, 15 Jun 2017 01:10:06 -0600
Subject: [PATCH] Started work on Post page, finally making ButtonPresents
 vulnerable to XSS

---
 .../presents/hello/HelloComponent.java        |  2 +
 .../presents/hello/pages/HelloPOSTPage.java   | 46 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 src/main/java/buttondevteam/presents/hello/pages/HelloPOSTPage.java

diff --git a/src/main/java/buttondevteam/presents/hello/HelloComponent.java b/src/main/java/buttondevteam/presents/hello/HelloComponent.java
index 587ade9..092c802 100644
--- a/src/main/java/buttondevteam/presents/hello/HelloComponent.java
+++ b/src/main/java/buttondevteam/presents/hello/HelloComponent.java
@@ -16,6 +16,7 @@ import buttondevteam.presents.hello.effects.HelloParticle;
 import buttondevteam.presents.hello.effects.HelloSound;
 import buttondevteam.presents.hello.pages.HelloDataPage;
 import buttondevteam.presents.hello.pages.HelloLocationPage;
+import buttondevteam.presents.hello.pages.HelloPOSTPage;
 import buttondevteam.presents.hello.pages.HelloPlayersPage;
 import buttondevteam.presents.hello.pages.HelloWorldPage;
 
@@ -39,5 +40,6 @@ public class HelloComponent extends Component{
 		this.addPage(plugin, new HelloDataPage());
 		this.addPage(plugin, new HelloPlayersPage(plugin));
 		this.addPage(plugin, new HelloLocationPage(plugin));
+		this.addPage(plugin, new HelloPOSTPage(plugin));
 	}
 }
diff --git a/src/main/java/buttondevteam/presents/hello/pages/HelloPOSTPage.java b/src/main/java/buttondevteam/presents/hello/pages/HelloPOSTPage.java
new file mode 100644
index 0000000..070bc03
--- /dev/null
+++ b/src/main/java/buttondevteam/presents/hello/pages/HelloPOSTPage.java
@@ -0,0 +1,46 @@
+package buttondevteam.presents.hello.pages;
+
+import java.io.IOException;
+
+import org.bukkit.plugin.java.JavaPlugin;
+
+import com.sun.net.httpserver.HttpExchange;
+
+import buttondevteam.website.io.Response;
+import buttondevteam.website.page.Page;
+
+public class HelloPOSTPage extends Page {
+	JavaPlugin plugin;
+	String saveFilePath = "hello.pages.hellopostpage.saved";
+	public HelloPOSTPage(JavaPlugin plugin) {
+		this.plugin = plugin;
+	}
+
+	@Override
+	public String GetName() {
+		return "ali/hello/post";
+	}
+
+	@Override
+	public Response handlePage(HttpExchange exchange) {
+		String responseString = "";
+		if(exchange.getRequestMethod() == "post"){
+			int c;
+			try {
+				while((c = exchange.getRequestBody().read()) != -1){
+					responseString += (char) c;
+				}
+			} catch (IOException e) {
+				responseString += "Error! Reading message failed";
+				return new Response(200, responseString, exchange);
+				
+			}
+			plugin.getConfig().set(saveFilePath, responseString);
+			plugin.saveConfig();
+		}else{
+			responseString += plugin.getConfig().getString(saveFilePath);
+		}
+		return new Response(200, responseString, exchange);
+	}
+
+}