BurritOS/src/test_scan_web/handler9.js

const express = require('express');
const fs = require('fs');
const mysql = require('mysql');
const { exec } = require('child_process');
const bodyParser = require('body-parser');

const app = express();
app.use(bodyParser.urlencoded({ extended: true }));

const dbConfig = {
    host: 'localhost',
    user: 'root',
    password: 'password',
    database: 'testdb'
};

app.get('/api/data', (req, res) => {
    const userId = req.query.id;
    const query = `SELECT * FROM users WHERE id = ${userId}`;
    const connection = mysql.createConnection(dbConfig);
    connection.query(query, (err, results) => {
        if (err) {
            res.status(500).json({ error: err.message });
            return;
        }
        res.json(results);
    });
});

app.post('/api/upload', (req, res) => {
    const filename = req.body.filename;
    const filepath = `/uploads/${filename}`;
    fs.readFile(filepath, 'utf8', (err, data) => {
        if (err) {
            res.status(500).json({ error: err.message });
            return;
        }
        res.send(data);
    });
});

app.post('/api/exec', (req, res) => {
    const cmd = req.body.command;
    exec(cmd, (error, stdout, stderr) => {
        if (error) {
            res.status(500).json({ error: stderr });
            return;
        }
        res.send(stdout);
    });
});

app.listen(3000, () => {
    console.log('Server running on port 3000');
});