Skip to content

backend #43

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 30 commits into
base: main
Choose a base branch
from
Open

backend #43

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
994316a
Update README.md
me-Niranjan Aug 2, 2025
dfc4527
frontend creation
Sofiya47 Aug 2, 2025
c5e6e75
added animation
Sofiya47 Aug 2, 2025
83dce4e
backend
me-Niranjan Aug 2, 2025
ca483db
backend added
Sofiya47 Aug 2, 2025
cac3366
backend
me-Niranjan Aug 2, 2025
f0ef794
Merge pull request #1 from Sofiya47/main
me-Niranjan Aug 2, 2025
4c31da6
Merge branch 'main' of https://github.com/me-Niranjan/useless_project…
me-Niranjan Aug 2, 2025
bb27e96
backend new
me-Niranjan Aug 2, 2025
4d93ea5
backend
me-Niranjan Aug 2, 2025
5b51888
backend
me-Niranjan Aug 2, 2025
4ee3a40
description modified
Sofiya47 Aug 2, 2025
63a900c
description added
Sofiya47 Aug 2, 2025
3161700
ss
Sofiya47 Aug 2, 2025
c566a90
Merge branch 'me-Niranjan:main' into main
Sofiya47 Aug 2, 2025
9a4ee21
description 1
Sofiya47 Aug 2, 2025
146ca12
backend
me-Niranjan Aug 2, 2025
ed119f5
backended
me-Niranjan Aug 2, 2025
6a54f82
backend
me-Niranjan Aug 2, 2025
d1a8cfc
Merge pull request #2 from Sofiya47/main
me-Niranjan Aug 2, 2025
7f2660d
final
me-Niranjan Aug 2, 2025
189a438
final changes
Sofiya47 Aug 2, 2025
c49d814
sure final
me-Niranjan Aug 2, 2025
38359fa
final-commit
me-Niranjan Aug 2, 2025
d840787
final
me-Niranjan Aug 2, 2025
fc71f49
Merge branch 'main' into main
Sofiya47 Aug 2, 2025
ecabb0c
Merge pull request #3 from Sofiya47/main
me-Niranjan Aug 2, 2025
f652371
ujbhn
me-Niranjan Aug 2, 2025
a1ee154
bgdtbf
me-Niranjan Aug 2, 2025
6501d70
ff
me-Niranjan Aug 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,12 @@


## Basic Details
### Team Name: [Name]
### Team Name: techNOLOGIC


### Team Members
- Team Lead: [Name] - [College]
- Member 2: [Name] - [College]
- Member 3: [Name] - [College]
- Team Lead: Sofiya B - College of Engineering, Attingal
- Member 2: Niranjan S - College of Engineering, Attingal

### Project Description
[2-3 lines about what your project does]
Expand Down
187 changes: 187 additions & 0 deletions userpage.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,187 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Plantain Profit Predictor</title>
<style>
body, html {
margin: 0;
padding: 0;
font-family: "Poppins", sans-serif;
height: 100%;
overflow: hidden;
}
.page {
height: 100%;
width: 100%;
position: absolute;
top: 100%;
left: 0;
display: flex;
flex-direction: column;
justify-content: center;
align-items: center;
transition: top 1s ease-in-out;
text-align: center;
padding: 20px;
}
#page1 {
background: lightgreen;
top: 0;
}
#page1 h1 {
font-size: 2.5rem;
}
#page1 p {
font-size: 1.2rem;
}
#page2 {
background: #f0f9ff;
}
#page3 {
background: #222;
color: white;
font-size: 1.5rem;
}
#page4 {
background: #f5fff0;
}
button {
background: #4caf50;
color: white;
border: none;
padding: 10px 20px;
font-size: 1rem;
cursor: pointer;
margin-top: 20px;
border-radius: 5px;
}
input, select {
padding: 8px;
margin: 10px;
border-radius: 5px;
border: 1px solid #ccc;
font-size: 1rem;
}
.loading-text {
animation: blink 1s infinite alternate;
}
@keyframes blink {
from {opacity: 0.3;}
to {opacity: 1;}
}
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
</style>
</head>
<body>

<!-- Page 1 -->
<div class="page" id="page1">
<h1>Plantain Profit Predictor</h1>
<p>For our beloved parent...</p>
<button onclick="goToPage(2)">Next</button>
</div>

<!-- Page 2 -->
<div class="page" id="page2">
<h2>If your parents had planted a plantain tree on your birthday...</h2>
<p>We will predict the profit 🍌 <br><br>
<strong>Make it funny, make it nostalgic... and slightly life questioning 😅</strong>
</p>
<form id="userForm">
<input type="text" id="name" placeholder="Your Name" required><br>
<input type="date" id="dob" required><br>
<input type="text" id="place" placeholder="Place" required><br>
<select id="drink" required>
<option value="" disabled selected>Tea or Coffee?</option>
<option value="Tea">Tea</option>
<option value="Coffee">Coffee</option>
</select><br>
<button type="submit">Predict 🍌</button>
</form>
</div>

<!-- Page 3 -->
<div class="page" id="page3">
<div style="font-size:3rem; margin-bottom:10px; animation: spin 1s linear infinite;">🍌</div>
<div class="loading-text" id="loadingText">Loading...</div>
</div>

<!-- Page 4 -->
<div class="page" id="page4">
<h2 id="resultMessage"></h2>
<p>Signing off,<br><strong>Sofiya & Niranjan</strong><br>Team <em>Tech No Logic</em></p>
<button onclick="restart()">Start Over</button>
</div>

<script>
let currentPage = 1;
const pages = document.querySelectorAll(".page");

function goToPage(num) {
currentPage = num;
pages.forEach((p, index) => {
p.style.top = (index + 1 === num) ? "0" : "100%";
});
}

document.getElementById("userForm").addEventListener("submit", function(e){
e.preventDefault();
const name = document.getElementById("name").value;
const dob = document.getElementById("dob").value;
const place = document.getElementById("place").value;
const drink = document.getElementById("drink").value;
goToPage(3);

const loadingSteps = [
"Loading...",
"Analysing...",
"Regressing...",
"Regretting...",
"Questioning life choices..."
];
let index = 0;
const loadingText = document.getElementById("loadingText");

function showNextStep(){
loadingText.innerText = loadingSteps[index];
index++;
if(index < loadingSteps.length){
setTimeout(showNextStep, 1200); // normal delay for each step
} else {
// After loading, call backend
setTimeout(async ()=>{
try {
const response = await fetch(`http://10.14.182.194:5000/simulate?date=${dob}`);
const data = await response.json();
const finalCycle = data.history[data.history.length - 1];
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Avoid hard-coded, insecure backend URL

Calling a fixed IP (http://10.14.182.194:5000) breaks when the app is deployed elsewhere and forces plaintext HTTP.

-const response = await fetch(`http://10.14.182.194:5000/simulate?date=${dob}`);
+const base = window.location.origin;               // works on localhost & prod
+const response = await fetch(`${base}/simulate?date=${encodeURIComponent(dob)}`);
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const response = await fetch(`http://10.14.182.194:5000/simulate?date=${dob}`);
const data = await response.json();
const finalCycle = data.history[data.history.length - 1];
const base = window.location.origin; // works on localhost & prod
const response = await fetch(
`${base}/simulate?date=${encodeURIComponent(dob)}`
);
const data = await response.json();
const finalCycle = data.history[data.history.length - 1];
🤖 Prompt for AI Agents 
In userpage.html around lines 163 to 165, the backend URL is hard-coded with an
IP address and uses HTTP, which is insecure and not flexible for different
deployment environments. Replace the fixed URL with a configurable environment
variable or relative path that adapts to the deployment context, and ensure the
URL uses HTTPS to secure the connection.

document.getElementById("resultMessage").innerHTML =
`Hey <strong>${name}</strong>,<br><br>
If your parents had planted a tree instead of you when you were born,<br>
They would have an estimated amount of <strong>₹${finalCycle.Total_Profit}</strong> 😅`;
} catch (err) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

DOM-XSS: user-supplied name is injected via innerHTML

If someone enters <img src=x onerror=alert(1)> as their name, it will execute when the results page renders.

Sanitise or insert via textContent:

- document.getElementById("resultMessage").innerHTML = 
-   `Hey <strong>${name}</strong>,<br><br>
-    If your parents had planted a tree instead of you when you were born,<br>
-    They would have an estimated amount of <strong>₹${finalCycle.Total_Profit}</strong> 😅`;
+const resultEl = document.getElementById("resultMessage");
+resultEl.innerHTML =
+  `If your parents had planted a tree instead of you when you were born,<br>
+   They would have an estimated amount of <strong>₹${finalCycle.Total_Profit}</strong> 😅`;
+const strongName = document.createElement("strong");
+strongName.textContent = name; // escapes HTML
+resultEl.prepend("Hey ", strongName, ",", document.createElement("br"), document.createElement("br"));
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
document.getElementById("resultMessage").innerHTML =
`Hey <strong>${name}</strong>,<br><br>
If your parents had planted a tree instead of you when you were born,<br>
They would have an estimated amount of <strong>₹${finalCycle.Total_Profit}</strong> 😅`;
} catch (err) {
const resultEl = document.getElementById("resultMessage");
resultEl.innerHTML =
`If your parents had planted a tree instead of you when you were born,<br>
They would have an estimated amount of <strong>₹${finalCycle.Total_Profit}</strong> 😅`;
const strongName = document.createElement("strong");
strongName.textContent = name; // escapes HTML
resultEl.prepend(
"Hey ",
strongName,
",",
document.createElement("br"),
document.createElement("br")
);
} catch (err) {
🤖 Prompt for AI Agents 
In userpage.html around lines 166 to 170, the user-supplied variable `name` is
inserted directly into innerHTML, causing a DOM-XSS vulnerability. To fix this,
avoid using innerHTML for user input and instead set the text content of the
element safely by using textContent or by sanitizing the input before insertion.
Modify the code to separate the static HTML from the dynamic user input and
assign the user input using textContent to prevent script execution.

document.getElementById("resultMessage").innerHTML = "Sorry, could not connect to the server!";
}
goToPage(4);
}, 2500);
}
}
showNextStep();
});

function restart(){
goToPage(1);
document.getElementById("userForm").reset();
}
</script>

</body>
</html>