Added Vagrantfile in each challenge folder

.gitignore

@@ -1,7 +1,6 @@
 __MACOSX/*
 .project/
 *.patch
-config.inc.php
 view/compiled_view/
 pages/test/
 *.swp
@@ -11,3 +10,4 @@ test
 nbproject/
 composer.lock
 vendor/
+.idea/

.htaccess

@@ -2,7 +2,6 @@
 ErrorDocument 403 /view/errors/403.html
 ErrorDocument 404 /view/errors/404.html
 ErrorDocument 500 /view/errors/500.html
-ErrorDocument 509 /view/errors/509.html
 
 # Disable directory indexing
 Options All -Indexes

.travis.yml

@@ -0,0 +1,39 @@
+sudo: true
+language: php
+php:
+  - 5.3
+  - 5.4
+  - 5.5
+  - 5.6
+  - hhvm
+  - nightly
+
+env:
+  - DB=mysql
+
+
+before_script:
+    #- curl -sS https://getcomposer.org/installer | php; sudo mv composer.phar /usr/local/bin/composer
+    #- composer install
+  - mysql -e "create database IF NOT EXISTS hackademic;" -uroot
+  - mysql -uroot "hackademic" < "installation/sql/db.sql"
+
+script:
+    #  - phpunit --configuration phpunit_mysql.xml --coverage-text
+  - vendor/bin/phpunit --configuration phpunit_mysql.xml --coverage-html ./report hackademic_devtests/model/common/class.PageTest.php
+
+install:
+ - composer install
+
+notifications:
+  irc:
+    channels: "irc.freenode.org#hackademic-dev"
+    template:
+      - "%{repository}@%{branch}: %{message} (%{build_url})"
+    on_success: change
+    on_failure: change
+    use_notice: true
+  email: false
+
+after_success:
+  coveralls --rcfile=.coveragerc

CONTRIBUTING.md

@@ -114,3 +114,73 @@ To write your own tests you can check `<tests_dir>/admin/model/AddUserController
 4. In order to get a unique css path for the element you want to click you can inspect it in Firefox or Chrome and right-click on the element and select Copy CSS Path
 5. Cleanup after your test, `tearDown()` exists for that reason too.
 6. Each class should test one feature. E.g. `AddUserTest` should test if a user can be added sucessfully.
+
+
+
+Standard Compliance:
+--------------------
+
+Before committing code, please make sure your code is PSR - 0, PSR - 1, PSR - 2, PSR - 3 and PSR - 4 compliant.
+
+We use a stricter version of PSR - 1 and PSR - 2 over PHP_CodeSniffer. All the related sniff files and ruleset.xml are present in development/scripts.
+
+To check your code against these standards :
+
+0. Place the PSR-1 inside /usr/share/php/PHP/CodeSniffer/Standards.
+
+   ```
+   cp hackademic/development/scripts/PSR-1/ /usr/share/php/PHP/CodeSniffer/Standards/
+   ```
+1. Then Set PSR-1 as the default sniff for CodeSniffer using
+
+   ```
+   phpcs --config-set default_standard PSR-1
+   ```
+
+2. Follow the same steps for making the code PSR-2 complaint.
+
+
+To Run Code Sniffer by yourself :
+
+0. To see the warnings and errors
+
+   ```
+   phpcs filename
+   ```
+   or
+
+   ```
+   phpcs filename | less
+   ```
+   q to exit.
+
+1. To fix warnings and errors automatically
+
+   ```
+   phpcbf filename
+   ```
+
+
+Pre Commit Hook:
+----------------
+
+Adding pre commit hook automatically checks for PHP_CodeSniffer and PHP_CS-fixer
+errors. To run it
+
+0. Rename .git/hooks/pre-commit.sample to pre-commit
+1. Add the following to the end of this file
+
+   ```
+   exec git diff --cached | development/scripts/PSR\ Compliance\ Pre\ Commit.php
+   ```
+
+2. Make sure the file is executable
+
+	```
+	chmod a+x .git/hooks/pre-commit
+	```
+How to make Git to ignore file permission changes:
+-------------------------------------------------
+```
+git config core.fileMode false
+```

Python/xmlparser.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+""" # Python version = 3
+	Parses the xml files and reports if correctly formatted or not with the format of the files in challenges folder.(check for both format : before ch010 and after that)
+	Currently run through terminal/command prompt by specifying the relative file path and output on prompt.
+	Can be extended for reporting non nullable fields errors.
+	Can be easily integrated with the current system.
+
+	To run on terminal:
+		Go to the file folder in terminal/command prompt.
+		Type python3 xmlparser.py
+		Enter the file name.
+	*    ----------------------------------------------------------------
+				OWASP Hackademic Challenges Project
+	*    ----------------------------------------------------------------
+	*   	 Rohit Lodha     
+	*    ----------------------------------------------------------------"""
+
+import xml.etree.ElementTree as ET
+import xml
+def xmlparser(xmlfile):
+	try:
+		tree = ET.parse(xmlfile)							#Checking if file exist, if exist parse it and store it in tree
+		try :
+			root = tree.getroot()								#getting the root
+			if (len(root)==6):									#For challenges with "level" and "duration" fields
+				required_fields=["title","author","category","description","level","duration"]
+				for field in required_fields:
+					if (root.find(field)!=None):					#searching for every required field
+						continue
+					else :
+						print("Incorrect formatting of required fields.")
+						exit()
+				print("Correctly formatted!")						
+			elif (len(root)==4) :									#For challenges without "level" and "duration" fields
+				required_fields=["title","author","category","description"]
+				for field in required_fields:
+					if (root.find(field)!=None):					#searching for every required field
+						continue
+					else :
+						print("Incorrect formatting of required fields.")
+						exit()
+				print("Correctly formatted!")
+			else :
+				print("Incorrect formatting of necessary fields.")
+		except ET.ParseError as Error:
+			print(Error)										#prints the line no. on which error occured
+	except FileNotFoundError:
+		print("File Not Found.")
+	except ET.ParseError as Error:
+		print(Error)
+
+if __name__=="__main__" :                                    #code to execute if called from command-line
+	a = input("Enter File name relative to this file.\n")     #Taking file name input 
+	xmlparser(a)												#calling xmlparser

README.md

@@ -3,48 +3,46 @@
 OWASP Hackademic Challenges project
 ===================================
 
-The **OWASP Hackademic Challenge** project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment.
+The **OWASP Hackademic Challenge** project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlled and safe environment.
 
-The latest stable version is in `next` branch, the development version is in `next-dev`.
+The latest stable version is in the `next` branch, the development version is in `next-dev`.
 
 
 Description
 -----------
 
-The Hackademic challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.
+The Hackademic challenges implement realistic scenarios with known vulnerabilities in a safe, controlled environment. Users can discover and exploit the vulnerabilities presented in the challenges and learn important concepts of information security through the perspective of an attacker.
 
 Currently, there are 10 scenarios available.
 
-You can choose to start from the one that you find most appealing, although we suggest to follow the order presented on the first page. We intend to expand the available challenges with additional scenarios that involve cryptography and even vulnerable systems implemented in downloadable virtual machines.
-
-
+You can choose to start from the one that you find most appealing, although we suggest you follow the order presented on the first page. We intend to expand the available challenges with additional scenarios that involve cryptography and even vulnerable systems presented as downloadable virtual machines.
 
 
 Deployment
 ----------
 
-Dependencies of Hackademic involve a web server (Apache, nginx) with PHP and Mysql/MariaDB connected with it. Make sure you have installed these before you start deploying Hackademic. We recommand to use Apache with MySQL. See [Digital Ocean's website](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu) for a good tutorial under Ubunt. See [WampServer](http://www.wampserver.com/en/) to set up the environnement under Windows.
+Dependencies for Hackademic involve a web server (Apache, nginx) with PHP and Mysql/MariaDB connected to it. Make sure you have these installed before you start deploying Hackademic. We recommend to use Apache with MySQL. See [Digital Ocean's website](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu) for a good tutorial under Ubuntu. See [WampServer](http://www.wampserver.com/en/) to set up the environment under Windows.
 
-Clone Hackademic project,
+To clone Hackademic,
 
 `git clone https://github.com/Hackademic/hackademic.git`
 
-After successful cloning of the Hackademic project, copy the contents into `/var/www`
-We need to change the permissions of the file now,
+After successful cloning, copy the folder into `/var/www`.
+Next change the permissions of the folder with
 
 `sudo chmod -R 765 hackademic`
 
-Ensure that the Apache is started and SQL connection is also active. Point your browser towards `http://127.0.0.1/`
-You will be prompted with Hackademic page. In case you have many sub-directories in `/var/www/`, the browser would throw up all the directories.
-Choose hackademic from that.
+Ensure that Apache is started and that the SQL connection is also active. Point your browser towards `http://127.0.0.1/`
+You will be prompted with the Hackademic page. In case you have many sub-directories in `/var/www/`, the browser would list all the directories available.
+Choose hackademic from those.
 
-Now you will be prompted to Hackademic installation page.
+Now you will be prompted with the Hackademic installation page.
 Be sure to fill out all the fields.
 
 1. Administrator Details
 
 	Fill any email id, username and password. 
-	You will using this username and password, later to log in to hackademic.
+	You will be using this username and password, later on to log in to hackademic.
 
 2. Database Settings
 
@@ -60,14 +58,13 @@ Be sure to fill out all the fields.
 	You should be able to log in.
 
 
-After finish stage if you got a error
+After the finish stage if you got an error
 
 *Parse error: syntax error, unexpected '[' in /var/www/hackademic/model/common/class.ChallengeAttempts.php on line 363']'*
 
 update the version of PHP you are using. Hackademic uses 5.4+. 
 
 
-
 Road Map and Getting Involved
 -----------------------------
 
@@ -77,12 +74,12 @@ For a list of features we would like implemented you can see either the issues p
 
 Involvement in the development and promotion of the Hackademic Challenges is actively encouraged!
 You do not have to be a security expert in order to contribute.
-Some of the ways you can help:
+Some of the ways you can help are:
 
 * Write Documentation
 * Write Unit tests
 * Develop themes and plugins
-* Write Challenges or Articles or contribute security courses
+* Write Challenges, Articles or contribute security courses
 
 Please see [CONTRIBUTING.md](CONTRIBUTING.md) for installation guidelines and other developer-oriented explanations.