From 7ad3996f2fe1905107d7b24d7f3c369e794e7d76 Mon Sep 17 00:00:00 2001
From: Rene Zubcevic <git@zubcevic.com>
Date: Mon, 22 Jul 2019 15:36:31 +0200
Subject: [PATCH] fix 6a6b page

---
 .../owasp/webgoat/plugin/advanced/SqlInjectionLesson6a.java    | 2 +-
 .../src/main/resources/html/SqlInjectionAdvanced.html          | 2 +-
 .../webgoat/plugin/introduction/SqlInjectionLesson6aTest.java  | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionLesson6a.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionLesson6a.java
index 9bf990d3c..f2affbeee 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionLesson6a.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionLesson6a.java
@@ -83,7 +83,7 @@ public class SqlInjectionLesson6a extends AssignmentEndpoint {
 
                     if (output.toString().contains("dave") && output.toString().contains("passW0rD")) {
                         output.append(appendingWhenSucceded);
-                        return trackProgress(informationMessage().feedback("sql-injection.advanced.6a.success").feedbackArgs(output.toString()).output(" Your query was: " + query).build());
+                        return trackProgress(success().feedback("sql-injection.advanced.6a.success").feedbackArgs(output.toString()).output(" Your query was: " + query).build());
                     } else {
                         return trackProgress(failed().output(output.toString() + "<br> Your query was: " + query).build());
                     }
diff --git a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionAdvanced.html b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionAdvanced.html
index de3c4dee2..bca28bd63 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionAdvanced.html
+++ b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionAdvanced.html
@@ -18,7 +18,7 @@
     <div class="adoc-content" th:replace="doc:SqlInjection_content6a.adoc"></div>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <form class="att-form" accept-charset="UNKNOWN"
+        <form class="attack-form" accept-charset="UNKNOWN"
               method="POST" name="form"
               action="/WebGoat/SqlInjectionAdvanced/attack6a"
               enctype="application/json;charset=UTF-8">
diff --git a/webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6aTest.java b/webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6aTest.java
index be88f4b75..dc65e7eb3 100644
--- a/webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6aTest.java
+++ b/webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6aTest.java
@@ -62,7 +62,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjectionAdvanced/attack6a")
                 .param("userid_6a", "Smith'; SELECT * from user_system_data; --"))
                 .andExpect(status().isOk())
-                .andExpect(jsonPath("$.lessonCompleted", is(false)))
+                .andExpect(jsonPath("$.lessonCompleted", is(true)))
                 .andExpect(jsonPath("$.feedback", containsString("passW0rD")));
     }
 
@@ -82,6 +82,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
                 .param("userid_6a", "S'; Select * from user_system_data; --"))
 
                 .andExpect(status().isOk())
+                .andExpect(jsonPath("$.lessonCompleted", is(true)))
                 .andExpect(jsonPath("$.feedback", containsString("UNION")));
     }
 }
\ No newline at end of file