From f9cd055951efd2db5da99d4baed79c2c2728ad7f Mon Sep 17 00:00:00 2001
From: CornierKhan1 <jordyalexlyall@gmail.com>
Date: Fri, 20 Dec 2019 13:16:10 +1100
Subject: [PATCH] Added TODO. Strings contains needed?

---
 config.example.xml |  4 ++--
 go.mod             |  5 ++++-
 go.sum             | 12 ++++++++----
 main.go            | 18 ++++++++++--------
 4 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/config.example.xml b/config.example.xml
index 3c79704..2efd098 100644
--- a/config.example.xml
+++ b/config.example.xml
@@ -2,7 +2,7 @@
     <Address>127.0.0.1:8080</Address>
 
     <SQLAddress>127.0.0.1:3306</SQLAddress>
-    <SQLUser>username-here</SQLUser>
-    <SQLPass>password-here</SQLPass>
+    <SQLUser>username</SQLUser>
+    <SQLPass>password</SQLPass>
     <SQLDB>wiisoap</SQLDB>
 </Config>
diff --git a/go.mod b/go.mod
index abc252d..113c1fc 100644
--- a/go.mod
+++ b/go.mod
@@ -2,4 +2,7 @@ module github.com/Apfel/WiiSOAP
 
 go 1.12
 
-require github.com/go-sql-driver/mysql v1.4.1
+require (
+	github.com/go-sql-driver/mysql v1.4.1
+	google.golang.org/appengine v1.6.5 // indirect
+)
diff --git a/go.sum b/go.sum
index 72d1518..56ad6c1 100644
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,11 @@
 github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA=
 github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM=
+google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
diff --git a/main.go b/main.go
index 1600d7b..d2a183c 100644
--- a/main.go
+++ b/main.go
@@ -47,7 +47,7 @@ func checkError(err error) {
 
 func main() {
 	// Initial Start.
-	fmt.Println("WiiSOAP 0.2.6 Kawauso\nReading the Config...")
+	fmt.Println("WiiSOAP 0.2.6 Kawauso\n[i] Reading the Config...")
 
 	// Check the Config.
 	configfile, err := os.Open("./config.xml")
@@ -56,13 +56,14 @@ func main() {
 	checkError(err)
 	CON := Config{}
 	err = xml.Unmarshal([]byte(ioconfig), &CON)
-	fmt.Println(CON)
+	//fmt.Println(CON)
+	// ^ Printing this shows the password in the commandline, which may be insecure. ^
 	checkError(err)
 
-	fmt.Println("Initializing core...")
+	fmt.Println("[i] Initializing core...")
 
 	// Start SQL.
-	db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/%s)", CON.SQLUser, CON.SQLPass, CON.SQLAddress, CON.SQLDB))
+	db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/%s", CON.SQLUser, CON.SQLPass, CON.SQLAddress, CON.SQLDB))
 	checkError(err)
 
 	// Close SQL after everything else is done.
@@ -83,16 +84,17 @@ func handler(w http.ResponseWriter, r *http.Request) {
 	timestampnano := strconv.FormatInt(time.Now().UTC().Unix(), 10)
 	timestamp := timestampnano + "000"
 
-	fmt.Println("-=Incoming request!=-")
+	fmt.Println("[!] Incoming request.")
 	body, err := ioutil.ReadAll(r.Body)
 	if err != nil {
-		http.Error(w, "Error reading request body...", http.StatusInternalServerError)
+		http.Error(w, "[x] Error reading request body...", http.StatusInternalServerError)
 	}
 
 	// The switch converts the HTTP Body of the request into a string. There is no need to convert the cases to byte format.
 	switch string(body) {
 	// TODO: Make the case functions cleaner. (e.g. Should the response be a variable?)
 	// TODO: Update the responses so that they query the SQL Database for the proper information (e.g. Device Code, Token, etc).
+	// TODO: Use Strings.Contains otherwise the program assumes that the whole request MUST only be the keyword.
 
 	case "CheckDeviceStatus":
 		fmt.Println("CDS.")
@@ -257,7 +259,7 @@ func handler(w http.ResponseWriter, r *http.Request) {
 </CheckRegistrationResponse>
 </soapenv:Body>
 </soapenv:Envelope>`, CR.Version, CR.DeviceID, CR.DeviceID, timestamp, CR.SerialNo)
-		fmt.Println("Delivered response!")
+		fmt.Println("[i] Delivered response!")
 
 	case "GetRegistrationInfo":
 		fmt.Println("GRI.")
@@ -359,5 +361,5 @@ func handler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// TODO: Add NUS and CAS SOAP to the case list.
-	fmt.Println("-=End of Request.=-" + "\n")
+	fmt.Println("[!] End of Request." + "\n")
 }