updated debian to 9.2 and migrated to mariadb

Dockerfile

@@ -1,20 +1,21 @@
-FROM debian:jessie
+FROM debian:9.2
 
 LABEL maintainer "[email protected]"
 
 RUN apt-get update && \
     apt-get upgrade -y && \
     DEBIAN_FRONTEND=noninteractive apt-get install -y \
     debconf-utils && \
-    echo mysql-server-5.5 mysql-server/root_password password vulnerables | debconf-set-selections && \
-    echo mysql-server-5.5 mysql-server/root_password_again password vulnerables | debconf-set-selections && \
+    echo mariadb-server mysql-server/root_password password vulnerables | debconf-set-selections && \
+    echo mariadb-server mysql-server/root_password_again password vulnerables | debconf-set-selections && \
     DEBIAN_FRONTEND=noninteractive apt-get install -y \
     apache2 \
-    mysql-server \
-    php5 \
-    php5-mysql \
+    mariadb-server \
+    php \
+    php-mysql \
+    php-pgsql \
     php-pear \
-    php5-gd \
+    php-gd \
     && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/*
@@ -27,6 +28,10 @@ COPY config.inc.php /var/www/html/config/
 RUN chown www-data:www-data -R /var/www/html && \
     rm /var/www/html/index.html
 
+RUN service mysql start && \
+    sleep 3 && \
+    mysql -uroot -pvulnerables -e "CREATE USER app@localhost IDENTIFIED BY 'vulnerables';CREATE DATABASE dvwa;GRANT ALL privileges ON dvwa.* TO 'app'@localhost;"
+
 EXPOSE 80
 
 COPY main.sh /

config.inc.php

@@ -17,7 +17,7 @@
 $_DVWA = array();
 $_DVWA[ 'db_server' ]   = '127.0.0.1';
 $_DVWA[ 'db_database' ] = 'dvwa';
-$_DVWA[ 'db_user' ]     = 'root';
+$_DVWA[ 'db_user' ]     = 'app';
 $_DVWA[ 'db_password' ] = 'vulnerables';
 
 # Only used with PostgreSQL/PGSQL database selection.

php.ini

@@ -41,7 +41,7 @@ file_uploads = On
 upload_max_filesize = 2M
 max_file_uploads = 20
 allow_url_fopen = On
-allow_url_include = On
+allow_url_include = 1
 default_socket_timeout = 60
 [CLI Server]
 cli_server.color = On