Standardize ASP filenames: remove underscores
Renamed 45 ASP files to follow lowercase concatenated naming convention: - Direct handlers: save_machine_direct.asp -> savemachinedirect.asp - USB files: checkin_usb.asp -> checkinusb.asp - API files: api_usb.asp -> apiusb.asp - Map files: network_map.asp -> networkmap.asp - Printer files: printer_lookup.asp -> printerlookup.asp Also: - Updated 84+ internal references across all ASP and JS files - Deleted 6 test/duplicate files (editmacine.asp, test_*.asp) - Updated production migration guide with filename changes - Added rename scripts for Linux (bash) and Windows (PowerShell)
This commit is contained in:
cproudlock
291
saveprinterdirect.asp
Normal file
291
saveprinterdirect.asp
Normal file
@@ -0,0 +1,291 @@
|
||||
<%
|
||||
'=============================================================================
|
||||
' FILE: saveprinterdirect.asp
|
||||
' PURPOSE: Create printer with nested entity creation (vendor, model)
|
||||
' SECURITY: Parameterized queries, HTML encoding, input validation
|
||||
' UPDATED: 2025-10-27 - Migrated to secure patterns
|
||||
'=============================================================================
|
||||
%><html>
|
||||
<head>
|
||||
<link rel="stylesheet" href="./style.css" type="text/css">
|
||||
<!--#include file="./includes/sql.asp"-->
|
||||
<!--#include file="./includes/response.asp"-->
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="page">
|
||||
<%
|
||||
' Get and validate all inputs
|
||||
Dim modelid, serialnumber, ipaddress, fqdn, printercsfname, printerwindowsname, printerpin, machineid, maptop, mapleft
|
||||
modelid = Trim(Request.Form("modelid"))
|
||||
serialnumber = Trim(Request.Form("serialnumber"))
|
||||
ipaddress = Trim(Request.Form("ipaddress"))
|
||||
fqdn = Trim(Request.Form("fqdn"))
|
||||
printercsfname = Trim(Request.Form("printercsfname"))
|
||||
printerwindowsname = Trim(Request.Form("printerwindowsname"))
|
||||
printerpin = Trim(Request.Form("printerpin"))
|
||||
machineid = Trim(Request.Form("machineid"))
|
||||
maptop = Trim(Request.Form("maptop"))
|
||||
mapleft = Trim(Request.Form("mapleft"))
|
||||
|
||||
' Get form inputs for new model
|
||||
Dim newmodelnumber, newvendorid, newmodelnotes, newmodeldocpath
|
||||
newmodelnumber = Trim(Request.Form("newmodelnumber"))
|
||||
newvendorid = Trim(Request.Form("newvendorid"))
|
||||
newmodelnotes = Trim(Request.Form("newmodelnotes"))
|
||||
newmodeldocpath = Trim(Request.Form("newmodeldocpath"))
|
||||
|
||||
' Get form inputs for new vendor
|
||||
Dim newvendorname
|
||||
newvendorname = Trim(Request.Form("newvendorname"))
|
||||
|
||||
' Validate required fields
|
||||
If modelid = "" Then
|
||||
objConn.Close
|
||||
ShowError "Error: Model is required.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If modelid <> "new" And Not IsNumeric(modelid) Then
|
||||
objConn.Close
|
||||
ShowError "Error: Invalid model ID.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Machine ID is now optional - only validate if provided
|
||||
If machineid <> "" And Not IsNumeric(machineid) Then
|
||||
objConn.Close
|
||||
ShowError "Error: Invalid machine ID.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If serialnumber = "" Or ipaddress = "" Or printerwindowsname = "" Then
|
||||
objConn.Close
|
||||
ShowError "Error: Required fields missing.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Validate field lengths
|
||||
If Len(serialnumber) > 100 Or Len(fqdn) > 255 Or Len(printercsfname) > 50 Or Len(printerwindowsname) > 255 Then
|
||||
objConn.Close
|
||||
ShowError "Error: Field length exceeded.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Check if printer with same IP already exists using parameterized query
|
||||
Dim checkSQL, rsCheck, cmdCheck
|
||||
checkSQL = "SELECT COUNT(*) as cnt FROM printers WHERE ipaddress = ? AND isactive = 1"
|
||||
|
||||
Set cmdCheck = Server.CreateObject("ADODB.Command")
|
||||
cmdCheck.ActiveConnection = objConn
|
||||
cmdCheck.CommandText = checkSQL
|
||||
cmdCheck.CommandType = 1
|
||||
cmdCheck.Parameters.Append cmdCheck.CreateParameter("@ipaddress", 200, 1, 50, ipaddress)
|
||||
Set rsCheck = cmdCheck.Execute
|
||||
If Not rsCheck.EOF Then
|
||||
If Not IsNull(rsCheck("cnt")) Then
|
||||
If CLng(rsCheck("cnt")) > 0 Then
|
||||
rsCheck.Close
|
||||
Set rsCheck = Nothing
|
||||
Set cmdCheck = Nothing
|
||||
objConn.Close
|
||||
ShowError "Error: A printer with IP address '" & Server.HTMLEncode(ipaddress) & "' already exists.", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
End If
|
||||
End If
|
||||
rsCheck.Close
|
||||
Set rsCheck = Nothing
|
||||
Set cmdCheck = Nothing
|
||||
|
||||
' Handle new model creation
|
||||
If modelid = "new" Then
|
||||
If Len(newmodelnumber) = 0 Then
|
||||
objConn.Close
|
||||
ShowError "New model number is required", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If Len(newvendorid) = 0 Then
|
||||
objConn.Close
|
||||
ShowError "Vendor is required for new model", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If Len(newmodelnumber) > 255 Or Len(newmodelnotes) > 255 Or Len(newmodeldocpath) > 255 Then
|
||||
objConn.Close
|
||||
ShowError "Model field length exceeded", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Handle new vendor creation (nested)
|
||||
If newvendorid = "new" Then
|
||||
If Len(newvendorname) = 0 Then
|
||||
objConn.Close
|
||||
ShowError "New vendor name is required", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If Len(newvendorname) > 50 Then
|
||||
objConn.Close
|
||||
ShowError "Vendor name too long", "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Insert new vendor using parameterized query (with isprinter=1)
|
||||
Dim sqlNewVendor, cmdNewVendor
|
||||
sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES (?, 1, 1, 0, 0)"
|
||||
|
||||
On Error Resume Next
|
||||
Set cmdNewVendor = Server.CreateObject("ADODB.Command")
|
||||
cmdNewVendor.ActiveConnection = objConn
|
||||
cmdNewVendor.CommandText = sqlNewVendor
|
||||
cmdNewVendor.CommandType = 1
|
||||
cmdNewVendor.Parameters.Append cmdNewVendor.CreateParameter("@vendor", 200, 1, 50, newvendorname)
|
||||
cmdNewVendor.Execute
|
||||
|
||||
If Err.Number <> 0 Then
|
||||
Set cmdNewVendor = Nothing
|
||||
objConn.Close
|
||||
ShowError "Error creating new vendor: " & Server.HTMLEncode(Err.Description), "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
Set cmdNewVendor = Nothing
|
||||
On Error Goto 0
|
||||
|
||||
' Get the newly created vendor ID
|
||||
Dim rsNewVendor
|
||||
Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
|
||||
newvendorid = 0
|
||||
If Not rsNewVendor.EOF Then
|
||||
If Not IsNull(rsNewVendor("newid")) Then
|
||||
newvendorid = CLng(rsNewVendor("newid"))
|
||||
End If
|
||||
End If
|
||||
rsNewVendor.Close
|
||||
Set rsNewVendor = Nothing
|
||||
On Error Goto 0
|
||||
End If
|
||||
|
||||
' Insert new model using parameterized query
|
||||
Dim sqlNewModel, cmdNewModel
|
||||
sqlNewModel = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) VALUES (?, ?, ?, ?, 1)"
|
||||
|
||||
On Error Resume Next
|
||||
Set cmdNewModel = Server.CreateObject("ADODB.Command")
|
||||
cmdNewModel.ActiveConnection = objConn
|
||||
cmdNewModel.CommandText = sqlNewModel
|
||||
cmdNewModel.CommandType = 1
|
||||
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@modelnumber", 200, 1, 255, newmodelnumber)
|
||||
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@vendorid", 3, 1, , CLng(newvendorid))
|
||||
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@notes", 200, 1, 255, newmodelnotes)
|
||||
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@documentationpath", 200, 1, 255, newmodeldocpath)
|
||||
cmdNewModel.Execute
|
||||
|
||||
If Err.Number <> 0 Then
|
||||
Set cmdNewModel = Nothing
|
||||
objConn.Close
|
||||
ShowError "Error creating new model: " & Server.HTMLEncode(Err.Description), "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
Set cmdNewModel = Nothing
|
||||
On Error Goto 0
|
||||
|
||||
' Get the newly created model ID
|
||||
Dim rsNewModel
|
||||
Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
|
||||
modelid = 0
|
||||
If Not rsNewModel.EOF Then
|
||||
If Not IsNull(rsNewModel("newid")) Then
|
||||
modelid = CLng(rsNewModel("newid"))
|
||||
End If
|
||||
End If
|
||||
rsNewModel.Close
|
||||
Set rsNewModel = Nothing
|
||||
On Error Goto 0
|
||||
End If
|
||||
|
||||
' Handle map coordinates - default to 50 if not provided
|
||||
Dim maptopValue, mapleftValue
|
||||
If maptop <> "" And IsNumeric(maptop) Then
|
||||
maptopValue = CLng(maptop)
|
||||
Else
|
||||
maptopValue = 50
|
||||
End If
|
||||
|
||||
If mapleft <> "" And IsNumeric(mapleft) Then
|
||||
mapleftValue = CLng(mapleft)
|
||||
Else
|
||||
mapleftValue = 50
|
||||
End If
|
||||
|
||||
' Insert printer using parameterized query
|
||||
Dim strSQL, cmdPrinter, machineIdValue
|
||||
|
||||
' Handle optional machineid - use NULL if not provided
|
||||
If machineid <> "" And IsNumeric(machineid) Then
|
||||
machineIdValue = CLng(machineid)
|
||||
Else
|
||||
machineIdValue = Null
|
||||
End If
|
||||
|
||||
' Handle optional PIN - use NULL if not provided
|
||||
Dim printerpinValue
|
||||
If printerpin <> "" Then
|
||||
printerpinValue = printerpin
|
||||
Else
|
||||
printerpinValue = Null
|
||||
End If
|
||||
|
||||
strSQL = "INSERT INTO printers (modelid, serialnumber, ipaddress, fqdn, printercsfname, printerwindowsname, printerpin, machineid, maptop, mapleft, isactive) " & _
|
||||
"VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1)"
|
||||
|
||||
On Error Resume Next
|
||||
Set cmdPrinter = Server.CreateObject("ADODB.Command")
|
||||
cmdPrinter.ActiveConnection = objConn
|
||||
cmdPrinter.CommandText = strSQL
|
||||
cmdPrinter.CommandType = 1
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@modelid", 3, 1, , CLng(modelid))
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@serialnumber", 200, 1, 100, serialnumber)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@ipaddress", 200, 1, 50, ipaddress)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@fqdn", 200, 1, 255, fqdn)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@printercsfname", 200, 1, 50, printercsfname)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@printerwindowsname", 200, 1, 255, printerwindowsname)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@printerpin", 200, 1, 10, printerpinValue)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@machineid", 3, 1, , machineIdValue)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@maptop", 3, 1, , maptopValue)
|
||||
cmdPrinter.Parameters.Append cmdPrinter.CreateParameter("@mapleft", 3, 1, , mapleftValue)
|
||||
cmdPrinter.Execute
|
||||
|
||||
If Err.Number <> 0 Then
|
||||
Set cmdPrinter = Nothing
|
||||
objConn.Close
|
||||
ShowError "Error inserting printer: " & Server.HTMLEncode(Err.Description), "addprinter.asp"
|
||||
Response.End
|
||||
End If
|
||||
Set cmdPrinter = Nothing
|
||||
On Error Goto 0
|
||||
|
||||
' Get the new printer ID
|
||||
Dim newPrinterId
|
||||
Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
|
||||
newPrinterId = 0
|
||||
If Not rsCheck.EOF Then
|
||||
If Not IsNull(rsCheck("newid")) Then
|
||||
newPrinterId = CLng(rsCheck("newid"))
|
||||
End If
|
||||
End If
|
||||
rsCheck.Close
|
||||
Set rsCheck = Nothing
|
||||
|
||||
objConn.Close
|
||||
|
||||
If CLng(newPrinterId) > 0 Then
|
||||
ShowSuccess "Printer added successfully.", "displayprinter.asp?printerid=" & newPrinterId, "printer details"
|
||||
Else
|
||||
ShowError "Printer was not added successfully.", "addprinter.asp"
|
||||
End If
|
||||
%>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user