Show hints in order from YAML and end with solution spoiler

oguzhalit · Oct 11, 2021 · 1fd31fb · 1fd31fb
1 parent c2bb1f8
commit 1fd31fb
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 2 deletions.
diff --git a/data/static/i18n/en.json b/data/static/i18n/en.json
@@ -316,5 +316,7 @@
  "20th Anniversary Celebration Ticket": "20th Anniversary Celebration Ticket",
  "Get your <a href=\"https://20thanniversary.owasp.org/\" target=\"_blank\">free 🎫 for OWASP 20th Anniversary Celebration</a> online conference! Hear from world renowned keynotes and special speakers, network with your peers and interact with our event sponsors. With an anticipated 10k+ attendees from around the world, you will not want to miss this live on-line event!": "Get your <a href=\"https://20thanniversary.owasp.org/\" target=\"_blank\">free 🎫 for OWASP 20th Anniversary Celebration</a> online conference! Hear from world renowned keynotes and special speakers, network with your peers and interact with our event sponsors. With an anticipated 10k+ attendees from around the world, you will not want to miss this live on-line event!",
  "OWASP Juice Shop Card (non-foil)": "OWASP Juice Shop Card (non-foil)",
- "Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!": "Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!"
+ "Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!": "Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!",
+ "Line {{vulnLine}} is responsible for this vulnerability or security flaw. Select it and submit to proceed.": "Line {{vulnLine}} is responsible for this vulnerability or security flaw. Select it and submit to proceed.",
+ "Lines {{vulnLines}} are responsible for this vulnerability or security flaw. Select them and submit to proceed.": "Lines {{vulnLines}} are responsible for this vulnerability or security flaw. Select them and submit to proceed."
 }
diff --git a/lib/accuracy.ts b/lib/accuracy.ts
@@ -31,6 +31,10 @@ exports.totalFixItAccuracy = () => {
  return totalAccuracy('fix it')
 }
 
+exports.getFindItAttempts = (challengeKey) => {
+ return solves[challengeKey] ? solves[challengeKey].attempts['find it'] : 0
+}
+
 function totalAccuracy (phase: string) {
  let sumAccuracy = 0
  let totalSolved = 0

diff --git a/routes/vulnCodeSnippet.ts b/routes/vulnCodeSnippet.ts
@@ -197,7 +197,15 @@ exports.checkVulnLines = () => async (req: Request<{}, {}, VerdictRequestBody>,
  if (fs.existsSync('./data/static/codefixes/' + key + '.info.yml')) {
  const codingChallengeInfos = yaml.load(fs.readFileSync('./data/static/codefixes/' + key + '.info.yml', 'utf8'))
  if (codingChallengeInfos?.hints) {
- hint = codingChallengeInfos.hints[Math.floor(Math.random() * codingChallengeInfos.hints.length)]
+ if (accuracy.getFindItAttempts(key) > codingChallengeInfos.hints.length) {
+ if (vulnLines.length === 1) {
+ hint = res.__('Line {{vulnLine}} is responsible for this vulnerability or security flaw. Select it and submit to proceed.', { vulnLine: vulnLines[0].toString() })
+ } else {
+ hint = res.__('Lines {{vulnLines}} are responsible for this vulnerability or security flaw. Select them and submit to proceed.', { vulnLines: vulnLines.toString() })
+ }
+ } else {
+ hint = codingChallengeInfos.hints[accuracy.getFindItAttempts(key) - 1] // -1 prevents after first attempt
+ }
  }
  }
  if (verdict) {