-<%
- ' Get form inputs
- Dim vlan, ipstart, cidr, description, subnettypeid, cidrarray, ipend
-
- vlan = Trim(Request.Form("vlan"))
- ipstart = Trim(Request.Form("ipstart"))
- cidr = Trim(Request.Form("cidr"))
- description = Trim(Request.Form("description"))
- subnettypeid = Trim(Request.Form("subnettypeid"))
-
- ' Validate required fields
- If vlan = "" Or ipstart = "" Or cidr = "" Or subnettypeid = "" Then
- Response.Write("
Error: Required field missing.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate VLAN is numeric
- If Not IsNumeric(vlan) Then
- Response.Write("
Error: VLAN must be numeric.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Basic IP address validation
- If Len(ipstart) < 7 Or Len(ipstart) > 15 Then
- Response.Write("
Error: Invalid IP address.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate subnet type ID
- If Not IsNumeric(subnettypeid) Or CLng(subnettypeid) < 1 Then
- Response.Write("
Error: Invalid subnet type.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Parse CIDR value (expected format: "cidr,ipend")
- If InStr(cidr, ",") = 0 Then
- Response.Write("
Error: Invalid CIDR format.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- cidrarray = Split(cidr, ",")
- If UBound(cidrarray) < 1 Then
- Response.Write("
Error: Invalid CIDR format.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ipend = Trim(cidrarray(1))
- cidr = Trim(cidrarray(0))
-
- ' Validate CIDR is numeric
- If Not IsNumeric(cidr) Or CInt(cidr) < 0 Or CInt(cidr) > 32 Then
- Response.Write("
Error: CIDR must be between 0 and 32.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate ipend is numeric
- If Not IsNumeric(ipend) Then
- Response.Write("
Error: Invalid IP end value.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate description length
- If Len(description) > 500 Then
- Response.Write("
Error: Description too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- description = Replace(description, "'", "''")
- ipstart = Replace(ipstart, "'", "''")
-
- ' Verify subnet type exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM subnettypes WHERE subnettypeid = " & subnettypeid
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck("cnt") = 0 Then
- rsCheck.Close
- Response.Write("
Error: Subnet type not found.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Insert
- ' Note: INET_ATON requires the IP address, ipend is added to the result
- Dim strSQL
- strSQL = "INSERT INTO subnets (vlan, description, cidr, ipstart, ipend, subnettypeid, isactive) " & _
- "VALUES (" & vlan & ", '" & description & "', " & cidr & ", INET_ATON('" & ipstart & "'), (INET_ATON('" & ipstart & "') + " & ipend & "), " & subnettypeid & ", 1)"
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number = 0 Then
- objConn.Close
- Response.Redirect("./displaysubnets.asp")
- Else
- Response.Write("
Error: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- End If
-%>
diff --git a/aspJSON.asp b/aspJSON.asp
deleted file mode 100644
index cffee69..0000000
--- a/aspJSON.asp
+++ /dev/null
@@ -1,25 +0,0 @@
-
-
-
\ No newline at end of file
diff --git a/backup/images/Thumbs.db b/backup/images/Thumbs.db
deleted file mode 100644
index 215a964..0000000
Binary files a/backup/images/Thumbs.db and /dev/null differ
diff --git a/backup/images/applications/Thumbs.db b/backup/images/applications/Thumbs.db
deleted file mode 100644
index 619f8af..0000000
Binary files a/backup/images/applications/Thumbs.db and /dev/null differ
diff --git a/backup/images/machines/Thumbs.db b/backup/images/machines/Thumbs.db
deleted file mode 100644
index d40fb9e..0000000
Binary files a/backup/images/machines/Thumbs.db and /dev/null differ
diff --git a/backup/leaflet/images/Thumbs.db b/backup/leaflet/images/Thumbs.db
deleted file mode 100644
index 0406154..0000000
Binary files a/backup/leaflet/images/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/assets/images/Thumbs.db b/backup/v2-backup/assets/images/Thumbs.db
deleted file mode 100644
index 29321d7..0000000
Binary files a/backup/v2-backup/assets/images/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/images/Thumbs.db b/backup/v2-backup/images/Thumbs.db
deleted file mode 100644
index b0cc218..0000000
Binary files a/backup/v2-backup/images/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/images/applications/Thumbs.db b/backup/v2-backup/images/applications/Thumbs.db
deleted file mode 100644
index bebb1e5..0000000
Binary files a/backup/v2-backup/images/applications/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/images/computers/Thumbs.db b/backup/v2-backup/images/computers/Thumbs.db
deleted file mode 100644
index c447b46..0000000
Binary files a/backup/v2-backup/images/computers/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/images/machines/Thumbs.db b/backup/v2-backup/images/machines/Thumbs.db
deleted file mode 100644
index 0333946..0000000
Binary files a/backup/v2-backup/images/machines/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/images/printers/Thumbs.db b/backup/v2-backup/images/printers/Thumbs.db
deleted file mode 100644
index 26d24d7..0000000
Binary files a/backup/v2-backup/images/printers/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/leaflet/images/Thumbs.db b/backup/v2-backup/leaflet/images/Thumbs.db
deleted file mode 100644
index 0406154..0000000
Binary files a/backup/v2-backup/leaflet/images/Thumbs.db and /dev/null differ
diff --git a/backup/v2-backup/template/assets/images/bg-themes/Thumbs.db b/backup/v2-backup/template/assets/images/bg-themes/Thumbs.db
deleted file mode 100644
index 1892695..0000000
Binary files a/backup/v2-backup/template/assets/images/bg-themes/Thumbs.db and /dev/null differ
diff --git a/backup/v2-bakcup-10-13-25/v2/images/Thumbs.db b/backup/v2-bakcup-10-13-25/v2/images/Thumbs.db
deleted file mode 100644
index 5ec0090..0000000
Binary files a/backup/v2-bakcup-10-13-25/v2/images/Thumbs.db and /dev/null differ
diff --git a/backup/v2-bakcup-10-13-25/v2/images/applications/Thumbs.db b/backup/v2-bakcup-10-13-25/v2/images/applications/Thumbs.db
deleted file mode 100644
index 09cf9fb..0000000
Binary files a/backup/v2-bakcup-10-13-25/v2/images/applications/Thumbs.db and /dev/null differ
diff --git a/bulkupdatenotificationtypes.asp b/bulkupdatenotificationtypes.asp
deleted file mode 100644
index 1f4b0a1..0000000
--- a/bulkupdatenotificationtypes.asp
+++ /dev/null
@@ -1,261 +0,0 @@
-
-
-
-
-
-
-
-
-
-<%
- theme = Request.Cookies("theme")
- IF theme = "" THEN
- theme="bg-theme1"
- END IF
-%>
-
-
-
-
-
- Success! Updated <%=updated%> notification(s).
- <% If errors <> "" And errors <> "0" Then %>
- Warning: <%=errors%> notification(s) failed to update.
- <% End If %>
-
-
-<% End If %>
-
-
-
- Instructions: Select the appropriate notification type for each notification below, then click "Save All Changes" at the bottom.
-
-
-
-
Notification Type Legend:
- TBD - Type to be determined (gray on calendar)
- Awareness - General awareness notification (green on calendar)
- Change - Scheduled change or maintenance (yellow on calendar)
- Incident - Active incident or outage (red on calendar)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/check_all_warranties.asp.broken b/check_all_warranties.asp.broken
deleted file mode 100644
index f7a16b4..0000000
--- a/check_all_warranties.asp.broken
+++ /dev/null
@@ -1,222 +0,0 @@
-<%@ Language=VBScript %>
-<%
-' ========================================================================
-' Check All Warranties - Batch Process
-' This page checks all PCs without warranty information against Dell API
-' ========================================================================
-
-On Error Resume Next
-Response.Buffer = True
-Response.ContentType = "application/json"
-%>
-
-<%
-If Err.Number <> 0 Then
- Response.Write "{""success"": false, ""error"": ""Database include error: " & Replace(Err.Description, """", "'") & """}"
- Response.End
-End If
-
-' Configuration
-Const VENDOR_API_URL = "http://10.48.130.113/vendor-api-proxy.php"
-Const BATCH_SIZE = 10 ' Process 10 at a time
-
-Dim strSQL
-Dim serviceTags, serialNumber
-Dim warrantyData, warrantyResults
-Dim updated, errors, total
-Dim response
-Dim rsWarranties ' Create our own recordset object
-' Note: objConn is declared in sql.asp include
-
-' Initialize counters
-updated = 0
-errors = 0
-
-' Find all PCs without warranty information
-strSQL = "SELECT pcid, hostname, serialnumber " & _
- "FROM pc " & _
- "WHERE (warrantyenddate IS NULL OR warrantyenddate = '' OR warrantyenddate = '0000-00-00') " & _
- "AND serialnumber IS NOT NULL " & _
- "AND serialnumber <> 'N/A' " & _
- "AND serialnumber <> '' " & _
- "AND LENGTH(serialnumber) >= 5 " & _
- "AND isactive = 1"
-
-' Create and open recordset with cursor to support MoveFirst
-Set rsWarranties = Server.CreateObject("ADODB.Recordset")
-If Err.Number <> 0 Then
- Response.Write "{""success"": false, ""error"": ""Failed to create recordset: " & Replace(Err.Description, """", "'") & """}"
- Response.End
-End If
-
-rsWarranties.CursorLocation = 3 ' adUseClient
-rsWarranties.Open strSQL, objConn
-
-If Err.Number <> 0 Then
- Response.Write "{""success"": false, ""error"": ""Failed to open recordset: " & Replace(Err.Description, """", "'") & """}"
- Response.End
-End If
-
-' Check if we have any records
-If rsWarranties.EOF Then
- ' No devices need warranty checks
- Response.Write "{""success"": true, ""message"": ""No devices require warranty checks"", ""total"": 0, ""updated"": 0, ""errors"": 0}"
- rsWarranties.Close
- objConn.Close
- Response.End
-End If
-
-' Count total records
-Dim serviceTagList()
-Dim deviceInfo()
-Dim count
-count = 0
-
-Do While Not rsWarranties.EOF
- count = count + 1
- rsWarranties.MoveNext
-Loop
-total = count
-
-' Reset to beginning
-rsWarranties.MoveFirst
-
-' Build arrays
-ReDim serviceTagList(total - 1)
-ReDim deviceInfo(total - 1)
-count = 0
-
-Do While Not rsWarranties.EOF
- serialNumber = Trim(rsWarranties("serialnumber"))
- serviceTagList(count) = serialNumber
- Set deviceInfo(count) = CreateObject("Scripting.Dictionary")
- deviceInfo(count)("pcid") = rsWarranties("pcid")
- deviceInfo(count)("hostname") = rsWarranties("hostname")
- deviceInfo(count)("serialnumber") = serialNumber
- count = count + 1
- rsWarranties.MoveNext
-Loop
-
-rsWarranties.Close
-Set rsWarranties = Nothing
-
-' Process in batches
-Dim i, batchStart, batchEnd, batchTags
-Dim batchTagsStr, apiUrl, xmlhttp
-Dim responseText, json
-
-For i = 0 To total - 1 Step BATCH_SIZE
- batchStart = i
- batchEnd = i + BATCH_SIZE - 1
- If batchEnd >= total Then
- batchEnd = total - 1
- End If
-
- ' Build batch of service tags
- batchTagsStr = ""
- Dim j
- For j = batchStart To batchEnd
- If batchTagsStr <> "" Then
- batchTagsStr = batchTagsStr & ","
- End If
- batchTagsStr = batchTagsStr & serviceTagList(j)
- Next
-
- ' Call vendor API
- apiUrl = VENDOR_API_URL & "?vendor=dell&action=warranty-batch&servicetags=" & Server.URLEncode(batchTagsStr)
-
- Set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
- xmlhttp.setTimeouts 30000, 30000, 30000, 30000 ' 30 second timeout
-
- On Error Resume Next
- xmlhttp.Open "GET", apiUrl, False
- xmlhttp.setRequestHeader "Accept", "application/json"
- xmlhttp.Send
-
- If Err.Number <> 0 Then
- errors = errors + (batchEnd - batchStart + 1)
- Err.Clear
- Else
- responseText = xmlhttp.responseText
-
- ' Parse JSON response (simplified - for production use proper JSON parser)
- ' For now, we'll extract warranty data using string parsing
- If InStr(responseText, """success"":true") > 0 Then
- ' Process each warranty in batch
- For j = batchStart To batchEnd
- serialNumber = serviceTagList(j)
-
- ' Extract warranty data for this serial (simplified extraction)
- Dim warrantyEndDate, serviceLevel, warrantyStatus
- warrantyEndDate = ExtractWarrantyData(responseText, serialNumber, "warrantyEndDate")
- serviceLevel = ExtractWarrantyData(responseText, serialNumber, "serviceLevel")
- warrantyStatus = ExtractWarrantyData(responseText, serialNumber, "warrantyStatus")
-
- If warrantyEndDate <> "" Then
- ' Update database
- strSQL = "UPDATE pc SET " & _
- "warrantyenddate = '" & Replace(warrantyEndDate, "'", "''") & "', " & _
- "warrantystatus = '" & Replace(warrantyStatus, "'", "''") & "', " & _
- "warrantylevel = '" & Replace(Left(serviceLevel, 100), "'", "''") & "' " & _
- "WHERE pcid = " & deviceInfo(j)("pcid")
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number = 0 Then
- updated = updated + 1
- Else
- errors = errors + 1
- Err.Clear
- End If
- On Error Goto 0
- Else
- errors = errors + 1
- End If
- Next
- Else
- errors = errors + (batchEnd - batchStart + 1)
- End If
- End If
- On Error Goto 0
-
- Set xmlhttp = Nothing
-
- ' Small delay between batches - ASP doesn't support WScript.Sleep
- ' Instead, we'll just continue without delay since batches are small
- ' If batchEnd < total - 1 Then
- ' ' No sleep available in ASP
- ' End If
-Next
-
-' Return response
-Response.Write "{""success"": true, ""total"": " & total & ", ""updated"": " & updated & ", ""errors"": " & errors & ", ""message"": ""Updated " & updated & " of " & total & " warranty records""}"
-
-objConn.Close
-
-' Helper function to extract warranty data from JSON
-Function ExtractWarrantyData(jsonText, serviceTag, fieldName)
- Dim pattern, startPos, endPos, value
- pattern = """serviceTag"":""" & serviceTag & """"
- startPos = InStr(jsonText, pattern)
-
- If startPos > 0 Then
- ' Find the field within this warranty object
- Dim fieldPattern
- fieldPattern = """" & fieldName & """:"""
- startPos = InStr(startPos, jsonText, fieldPattern)
-
- If startPos > 0 Then
- startPos = startPos + Len(fieldPattern)
- endPos = InStr(startPos, jsonText, """")
- If endPos > startPos Then
- value = Mid(jsonText, startPos, endPos - startPos)
- ExtractWarrantyData = value
- Exit Function
- End If
- End If
- End If
-
- ExtractWarrantyData = ""
-End Function
-%>
diff --git a/checkduplicateprinters.asp b/checkduplicateprinters.asp
deleted file mode 100644
index 3b205e9..0000000
--- a/checkduplicateprinters.asp
+++ /dev/null
@@ -1,58 +0,0 @@
-
-<%
-Response.Write("
")
-End If
-rs.Close
-
-' Show final count
-strSQL = "SELECT COUNT(*) as cnt FROM machines WHERE machinetypeid = 15"
-set rs = objConn.Execute(strSQL)
-Response.Write("
Final printer machine count: " & rs("cnt") & "
")
-rs.Close
-
-objConn.Close
-%>
diff --git a/deviceswitch.asp.backup b/deviceswitch.asp.backup
deleted file mode 100644
index c1b650d..0000000
--- a/deviceswitch.asp.backup
+++ /dev/null
@@ -1,473 +0,0 @@
-
-
-
-
-
-
-
-
-<%
- theme = Request.Cookies("theme")
- IF theme = "" THEN
- theme="bg-theme1"
- END IF
-
- Dim serverid, isNewRecord
- serverid = Request.QueryString("id")
- If serverid = "" Or serverid = "0" Then
- isNewRecord = True
- serverid = 0
- Else
- isNewRecord = False
- End If
-
- ' If editing, fetch existing data
- Dim rs, servername, modelid, serialnumber, ipaddress, description, maptop, mapleft, isactive
- Dim vendorname, modelnumber
- If Not isNewRecord Then
- Dim strSQL
- strSQL = "SELECT mac.machineid, mac.alias AS servername, mac.modelnumberid AS modelid, " & _
- "mac.serialnumber, mac.machinenotes AS description, mac.maptop, mac.mapleft, mac.isactive, " & _
- "m.modelnumber, v.vendor, c.address AS ipaddress " & _
- "FROM machines mac " & _
- "LEFT JOIN models m ON mac.modelnumberid = m.modelnumberid " & _
- "LEFT JOIN vendors v ON m.vendorid = v.vendorid " & _
- "LEFT JOIN communications c ON mac.machineid = c.machineid AND c.isprimary = 1 AND c.comstypeid = 1 " & _
- "WHERE mac.machineid = " & serverid & " AND mac.machinetypeid = 30"
- Set rs = objConn.Execute(strSQL)
-
- If rs.EOF Then
- Response.Write("Server not found")
- Response.End
- End If
-
- If Not IsNull(rs("servername")) Then servername = rs("servername") Else servername = ""
- If Not IsNull(rs("modelid")) Then modelid = rs("modelid") Else modelid = ""
- If Not IsNull(rs("serialnumber")) Then serialnumber = rs("serialnumber") Else serialnumber = ""
- If Not IsNull(rs("ipaddress")) Then ipaddress = rs("ipaddress") Else ipaddress = ""
- If Not IsNull(rs("description")) Then description = rs("description") Else description = ""
- If Not IsNull(rs("maptop")) Then maptop = rs("maptop") Else maptop = ""
- If Not IsNull(rs("mapleft")) Then mapleft = rs("mapleft") Else mapleft = ""
- If Not IsNull(rs("isactive")) Then isactive = rs("isactive") Else isactive = 1
- If Not IsNull(rs("vendor")) Then vendorname = rs("vendor") Else vendorname = ""
- If Not IsNull(rs("modelnumber")) Then modelnumber = rs("modelnumber") Else modelnumber = ""
-
- rs.Close
- Set rs = Nothing
- Else
- ' New record defaults
- servername = ""
- modelid = ""
- serialnumber = ""
- ipaddress = ""
- description = ""
- maptop = ""
- mapleft = ""
- isactive = 1 ' Active by default for new records
- vendorname = ""
- modelnumber = ""
- End If
-%>
-
-
-
-
-
")
- If Not IsNull(rs("LoggedInUser")) Then
- Response.Write("
" & rs("LoggedInUser") & "
")
- Else
- Response.Write("
")
- End If
-Else
- Response.Write("
No PC assigned
")
- Response.Write("
")
- Response.Write("
")
-End If
-
-' Printer data - check if exists (LEFT JOIN may return NULL)
-If Not IsNull(rs("printerid")) And rs("printerid") <> "" Then
- Response.Write("
-
-<%
- strSQL2 = "SELECT * FROM installedapps, applications WHERE installedapps.appid = applications.appid AND installedapps.isactive = 1 AND installedapps.machineid = " & CLng(machineid) & " ORDER BY appname ASC"
- Set rs2 = objConn.Execute(strSQL2)
- Do While Not rs2.EOF
- Response.Write("
-
-
-
-
-
-<%
- objConn.Close
-%>
\ No newline at end of file
diff --git a/displaymachine.asp.backup2 b/displaymachine.asp.backup2
deleted file mode 100644
index 8e6e917..0000000
--- a/displaymachine.asp.backup2
+++ /dev/null
@@ -1,1674 +0,0 @@
-<%
-'=============================================================================
-' FILE: displaymachine.asp
-' PURPOSE: Display detailed machine information with edit capability
-' SECURITY: Parameterized queries, HTML encoding, input validation
-' UPDATED: 2025-10-27 - Migrated to secure patterns
-'=============================================================================
-%>
-
-
-
-
-
-
-
-
-
-
-<%
- theme = Request.Cookies("theme")
- If theme = "" Then
- theme = "bg-theme1"
- End If
-
- '=============================================================================
- ' SECURITY: Validate machineid or machinenumber parameter
- ' NOTE: This handles both database ID and machine number for flexibility
- '=============================================================================
- Dim machineid, machinenumber, paramValue
- machineid = GetSafeInteger("QS", "machineid", 0, 1, 999999)
-
- ' If machineid not provided, try machinenumber parameter
- IF machineid = 0 THEN
- machinenumber = Request.QueryString("machinenumber")
- IF machinenumber <> "" THEN
- ' Look up machineid by machinenumber
- Dim rsLookup, strLookupSQL
- strLookupSQL = "SELECT machineid FROM machines WHERE machinenumber = ? AND isactive = 1"
- Set rsLookup = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(machinenumber))
- IF NOT rsLookup.EOF THEN
- machineid = rsLookup("machineid")
- END IF
- rsLookup.Close
- Set rsLookup = Nothing
- END IF
- ELSE
- ' We have a machineid, but it might actually be a machine number
- ' Try to look it up as a machineid first
- Dim rsCheck
- strLookupSQL = "SELECT machineid FROM machines WHERE machineid = ? AND isactive = 1"
- Set rsCheck = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(machineid))
-
- ' If no machine found with that machineid, try treating it as a machine number
- IF rsCheck.EOF THEN
- rsCheck.Close
- strLookupSQL = "SELECT machineid FROM machines WHERE machinenumber = ? AND isactive = 1"
- Set rsCheck = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(CStr(machineid)))
- IF NOT rsCheck.EOF THEN
- machineid = rsCheck("machineid")
- ELSE
- machineid = 0 ' Not found
- END IF
- END IF
- rsCheck.Close
- Set rsCheck = Nothing
- END IF
-
- IF machineid = 0 THEN
- objConn.Close
- Response.Redirect("default.asp")
- Response.End
- END IF
-
- '=============================================================================
- ' SECURITY: Use parameterized query to prevent SQL injection
- '=============================================================================
- strSQL = "SELECT machines.*, machinetypes.*, models.*, businessunits.*, vendors.*, functionalaccounts.*, " & _
- "printers.ipaddress AS printerip, printers.printerid, printers.printercsfname, printers.printerwindowsname, " & _
- "pc.pcid, pc.hostname, pc.loggedinuser AS LoggedInUser, pc_network_interfaces.IPAddress AS pcip " & _
- "FROM machines " & _
- "INNER JOIN models ON machines.modelnumberid = models.modelnumberid " & _
- "LEFT JOIN machinetypes ON models.machinetypeid = machinetypes.machinetypeid " & _
- "INNER JOIN businessunits ON machines.businessunitid = businessunits.businessunitid " & _
- "LEFT JOIN functionalaccounts ON machinetypes.functionalaccountid = functionalaccounts.functionalaccountid " & _
- "INNER JOIN vendors ON models.vendorid = vendors.vendorid " & _
- "LEFT JOIN printers ON machines.printerid = printers.printerid " & _
- "LEFT JOIN pc ON pc.machinenumber = machines.machinenumber " & _
- "LEFT JOIN pc_network_interfaces ON pc_network_interfaces.pcid = pc.pcid AND pc_network_interfaces.DefaultGateway IS NOT NULL " & _
- "WHERE machines.machineid = ?"
-
- Set rs = ExecuteParameterizedQuery(objConn, strSQL, Array(machineid))
-
- ' Check if machine exists
- If rs.EOF Then
- rs.Close
- Set rs = Nothing
- objConn.Close
- Response.Redirect("default.asp")
- Response.End
- End If
-%>
-
-
-
-
-
-<%
-Dim machineNumVal, vendorValM, modelValM, machineTypeVal, buVal
-
-' Get values and default to N/A if empty
-machineNumVal = rs("machinenumber") & ""
-If machineNumVal = "" Then machineNumVal = "N/A"
-
-vendorValM = rs("vendor") & ""
-If vendorValM = "" Then vendorValM = "N/A"
-
-modelValM = rs("modelnumber") & ""
-If modelValM = "" Then modelValM = "N/A"
-
-machineTypeVal = rs("machinetype") & ""
-If machineTypeVal = "" Then machineTypeVal = "N/A"
-
-buVal = rs("businessunit") & ""
-If buVal = "" Then buVal = "N/A"
-%>
-
-<%
-If machineNumVal <> "N/A" Then
-%>
-
- <%=Server.HTMLEncode(machineNumVal)%>
-
-<%
-Else
- Response.Write("N/A")
-End If
-%>
-
-
<%=Server.HTMLEncode(vendorValM)%>
-
<%=Server.HTMLEncode(modelValM)%>
-
<%=Server.HTMLEncode(machineTypeVal)%>
-
<%=Server.HTMLEncode(buVal)%>
-<%
-' Get primary communication (IP and MAC) from communications table
-Dim rsPrimaryCom, strPrimaryComSQL, primaryIP, primaryMAC
-strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE machineid = ? AND isprimary = 1 AND isactive = 1 LIMIT 1"
-Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(machineid))
-
-If Not rsPrimaryCom.EOF Then
- primaryIP = rsPrimaryCom("address") & ""
- primaryMAC = rsPrimaryCom("macaddress") & ""
-Else
- ' Try to get first active communication if no primary set
- rsPrimaryCom.Close
- strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE machineid = ? AND isactive = 1 ORDER BY comid LIMIT 1"
- Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(machineid))
- If Not rsPrimaryCom.EOF Then
- primaryIP = rsPrimaryCom("address") & ""
- primaryMAC = rsPrimaryCom("macaddress") & ""
- Else
- primaryIP = ""
- primaryMAC = ""
- End If
-End If
-rsPrimaryCom.Close
-Set rsPrimaryCom = Nothing
-
-' Display IP Address
-If primaryIP <> "" Then
- Response.Write("
" & Server.HTMLEncode(primaryIP) & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Display MAC Address
-If primaryMAC <> "" Then
- Response.Write("
" & Server.HTMLEncode(primaryMAC) & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Get controlling PC from relationships
-Dim rsControlPC, strControlPCSQL, controlPCHostname, controlPCID
-strControlPCSQL = "SELECT m.machineid, m.hostname, m.machinenumber FROM machinerelationships mr " & _
- "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _
- "JOIN machines m ON mr.machineid = m.machineid " & _
- "WHERE mr.related_machineid = ? AND rt.relationshiptype = 'Controls' AND mr.isactive = 1 LIMIT 1"
-Set rsControlPC = ExecuteParameterizedQuery(objConn, strControlPCSQL, Array(machineid))
-
-If Not rsControlPC.EOF Then
- controlPCHostname = rsControlPC("hostname") & ""
- controlPCID = rsControlPC("machineid")
- If controlPCHostname = "" Then controlPCHostname = rsControlPC("machinenumber") & ""
- Response.Write("
")
-End If
-rsControlPC.Close
-Set rsControlPC = Nothing
-
-' SECURITY: HTML encode printer data to prevent XSS
-' Printer data - check if exists (LEFT JOIN may return NULL)
-If Not IsNull(rs("printerid")) And rs("printerid") <> "" Then
- Dim printerNameVal
- printerNameVal = rs("printerwindowsname") & ""
- If printerNameVal = "" Then printerNameVal = "Printer #" & rs("printerid")
-
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-
-
-
Compliance & Security
-<%
- ' Query compliance data
- strSQL2 = "SELECT * FROM compliance WHERE machineid = ?"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
-
- If Not rs2.EOF Then
-%>
-
-
-
Third Party Managed:
-
Third Party Manager:
-
OT Asset System:
-
DoD Asset Device Type:
-
Compliant:
-
-
-<%
- Dim thirdPartyManaged, thirdPartyManager, otAssetSystem, dodAssetDeviceType, isCompliant
- thirdPartyManaged = rs2("is_third_party_managed") & ""
- thirdPartyManager = rs2("third_party_manager") & ""
- otAssetSystem = rs2("ot_asset_system") & ""
- dodAssetDeviceType = rs2("ot_asset_device_type") & ""
- isCompliant = rs2("is_compliant")
-
- ' Third party managed badge
- Dim tpmBadge
- If thirdPartyManaged = "Yes" Then
- tpmBadge = "Yes"
- ElseIf thirdPartyManaged = "No" Then
- tpmBadge = "No"
- Else
- tpmBadge = "N/A"
- End If
-%>
-
<%=tpmBadge%>
-
<%=Server.HTMLEncode(thirdPartyManager)%>
-
<%=Server.HTMLEncode(otAssetSystem)%>
-
<%=Server.HTMLEncode(dodAssetDeviceType)%>
-
-<%
- If Not IsNull(isCompliant) Then
- If isCompliant Then
- Response.Write("Yes")
- Else
- Response.Write("No")
- End If
- Else
- Response.Write("Not Assessed")
- End If
-%>
-
-
-
-
-
-
-
Security Scans
-
-
-
-
-
Scan Name
-
Date
-
Result
-
Details
-
-
-
-<%
- rs2.Close
- Set rs2 = Nothing
-
- ' Query security scans
- strSQL2 = "SELECT * FROM compliancescans WHERE machineid = ? ORDER BY scan_date DESC LIMIT 10"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
-
- If rs2.EOF Then
- Response.Write("
No security scans recorded
")
- Else
- Do While Not rs2.EOF
- Dim scanName, scanDate, scanResult, scanDetails, resultBadge
- scanName = rs2("scan_name") & ""
- scanDate = rs2("scan_date") & ""
- scanResult = rs2("scan_result") & ""
- scanDetails = rs2("scan_details") & ""
-
- If scanName = "" Then scanName = "Security Scan"
- If scanDetails = "" Then scanDetails = "No details"
-
- ' Result badge
- Select Case LCase(scanResult)
- Case "pass"
- resultBadge = "Pass"
- Case "fail"
- resultBadge = "Fail"
- Case "warning"
- resultBadge = "Warning"
- Case Else
- resultBadge = "Info"
- End Select
-
- Response.Write("
")
- Response.Write("
" & Server.HTMLEncode(scanName) & "
")
- Response.Write("
" & Server.HTMLEncode(scanDate) & "
")
- Response.Write("
" & resultBadge & "
")
- Response.Write("
" & scanDetails & "
")
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-<%
- Else
- Response.Write("
No compliance data available for this machine.
")
- rs2.Close
- Set rs2 = Nothing
- End If
-%>
-
-
-
-
-
-<%
- '=============================================================================
- ' SECURITY: Use parameterized query for installed applications
- '=============================================================================
- strSQL2 = "SELECT * FROM installedapps, applications WHERE installedapps.appid = applications.appid AND installedapps.isactive = 1 AND installedapps.machineid = ? ORDER BY appname ASC"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
- Do While Not rs2.EOF
- Response.Write("
-<%
-' Controller information
-' Controller info commented out - not in simplified query
-' If Not IsNull(rs("controller_vendor")) And rs("controller_vendor") & "" <> "" Then
-' Dim controllerDisplay
-' controllerDisplay = rs("controller_vendor") & ""
-' If Not IsNull(rs("controller_model")) And rs("controller_model") & "" <> "" Then
-' controllerDisplay = controllerDisplay & " " & rs("controller_model") & ""
-' End If
-' Response.Write("
" & Server.HTMLEncode(controllerDisplay) & "
")
-' Else
- Response.Write("
N/A
")
-' End If
-
-' Serial number
-If Not IsNull(rs("serialnumber")) And rs("serialnumber") & "" <> "" Then
- Response.Write("
")
-End If
-
-' IP Address
-If primaryIP <> "" Then
- Response.Write("
" & Server.HTMLEncode(primaryIP) & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' VLAN
-If Not IsNull(rs("vlan")) And rs("vlan") & "" <> "" Then
- Response.Write("
VLAN " & Server.HTMLEncode(rs("vlan") & "") & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Asset Criticality
-If Not IsNull(rs("asset_criticality")) And rs("asset_criticality") & "" <> "" Then
- Dim criticalityBadge, criticalityVal
- criticalityVal = rs("asset_criticality") & ""
- Select Case UCase(criticalityVal)
- Case "HIGH"
- criticalityBadge = " High"
- Case "MEDIUM"
- criticalityBadge = "Medium"
- Case "LOW"
- criticalityBadge = "Low"
- Case Else
- criticalityBadge = Server.HTMLEncode(criticalityVal)
- End Select
- Response.Write("
" & criticalityBadge & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Printer data - check if exists (LEFT JOIN may return NULL)
-If Not IsNull(rs("printerid")) And rs("printerid") <> "" Then
- Dim printerNameVal
- printerNameVal = rs("printerwindowsname") & ""
- If printerNameVal = "" Then printerNameVal = "Printer #" & rs("printerid")
-
- Response.Write("
-
-
-<%
- '=============================================================================
- ' Query all network interfaces from communications table
- '=============================================================================
- strSQL2 = "SELECT c.address, c.macaddress, c.interfacename, c.isprimary, c.isdhcp " & _
- "FROM communications c " & _
- "INNER JOIN comstypes ct ON c.comstypeid = ct.comstypeid " & _
- "WHERE c.machineid = ? AND ct.typename = 'Network_Interface' AND c.isactive = 1 " & _
- "ORDER BY c.isprimary DESC, c.comid ASC"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
-
- If rs2.EOF Then
- Response.Write("
No network interfaces found
")
- Else
- Do While Not rs2.EOF
- Dim interfaceNameVal, ipAddressVal, macAddressVal, isPrimaryVal, isDHCPVal
-
- interfaceNameVal = rs2("interfacename") & ""
- If interfaceNameVal = "" Then interfaceNameVal = "Unknown"
-
- ipAddressVal = rs2("address") & ""
- If ipAddressVal = "" Then ipAddressVal = "N/A"
-
- macAddressVal = rs2("macaddress") & ""
- If macAddressVal = "" Then macAddressVal = "N/A"
-
- isPrimaryVal = rs2("isprimary")
- isDHCPVal = rs2("isdhcp")
-
- Response.Write("
")
- Response.Write("
" & Server.HTMLEncode(interfaceNameVal) & "
")
- Response.Write("
" & Server.HTMLEncode(ipAddressVal) & "
")
- Response.Write("
" & Server.HTMLEncode(macAddressVal) & "
")
-
- If isDHCPVal = 1 Or isDHCPVal = True Then
- Response.Write("
DHCP
")
- Else
- Response.Write("
Static
")
- End If
-
- If isPrimaryVal = 1 Or isPrimaryVal = True Then
- Response.Write("
")
- Else
- Response.Write("
")
- End If
-
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-
-
Other Communications
-
-
-
-
-
Type
-
Address/Port
-
Details
-
Description
-
-
-
-<%
- '=============================================================================
- ' Query other communication types (Serial, IP, USB, etc.)
- '=============================================================================
- strSQL2 = "SELECT c.address, c.port, c.portname, c.description, c.baud, c.databits, c.stopbits, c.parity, ct.typename " & _
- "FROM communications c " & _
- "INNER JOIN comstypes ct ON c.comstypeid = ct.comstypeid " & _
- "WHERE c.machineid = ? AND ct.typename != 'Network_Interface' AND c.isactive = 1 " & _
- "ORDER BY ct.typename, c.comid ASC"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
-
- If rs2.EOF Then
- Response.Write("
No other communications found
")
- Else
- Do While Not rs2.EOF
- Dim typeNameVal, addressVal, detailsVal, descriptionVal
-
- typeNameVal = rs2("typename") & ""
- addressVal = rs2("address") & ""
-
- ' Build details based on type
- detailsVal = ""
- If typeNameVal = "Serial" Then
- If Not IsNull(rs2("baud")) Then detailsVal = rs2("baud") & " baud"
- If Not IsNull(rs2("databits")) And rs2("databits") & "" <> "" Then
- If detailsVal <> "" Then detailsVal = detailsVal & ", "
- detailsVal = detailsVal & rs2("databits") & "N" & rs2("stopbits") & ""
- End If
- ElseIf typeNameVal = "IP" Then
- If Not IsNull(rs2("port")) Then detailsVal = "Port " & rs2("port")
- End If
-
- descriptionVal = rs2("description") & ""
- If descriptionVal = "" Then descriptionVal = "-"
-
- Response.Write("
")
- Response.Write("
" & Server.HTMLEncode(typeNameVal) & "
")
- Response.Write("
" & Server.HTMLEncode(addressVal) & "
")
- Response.Write("
" & Server.HTMLEncode(detailsVal) & "
")
- Response.Write("
" & Server.HTMLEncode(descriptionVal) & "
")
- Response.Write("
")
-
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
")
-
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-
-
-
-
Compliance & Security
-
-
-
Management & Access
-
Third Party Managed:
-
-<%
-If Not IsNull(rs("is_third_party_managed")) And rs("is_third_party_managed") & "" <> "" Then
- Dim thirdPartyVal
- thirdPartyVal = rs("is_third_party_managed") & ""
- If UCase(thirdPartyVal) = "YES" Or thirdPartyVal = "Yes" Then
- Response.Write("Yes")
- ElseIf UCase(thirdPartyVal) = "NO" Or thirdPartyVal = "No" Then
- Response.Write("No")
- Else
- Response.Write(Server.HTMLEncode(thirdPartyVal))
- End If
-Else
- Response.Write("Not Specified")
-End If
-%>
-
-
-
Managed By:
-
-<%
-If Not IsNull(rs("third_party_manager")) And rs("third_party_manager") & "" <> "" Then
- Response.Write(" " & Server.HTMLEncode(rs("third_party_manager") & "") & "")
-Else
- Response.Write("Not Specified")
-End If
-%>
-
-
-
Last Scan:
-
-<%
-If Not IsNull(rs("scan_date")) And rs("scan_date") & "" <> "" Then
- Response.Write(Server.HTMLEncode(rs("scan_date") & ""))
-Else
- Response.Write("Never Scanned")
-End If
-%>
-
-
-
Scan Result:
-
-<%
-If Not IsNull(rs("scan")) And rs("scan") & "" <> "" Then
- Response.Write(Server.HTMLEncode(rs("scan") & ""))
-Else
- Response.Write("N/A")
-End If
-%>
-
-
-
-
-
OT Asset Information
-
-
OT Asset System:
-
-<%
-If Not IsNull(rs("ot_asset_system")) And rs("ot_asset_system") & "" <> "" Then
- Response.Write(Server.HTMLEncode(rs("ot_asset_system") & ""))
-Else
- Response.Write("Not Specified")
-End If
-%>
-
-
-
OT Device Type:
-
-<%
-If Not IsNull(rs("ot_asset_device_type")) And rs("ot_asset_device_type") & "" <> "" Then
- Response.Write(Server.HTMLEncode(rs("ot_asset_device_type") & ""))
-Else
- Response.Write("Not Specified")
-End If
-%>
-
-
-
MFT:
-
-<%
-If Not IsNull(rs("mft")) And rs("mft") & "" <> "" Then
- Response.Write(Server.HTMLEncode(rs("mft") & ""))
-Else
- Response.Write("Not Specified")
-End If
-%>
-
-
-
Deployment Notes:
-
-<%
-' TEXT fields in MySQL require special handling in classic ASP
-Dim deploymentNotesValue
-On Error Resume Next
-deploymentNotesValue = ""
-If Not IsNull(rs("deployment_notes")) Then
- deploymentNotesValue = rs("deployment_notes").Value
-End If
-On Error Goto 0
-
-If deploymentNotesValue <> "" And Not IsNull(deploymentNotesValue) Then
- Response.Write("" & Server.HTMLEncode(deploymentNotesValue) & "")
-Else
- Response.Write("No deployment notes")
-End If
-%>
-
-
-
-
-
-
-
-
-
-
-
Application Name
-
Version
-
-
-
-<%
- '=============================================================================
- ' SECURITY: Use parameterized query for installed applications
- '=============================================================================
- strSQL2 = "SELECT app.appname, ia.version " & _
- "FROM installedapps ia " & _
- "INNER JOIN applications app ON ia.appid = app.appid " & _
- "WHERE ia.machineid = ? AND ia.isactive = 1 " & _
- "ORDER BY app.appname ASC"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid))
-
- If rs2.EOF Then
- Response.Write("
No applications installed
")
- Else
- Do While Not rs2.EOF
- Dim appNameVal, versionVal
- appNameVal = rs2("appname") & ""
- versionVal = rs2("version") & ""
- If versionVal = "" Then versionVal = "N/A"
-
- Response.Write("
")
- Response.Write("
" & Server.HTMLEncode(appNameVal) & "
")
- Response.Write("
" & Server.HTMLEncode(versionVal) & "
")
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-<%
-' Clean up
-rs.Close
-Set rs = Nothing
-objConn.Close
-Set objConn = Nothing
-%>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/displaypc.asp.backup-20251027 b/displaypc.asp.backup-20251027
deleted file mode 100644
index b2a1174..0000000
--- a/displaypc.asp.backup-20251027
+++ /dev/null
@@ -1,837 +0,0 @@
-
-
-
-
-
-
-
-<%
- theme = Request.Cookies("theme")
- IF theme = "" THEN
- theme="bg-theme1"
- END IF
-
- pcid = Request.Querystring("pcid")
-
- strSQL = "SELECT pc.*,vendors.*,models.*,pc_network_interfaces.*,machines.machineid,machines.machinenumber as machine_number,machines.alias,machines.machinetypeid,machinetypes.machinetype,machines.businessunitid,businessunits.businessunit,machines.printerid,printers.printerwindowsname,pctype.typename,functionalaccounts.functionalaccount,functionalaccounts.description as functionalaccount_description " & _
- "FROM pc " & _
- "LEFT JOIN models ON pc.modelnumberid=models.modelnumberid " & _
- "LEFT JOIN vendors ON models.vendorid=vendors.vendorid " & _
- "LEFT JOIN pc_network_interfaces ON pc_network_interfaces.pcid=pc.pcid " & _
- "LEFT JOIN machines ON pc.machinenumber = machines.machinenumber " & _
- "LEFT JOIN machinetypes ON machines.machinetypeid = machinetypes.machinetypeid " & _
- "LEFT JOIN businessunits ON machines.businessunitid = businessunits.businessunitid " & _
- "LEFT JOIN printers ON machines.printerid = printers.printerid " & _
- "LEFT JOIN pctype ON pc.pctypeid = pctype.pctypeid " & _
- "LEFT JOIN functionalaccounts ON pctype.functionalaccountid = functionalaccounts.functionalaccountid " & _
- "WHERE pc.isactive=1 AND pc.pcid="&pcid
-
- 'response.write (strSQL)
- 'response.end
- set rs = objconn.Execute(strSQL)
-
- ' Check if PC exists
- IF rs.EOF THEN
- objConn.Close
- Response.Redirect("displaypcs.asp")
- Response.End
- END IF
-
- ' Get machine ID if it exists
- IF NOT rs.EOF THEN
- IF NOT IsNull(rs("machineid")) THEN
- machineid = rs("machineid")
- ELSE
- machineid = 0
- END IF
- END IF
-%>
-
-
-
-
-
-<%
- IF machineid > 0 THEN
- Dim locationDisplay
- ' Use alias if available, otherwise machine_number
- IF NOT IsNull(rs("alias")) AND rs("alias") <> "" THEN
- locationDisplay = rs("alias")
- ELSE
- locationDisplay = rs("machine_number")
- END IF
- Response.Write("" & locationDisplay & "")
- ELSE
- Response.Write("Not assigned")
- END IF
-%>
-
-
-<%
- IF NOT IsNull(rs("ipaddress")) AND rs("ipaddress") <> "" THEN
- Response.Write(rs("ipaddress"))
- ELSE
- Response.Write("N/A")
- END IF
-%>
-
-
-<%
- IF NOT IsNull(rs("functionalaccount")) AND rs("functionalaccount") <> "" THEN
- Dim accountDisplay, descDisplay, extractedAccount
- Dim pcTypeName
- pcTypeName = ""
- IF NOT IsNull(rs("typename")) THEN
- pcTypeName = UCase(Trim(rs("typename") & ""))
- END IF
-
- ' Check if loggedinuser exists and should be used
- Dim useLoggedInUser
- useLoggedInUser = False
- IF NOT IsNull(rs("LoggedInUser")) AND rs("LoggedInUser") <> "" THEN
- ' Use loggedinuser for Standard, Engineer, or TBD types
- IF pcTypeName = "STANDARD" OR pcTypeName = "ENGINEER" OR rs("functionalaccount") = "TBD" OR rs("functionalaccount") = "1" THEN
- useLoggedInUser = True
- END IF
- END IF
-
- IF useLoggedInUser THEN
- accountDisplay = rs("LoggedInUser")
-
- ' Try to extract the account number from loggedinuser (format: lg[account]sd)
- Dim loggedUser
- loggedUser = rs("LoggedInUser")
- IF Left(loggedUser, 2) = "lg" AND Right(loggedUser, 2) = "sd" AND Len(loggedUser) > 4 THEN
- extractedAccount = Mid(loggedUser, 3, Len(loggedUser) - 4)
- ELSE
- extractedAccount = ""
- END IF
- ELSE
- accountDisplay = "lg" & rs("functionalaccount") & "sd"
- extractedAccount = ""
- END IF
-
- ' Determine what description to show
- Dim descField
- descField = ""
-
- ' If showing plain SSO (not lg[account]sd format), label it as "SSO"
- IF useLoggedInUser AND extractedAccount = "" THEN
- descField = "SSO"
- ' If we extracted an account from loggedinuser, look up its description
- ELSEIF extractedAccount <> "" THEN
- Dim rsDesc, sqlDesc
- sqlDesc = "SELECT description FROM functionalaccounts WHERE functionalaccount = '" & Replace(extractedAccount, "'", "''") & "' AND isactive = 1"
- Set rsDesc = objConn.Execute(sqlDesc)
- IF NOT rsDesc.EOF THEN
- IF NOT IsNull(rsDesc("description")) AND rsDesc("description") <> "" THEN
- descField = rsDesc("description") & ""
- END IF
- END IF
- rsDesc.Close
- Set rsDesc = Nothing
- ' Otherwise use functional account description from the query
- ELSE
- On Error Resume Next
- descField = rs("functionalaccount_description") & ""
- If descField = "" Then
- descField = rs("description") & ""
- End If
- On Error Goto 0
- END IF
-
- IF descField <> "" AND NOT IsNull(descField) THEN
- descDisplay = " - " & descField
- ELSE
- descDisplay = ""
- END IF
-
- Response.Write(accountDisplay & descDisplay)
- ELSE
- Response.Write("N/A")
- END IF
-%>
-
-
-
-
-
-
-
Warranty Information
-
-
-
Status:
-
End Date:
-
Days Remaining:
-
Service Level:
-
Last Checked:
-
-
-<%
-Dim warrantyStatus, warrantyEndDate, warrantyDaysRemaining, warrantyServiceLevel, warrantyLastChecked
-Dim warrantyStatusClass, warrantyBadge
-
-warrantyStatus = rs("warrantystatus")
-warrantyEndDate = rs("warrantyenddate")
-warrantyDaysRemaining = rs("warrantydaysremaining")
-warrantyServiceLevel = rs("warrantyservicelevel")
-warrantyLastChecked = rs("warrantylastchecked")
-
-' Determine warranty status badge
-If IsNull(warrantyStatus) Or warrantyStatus = "" Then
- warrantyBadge = "Unknown"
-ElseIf LCase(warrantyStatus) = "active" Then
- If Not IsNull(warrantyDaysRemaining) And IsNumeric(warrantyDaysRemaining) Then
- If warrantyDaysRemaining < 30 Then
- warrantyBadge = "Expiring Soon"
- Else
- warrantyBadge = "Active"
- End If
- Else
- warrantyBadge = "Active"
- End If
-ElseIf LCase(warrantyStatus) = "expired" Then
- warrantyBadge = "Expired"
-Else
- warrantyBadge = "" & warrantyStatus & ""
-End If
-%>
-
<%Response.Write(warrantyBadge)%>
-
-<%
-If Not IsNull(warrantyEndDate) And warrantyEndDate <> "" And warrantyEndDate <> "0000-00-00" Then
- Response.Write(warrantyEndDate)
-Else
- Response.Write("Not available")
-End If
-%>
-
-
-<%
-If Not IsNull(warrantyDaysRemaining) And IsNumeric(warrantyDaysRemaining) Then
- If warrantyDaysRemaining < 0 Then
- Response.Write("" & Abs(warrantyDaysRemaining) & " days overdue")
- ElseIf warrantyDaysRemaining < 30 Then
- Response.Write("" & warrantyDaysRemaining & " days")
- Else
- Response.Write(warrantyDaysRemaining & " days")
- End If
-Else
- Response.Write("Not available")
-End If
-%>
-
-
-<%
-If Not IsNull(warrantyServiceLevel) And warrantyServiceLevel <> "" Then
- Response.Write(warrantyServiceLevel)
-Else
- Response.Write("Not available")
-End If
-%>
-
-
-<%
-If Not IsNull(warrantyLastChecked) And warrantyLastChecked <> "" Then
- Response.Write(warrantyLastChecked)
-Else
- Response.Write("Never checked")
-End If
-%>
-
-
-
-
-
-
-
-
-<%
-
- IF machineid > 0 THEN
- strSQL2 = "SELECT * FROM installedapps,applications WHERE installedapps.appid=applications.appid AND installedapps.isactive=1 AND " &_
- "installedapps.machineid=" & machineid & " ORDER BY appname ASC"
- set rs2 = objconn.Execute(strSQL2)
- while not rs2.eof
- Response.Write("
-<%
-Dim machineNumVal, vendorValM, modelValM, machineTypeVal, buVal
-
-' Get values and default to N/A if empty
-machineNumVal = rs("machinenumber") & ""
-If machineNumVal = "" Then machineNumVal = "N/A"
-
-vendorValM = rs("vendor") & ""
-If vendorValM = "" Then vendorValM = "N/A"
-
-modelValM = rs("modelnumber") & ""
-If modelValM = "" Then modelValM = "N/A"
-
-machineTypeVal = rs("machinetype") & ""
-If machineTypeVal = "" Then machineTypeVal = "N/A"
-
-buVal = rs("businessunit") & ""
-If buVal = "" Then buVal = "N/A"
-%>
-
-<%
-If machineNumVal <> "N/A" Then
-%>
-
- <%=Server.HTMLEncode(machineNumVal)%>
-
-<%
-Else
- Response.Write("N/A")
-End If
-%>
-
-
<%=Server.HTMLEncode(vendorValM)%>
-
<%=Server.HTMLEncode(modelValM)%>
-
<%=Server.HTMLEncode(machineTypeVal)%>
-
<%=Server.HTMLEncode(buVal)%>
-<%
-' Get primary communication (IP and MAC) from communications table
-Dim rsPrimaryCom, strPrimaryComSQL, primaryIP, primaryMAC
-strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE pcid = ? AND isprimary = 1 AND isactive = 1 LIMIT 1"
-Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(pcid))
-
-If Not rsPrimaryCom.EOF Then
- primaryIP = rsPrimaryCom("address") & ""
- primaryMAC = rsPrimaryCom("macaddress") & ""
-Else
- ' Try to get first active communication if no primary set
- rsPrimaryCom.Close
- strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE pcid = ? AND isactive = 1 ORDER BY comid LIMIT 1"
- Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(pcid))
- If Not rsPrimaryCom.EOF Then
- primaryIP = rsPrimaryCom("address") & ""
- primaryMAC = rsPrimaryCom("macaddress") & ""
- Else
- primaryIP = ""
- primaryMAC = ""
- End If
-End If
-rsPrimaryCom.Close
-Set rsPrimaryCom = Nothing
-
-' Display IP Address
-If primaryIP <> "" Then
- Response.Write("
" & Server.HTMLEncode(primaryIP) & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Display MAC Address
-If primaryMAC <> "" Then
- Response.Write("
" & Server.HTMLEncode(primaryMAC) & "
")
-Else
- Response.Write("
N/A
")
-End If
-
-' Get controlling PC from relationships
-Dim rsControlPC, strControlPCSQL, controlPCHostname, controlPCID
-strControlPCSQL = "SELECT m.pcid, m.hostname, m.machinenumber FROM machinerelationships mr " & _
- "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _
- "JOIN machines m ON mr.pcid = m.pcid " & _
- "WHERE mr.related_pcid = ? AND rt.relationshiptype = 'Controls' AND mr.isactive = 1 LIMIT 1"
-Set rsControlPC = ExecuteParameterizedQuery(objConn, strControlPCSQL, Array(pcid))
-
-If Not rsControlPC.EOF Then
- controlPCHostname = rsControlPC("hostname") & ""
- controlPCID = rsControlPC("pcid")
- If controlPCHostname = "" Then controlPCHostname = rsControlPC("machinenumber") & ""
- Response.Write("
")
-End If
-rsControlPC.Close
-Set rsControlPC = Nothing
-
-' SECURITY: HTML encode printer data to prevent XSS
-' Printer data - check if exists (LEFT JOIN may return NULL)
-If Not IsNull(rs("printerid")) And rs("printerid") <> "" Then
- Dim printerNameVal
- printerNameVal = rs("printerwindowsname") & ""
- If printerNameVal = "" Then printerNameVal = "Printer #" & rs("printerid")
-
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-
-
-
Compliance & Security
-<%
- ' Query compliance data
- strSQL2 = "SELECT * FROM compliance WHERE pcid = ?"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(pcid))
-
- If Not rs2.EOF Then
-%>
-
-
-
Third Party Managed:
-
Third Party Manager:
-
OT Asset System:
-
DoD Asset Device Type:
-
Compliant:
-
-
-<%
- Dim thirdPartyManaged, thirdPartyManager, otAssetSystem, dodAssetDeviceType, isCompliant
- thirdPartyManaged = rs2("is_third_party_managed") & ""
- thirdPartyManager = rs2("third_party_manager") & ""
- otAssetSystem = rs2("ot_asset_system") & ""
- dodAssetDeviceType = rs2("ot_asset_device_type") & ""
- isCompliant = rs2("is_compliant")
-
- ' Third party managed badge
- Dim tpmBadge
- If thirdPartyManaged = "Yes" Then
- tpmBadge = "Yes"
- ElseIf thirdPartyManaged = "No" Then
- tpmBadge = "No"
- Else
- tpmBadge = "N/A"
- End If
-%>
-
<%=tpmBadge%>
-
<%=Server.HTMLEncode(thirdPartyManager)%>
-
<%=Server.HTMLEncode(otAssetSystem)%>
-
<%=Server.HTMLEncode(dodAssetDeviceType)%>
-
-<%
- If Not IsNull(isCompliant) Then
- If isCompliant Then
- Response.Write("Yes")
- Else
- Response.Write("No")
- End If
- Else
- Response.Write("Not Assessed")
- End If
-%>
-
-
-
-
-
-
-
Security Scans
-
-
-
-
-
Scan Name
-
Date
-
Result
-
Details
-
-
-
-<%
- rs2.Close
- Set rs2 = Nothing
-
- ' Query security scans
- strSQL2 = "SELECT * FROM compliancescans WHERE pcid = ? ORDER BY scan_date DESC LIMIT 10"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(pcid))
-
- If rs2.EOF Then
- Response.Write("
No security scans recorded
")
- Else
- Do While Not rs2.EOF
- Dim scanName, scanDate, scanResult, scanDetails, resultBadge
- scanName = rs2("scan_name") & ""
- scanDate = rs2("scan_date") & ""
- scanResult = rs2("scan_result") & ""
- scanDetails = rs2("scan_details") & ""
-
- If scanName = "" Then scanName = "Security Scan"
- If scanDetails = "" Then scanDetails = "No details"
-
- ' Result badge
- Select Case LCase(scanResult)
- Case "pass"
- resultBadge = "Pass"
- Case "fail"
- resultBadge = "Fail"
- Case "warning"
- resultBadge = "Warning"
- Case Else
- resultBadge = "Info"
- End Select
-
- Response.Write("
")
- Response.Write("
" & Server.HTMLEncode(scanName) & "
")
- Response.Write("
" & Server.HTMLEncode(scanDate) & "
")
- Response.Write("
" & resultBadge & "
")
- Response.Write("
" & scanDetails & "
")
- Response.Write("
")
- rs2.MoveNext
- Loop
- End If
- rs2.Close
- Set rs2 = Nothing
-%>
-
-
-
-<%
- Else
- Response.Write("
No compliance data available for this machine.
")
- rs2.Close
- Set rs2 = Nothing
- End If
-%>
-
-
-
-
-
-<%
- '=============================================================================
- ' SECURITY: Use parameterized query for installed applications
- '=============================================================================
- strSQL2 = "SELECT * FROM installedapps, applications WHERE installedapps.appid = applications.appid AND installedapps.isactive = 1 AND installedapps.pcid = ? ORDER BY appname ASC"
- Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(pcid))
- Do While Not rs2.EOF
- Response.Write("
")
- END IF
- IF rs("printercsfname") <> "" THEN
- Response.Write ("
"&rs("printercsfname")&"
")
- ELSE
- response.write ("
")
- END IF
-%>
-
-
<%Response.Write(rs("printerwindowsname"))%>
-
-
-<%
-' Get Zabbix data for this printer (cached) - now includes all supplies
-Dim printerIP, cachedData, zabbixConnected, pingStatus, suppliesJSON
-Dim statusBadge, statusIcon, statusColor
-
-printerIP = rs("ipaddress")
-
-' Get all supplies data (toner, ink, drums, maintenance kits, etc.)
-' Returns array: [zabbixConnected, pingStatus, suppliesJSON]
-cachedData = GetAllPrinterSuppliesCached(printerIP)
-
-' Extract data from array
-zabbixConnected = cachedData(0)
-pingStatus = cachedData(1)
-suppliesJSON = cachedData(2)
-%>
-
- Supply Status
-<%
-' Display printer online/offline status badge
-If pingStatus = "1" Then
- Response.Write(" Online")
-ElseIf pingStatus = "0" Then
- Response.Write(" Offline")
-Else
- Response.Write(" Unknown")
-End If
-%>
-
-
-<%
-If zabbixConnected <> "1" Then
- ' Show error details
- If zabbixConnected = "" Then
- Response.Write("
Unable to connect to Zabbix monitoring server (empty response)
")
- Else
- Response.Write("
Zabbix Connection Error:
" & Server.HTMLEncode(zabbixConnected) & "
")
- End If
-ElseIf suppliesJSON = "" Or IsNull(suppliesJSON) Then
- Response.Write("
No supply data available for this printer in Zabbix (IP: " & printerIP & ")
")
-Else
- ' Parse the JSON data for all supply items
- Dim itemStart, itemEnd, itemBlock, itemName, itemValue
- Dim namePos, nameStart, nameEnd, valuePos, valueStart, valueEnd
- Dim currentPos, hasData
-
- hasData = False
-
- ' Find all items with "Level" in the name (toner, ink, drums, maintenance kits, etc.)
- currentPos = 1
- Do While currentPos > 0
- itemStart = InStr(currentPos, suppliesJSON, "{""itemid""")
- If itemStart = 0 Then Exit Do
-
- itemEnd = InStr(itemStart + 1, suppliesJSON, "},")
- If itemEnd = 0 Then
- itemEnd = InStr(itemStart + 1, suppliesJSON, "}]")
- End If
- If itemEnd = 0 Then Exit Do
-
- itemBlock = Mid(suppliesJSON, itemStart, itemEnd - itemStart + 1)
-
- ' Extract name
- namePos = InStr(itemBlock, """name"":""")
- If namePos > 0 Then
- nameStart = namePos + 8
- nameEnd = InStr(nameStart, itemBlock, """")
- itemName = Mid(itemBlock, nameStart, nameEnd - nameStart)
- Else
- itemName = ""
- End If
-
- ' Only process items with "Level" in the name
- If InStr(1, itemName, "Level", 1) > 0 Then
- ' Extract value (lastvalue)
- valuePos = InStr(itemBlock, """lastvalue"":""")
- If valuePos > 0 Then
- valueStart = valuePos + 13
- valueEnd = InStr(valueStart, itemBlock, """")
- itemValue = Mid(itemBlock, valueStart, valueEnd - valueStart)
-
- ' Try to convert to numeric
- On Error Resume Next
- Dim numericValue, progressClass
- numericValue = CDbl(itemValue)
- If Err.Number = 0 Then
- ' Determine progress bar color based on level
- If numericValue < 10 Then
- progressClass = "bg-danger" ' Red for critical (< 10%)
- ElseIf numericValue < 25 Then
- progressClass = "bg-warning" ' Yellow for low (< 25%)
- Else
- progressClass = "bg-success" ' Green for good (>= 25%)
- End If
-
- ' Display supply level with progress bar
- Response.Write("
")
-
- hasData = True
- End If
- Err.Clear
- On Error Goto 0
- End If
- End If
-
- currentPos = itemEnd + 1
- Loop
-
- If Not hasData Then
- Response.Write("
No supply level data available for this printer in Zabbix (IP: " & printerIP & ")
")
- Response.Write("")
-End If
-%>
diff --git a/editapplication_direct.asp.backup-20251027 b/editapplication_direct.asp.backup-20251027
deleted file mode 100644
index 4740611..0000000
--- a/editapplication_direct.asp.backup-20251027
+++ /dev/null
@@ -1,221 +0,0 @@
-
-<%
-' Get all form data
-Dim appid, appname, appdescription, supportteamid
-Dim applicationnotes, installpath, applicationlink, documentationpath, image
-Dim isinstallable, isactive, ishidden, isprinter, islicenced
-Dim newsupportteamname, newsupportteamurl, newappownerid
-
-appid = Request.Form("appid")
-appname = Trim(Request.Form("appname"))
-appdescription = Trim(Request.Form("appdescription"))
-supportteamid = Trim(Request.Form("supportteamid"))
-applicationnotes = Trim(Request.Form("applicationnotes"))
-installpath = Trim(Request.Form("installpath"))
-applicationlink = Trim(Request.Form("applicationlink"))
-documentationpath = Trim(Request.Form("documentationpath"))
-image = Trim(Request.Form("image"))
-
-' New support team fields
-newsupportteamname = Trim(Request.Form("newsupportteamname"))
-newsupportteamurl = Trim(Request.Form("newsupportteamurl"))
-newappownerid = Trim(Request.Form("newappownerid"))
-
-' Checkboxes
-If Request.Form("isinstallable") = "1" Then isinstallable = 1 Else isinstallable = 0
-If Request.Form("isactive") = "1" Then isactive = 1 Else isactive = 0
-If Request.Form("ishidden") = "1" Then ishidden = 1 Else ishidden = 0
-If Request.Form("isprinter") = "1" Then isprinter = 1 Else isprinter = 0
-If Request.Form("islicenced") = "1" Then islicenced = 1 Else islicenced = 0
-
-' Check if we need to create a new support team first
-If supportteamid = "new" Then
- If newsupportteamname = "" Then
- Response.Write("
Error: Support team name is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newsupportteamname) > 50 Then
- Response.Write("
Error: Support team name too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes for support team name and URL
- Dim escapedTeamName, escapedTeamUrl
- escapedTeamName = Replace(newsupportteamname, "'", "''")
- escapedTeamUrl = Replace(newsupportteamurl, "'", "''")
-
- ' Check if support team already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM supportteams WHERE LOWER(teamname) = LOWER('" & escapedTeamName & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck.EOF Then
- rsCheck.Close
- Response.Write("
Error: Database query failed.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Response.Write("
Error: Support team '" & Server.HTMLEncode(newsupportteamname) & "' already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Check if we need to create a new app owner first (nested creation)
- If newappownerid = "new" Then
- Dim newappownername, newappownersso
- newappownername = Trim(Request.Form("newappownername"))
- newappownersso = Trim(Request.Form("newappownersso"))
-
- If newappownername = "" Or newappownersso = "" Then
- Response.Write("
Error: App owner name and SSO are required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newappownername) > 50 Or Len(newappownersso) > 50 Then
- Response.Write("
Error: App owner name or SSO too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- Dim escapedOwnerName, escapedSSO
- escapedOwnerName = Replace(newappownername, "'", "''")
- escapedSSO = Replace(newappownersso, "'", "''")
-
- ' Check if app owner already exists
- checkSQL = "SELECT COUNT(*) as cnt FROM appowners WHERE LOWER(appowner) = LOWER('" & escapedOwnerName & "') OR LOWER(sso) = LOWER('" & escapedSSO & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck.EOF Then
- rsCheck.Close
- Response.Write("
Error: Database query failed (app owner check).
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Response.Write("
Error: App owner with this name or SSO already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Insert new app owner
- Dim ownerSQL
- ownerSQL = "INSERT INTO appowners (appowner, sso, isactive) VALUES ('" & escapedOwnerName & "', '" & escapedSSO & "', 1)"
-
- On Error Resume Next
- objConn.Execute ownerSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating app owner: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new app owner ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newappownerid = rsCheck("newid")
- rsCheck.Close
- Else
- ' Validate existing app owner ID (only if not empty and not "new")
- If newappownerid <> "" And newappownerid <> "new" Then
- If Not IsNumeric(newappownerid) Or CLng(newappownerid) < 1 Then
- Response.Write("
Error: Invalid app owner.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
- End If
-
- ' Insert new support team
- Dim teamSQL
- teamSQL = "INSERT INTO supportteams (teamname, teamurl, appownerid, isactive) VALUES ('" & escapedTeamName & "', '" & escapedTeamUrl & "', " & newappownerid & ", 1)"
-
- On Error Resume Next
- objConn.Execute teamSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating support team: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new support team ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- supportteamid = rsCheck("newid")
- rsCheck.Close
-Else
- ' Validate existing support team ID (only if not empty and not "new")
- If supportteamid <> "" And supportteamid <> "new" Then
- If Not IsNumeric(supportteamid) Or CLng(supportteamid) < 1 Then
- Response.Write("
-<%
- ' Get and validate all inputs
- Dim machineid, modelid, machinetypeid, businessunitid, printerid, mapleft, maptop
- machineid = Trim(Request.Querystring("machineid"))
- modelid = Trim(Request.Form("modelid"))
- machinetypeid = Trim(Request.Form("machinetypeid"))
- businessunitid = Trim(Request.Form("businessunitid"))
- printerid = Trim(Request.Form("printerid"))
- mapleft = Trim(Request.Form("mapleft"))
- maptop = Trim(Request.Form("maptop"))
-
- ' Get form inputs for new business unit
- Dim newbusinessunit
- newbusinessunit = Trim(Request.Form("newbusinessunit"))
-
- ' Get form inputs for new machine type
- Dim newmachinetype, newmachinedescription, newfunctionalaccountid
- newmachinetype = Trim(Request.Form("newmachinetype"))
- newmachinedescription = Trim(Request.Form("newmachinedescription"))
- newfunctionalaccountid = Trim(Request.Form("newfunctionalaccountid"))
-
- ' Get form inputs for new functional account
- Dim newfunctionalaccount
- newfunctionalaccount = Trim(Request.Form("newfunctionalaccount"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelimage
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelimage = Trim(Request.Form("newmodelimage"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields
- If Not IsNumeric(machineid) Or CLng(machineid) < 1 Then
- Response.Write("
Error: Invalid machine ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If modelid <> "new" And (Not IsNumeric(modelid)) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If machinetypeid <> "new" And (Not IsNumeric(machinetypeid)) Then
- Response.Write("
Error: Invalid machine type ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If businessunitid <> "new" And (Not IsNumeric(businessunitid)) Then
- Response.Write("
Error: Invalid business unit ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new business unit creation
- If businessunitid = "new" Then
- If Len(newbusinessunit) = 0 Then
- Response.Write("
New business unit name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newbusinessunit) > 50 Then
- Response.Write("
Business unit name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedBUName
- escapedBUName = Replace(newbusinessunit, "'", "''")
-
- ' Insert new business unit
- Dim sqlNewBU
- sqlNewBU = "INSERT INTO businessunits (businessunit, isactive) VALUES ('" & escapedBUName & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewBU
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new business unit: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created business unit ID
- Dim rsNewBU
- Set rsNewBU = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- businessunitid = CLng(rsNewBU("newid"))
- rsNewBU.Close
- Set rsNewBU = Nothing
- On Error Goto 0
- End If
-
- ' Handle new machine type creation
- If machinetypeid = "new" Then
- If Len(newmachinetype) = 0 Then
- Response.Write("
New machine type name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccountid) = 0 Then
- Response.Write("
Functional account is required for new machine type
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmachinetype) > 50 Or Len(newmachinedescription) > 255 Then
- Response.Write("
Machine type field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new functional account creation (nested)
- If newfunctionalaccountid = "new" Then
- If Len(newfunctionalaccount) = 0 Then
- Response.Write("
New functional account name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccount) > 50 Then
- Response.Write("
Functional account name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedFAName
- escapedFAName = Replace(newfunctionalaccount, "'", "''")
-
- ' Insert new functional account
- Dim sqlNewFA
- sqlNewFA = "INSERT INTO functionalaccounts (functionalaccount, isactive) VALUES ('" & escapedFAName & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewFA
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new functional account: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created functional account ID
- Dim rsNewFA
- Set rsNewFA = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newfunctionalaccountid = CLng(rsNewFA("newid"))
- rsNewFA.Close
- Set rsNewFA = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes
- Dim escapedMTName, escapedMTDesc
- escapedMTName = Replace(newmachinetype, "'", "''")
- escapedMTDesc = Replace(newmachinedescription, "'", "''")
-
- ' Insert new machine type
- Dim sqlNewMT
- sqlNewMT = "INSERT INTO machinetypes (machinetype, machinedescription, functionalaccountid, isactive) " & _
- "VALUES ('" & escapedMTName & "', '" & escapedMTDesc & "', " & newfunctionalaccountid & ", 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewMT
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new machine type: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created machine type ID
- Dim rsNewMT
- Set rsNewMT = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- machinetypeid = CLng(rsNewMT("newid"))
- rsNewMT.Close
- Set rsNewMT = Nothing
- On Error Goto 0
- End If
-
- ' Handle new model creation
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Or Len(newmodelimage) > 100 Then
- Response.Write("
Model field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Vendor name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with ismachine=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) " & _
- "VALUES ('" & escapedVendorName & "', 1, 0, 0, 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber, escapedModelImage
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
- escapedModelImage = Replace(newmodelimage, "'", "''")
-
- ' Set default image if not specified
- If escapedModelImage = "" Then
- escapedModelImage = "default.png"
- End If
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, image, isactive) " & _
- "VALUES ('" & escapedModelNumber & "', " & newvendorid & ", '" & escapedModelImage & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Build UPDATE statement
- Dim strSQL
- strSQL = "UPDATE machines SET " & _
- "modelnumberid = " & modelid & ", " & _
- "machinetypeid = " & machinetypeid & ", " & _
- "businessunitid = " & businessunitid
-
- ' Add optional printerid
- If printerid <> "" And IsNumeric(printerid) Then
- strSQL = strSQL & ", printerid = " & printerid
- End If
-
- ' Add optional map coordinates
- If mapleft <> "" And maptop <> "" And IsNumeric(mapleft) And IsNumeric(maptop) Then
- strSQL = strSQL & ", mapleft = " & mapleft & ", maptop = " & maptop
- End If
-
- strSQL = strSQL & " WHERE machineid = " & machineid
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- objConn.Close
-%>
-
-
-
-
diff --git a/editmacine.asp.backup-refactor-20251027 b/editmacine.asp.backup-refactor-20251027
deleted file mode 100644
index d7a71a1..0000000
--- a/editmacine.asp.backup-refactor-20251027
+++ /dev/null
@@ -1,410 +0,0 @@
-<%
-'=============================================================================
-' FILE: editmacine.asp
-' PURPOSE: Edit machine information with nested entity creation
-' SECURITY: Parameterized queries, HTML encoding, input validation
-' UPDATED: 2025-10-27 - Migrated to secure patterns
-' NOTE: File has typo in name (macine vs machine) - preserved for compatibility
-'=============================================================================
-%>
-
-
-
-
-
-
-
-
-
-<%
- '=============================================================================
- ' SECURITY: Validate machineid from querystring
- '=============================================================================
- Dim machineid
- machineid = GetSafeInteger("QS", "machineid", 0, 1, 999999)
-
- If machineid = 0 Then
- Response.Write("
Error: Invalid machine ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- '=============================================================================
- ' SECURITY: Get and validate all form inputs
- '=============================================================================
- Dim modelid, machinetypeid, businessunitid, printerid, mapleft, maptop
- modelid = GetSafeString("FORM", "modelid", "", 1, 50, "")
- machinetypeid = GetSafeString("FORM", "machinetypeid", "", 1, 50, "")
- businessunitid = GetSafeString("FORM", "businessunitid", "", 1, 50, "")
- printerid = GetSafeInteger("FORM", "printerid", 0, 0, 999999)
- mapleft = GetSafeInteger("FORM", "mapleft", 0, 0, 9999)
- maptop = GetSafeInteger("FORM", "maptop", 0, 0, 9999)
-
- ' Get form inputs for new business unit
- Dim newbusinessunit
- newbusinessunit = GetSafeString("FORM", "newbusinessunitname", "", 0, 50, "")
-
- ' Get form inputs for new machine type
- Dim newmachinetype, newmachinedescription, newfunctionalaccountid
- newmachinetype = GetSafeString("FORM", "newmachinetypename", "", 0, 50, "")
- newmachinedescription = GetSafeString("FORM", "newmachinetypedescription", "", 0, 255, "")
- newfunctionalaccountid = GetSafeString("FORM", "newfunctionalaccountid", "", 0, 50, "")
-
- ' Get form inputs for new functional account
- Dim newfunctionalaccount
- newfunctionalaccount = GetSafeString("FORM", "newfunctionalaccountname", "", 0, 50, "")
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelimage
- newmodelnumber = GetSafeString("FORM", "newmodelnumber", "", 0, 255, "")
- newvendorid = GetSafeString("FORM", "newvendorid", "", 0, 50, "")
- newmodelimage = GetSafeString("FORM", "newmodelimage", "", 0, 255, "")
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = GetSafeString("FORM", "newvendorname", "", 0, 50, "")
-
- '=============================================================================
- ' Validate required fields
- '=============================================================================
- If modelid <> "new" And (Not IsNumeric(modelid)) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If machinetypeid <> "new" And (Not IsNumeric(machinetypeid)) Then
- Response.Write("
Error: Invalid machine type ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If businessunitid <> "new" And (Not IsNumeric(businessunitid)) Then
- Response.Write("
Error: Invalid business unit ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- '=============================================================================
- ' SECURITY: Handle new business unit creation with parameterized query
- '=============================================================================
- If businessunitid = "new" Then
- If Len(newbusinessunit) = 0 Then
- Response.Write("
New business unit name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new business unit using parameterized query
- Dim sqlNewBU
- sqlNewBU = "INSERT INTO businessunits (businessunit, isactive) VALUES (?, 1)"
-
- On Error Resume Next
- Dim cmdNewBU
- Set cmdNewBU = Server.CreateObject("ADODB.Command")
- cmdNewBU.ActiveConnection = objConn
- cmdNewBU.CommandText = sqlNewBU
- cmdNewBU.CommandType = 1
- cmdNewBU.Parameters.Append cmdNewBU.CreateParameter("@businessunit", 200, 1, 50, newbusinessunit)
- cmdNewBU.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new business unit: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created business unit ID
- Dim rsNewBU
- Set rsNewBU = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- businessunitid = 0
- If Not rsNewBU.EOF Then
- If Not IsNull(rsNewBU("newid")) Then
- businessunitid = CLng(rsNewBU("newid"))
- End If
- End If
- rsNewBU.Close
- Set rsNewBU = Nothing
- Set cmdNewBU = Nothing
- On Error Goto 0
- End If
-
- '=============================================================================
- ' SECURITY: Handle new machine type creation with parameterized query
- '=============================================================================
- If machinetypeid = "new" Then
- If Len(newmachinetype) = 0 Then
- Response.Write("
New machine type name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccountid) = 0 Then
- Response.Write("
Functional account is required for new machine type
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new functional account creation (nested)
- If newfunctionalaccountid = "new" Then
- If Len(newfunctionalaccount) = 0 Then
- Response.Write("
New functional account name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new functional account using parameterized query
- Dim sqlNewFA
- sqlNewFA = "INSERT INTO functionalaccounts (functionalaccount, isactive) VALUES (?, 1)"
-
- On Error Resume Next
- Dim cmdNewFA
- Set cmdNewFA = Server.CreateObject("ADODB.Command")
- cmdNewFA.ActiveConnection = objConn
- cmdNewFA.CommandText = sqlNewFA
- cmdNewFA.CommandType = 1
- cmdNewFA.Parameters.Append cmdNewFA.CreateParameter("@functionalaccount", 200, 1, 50, newfunctionalaccount)
- cmdNewFA.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new functional account: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created functional account ID
- Dim rsNewFA
- Set rsNewFA = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newfunctionalaccountid = 0
- If Not rsNewFA.EOF Then
- If Not IsNull(rsNewFA("newid")) Then
- newfunctionalaccountid = CLng(rsNewFA("newid"))
- End If
- End If
- rsNewFA.Close
- Set rsNewFA = Nothing
- Set cmdNewFA = Nothing
- On Error Goto 0
- End If
-
- ' Insert new machine type using parameterized query
- Dim sqlNewMT
- sqlNewMT = "INSERT INTO machinetypes (machinetype, machinedescription, functionalaccountid, isactive) VALUES (?, ?, ?, 1)"
-
- On Error Resume Next
- Dim cmdNewMT
- Set cmdNewMT = Server.CreateObject("ADODB.Command")
- cmdNewMT.ActiveConnection = objConn
- cmdNewMT.CommandText = sqlNewMT
- cmdNewMT.CommandType = 1
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@machinetype", 200, 1, 50, newmachinetype)
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@machinedescription", 200, 1, 255, newmachinedescription)
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@functionalaccountid", 3, 1, , CLng(newfunctionalaccountid))
- cmdNewMT.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new machine type: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created machine type ID
- Dim rsNewMT
- Set rsNewMT = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- machinetypeid = 0
- If Not rsNewMT.EOF Then
- If Not IsNull(rsNewMT("newid")) Then
- machinetypeid = CLng(rsNewMT("newid"))
- End If
- End If
- rsNewMT.Close
- Set rsNewMT = Nothing
- Set cmdNewMT = Nothing
- On Error Goto 0
- End If
-
- '=============================================================================
- ' SECURITY: Handle new model creation with parameterized query
- '=============================================================================
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new vendor using parameterized query
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES (?, 1, 0, 0, 1)"
-
- On Error Resume Next
- Dim cmdNewVendor
- Set cmdNewVendor = Server.CreateObject("ADODB.Command")
- cmdNewVendor.ActiveConnection = objConn
- cmdNewVendor.CommandText = sqlNewVendor
- cmdNewVendor.CommandType = 1
- cmdNewVendor.Parameters.Append cmdNewVendor.CreateParameter("@vendor", 200, 1, 50, newvendorname)
- cmdNewVendor.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = 0
- If Not rsNewVendor.EOF Then
- If Not IsNull(rsNewVendor("newid")) Then
- newvendorid = CLng(rsNewVendor("newid"))
- End If
- End If
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- Set cmdNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Set default image if not specified
- If newmodelimage = "" Then
- newmodelimage = "default.png"
- End If
-
- ' Insert new model using parameterized query
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, image, isactive) VALUES (?, ?, ?, 1)"
-
- On Error Resume Next
- Dim cmdNewModel
- Set cmdNewModel = Server.CreateObject("ADODB.Command")
- cmdNewModel.ActiveConnection = objConn
- cmdNewModel.CommandText = sqlNewModel
- cmdNewModel.CommandType = 1
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@modelnumber", 200, 1, 255, newmodelnumber)
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@vendorid", 3, 1, , CLng(newvendorid))
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@image", 200, 1, 255, newmodelimage)
- cmdNewModel.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = 0
- If Not rsNewModel.EOF Then
- If Not IsNull(rsNewModel("newid")) Then
- modelid = CLng(rsNewModel("newid"))
- End If
- End If
- rsNewModel.Close
- Set rsNewModel = Nothing
- Set cmdNewModel = Nothing
- On Error Goto 0
- End If
-
- '=============================================================================
- ' SECURITY: Update machine using parameterized query
- '=============================================================================
- ' Build UPDATE statement with parameterized query
- Dim strSQL, paramCount
- paramCount = 0
-
- strSQL = "UPDATE machines SET modelnumberid = ?, machinetypeid = ?, businessunitid = ?"
- paramCount = 3
-
- ' Add optional printerid
- If printerid > 0 Then
- strSQL = strSQL & ", printerid = ?"
- paramCount = paramCount + 1
- End If
-
- ' Add optional map coordinates
- If mapleft > 0 And maptop > 0 Then
- strSQL = strSQL & ", mapleft = ?, maptop = ?"
- paramCount = paramCount + 2
- End If
-
- strSQL = strSQL & " WHERE machineid = ?"
-
- On Error Resume Next
- Dim cmdUpdate
- Set cmdUpdate = Server.CreateObject("ADODB.Command")
- cmdUpdate.ActiveConnection = objConn
- cmdUpdate.CommandText = strSQL
- cmdUpdate.CommandType = 1
-
- ' Add parameters in order
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@modelnumberid", 3, 1, , CLng(modelid))
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machinetypeid", 3, 1, , CLng(machinetypeid))
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@businessunitid", 3, 1, , CLng(businessunitid))
-
- If printerid > 0 Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@printerid", 3, 1, , CLng(printerid))
- End If
-
- If mapleft > 0 And maptop > 0 Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@mapleft", 3, 1, , CLng(mapleft))
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@maptop", 3, 1, , CLng(maptop))
- End If
-
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machineid", 3, 1, , CLng(machineid))
-
- cmdUpdate.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdUpdate = Nothing
- objConn.Close
- Response.End
- End If
-
- Set cmdUpdate = Nothing
- On Error Goto 0
-%>
-
-<%
-'=============================================================================
-' CLEANUP
-'=============================================================================
-objConn.Close
-%>
-
-<%
- ' Get and validate all inputs
- Dim printerid, modelid, serialnumber, ipaddress, fqdn, printercsfname, printerwindowsname, machineid, maptop, mapleft
- printerid = Trim(Request.Querystring("printerid"))
- modelid = Trim(Request.Form("modelid"))
- serialnumber = Trim(Request.Form("serialnumber"))
- ipaddress = Trim(Request.Form("ipaddress"))
- fqdn = Trim(Request.Form("fqdn"))
- printercsfname = Trim(Request.Form("printercsfname"))
- printerwindowsname = Trim(Request.Form("printerwindowsname"))
- machineid = Trim(Request.Form("machineid"))
- maptop = Trim(Request.Form("maptop"))
- mapleft = Trim(Request.Form("mapleft"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelnotes, newmodeldocpath
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelnotes = Trim(Request.Form("newmodelnotes"))
- newmodeldocpath = Trim(Request.Form("newmodeldocpath"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields
- If Not IsNumeric(printerid) Or CLng(printerid) < 1 Then
- Response.Write("
Error: Invalid printer ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If modelid <> "new" And (Not IsNumeric(modelid)) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Not IsNumeric(machineid) Then
- Response.Write("
Error: Invalid machine ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths
- If Len(serialnumber) > 100 Or Len(fqdn) > 255 Or Len(printercsfname) > 50 Or Len(printerwindowsname) > 255 Then
- Response.Write("
Error: Field length exceeded.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new model creation
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 255 Or Len(newmodelnotes) > 255 Or Len(newmodeldocpath) > 255 Then
- Response.Write("
Model field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Vendor name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with isprinter=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) " & _
- "VALUES ('" & escapedVendorName & "', 1, 1, 0, 0)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber, escapedModelNotes, escapedModelDocPath
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
- escapedModelNotes = Replace(newmodelnotes, "'", "''")
- escapedModelDocPath = Replace(newmodeldocpath, "'", "''")
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) " & _
- "VALUES ('" & escapedModelNumber & "', " & newvendorid & ", '" & escapedModelNotes & "', '" & escapedModelDocPath & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes
- serialnumber = Replace(serialnumber, "'", "''")
- ipaddress = Replace(ipaddress, "'", "''")
- fqdn = Replace(fqdn, "'", "''")
- printercsfname = Replace(printercsfname, "'", "''")
- printerwindowsname = Replace(printerwindowsname, "'", "''")
-
- ' Handle map coordinates - default to 50 if not provided
- Dim maptopSQL, mapleftSQL
- If maptop <> "" And IsNumeric(maptop) Then
- maptopSQL = maptop
- Else
- maptopSQL = "50"
- End If
-
- If mapleft <> "" And IsNumeric(mapleft) Then
- mapleftSQL = mapleft
- Else
- mapleftSQL = "50"
- End If
-
- ' Build UPDATE statement
- Dim strSQL
- strSQL = "UPDATE printers SET " & _
- "modelid = " & modelid & ", " & _
- "serialnumber = '" & serialnumber & "', " & _
- "ipaddress = '" & ipaddress & "', " & _
- "fqdn = '" & fqdn & "', " & _
- "printercsfname = '" & printercsfname & "', " & _
- "printerwindowsname = '" & printerwindowsname & "', " & _
- "machineid = " & machineid & ", " & _
- "maptop = " & maptopSQL & ", " & _
- "mapleft = " & mapleftSQL & " " & _
- "WHERE printerid = " & printerid
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- objConn.Close
-%>
-
-
-
-
\ No newline at end of file
diff --git a/includes/data_cache.asp.backup-20251113-064544 b/includes/data_cache.asp.backup-20251113-064544
deleted file mode 100644
index 4e7707b..0000000
--- a/includes/data_cache.asp.backup-20251113-064544
+++ /dev/null
@@ -1,417 +0,0 @@
-<%
-' Universal data caching system for frequently accessed database queries
-' Uses Application-level cache with configurable TTL (Time To Live)
-
-' Cache durations in minutes
-Const CACHE_DROPDOWN_TTL = 60 ' Dropdowns (vendors, models) - 1 hour
-Const CACHE_LIST_TTL = 5 ' List pages (printers, machines) - 5 minutes
-Const CACHE_STATIC_TTL = 1440 ' Static data (rarely changes) - 24 hours
-
-'=============================================================================
-' DROPDOWN DATA CACHING (Vendors, Models, etc.)
-'=============================================================================
-
-' Get all printer vendors (cached)
-Function GetPrinterVendorsCached()
- Dim cacheKey, cacheAge, cachedData
- cacheKey = "dropdown_printer_vendors"
-
- ' Check cache
- If Not IsEmpty(Application(cacheKey)) Then
- cacheAge = DateDiff("n", Application(cacheKey & "_time"), Now())
- If cacheAge < CACHE_DROPDOWN_TTL Then
- GetPrinterVendorsCached = Application(cacheKey)
- Exit Function
- End If
- End If
-
- ' Fetch from database
- Dim sql, rs_temp, resultArray(), count, i
- sql = "SELECT vendorid, vendor FROM vendors WHERE isprinter=1 AND isactive=1 ORDER BY vendor ASC"
-
- Set rs_temp = objConn.Execute(sql)
-
- ' Count rows
- count = 0
- While Not rs_temp.EOF
- count = count + 1
- rs_temp.MoveNext
- Wend
-
- If count = 0 Then
- Set rs_temp = Nothing
- GetPrinterVendorsCached = Array()
- Exit Function
- End If
-
- ' Reset to beginning
- rs_temp.MoveFirst
-
- ' Build array
- ReDim resultArray(count - 1, 1) ' vendorid, vendor
- i = 0
- While Not rs_temp.EOF
- resultArray(i, 0) = rs_temp("vendorid")
- resultArray(i, 1) = rs_temp("vendor")
- i = i + 1
- rs_temp.MoveNext
- Wend
-
- rs_temp.Close
- Set rs_temp = Nothing
-
- ' Cache it
- Application.Lock
- Application(cacheKey) = resultArray
- Application(cacheKey & "_time") = Now()
- Application.Unlock
-
- GetPrinterVendorsCached = resultArray
-End Function
-
-' Get all printer models (cached)
-Function GetPrinterModelsCached()
- Dim cacheKey, cacheAge, cachedData
- cacheKey = "dropdown_printer_models"
-
- ' Check cache
- If Not IsEmpty(Application(cacheKey)) Then
- cacheAge = DateDiff("n", Application(cacheKey & "_time"), Now())
- If cacheAge < CACHE_DROPDOWN_TTL Then
- GetPrinterModelsCached = Application(cacheKey)
- Exit Function
- End If
- End If
-
- ' Fetch from database
- Dim sql, rs_temp, resultArray(), count, i
- sql = "SELECT models.modelnumberid, models.modelnumber, vendors.vendor " & _
- "FROM vendors, models " & _
- "WHERE models.vendorid = vendors.vendorid " & _
- "AND vendors.isprinter=1 AND models.isactive=1 " & _
- "ORDER BY modelnumber ASC"
-
- Set rs_temp = objConn.Execute(sql)
-
- ' Count rows
- count = 0
- While Not rs_temp.EOF
- count = count + 1
- rs_temp.MoveNext
- Wend
-
- If count = 0 Then
- Set rs_temp = Nothing
- GetPrinterModelsCached = Array()
- Exit Function
- End If
-
- ' Reset to beginning
- rs_temp.MoveFirst
-
- ' Build array
- ReDim resultArray(count - 1, 2) ' modelnumberid, modelnumber, vendor
- i = 0
- While Not rs_temp.EOF
- resultArray(i, 0) = rs_temp("modelnumberid")
- resultArray(i, 1) = rs_temp("modelnumber")
- resultArray(i, 2) = rs_temp("vendor")
- i = i + 1
- rs_temp.MoveNext
- Wend
-
- rs_temp.Close
- Set rs_temp = Nothing
-
- ' Cache it
- Application.Lock
- Application(cacheKey) = resultArray
- Application(cacheKey & "_time") = Now()
- Application.Unlock
-
- GetPrinterModelsCached = resultArray
-End Function
-
-'=============================================================================
-' LIST PAGE CACHING (Printer list, Machine list, etc.)
-'=============================================================================
-
-' Get all active printers (cached) - for displayprinters.asp
-Function GetPrinterListCached()
- Dim cacheKey, cacheAge
- cacheKey = "list_printers"
-
- ' Check cache
- If Not IsEmpty(Application(cacheKey)) Then
- cacheAge = DateDiff("n", Application(cacheKey & "_time"), Now())
- If cacheAge < CACHE_LIST_TTL Then
- GetPrinterListCached = Application(cacheKey)
- Exit Function
- End If
- End If
-
- ' Fetch from database
- Dim sql, rs_temp, resultArray(), count, i
- sql = "SELECT printers.printerid AS printer, printers.*, vendors.*, models.*, machines.* " & _
- "FROM printers, vendors, models, machines " & _
- "WHERE printers.modelid=models.modelnumberid " & _
- "AND models.vendorid=vendors.vendorid " & _
- "AND printers.machineid=machines.machineid " & _
- "AND printers.isactive=1 " & _
- "ORDER BY machinenumber ASC"
-
- Set rs_temp = objConn.Execute(sql)
-
- ' Count rows
- count = 0
- While Not rs_temp.EOF
- count = count + 1
- rs_temp.MoveNext
- Wend
-
- If count = 0 Then
- Set rs_temp = Nothing
- GetPrinterListCached = Array()
- Exit Function
- End If
-
- rs_temp.MoveFirst
-
- ' Build array with all needed fields
- ReDim resultArray(count - 1, 11) ' printer, image, installpath, machinenumber, machineid, vendor, modelnumber, documentationpath, printercsfname, ipaddress, serialnumber, islocationonly
- i = 0
- While Not rs_temp.EOF
- resultArray(i, 0) = rs_temp("printer")
- resultArray(i, 1) = rs_temp("image")
- resultArray(i, 2) = rs_temp("installpath")
- resultArray(i, 3) = rs_temp("machinenumber")
- resultArray(i, 4) = rs_temp("machineid")
- resultArray(i, 5) = rs_temp("vendor")
- resultArray(i, 6) = rs_temp("modelnumber")
- resultArray(i, 7) = rs_temp("documentationpath")
- resultArray(i, 8) = rs_temp("printercsfname")
- resultArray(i, 9) = rs_temp("ipaddress")
- resultArray(i, 10) = rs_temp("serialnumber")
-
- ' Convert islocationonly bit to 1/0 integer (bit fields come as binary)
- On Error Resume Next
- If IsNull(rs_temp("islocationonly")) Then
- resultArray(i, 11) = 0
- Else
- ' Convert bit field to integer (0 or 1)
- resultArray(i, 11) = Abs(CBool(rs_temp("islocationonly")))
- End If
- On Error Goto 0
-
- i = i + 1
- rs_temp.MoveNext
- Wend
-
- rs_temp.Close
- Set rs_temp = Nothing
-
- ' Cache it
- Application.Lock
- Application(cacheKey) = resultArray
- Application(cacheKey & "_time") = Now()
- Application.Unlock
-
- GetPrinterListCached = resultArray
-End Function
-
-'=============================================================================
-' HELPER FUNCTIONS
-'=============================================================================
-
-' Render dropdown options from cached vendor data
-Function RenderVendorOptions(selectedID)
- Dim vendors, output, i
- vendors = GetPrinterVendorsCached()
- output = ""
-
- On Error Resume Next
- If Not IsArray(vendors) Or UBound(vendors) < 0 Then
- RenderVendorOptions = ""
- Exit Function
- End If
- On Error Goto 0
-
- For i = 0 To UBound(vendors)
- If CLng(vendors(i, 0)) = CLng(selectedID) Then
- output = output & ""
- Else
- output = output & ""
- End If
- Next
-
- RenderVendorOptions = output
-End Function
-
-' Render dropdown options from cached model data
-Function RenderModelOptions(selectedID)
- Dim models, output, i
- models = GetPrinterModelsCached()
- output = ""
-
- On Error Resume Next
- If Not IsArray(models) Or UBound(models) < 0 Then
- RenderModelOptions = ""
- Exit Function
- End If
- On Error Goto 0
-
- For i = 0 To UBound(models)
- If CLng(models(i, 0)) = CLng(selectedID) Then
- output = output & ""
- Else
- output = output & ""
- End If
- Next
-
- RenderModelOptions = output
-End Function
-
-' Get all support teams (cached) - for application dropdowns
-Function GetSupportTeamsCached()
- Dim cacheKey, cacheAge, cachedData
- cacheKey = "dropdown_support_teams"
-
- ' Check cache
- If Not IsEmpty(Application(cacheKey)) Then
- cacheAge = DateDiff("n", Application(cacheKey & "_time"), Now())
- If cacheAge < CACHE_DROPDOWN_TTL Then
- GetSupportTeamsCached = Application(cacheKey)
- Exit Function
- End If
- End If
-
- ' Fetch from database
- Dim sql, rs_temp, resultArray(), count, i
- sql = "SELECT supporteamid, teamname FROM supportteams WHERE isactive=1 ORDER BY teamname ASC"
-
- Set rs_temp = objConn.Execute(sql)
-
- ' Count rows
- count = 0
- While Not rs_temp.EOF
- count = count + 1
- rs_temp.MoveNext
- Wend
-
- If count = 0 Then
- Set rs_temp = Nothing
- GetSupportTeamsCached = Array()
- Exit Function
- End If
-
- ' Reset to beginning
- rs_temp.MoveFirst
-
- ' Build array
- ReDim resultArray(count - 1, 1) ' supporteamid, teamname
- i = 0
- While Not rs_temp.EOF
- resultArray(i, 0) = rs_temp("supporteamid")
- resultArray(i, 1) = rs_temp("teamname")
- i = i + 1
- rs_temp.MoveNext
- Wend
-
- rs_temp.Close
- Set rs_temp = Nothing
-
- ' Cache it
- Application.Lock
- Application(cacheKey) = resultArray
- Application(cacheKey & "_time") = Now()
- Application.Unlock
-
- GetSupportTeamsCached = resultArray
-End Function
-
-' Render dropdown options from cached support team data
-Function RenderSupportTeamOptions(selectedID)
- Dim teams, output, i
- teams = GetSupportTeamsCached()
- output = ""
-
- On Error Resume Next
- If Not IsArray(teams) Or UBound(teams) < 0 Then
- RenderSupportTeamOptions = ""
- Exit Function
- End If
- On Error Goto 0
-
- For i = 0 To UBound(teams)
- If CLng(teams(i, 0)) = CLng(selectedID) Then
- output = output & ""
- Else
- output = output & ""
- End If
- Next
-
- RenderSupportTeamOptions = output
-End Function
-
-' Clear dropdown cache (call after adding/editing vendors or models)
-Sub ClearDropdownCache()
- Application.Lock
- Application("dropdown_printer_vendors") = Empty
- Application("dropdown_printer_vendors_time") = Empty
- Application("dropdown_printer_models") = Empty
- Application("dropdown_printer_models_time") = Empty
- Application("dropdown_support_teams") = Empty
- Application("dropdown_support_teams_time") = Empty
- Application.Unlock
-End Sub
-
-' Clear list cache (call after adding/editing printers)
-Sub ClearListCache()
- Application.Lock
- Application("list_printers") = Empty
- Application("list_printers_time") = Empty
- Application.Unlock
-End Sub
-
-' Clear ALL data cache
-Sub ClearAllDataCache()
- Dim key, keysToRemove(), count, i
- count = 0
-
- ' First pass: collect keys to remove
- ReDim keysToRemove(100) ' Initial size
- For Each key In Application.Contents
- If Left(key, 9) = "dropdown_" Or Left(key, 5) = "list_" Then
- keysToRemove(count) = key
- count = count + 1
- If count Mod 100 = 0 Then
- ReDim Preserve keysToRemove(count + 100)
- End If
- End If
- Next
-
- ' Second pass: remove collected keys
- Application.Lock
- For i = 0 To count - 1
- Application.Contents.Remove(keysToRemove(i))
- Next
- Application.Unlock
-End Sub
-
-' Get cache stats
-Function GetCacheStats()
- Dim stats, key, count
- count = 0
-
- For Each key In Application.Contents
- If Left(key, 9) = "dropdown_" Or Left(key, 5) = "list_" Or Left(key, 7) = "zabbix_" Then
- If Right(key, 5) <> "_time" And Right(key, 11) <> "_refreshing" Then
- count = count + 1
- End If
- End If
- Next
-
- stats = "Cached items: " & count
- GetCacheStats = stats
-End Function
-%>
diff --git a/includes/sql.asp.production b/includes/sql.asp.production
deleted file mode 100644
index 674ede7..0000000
--- a/includes/sql.asp.production
+++ /dev/null
@@ -1,8 +0,0 @@
-<%
- ' objConn - script-global connection object (no Dim for global scope)
- Session.Timeout=15
- Set objConn=Server.CreateObject("ADODB.Connection")
- objConn.ConnectionString="DSN=shopdb;Uid=root;Pwd=WJF11sql;Option=3;Pooling=True;Max Pool Size=100;"
- objConn.Open
- set rs = server.createobject("ADODB.Recordset")
-%>
\ No newline at end of file
diff --git a/includes/wjf_employees-sql.asp.produciton b/includes/wjf_employees-sql.asp.produciton
deleted file mode 100644
index 889f105..0000000
--- a/includes/wjf_employees-sql.asp.produciton
+++ /dev/null
@@ -1,8 +0,0 @@
-<%
- Dim objConn
- Session.Timeout=15
- Set objConn=Server.CreateObject("ADODB.Connection")
- objConn.ConnectionString="DSN=wjf_employees;Uid=root;Pwd=WJF11sql;Option=3;Pooling=True;Max Pool Size=100;"
- objConn.Open
- set rs = server.createobject("ADODB.Recordset")
-%>
\ No newline at end of file
diff --git a/includes/zabbix_cached.asp.backup-20251113-064547 b/includes/zabbix_cached.asp.backup-20251113-064547
deleted file mode 100644
index 6a5c735..0000000
--- a/includes/zabbix_cached.asp.backup-20251113-064547
+++ /dev/null
@@ -1,130 +0,0 @@
-<%
-' Cached Zabbix API wrapper with background refresh
-' Include the base zabbix.asp functions
-%>
-
-<%
-
-' Main cached function - returns data immediately, refreshes in background if stale
-Function GetPrinterDataCached(hostIP)
- Dim cacheKey, cacheAge, forceRefresh
- cacheKey = "zabbix_" & hostIP
-
- ' Check if manual refresh was requested
- forceRefresh = (Request.QueryString("refresh") = "1" And Request.QueryString("ip") = hostIP)
-
- If forceRefresh Then
- ' Clear cache for manual refresh
- Application.Lock
- Application(cacheKey) = Empty
- Application(cacheKey & "_time") = Empty
- Application(cacheKey & "_refreshing") = "false"
- Application.Unlock
- End If
-
- ' Check if cache exists
- If Not IsEmpty(Application(cacheKey)) And Not forceRefresh Then
- cacheAge = DateDiff("n", Application(cacheKey & "_time"), Now())
-
- ' If cache is stale (>5 min) AND not already refreshing, trigger background update
- If cacheAge >= 5 And Application(cacheKey & "_refreshing") <> "true" Then
- ' Mark as refreshing
- Application.Lock
- Application(cacheKey & "_refreshing") = "true"
- Application.Unlock
-
- ' Trigger async background refresh (non-blocking)
- On Error Resume Next
- Dim http
- Set http = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
- ' True = async (doesn't block user)
- http.Open "GET", "http://localhost/refresh_zabbix_cache.asp?ip=" & Server.URLEncode(hostIP), True
- http.Send
- Set http = Nothing
- On Error Goto 0
- End If
-
- ' Return cached data immediately (user doesn't wait)
- GetPrinterDataCached = Application(cacheKey)
- Exit Function
- End If
-
- ' No cache exists - fetch initial data (first time only, or after manual refresh)
- Dim freshData, zabbixConnected, pingStatus, tonerJSON
-
- zabbixConnected = ZabbixLogin()
-
- If zabbixConnected = "1" Then
- pingStatus = GetPrinterPingStatus(hostIP)
- tonerJSON = GetPrinterTonerLevels(hostIP)
- Else
- pingStatus = "-1"
- tonerJSON = ""
- End If
-
- ' Store as array: [connected, pingStatus, tonerJSON]
- Dim resultData(2)
- resultData(0) = zabbixConnected
- resultData(1) = pingStatus
- resultData(2) = tonerJSON
-
- ' Cache the result
- Application.Lock
- Application(cacheKey) = resultData
- Application(cacheKey & "_time") = Now()
- Application(cacheKey & "_refreshing") = "false"
- Application.Unlock
-
- GetPrinterDataCached = resultData
-End Function
-
-' Helper function to get cache age (for display purposes)
-Function GetCacheAge(hostIP)
- Dim cacheKey, cacheTime
- cacheKey = "zabbix_" & hostIP
-
- If IsEmpty(Application(cacheKey & "_time")) Then
- GetCacheAge = -1
- Exit Function
- End If
-
- GetCacheAge = DateDiff("s", Application(cacheKey & "_time"), Now())
-End Function
-
-' Clear cache for a specific printer (called by manual refresh)
-Sub ClearPrinterCache(hostIP)
- Dim cacheKey
- cacheKey = "zabbix_" & hostIP
-
- Application.Lock
- Application(cacheKey) = Empty
- Application(cacheKey & "_time") = Empty
- Application(cacheKey & "_refreshing") = "false"
- Application.Unlock
-End Sub
-
-' Clear all Zabbix cache (admin function)
-Sub ClearAllZabbixCache()
- Dim key, keysToRemove(), count, i
- count = 0
-
- ' First pass: collect keys to remove
- ReDim keysToRemove(100) ' Initial size
- For Each key In Application.Contents
- If Left(key, 7) = "zabbix_" Then
- keysToRemove(count) = key
- count = count + 1
- If count Mod 100 = 0 Then
- ReDim Preserve keysToRemove(count + 100)
- End If
- End If
- Next
-
- ' Second pass: remove collected keys
- Application.Lock
- For i = 0 To count - 1
- Application.Contents.Remove(keysToRemove(i))
- Next
- Application.Unlock
-End Sub
-%>
diff --git a/listpcs.asp b/listpcs.asp
deleted file mode 100644
index 8901cc6..0000000
--- a/listpcs.asp
+++ /dev/null
@@ -1,297 +0,0 @@
-<%' Cache buster: 20251110-1430 %>
-
-
-
-
-
-
-
-<%
- theme = Request.Cookies("theme")
- IF theme = "" THEN
- theme="bg-theme1"
- END IF
-%>
-
-
-
-
")
- Response.Write("Go back")
- objConn.Close
- Response.End
-End If
-
-' Validate field lengths
-If Len(deviceName) > 100 Or Len(description) > 255 Then
- Response.Write("
Error: Field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
-End If
-
-' Handle NULL values for optional numeric fields
-If maptop = "" Or Not IsNumeric(maptop) Then maptop = "NULL" Else maptop = CLng(maptop)
-If mapleft = "" Or Not IsNumeric(mapleft) Then mapleft = "NULL" Else mapleft = CLng(mapleft)
-
-' Escape single quotes for SQL
-deviceName = Replace(deviceName, "'", "''")
-description = Replace(description, "'", "''")
-
-' Build SQL based on device type
-Dim strSQL
-
-If deviceType = "idf" Then
- ' IDF - no model/vendor
- If deviceId = "0" Then
- ' INSERT
- strSQL = "INSERT INTO idfs (idfname, description, maptop, mapleft, isactive) " & _
- "VALUES ('" & deviceName & "', '" & description & "', " & maptop & ", " & mapleft & ", " & isactiveForm & ")"
- Else
- ' UPDATE
- strSQL = "UPDATE idfs SET " & _
- "idfname = '" & deviceName & "', " & _
- "description = '" & description & "', " & _
- "maptop = " & maptop & ", " & _
- "mapleft = " & mapleft & ", " & _
- "isactive = " & isactiveForm & " " & _
- "WHERE idfid = " & deviceId
- End If
-
-ElseIf deviceType = "server" Or deviceType = "switch" Or deviceType = "accesspoint" Then
- ' Server/Switch/Access Point - has modelid but NO idfid
- Dim modelid, serialnumber, ipaddress
- modelid = Trim(Request.Form("modelid"))
- serialnumber = Trim(Request.Form("serialnumber"))
- ipaddress = Trim(Request.Form("ipaddress"))
-
- ' Handle new model creation
- If modelid = "new" Then
- Dim newmodelnumber, newvendorid, newmodelnotes, newmodeldocpath, newvendorname
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelnotes = Trim(Request.Form("newmodelnotes"))
- newmodeldocpath = Trim(Request.Form("newmodeldocpath"))
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields for new model
- If newmodelnumber = "" Then
- Response.Write("
Error: Model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If newvendorid = "" Then
- Response.Write("
Error: Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If newvendorname = "" Then
- Response.Write("
Error: Vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape and insert new vendor
- Dim escapedVendorName, sqlNewVendor
- escapedVendorName = Replace(newvendorname, "'", "''")
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive) VALUES ('" & escapedVendorName & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
- If Err.Number <> 0 Then
- Response.Write("
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get newly created IDF ID
- Dim rsNewIdfCamera
- Set rsNewIdfCamera = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- cameraIdfid = CLng(rsNewIdfCamera("newid"))
- rsNewIdfCamera.Close
- Set rsNewIdfCamera = Nothing
- On Error Goto 0
- End If
-
- ' Validate required idfid for cameras
- If cameraIdfid = "" Or Not IsNumeric(cameraIdfid) Or CLng(cameraIdfid) < 1 Then
- Response.Write("
Error: IDF location is required for cameras
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new model creation for camera
- If cameraModelid = "new" Then
- Dim cameraNewmodelnumber, cameraNewvendorid, cameraNewmodelnotes, cameraNewmodeldocpath, cameraNewvendorname
- cameraNewmodelnumber = Trim(Request.Form("newmodelnumber"))
- cameraNewvendorid = Trim(Request.Form("newvendorid"))
- cameraNewmodelnotes = Trim(Request.Form("newmodelnotes"))
- cameraNewmodeldocpath = Trim(Request.Form("newmodeldocpath"))
- cameraNewvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields for new model
- If cameraNewmodelnumber = "" Then
- Response.Write("
Error: Model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If cameraNewvendorid = "" Then
- Response.Write("
Error: Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If cameraNewvendorid = "new" Then
- If cameraNewvendorname = "" Then
- Response.Write("
Error: Vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape and insert new vendor
- Dim cameraEscapedVendorName, cameraSqlNewVendor
- cameraEscapedVendorName = Replace(cameraNewvendorname, "'", "''")
- cameraSqlNewVendor = "INSERT INTO vendors (vendor, isactive) VALUES ('" & cameraEscapedVendorName & "', 1)"
-
- On Error Resume Next
- objConn.Execute cameraSqlNewVendor
- If Err.Number <> 0 Then
- Response.Write("
")
- Response.Write("Go back")
- objConn.Close
- Response.End
-End If
-On Error Goto 0
-
-' Success - redirect to list
-objConn.Close
-Response.Redirect(redirectUrl)
-%>
diff --git a/saveapplication_direct.asp.backup-20251027 b/saveapplication_direct.asp.backup-20251027
deleted file mode 100644
index 3c426e9..0000000
--- a/saveapplication_direct.asp.backup-20251027
+++ /dev/null
@@ -1,248 +0,0 @@
-
-<%
-' Get all form data
-Dim appname, appdescription, supportteamid
-Dim applicationnotes, installpath, applicationlink, documentationpath, image
-Dim isinstallable, isactive, ishidden, isprinter, islicenced
-Dim newsupportteamname, newsupportteamurl, newappownerid
-
-appname = Trim(Request.Form("appname"))
-appdescription = Trim(Request.Form("appdescription"))
-supportteamid = Trim(Request.Form("supportteamid"))
-applicationnotes = Trim(Request.Form("applicationnotes"))
-installpath = Trim(Request.Form("installpath"))
-applicationlink = Trim(Request.Form("applicationlink"))
-documentationpath = Trim(Request.Form("documentationpath"))
-image = Trim(Request.Form("image"))
-
-' New support team fields
-newsupportteamname = Trim(Request.Form("newsupportteamname"))
-newsupportteamurl = Trim(Request.Form("newsupportteamurl"))
-newappownerid = Trim(Request.Form("newappownerid"))
-
-' Checkboxes
-If Request.Form("isinstallable") = "1" Then isinstallable = 1 Else isinstallable = 0
-If Request.Form("isactive") = "1" Then isactive = 1 Else isactive = 0
-If Request.Form("ishidden") = "1" Then ishidden = 1 Else ishidden = 0
-If Request.Form("isprinter") = "1" Then isprinter = 1 Else isprinter = 0
-If Request.Form("islicenced") = "1" Then islicenced = 1 Else islicenced = 0
-
-' Basic validation
-If Len(appname) < 1 Or Len(appname) > 50 Then
- Response.Write("Error: Application name must be 1-50 characters")
- objConn.Close
- Response.End
-End If
-
-' Validate support team is selected
-If supportteamid = "" Then
- Response.Write("
Error: Please select a support team.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
-End If
-
-' Check if we need to create a new support team first
-If supportteamid = "new" Then
- If newsupportteamname = "" Then
- Response.Write("
Error: Support team name is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newsupportteamname) > 50 Then
- Response.Write("
Error: Support team name too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes for support team name and URL
- Dim escapedTeamName, escapedTeamUrl
- escapedTeamName = Replace(newsupportteamname, "'", "''")
- escapedTeamUrl = Replace(newsupportteamurl, "'", "''")
-
- ' Check if support team already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM supportteams WHERE LOWER(teamname) = LOWER('" & escapedTeamName & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck.EOF Then
- rsCheck.Close
- Response.Write("
Error: Database query failed.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Response.Write("
Error: Support team '" & Server.HTMLEncode(newsupportteamname) & "' already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Check if we need to create a new app owner first (nested creation)
- If newappownerid = "new" Then
- Dim newappownername, newappownersso
- newappownername = Trim(Request.Form("newappownername"))
- newappownersso = Trim(Request.Form("newappownersso"))
-
- If newappownername = "" Or newappownersso = "" Then
- Response.Write("
Error: App owner name and SSO are required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newappownername) > 50 Or Len(newappownersso) > 50 Then
- Response.Write("
Error: App owner name or SSO too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- Dim escapedOwnerName, escapedSSO
- escapedOwnerName = Replace(newappownername, "'", "''")
- escapedSSO = Replace(newappownersso, "'", "''")
-
- ' Check if app owner already exists
- checkSQL = "SELECT COUNT(*) as cnt FROM appowners WHERE LOWER(appowner) = LOWER('" & escapedOwnerName & "') OR LOWER(sso) = LOWER('" & escapedSSO & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck.EOF Then
- rsCheck.Close
- Response.Write("
Error: Database query failed (app owner check).
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Response.Write("
Error: App owner with this name or SSO already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Insert new app owner
- Dim ownerSQL
- ownerSQL = "INSERT INTO appowners (appowner, sso, isactive) VALUES ('" & escapedOwnerName & "', '" & escapedSSO & "', 1)"
-
- On Error Resume Next
- objConn.Execute ownerSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating app owner: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new app owner ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newappownerid = rsCheck("newid")
- rsCheck.Close
- Else
- ' Validate existing app owner ID
- If Not IsNumeric(newappownerid) Or CLng(newappownerid) < 1 Then
- Response.Write("
Error: Invalid app owner.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
-
- ' Insert new support team
- Dim teamSQL
- teamSQL = "INSERT INTO supportteams (teamname, teamurl, appownerid, isactive) VALUES ('" & escapedTeamName & "', '" & escapedTeamUrl & "', " & newappownerid & ", 1)"
-
- On Error Resume Next
- objConn.Execute teamSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating support team: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new support team ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- supportteamid = rsCheck("newid")
- rsCheck.Close
-Else
- ' Validate existing support team ID
- If Not IsNumeric(supportteamid) Or CLng(supportteamid) < 1 Then
- Response.Write("
Error: Invalid support team ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-End If
-
-' Escape backslashes and single quotes for SQL
-' Must escape backslashes FIRST, then quotes
-appname = Replace(appname, "\", "\\")
-appname = Replace(appname, "'", "''")
-appdescription = Replace(appdescription, "\", "\\")
-appdescription = Replace(appdescription, "'", "''")
-applicationnotes = Replace(applicationnotes, "\", "\\")
-applicationnotes = Replace(applicationnotes, "'", "''")
-installpath = Replace(installpath, "\", "\\")
-installpath = Replace(installpath, "'", "''")
-applicationlink = Replace(applicationlink, "\", "\\")
-applicationlink = Replace(applicationlink, "'", "''")
-documentationpath = Replace(documentationpath, "\", "\\")
-documentationpath = Replace(documentationpath, "'", "''")
-image = Replace(image, "\", "\\")
-image = Replace(image, "'", "''")
-
-' Build INSERT statement
-Dim strSQL
-strSQL = "INSERT INTO applications (" & _
- "appname, appdescription, supportteamid, applicationnotes, " & _
- "installpath, applicationlink, documentationpath, image, " & _
- "isinstallable, isactive, ishidden, isprinter, islicenced" & _
- ") VALUES (" & _
- "'" & appname & "', " & _
- "'" & appdescription & "', " & _
- supportteamid & ", " & _
- "'" & applicationnotes & "', " & _
- "'" & installpath & "', " & _
- "'" & applicationlink & "', " & _
- "'" & documentationpath & "', " & _
- "'" & image & "', " & _
- isinstallable & ", " & _
- isactive & ", " & _
- ishidden & ", " & _
- isprinter & ", " & _
- islicenced & ")"
-
-On Error Resume Next
-objConn.Execute strSQL
-
-If Err.Number <> 0 Then
- Response.Write("Error: " & Err.Description)
- objConn.Close
- Response.End
-End If
-
-' Get the new application ID
-Dim rsNew
-Set rsNew = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
-Dim newAppId
-newAppId = rsNew("newid")
-rsNew.Close
-Set rsNew = Nothing
-
-objConn.Close
-
-If newAppId > 0 Then
- Response.Redirect("displayapplication.asp?appid=" & newAppId)
-Else
- Response.Write("Error: Could not retrieve new application ID")
-End If
-%>
diff --git a/savedevice_direct.asp.backup-20251027 b/savedevice_direct.asp.backup-20251027
deleted file mode 100644
index 7171986..0000000
--- a/savedevice_direct.asp.backup-20251027
+++ /dev/null
@@ -1,55 +0,0 @@
-
-<%
- ' Get the serial number from the form
- Dim serialnumber
- serialnumber = Trim(Request.Form("serialnumber"))
-
- ' Basic validation - serial number should not be empty and should be alphanumeric-ish
- If serialnumber = "" Or Len(serialnumber) < 3 Or Len(serialnumber) > 100 Then
- objConn.Close
- Response.Redirect("./adddevice.asp?error=INVALID_SERIAL")
- Response.End
- End If
-
- ' Escape quotes
- serialnumber = Replace(serialnumber, "'", "''")
-
- ' Check if serial number already exists
- Dim checkSQL, rsCheck, existingPCID
- checkSQL = "SELECT pcid FROM pc WHERE serialnumber = '" & serialnumber & "'"
- Set rsCheck = objConn.Execute(checkSQL)
-
- If Not rsCheck.EOF Then
- ' Serial number already exists - redirect to edit page
- existingPCID = rsCheck("pcid")
- rsCheck.Close
- objConn.Close
- Response.Redirect("./editdevice.asp?pcid=" & existingPCID & "&scanned=1")
- Response.End
- End If
-
- rsCheck.Close
-
- ' Insert new device with minimal required fields and defaults
- ' pcstatusid = 2 (Inventory)
- ' isactive = 1
- ' modelnumberid = 1 (default model)
- ' requires_manual_machine_config = 0 (no manual config needed)
- ' osid = 1 (default OS)
- ' machinenumber = 'IT Closet' (default location for new devices)
- Dim insertSQL
- insertSQL = "INSERT INTO pc (serialnumber, pcstatusid, isactive, modelnumberid, requires_manual_machine_config, osid, machinenumber, dateadded) " & _
- "VALUES ('" & serialnumber & "', 2, 1, 1, 0, 1, 'IT Closet', NOW())"
-
- On Error Resume Next
- objConn.Execute insertSQL
-
- If Err.Number = 0 Then
- objConn.Close
- ' Success - redirect back with success message
- Response.Redirect("./adddevice.asp?added=" & Server.URLEncode(Request.Form("serialnumber")))
- Else
- objConn.Close
- Response.Redirect("./adddevice.asp?error=db")
- End If
-%>
diff --git a/savemachine.asp.backup-refactor-20251027 b/savemachine.asp.backup-refactor-20251027
deleted file mode 100644
index 58b98ba..0000000
--- a/savemachine.asp.backup-refactor-20251027
+++ /dev/null
@@ -1,180 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-<%
- ' Initialize error handling
- Call InitializeErrorHandling("savemachine.asp")
-
- ' Get and validate all inputs
- Dim machinenumber, modelid, machinetypeid, businessunitid, alias, machinenotes, mapleft, maptop
- machinenumber = Trim(Request.Form("machinenumber"))
- modelid = Trim(Request.Form("modelid"))
- machinetypeid = Trim(Request.Form("machinetypeid"))
- businessunitid = Trim(Request.Form("businessunitid"))
- alias = Trim(Request.Form("alias"))
- machinenotes = Trim(Request.Form("machinenotes"))
- mapleft = Trim(Request.Form("mapleft"))
- maptop = Trim(Request.Form("maptop"))
-
- ' Validate required fields
- If machinenumber = "" Then
- Call HandleValidationError("addmachine.asp", "INVALID_INPUT")
- End If
-
- If Not ValidateID(modelid) Then
- Call HandleValidationError("addmachine.asp", "INVALID_ID")
- End If
-
- If Not ValidateID(machinetypeid) Then
- Call HandleValidationError("addmachine.asp", "INVALID_ID")
- End If
-
- If Not ValidateID(businessunitid) Then
- Call HandleValidationError("addmachine.asp", "INVALID_ID")
- End If
-
- ' Validate field lengths
- If Len(machinenumber) > 50 Then
- Call HandleValidationError("addmachine.asp", "INVALID_INPUT")
- End If
-
- If Len(alias) > 50 Then
- Call HandleValidationError("addmachine.asp", "INVALID_INPUT")
- End If
-
- ' machinenotes is TEXT field, no length validation needed
-
- ' Check if machine number already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM machines WHERE machinenumber = ?"
- Set rsCheck = ExecuteParameterizedQuery(objConn, checkSQL, Array(machinenumber))
- If Not rsCheck.EOF Then
- If Not IsNull(rsCheck("cnt")) Then
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Response.Write("
Error: Machine number '" & Server.HTMLEncode(machinenumber) & "' already exists.
")
- Response.Write("Go back")
- Call CleanupResources()
- Response.End
- End If
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Build INSERT statement with parameterized query
- Dim params, paramList
- strSQL = "INSERT INTO machines (machinenumber, modelnumberid, machinetypeid, businessunitid"
-
- ' Add optional fields to SQL
- If alias <> "" Then
- strSQL = strSQL & ", alias"
- End If
- If machinenotes <> "" Then
- strSQL = strSQL & ", machinenotes"
- End If
- If mapleft <> "" And maptop <> "" Then
- If IsNumeric(mapleft) And IsNumeric(maptop) Then
- strSQL = strSQL & ", mapleft, maptop"
- End If
- End If
-
- strSQL = strSQL & ", isactive, islocationonly) VALUES (?, ?, ?, ?"
-
- ' Build param list dynamically
- Dim paramCount
- paramCount = 4 ' Start with 4 required params
-
- ' Count optional params
- If alias <> "" Then paramCount = paramCount + 1
- If machinenotes <> "" Then paramCount = paramCount + 1
- If mapleft <> "" And maptop <> "" Then
- If IsNumeric(mapleft) And IsNumeric(maptop) Then
- paramCount = paramCount + 2
- End If
- End If
- paramCount = paramCount + 2 ' For isactive and islocationonly
-
- ' Initialize array with correct size
- ReDim paramList(paramCount - 1)
- Dim paramIndex
- paramIndex = 0
-
- ' Add required fields
- paramList(paramIndex) = machinenumber
- paramIndex = paramIndex + 1
- paramList(paramIndex) = modelid
- paramIndex = paramIndex + 1
- paramList(paramIndex) = machinetypeid
- paramIndex = paramIndex + 1
- paramList(paramIndex) = businessunitid
- paramIndex = paramIndex + 1
-
- ' Add optional fields to param list
- If alias <> "" Then
- strSQL = strSQL & ", ?"
- paramList(paramIndex) = alias
- paramIndex = paramIndex + 1
- End If
- If machinenotes <> "" Then
- strSQL = strSQL & ", ?"
- paramList(paramIndex) = machinenotes
- paramIndex = paramIndex + 1
- End If
- If mapleft <> "" And maptop <> "" Then
- If IsNumeric(mapleft) And IsNumeric(maptop) Then
- strSQL = strSQL & ", ?, ?"
- paramList(paramIndex) = mapleft
- paramIndex = paramIndex + 1
- paramList(paramIndex) = maptop
- paramIndex = paramIndex + 1
- End If
- End If
-
- ' Add isactive and islocationonly values
- strSQL = strSQL & ", ?, ?)"
- paramList(paramIndex) = 1 ' isactive = 1
- paramIndex = paramIndex + 1
- paramList(paramIndex) = 0 ' islocationonly = 0
-
- ' Execute parameterized insert
- Dim recordsAffected
- recordsAffected = ExecuteParameterizedInsert(objConn, strSQL, paramList)
-
- ' Get the new machine ID
- Dim newMachineId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newMachineId = 0
- If Not rsCheck.EOF Then
- If Not IsNull(rsCheck("newid")) Then
- newMachineId = CLng(rsCheck("newid"))
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Cleanup resources
- Call CleanupResources()
-
- ' Redirect to display page
- If recordsAffected > 0 And newMachineId > 0 Then
-%>
-
-<%
- Else
- Response.Write("Error: Machine was not added successfully.")
- End If
-%>
-
-<%
- ' Get and validate all inputs
- Dim machinenumber, modelid, machinetypeid, businessunitid, alias, machinenotes, mapleft, maptop
- machinenumber = Trim(Request.Form("machinenumber"))
- modelid = Trim(Request.Form("modelid"))
- machinetypeid = Trim(Request.Form("machinetypeid"))
- businessunitid = Trim(Request.Form("businessunitid"))
- alias = Trim(Request.Form("alias"))
- machinenotes = Trim(Request.Form("machinenotes"))
- mapleft = Trim(Request.Form("mapleft"))
- maptop = Trim(Request.Form("maptop"))
-
- ' Get form inputs for new business unit
- Dim newbusinessunit
- newbusinessunit = Trim(Request.Form("newbusinessunit"))
-
- ' Get form inputs for new machine type
- Dim newmachinetype, newmachinedescription, newfunctionalaccountid
- newmachinetype = Trim(Request.Form("newmachinetype"))
- newmachinedescription = Trim(Request.Form("newmachinedescription"))
- newfunctionalaccountid = Trim(Request.Form("newfunctionalaccountid"))
-
- ' Get form inputs for new functional account
- Dim newfunctionalaccount
- newfunctionalaccount = Trim(Request.Form("newfunctionalaccount"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelimage
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelimage = Trim(Request.Form("newmodelimage"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields
- If machinenumber = "" Then
- Response.Write("
Error: Machine number is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate ID fields - allow "new" as a valid value
- If modelid <> "new" And Not IsNumeric(modelid) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If machinetypeid <> "new" And Not IsNumeric(machinetypeid) Then
- Response.Write("
Error: Invalid machine type ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If businessunitid <> "new" And Not IsNumeric(businessunitid) Then
- Response.Write("
Error: Invalid business unit ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths
- If Len(machinenumber) > 50 Or Len(alias) > 50 Then
- Response.Write("
Error: Field length exceeded.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Check if machine number already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM machines WHERE machinenumber = '" & Replace(machinenumber, "'", "''") & "'"
- Set rsCheck = objConn.Execute(checkSQL)
- If Not rsCheck.EOF Then
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Response.Write("
Error: Machine number '" & Server.HTMLEncode(machinenumber) & "' already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Handle new business unit creation
- If businessunitid = "new" Then
- If Len(newbusinessunit) = 0 Then
- Response.Write("
New business unit name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newbusinessunit) > 50 Then
- Response.Write("
Business unit name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedBUName
- escapedBUName = Replace(newbusinessunit, "'", "''")
-
- ' Insert new business unit
- Dim sqlNewBU
- sqlNewBU = "INSERT INTO businessunits (businessunit, isactive) VALUES ('" & escapedBUName & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewBU
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new business unit: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created business unit ID
- Dim rsNewBU
- Set rsNewBU = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- businessunitid = CLng(rsNewBU("newid"))
- rsNewBU.Close
- Set rsNewBU = Nothing
- On Error Goto 0
- End If
-
- ' Handle new machine type creation
- If machinetypeid = "new" Then
- If Len(newmachinetype) = 0 Then
- Response.Write("
New machine type name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccountid) = 0 Then
- Response.Write("
Functional account is required for new machine type
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmachinetype) > 50 Or Len(newmachinedescription) > 255 Then
- Response.Write("
Machine type field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new functional account creation (nested)
- If newfunctionalaccountid = "new" Then
- If Len(newfunctionalaccount) = 0 Then
- Response.Write("
New functional account name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccount) > 50 Then
- Response.Write("
Functional account name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedFAName
- escapedFAName = Replace(newfunctionalaccount, "'", "''")
-
- ' Insert new functional account
- Dim sqlNewFA
- sqlNewFA = "INSERT INTO functionalaccounts (functionalaccount, isactive) VALUES ('" & escapedFAName & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewFA
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new functional account: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created functional account ID
- Dim rsNewFA
- Set rsNewFA = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newfunctionalaccountid = CLng(rsNewFA("newid"))
- rsNewFA.Close
- Set rsNewFA = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes
- Dim escapedMTName, escapedMTDesc
- escapedMTName = Replace(newmachinetype, "'", "''")
- escapedMTDesc = Replace(newmachinedescription, "'", "''")
-
- ' Insert new machine type
- Dim sqlNewMT
- sqlNewMT = "INSERT INTO machinetypes (machinetype, machinedescription, functionalaccountid, isactive) " & _
- "VALUES ('" & escapedMTName & "', '" & escapedMTDesc & "', " & newfunctionalaccountid & ", 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewMT
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new machine type: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created machine type ID
- Dim rsNewMT
- Set rsNewMT = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- machinetypeid = CLng(rsNewMT("newid"))
- rsNewMT.Close
- Set rsNewMT = Nothing
- On Error Goto 0
- End If
-
- ' Handle new model creation
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Or Len(newmodelimage) > 100 Then
- Response.Write("
Model field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Vendor name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with ismachine=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) " & _
- "VALUES ('" & escapedVendorName & "', 1, 0, 0, 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber, escapedModelImage
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
- escapedModelImage = Replace(newmodelimage, "'", "''")
-
- ' Set default image if not specified
- If escapedModelImage = "" Then
- escapedModelImage = "default.png"
- End If
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, image, isactive) " & _
- "VALUES ('" & escapedModelNumber & "', " & newvendorid & ", '" & escapedModelImage & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes
- machinenumber = Replace(machinenumber, "'", "''")
- alias = Replace(alias, "'", "''")
- machinenotes = Replace(machinenotes, "'", "''")
-
- ' Build INSERT statement
- Dim strSQL, fields, values
- fields = "machinenumber, modelnumberid, machinetypeid, businessunitid"
- values = "'" & machinenumber & "', " & modelid & ", " & machinetypeid & ", " & businessunitid
-
- If alias <> "" Then
- fields = fields & ", alias"
- values = values & ", '" & alias & "'"
- End If
-
- If machinenotes <> "" Then
- fields = fields & ", machinenotes"
- values = values & ", '" & machinenotes & "'"
- End If
-
- If mapleft <> "" And maptop <> "" And IsNumeric(mapleft) And IsNumeric(maptop) Then
- fields = fields & ", mapleft, maptop"
- values = values & ", " & mapleft & ", " & maptop
- End If
-
- fields = fields & ", isactive, islocationonly"
- values = values & ", 1, 0"
-
- strSQL = "INSERT INTO machines (" & fields & ") VALUES (" & values & ")"
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new machine ID
- Dim newMachineId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newMachineId = CLng(rsCheck("newid"))
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Link selected PC to this machine by updating its machinenumber field
- Dim pcid, updatePCSQL
- pcid = Trim(Request.Form("pcid"))
-
- If pcid <> "" And IsNumeric(pcid) And CLng(pcid) > 0 Then
- updatePCSQL = "UPDATE pc SET machinenumber = '" & machinenumber & "' WHERE pcid = " & CLng(pcid)
- On Error Resume Next
- objConn.Execute updatePCSQL
- On Error Goto 0
- End If
-
- objConn.Close
-
- If CLng(newMachineId) > 0 Then
-%>
-
-<%
- Else
- Response.Write("Error: Machine was not added successfully.")
- End If
-%>
-
-<%
- ' Get and validate all inputs
- Dim machinenumber, modelid, machinetypeid, businessunitid, alias, machinenotes, mapleft, maptop
- machinenumber = Trim(Request.Form("machinenumber"))
- modelid = Trim(Request.Form("modelid"))
- machinetypeid = Trim(Request.Form("machinetypeid"))
- businessunitid = Trim(Request.Form("businessunitid"))
- alias = Trim(Request.Form("alias"))
- machinenotes = Trim(Request.Form("machinenotes"))
- mapleft = Trim(Request.Form("mapleft"))
- maptop = Trim(Request.Form("maptop"))
-
- ' Get form inputs for new business unit
- Dim newbusinessunit
- newbusinessunit = Trim(Request.Form("newbusinessunit"))
-
- ' Get form inputs for new machine type
- Dim newmachinetype, newmachinedescription, newfunctionalaccountid
- newmachinetype = Trim(Request.Form("newmachinetype"))
- newmachinedescription = Trim(Request.Form("newmachinedescription"))
- newfunctionalaccountid = Trim(Request.Form("newfunctionalaccountid"))
-
- ' Get form inputs for new functional account
- Dim newfunctionalaccount
- newfunctionalaccount = Trim(Request.Form("newfunctionalaccount"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelimage
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelimage = Trim(Request.Form("newmodelimage"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields
- If machinenumber = "" Then
- Response.Write("
Error: Machine number is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate ID fields - allow "new" as a valid value
- If modelid <> "new" And Not IsNumeric(modelid) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If machinetypeid <> "new" And Not IsNumeric(machinetypeid) Then
- Response.Write("
Error: Invalid machine type ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If businessunitid <> "new" And Not IsNumeric(businessunitid) Then
- Response.Write("
Error: Invalid business unit ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths
- If Len(machinenumber) > 50 Or Len(alias) > 50 Then
- Response.Write("
Error: Field length exceeded.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Check if machine number already exists
- Dim checkSQL, rsCheck, cmdCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM machines WHERE machinenumber = ?"
- Set cmdCheck = Server.CreateObject("ADODB.Command")
- cmdCheck.ActiveConnection = objConn
- cmdCheck.CommandText = checkSQL
- cmdCheck.CommandType = 1
- cmdCheck.Parameters.Append cmdCheck.CreateParameter("@machinenumber", 200, 1, 50, machinenumber)
- Set rsCheck = cmdCheck.Execute
- If Not rsCheck.EOF Then
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Set cmdCheck = Nothing
- Response.Write("
Error: Machine number '" & Server.HTMLEncode(machinenumber) & "' already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
- Set cmdCheck = Nothing
-
- ' Handle new business unit creation
- If businessunitid = "new" Then
- If Len(newbusinessunit) = 0 Then
- Response.Write("
New business unit name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newbusinessunit) > 50 Then
- Response.Write("
Business unit name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new business unit using parameterized query
- Dim sqlNewBU, cmdNewBU
- sqlNewBU = "INSERT INTO businessunits (businessunit, isactive) VALUES (?, 1)"
- Set cmdNewBU = Server.CreateObject("ADODB.Command")
- cmdNewBU.ActiveConnection = objConn
- cmdNewBU.CommandText = sqlNewBU
- cmdNewBU.CommandType = 1
- cmdNewBU.Parameters.Append cmdNewBU.CreateParameter("@businessunit", 200, 1, 50, newbusinessunit)
-
- On Error Resume Next
- cmdNewBU.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new business unit: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdNewBU = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created business unit ID
- Dim rsNewBU
- Set rsNewBU = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- businessunitid = CLng(rsNewBU("newid"))
- rsNewBU.Close
- Set rsNewBU = Nothing
- Set cmdNewBU = Nothing
- On Error Goto 0
- End If
-
- ' Handle new machine type creation
- If machinetypeid = "new" Then
- If Len(newmachinetype) = 0 Then
- Response.Write("
New machine type name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccountid) = 0 Then
- Response.Write("
Functional account is required for new machine type
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmachinetype) > 50 Or Len(newmachinedescription) > 255 Then
- Response.Write("
Machine type field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new functional account creation (nested)
- If newfunctionalaccountid = "new" Then
- If Len(newfunctionalaccount) = 0 Then
- Response.Write("
New functional account name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newfunctionalaccount) > 50 Then
- Response.Write("
Functional account name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new functional account using parameterized query
- Dim sqlNewFA, cmdNewFA
- sqlNewFA = "INSERT INTO functionalaccounts (functionalaccount, isactive) VALUES (?, 1)"
- Set cmdNewFA = Server.CreateObject("ADODB.Command")
- cmdNewFA.ActiveConnection = objConn
- cmdNewFA.CommandText = sqlNewFA
- cmdNewFA.CommandType = 1
- cmdNewFA.Parameters.Append cmdNewFA.CreateParameter("@functionalaccount", 200, 1, 50, newfunctionalaccount)
-
- On Error Resume Next
- cmdNewFA.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new functional account: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdNewFA = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created functional account ID
- Dim rsNewFA
- Set rsNewFA = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newfunctionalaccountid = CLng(rsNewFA("newid"))
- rsNewFA.Close
- Set rsNewFA = Nothing
- Set cmdNewFA = Nothing
- On Error Goto 0
- End If
-
- ' Insert new machine type using parameterized query
- Dim sqlNewMT, cmdNewMT
- sqlNewMT = "INSERT INTO machinetypes (machinetype, machinedescription, functionalaccountid, isactive) VALUES (?, ?, ?, 1)"
- Set cmdNewMT = Server.CreateObject("ADODB.Command")
- cmdNewMT.ActiveConnection = objConn
- cmdNewMT.CommandText = sqlNewMT
- cmdNewMT.CommandType = 1
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@machinetype", 200, 1, 50, newmachinetype)
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@machinedescription", 200, 1, 255, newmachinedescription)
- cmdNewMT.Parameters.Append cmdNewMT.CreateParameter("@functionalaccountid", 3, 1, , CLng(newfunctionalaccountid))
-
- On Error Resume Next
- cmdNewMT.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new machine type: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdNewMT = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created machine type ID
- Dim rsNewMT
- Set rsNewMT = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- machinetypeid = CLng(rsNewMT("newid"))
- rsNewMT.Close
- Set rsNewMT = Nothing
- Set cmdNewMT = Nothing
- On Error Goto 0
- End If
-
- ' Handle new model creation
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Or Len(newmodelimage) > 100 Then
- Response.Write("
Model field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Vendor name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Insert new vendor using parameterized query (with ismachine=1)
- Dim sqlNewVendor, cmdNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES (?, 1, 0, 0, 1)"
- Set cmdNewVendor = Server.CreateObject("ADODB.Command")
- cmdNewVendor.ActiveConnection = objConn
- cmdNewVendor.CommandText = sqlNewVendor
- cmdNewVendor.CommandType = 1
- cmdNewVendor.Parameters.Append cmdNewVendor.CreateParameter("@vendor", 200, 1, 50, newvendorname)
-
- On Error Resume Next
- cmdNewVendor.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdNewVendor = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- Set cmdNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Set default image if not specified
- Dim modelImageValue
- If Len(newmodelimage) > 0 Then
- modelImageValue = newmodelimage
- Else
- modelImageValue = "default.png"
- End If
-
- ' Insert new model using parameterized query
- Dim sqlNewModel, cmdNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, image, isactive) VALUES (?, ?, ?, 1)"
- Set cmdNewModel = Server.CreateObject("ADODB.Command")
- cmdNewModel.ActiveConnection = objConn
- cmdNewModel.CommandText = sqlNewModel
- cmdNewModel.CommandType = 1
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@modelnumber", 200, 1, 50, newmodelnumber)
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@vendorid", 3, 1, , CLng(newvendorid))
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@image", 200, 1, 100, modelImageValue)
-
- On Error Resume Next
- cmdNewModel.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdNewModel = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- Set cmdNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Build INSERT statement with parameterized query
- Dim strSQL, cmdMachine
- strSQL = "INSERT INTO machines (machinenumber, modelnumberid, machinetypeid, businessunitid, alias, machinenotes, mapleft, maptop, isactive, islocationonly) " & _
- "VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1, 0)"
-
- Set cmdMachine = Server.CreateObject("ADODB.Command")
- cmdMachine.ActiveConnection = objConn
- cmdMachine.CommandText = strSQL
- cmdMachine.CommandType = 1
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@machinenumber", 200, 1, 50, machinenumber)
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@modelnumberid", 3, 1, , CLng(modelid))
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@machinetypeid", 3, 1, , CLng(machinetypeid))
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@businessunitid", 3, 1, , CLng(businessunitid))
-
- ' Handle optional alias
- If alias <> "" Then
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@alias", 200, 1, 50, alias)
- Else
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@alias", 200, 1, 50, Null)
- End If
-
- ' Handle optional machinenotes
- If machinenotes <> "" Then
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@machinenotes", 200, 1, 500, machinenotes)
- Else
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@machinenotes", 200, 1, 500, Null)
- End If
-
- ' Handle optional map coordinates
- If mapleft <> "" And maptop <> "" And IsNumeric(mapleft) And IsNumeric(maptop) Then
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@mapleft", 3, 1, , CLng(mapleft))
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@maptop", 3, 1, , CLng(maptop))
- Else
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@mapleft", 3, 1, , Null)
- cmdMachine.Parameters.Append cmdMachine.CreateParameter("@maptop", 3, 1, , Null)
- End If
-
- On Error Resume Next
- cmdMachine.Execute
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Server.HTMLEncode(Err.Description) & "
")
- Response.Write("Go back")
- Set cmdMachine = Nothing
- objConn.Close
- Response.End
- End If
- Set cmdMachine = Nothing
-
- ' Get the new machine ID
- Dim newMachineId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newMachineId = CLng(rsCheck("newid"))
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Link selected PC to this machine by updating its machinenumber field
- Dim pcid
- pcid = Trim(Request.Form("pcid"))
-
- If pcid <> "" And IsNumeric(pcid) And CLng(pcid) > 0 Then
- Dim updatePCSQL, cmdUpdatePC
- updatePCSQL = "UPDATE pc SET machinenumber = ? WHERE pcid = ?"
- Set cmdUpdatePC = Server.CreateObject("ADODB.Command")
- cmdUpdatePC.ActiveConnection = objConn
- cmdUpdatePC.CommandText = updatePCSQL
- cmdUpdatePC.CommandType = 1
- cmdUpdatePC.Parameters.Append cmdUpdatePC.CreateParameter("@machinenumber", 200, 1, 50, machinenumber)
- cmdUpdatePC.Parameters.Append cmdUpdatePC.CreateParameter("@pcid", 3, 1, , CLng(pcid))
-
- On Error Resume Next
- cmdUpdatePC.Execute
- Set cmdUpdatePC = Nothing
- On Error Goto 0
- End If
-
- objConn.Close
-
- If CLng(newMachineId) > 0 Then
-%>
-
-<%
- Else
- Response.Write("Error: Machine was not added successfully.")
- End If
-%>
-
-<%
- ' Initialize error handling
- Call InitializeErrorHandling("savemodel.asp")
-
- ' Get and validate all inputs
- Dim modelnumber, vendorid, notes, documentationpath
- Dim newvendorname, isprinter, ispc, ismachine
- Dim modelisprinter, modelispc, modelismachine
-
- modelnumber = Trim(Request.Form("modelnumber"))
- vendorid = Trim(Request.Form("vendorid"))
- notes = Trim(Request.Form("notes"))
- documentationpath = Trim(Request.Form("documentationpath"))
-
- ' New vendor fields
- newvendorname = Trim(Request.Form("newvendorname"))
- isprinter = Request.Form("isprinter")
- ispc = Request.Form("ispc")
- ismachine = Request.Form("ismachine")
-
- ' Model type checkboxes (NOTE: these are different from vendor checkboxes above)
- modelisprinter = Request.Form("modelisprinter")
- modelispc = Request.Form("modelispc")
- modelismachine = Request.Form("modelismachine")
-
- ' Validate required fields
- If modelnumber = "" Then
- Call HandleValidationError("addmodel.asp", "INVALID_INPUT")
- End If
-
- ' Validate field lengths
- If Len(modelnumber) > 255 Then
- Call HandleValidationError("addmodel.asp", "INVALID_INPUT")
- End If
-
- If Len(notes) > 255 Then
- Call HandleValidationError("addmodel.asp", "INVALID_INPUT")
- End If
-
- If Len(documentationpath) > 255 Then
- Call HandleValidationError("addmodel.asp", "INVALID_INPUT")
- End If
-
- ' Check if we need to create a new vendor first
- If vendorid = "new" Then
- If newvendorname = "" Then
- Response.Write("
Error: Manufacturer name is required when adding a new manufacturer.
")
- Response.Write("Go back")
- Call CleanupResources()
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Call HandleValidationError("addmodel.asp", "INVALID_INPUT")
- End If
-
- ' Check if vendor already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM vendors WHERE LOWER(vendor) = LOWER(?)"
- Set rsCheck = ExecuteParameterizedQuery(objConn, checkSQL, Array(newvendorname))
- If rsCheck("cnt") > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Response.Write("
")
- Response.Write("Go back")
- Call CleanupResources()
- Response.End
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Insert new vendor
- Dim vendorSQL
- vendorSQL = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES (?, 1, ?, ?, ?)"
-
- Dim vendorParams
- vendorParams = Array(newvendorname, _
- IIf(isprinter = "1", 1, 0), _
- IIf(ispc = "1", 1, 0), _
- IIf(ismachine = "1", 1, 0))
-
- Call ExecuteParameterizedUpdate(objConn, vendorSQL, vendorParams)
-
- ' Get the new vendor ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- vendorid = rsCheck("newid")
- rsCheck.Close
- Set rsCheck = Nothing
- Else
- ' Validate existing vendor ID
- If Not ValidateID(vendorid) Then
- Call HandleValidationError("addmodel.asp", "INVALID_ID")
- End If
- End If
-
- ' Now we need to update the vendor's type flags based on model type selection
- ' If model is for printer, ensure vendor.isprinter = 1, etc.
- If modelisprinter = "1" OR modelispc = "1" OR modelismachine = "1" Then
- Dim updateVendorSQL
- updateVendorSQL = "UPDATE vendors SET "
- Dim updateParts()
- ReDim updateParts(-1)
-
- If modelisprinter = "1" Then
- ReDim Preserve updateParts(UBound(updateParts) + 1)
- updateParts(UBound(updateParts)) = "isprinter = 1"
- End If
- If modelispc = "1" Then
- ReDim Preserve updateParts(UBound(updateParts) + 1)
- updateParts(UBound(updateParts)) = "ispc = 1"
- End If
- If modelismachine = "1" Then
- ReDim Preserve updateParts(UBound(updateParts) + 1)
- updateParts(UBound(updateParts)) = "ismachine = 1"
- End If
-
- If UBound(updateParts) >= 0 Then
- updateVendorSQL = updateVendorSQL & Join(updateParts, ", ") & " WHERE vendorid = ?"
- Call ExecuteParameterizedUpdate(objConn, updateVendorSQL, Array(vendorid))
- End If
- End If
-
- ' Check if model already exists for this vendor
- checkSQL = "SELECT COUNT(*) as cnt FROM models WHERE LOWER(modelnumber) = LOWER(?) AND vendorid = ?"
- Set rsCheck = ExecuteParameterizedQuery(objConn, checkSQL, Array(modelnumber, vendorid))
- If rsCheck("cnt") > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Response.Write("
Error: Model '" & Server.HTMLEncode(modelnumber) & "' already exists for this manufacturer.
")
- Response.Write("Go back")
- Call CleanupResources()
- Response.End
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Insert the new model
- Dim modelSQL, modelParams
- modelSQL = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) VALUES (?, ?, ?, ?, 1)"
- modelParams = Array(modelnumber, vendorid, notes, documentationpath)
-
- Dim recordsAffected
- recordsAffected = ExecuteParameterizedUpdate(objConn, modelSQL, modelParams)
-
- ' Get the new model ID
- Dim newModelId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newModelId = rsCheck("newid")
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Cleanup resources
- Call CleanupResources()
-
- ' Redirect back to where they came from or to a success page
- If recordsAffected > 0 And newModelId > 0 Then
- Response.Write("
Model added successfully!
")
- Response.Write("
Model '" & Server.HTMLEncode(modelnumber) & "' has been added.
-<%
- ' Get and validate all inputs
- Dim modelnumber, vendorid, notes, documentationpath
- Dim newvendorname, isprinter, ispc, ismachine
- Dim modelisprinter, modelispc, modelismachine
-
- modelnumber = Trim(Request.Form("modelnumber"))
- vendorid = Trim(Request.Form("vendorid"))
- notes = Trim(Request.Form("notes"))
- documentationpath = Trim(Request.Form("documentationpath"))
-
- ' New vendor fields
- newvendorname = Trim(Request.Form("newvendorname"))
- isprinter = Request.Form("isprinter")
- ispc = Request.Form("ispc")
- ismachine = Request.Form("ismachine")
-
- ' Model type checkboxes
- modelisprinter = Request.Form("modelisprinter")
- modelispc = Request.Form("modelispc")
- modelismachine = Request.Form("modelismachine")
-
- ' Validate required fields
- If modelnumber = "" Then
- Response.Write("
Error: Model number is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths
- If Len(modelnumber) > 255 Then
- Response.Write("
Error: Model number too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(notes) > 255 Then
- Response.Write("
Error: Notes too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(documentationpath) > 255 Then
- Response.Write("
Error: Documentation path too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- modelnumber = Replace(modelnumber, "'", "''")
- notes = Replace(notes, "'", "''")
- documentationpath = Replace(documentationpath, "'", "''")
- newvendorname = Replace(newvendorname, "'", "''")
-
- ' Check if we need to create a new vendor first
- If vendorid = "new" Then
- If newvendorname = "" Then
- Response.Write("
Error: Manufacturer name is required when adding a new manufacturer.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Error: Manufacturer name too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Check if vendor already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM vendors WHERE LOWER(vendor) = LOWER('" & newvendorname & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck("cnt") > 0 Then
- rsCheck.Close
- Response.Write("
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new vendor ID
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- vendorid = rsCheck("newid")
- rsCheck.Close
- Else
- ' Validate existing vendor ID
- If Not IsNumeric(vendorid) Or CLng(vendorid) < 1 Then
- Response.Write("
Error: Invalid manufacturer ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
-
- ' Update vendor's type flags based on model type selection
- If modelisprinter = "1" OR modelispc = "1" OR modelismachine = "1" Then
- Dim updateVendorSQL, updateParts
- updateParts = ""
-
- If modelisprinter = "1" Then
- If updateParts <> "" Then updateParts = updateParts & ", "
- updateParts = updateParts & "isprinter = 1"
- End If
- If modelispc = "1" Then
- If updateParts <> "" Then updateParts = updateParts & ", "
- updateParts = updateParts & "ispc = 1"
- End If
- If modelismachine = "1" Then
- If updateParts <> "" Then updateParts = updateParts & ", "
- updateParts = updateParts & "ismachine = 1"
- End If
-
- If updateParts <> "" Then
- updateVendorSQL = "UPDATE vendors SET " & updateParts & " WHERE vendorid = " & vendorid
- objConn.Execute updateVendorSQL
- End If
- End If
-
- ' Check if model already exists for this vendor
- checkSQL = "SELECT COUNT(*) as cnt FROM models WHERE LOWER(modelnumber) = LOWER('" & modelnumber & "') AND vendorid = " & vendorid
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck("cnt") > 0 Then
- rsCheck.Close
- Response.Write("
Error: Model '" & Server.HTMLEncode(Request.Form("modelnumber")) & "' already exists for this manufacturer.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- rsCheck.Close
-
- ' Insert the new model
- Dim modelSQL
- modelSQL = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) " & _
- "VALUES ('" & modelnumber & "', " & vendorid & ", '" & notes & "', '" & documentationpath & "', 1)"
-
- On Error Resume Next
- objConn.Execute modelSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the new model ID
- Dim newModelId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newModelId = rsCheck("newid")
- rsCheck.Close
-
- objConn.Close
-
- If newModelId > 0 Then
- Response.Write("
Model added successfully!
")
- Response.Write("
Model '" & Server.HTMLEncode(Request.Form("modelnumber")) & "' has been added.
-
-
diff --git a/savenotification_direct.asp.backup-20251027 b/savenotification_direct.asp.backup-20251027
deleted file mode 100644
index b08a24a..0000000
--- a/savenotification_direct.asp.backup-20251027
+++ /dev/null
@@ -1,74 +0,0 @@
-
-<%
-' Get form inputs
-Dim notification, ticketnumber, starttime, endtime, isactive, isshopfloor, notificationtypeid, businessunitid
-notification = Trim(Request.Form("notification"))
-ticketnumber = Trim(Request.Form("ticketnumber"))
-starttime = Trim(Request.Form("starttime"))
-endtime = Trim(Request.Form("endtime"))
-isactive = Request.Form("isactive")
-isshopfloor = Request.Form("isshopfloor")
-notificationtypeid = Trim(Request.Form("notificationtypeid"))
-businessunitid = Trim(Request.Form("businessunitid"))
-
-If isactive = "" Then isactive = 0 Else isactive = 1
-If isshopfloor = "" Then isshopfloor = 0 Else isshopfloor = 1
-
-' Default to TBD if no type selected
-If notificationtypeid = "" Or Not IsNumeric(notificationtypeid) Then
- notificationtypeid = "1"
-End If
-
-' Validate required fields (endtime is now optional)
-If Len(notification) = 0 Or Len(starttime) = 0 Then
- Response.Write("Required fields missing")
- objConn.Close
- Response.End
-End If
-
-If Len(notification) > 500 Or Len(ticketnumber) > 50 Then
- Response.Write("Field length exceeded")
- objConn.Close
- Response.End
-End If
-
-' Escape quotes
-notification = Replace(notification, "'", "''")
-ticketnumber = Replace(ticketnumber, "'", "''")
-
-' Convert datetime format for starttime
-starttime = Replace(starttime, "T", " ") & ":00"
-
-' Handle optional endtime - leave as NULL if blank (indefinite)
-Dim strSQL, endtimeSQL, businessunitSQL
-If Len(endtime) = 0 Then
- ' No end date - store as NULL for indefinite notifications
- endtimeSQL = "NULL"
-Else
- ' End date specified - convert format and wrap in quotes
- endtime = Replace(endtime, "T", " ") & ":00"
- endtimeSQL = "'" & endtime & "'"
-End If
-
-' Handle optional businessunitid - NULL means applies to all business units
-If businessunitid = "" Or Not IsNumeric(businessunitid) Then
- businessunitSQL = "NULL"
-Else
- businessunitSQL = businessunitid
-End If
-
-' INSERT
-strSQL = "INSERT INTO notifications (notificationtypeid, businessunitid, notification, ticketnumber, starttime, endtime, isactive, isshopfloor) " & _
- "VALUES (" & notificationtypeid & ", " & businessunitSQL & ", '" & notification & "', '" & ticketnumber & "', '" & starttime & "', " & endtimeSQL & ", " & isactive & ", " & isshopfloor & ")"
-
-On Error Resume Next
-objConn.Execute strSQL
-
-If Err.Number = 0 Then
- objConn.Close
- Response.Redirect("displaynotifications.asp")
-Else
- Response.Write("Error: " & Err.Description)
- objConn.Close
-End If
-%>
diff --git a/saveprinter_direct.asp.backup-20251027 b/saveprinter_direct.asp.backup-20251027
deleted file mode 100644
index 975353a..0000000
--- a/saveprinter_direct.asp.backup-20251027
+++ /dev/null
@@ -1,241 +0,0 @@
-
-
-
-
-
-
-
-
-<%
- ' Get and validate all inputs
- Dim modelid, serialnumber, ipaddress, fqdn, printercsfname, printerwindowsname, machineid, maptop, mapleft
- modelid = Trim(Request.Form("modelid"))
- serialnumber = Trim(Request.Form("serialnumber"))
- ipaddress = Trim(Request.Form("ipaddress"))
- fqdn = Trim(Request.Form("fqdn"))
- printercsfname = Trim(Request.Form("printercsfname"))
- printerwindowsname = Trim(Request.Form("printerwindowsname"))
- machineid = Trim(Request.Form("machineid"))
- maptop = Trim(Request.Form("maptop"))
- mapleft = Trim(Request.Form("mapleft"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid, newmodelnotes, newmodeldocpath
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
- newmodelnotes = Trim(Request.Form("newmodelnotes"))
- newmodeldocpath = Trim(Request.Form("newmodeldocpath"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required fields
- If modelid = "" Then
- Response.Write("
Error: Model is required.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If modelid <> "new" And Not IsNumeric(modelid) Then
- Response.Write("
Error: Invalid model ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Not IsNumeric(machineid) Then
- Response.Write("
Error: Invalid machine ID.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If serialnumber = "" Or ipaddress = "" Or printerwindowsname = "" Then
- Response.Write("
Error: Required fields missing.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths
- If Len(serialnumber) > 100 Or Len(fqdn) > 255 Or Len(printercsfname) > 50 Or Len(printerwindowsname) > 255 Then
- Response.Write("
Error: Field length exceeded.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Check if printer with same IP already exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM printers WHERE ipaddress = '" & Replace(ipaddress, "'", "''") & "' AND isactive = 1"
- Set rsCheck = objConn.Execute(checkSQL)
- If Not rsCheck.EOF Then
- If CLng(rsCheck("cnt")) > 0 Then
- rsCheck.Close
- Set rsCheck = Nothing
- Response.Write("
Error: A printer with IP address '" & Server.HTMLEncode(ipaddress) & "' already exists.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- ' Handle new model creation
- If modelid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Write("
New model number is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Write("
Vendor is required for new model
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 255 Or Len(newmodelnotes) > 255 Or Len(newmodeldocpath) > 255 Then
- Response.Write("
Model field length exceeded
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Write("
New vendor name is required
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Write("
Vendor name too long
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with isprinter=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) " & _
- "VALUES ('" & escapedVendorName & "', 1, 1, 0, 0)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new vendor: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = rsNewVendor("newid")
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber, escapedModelNotes, escapedModelDocPath
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
- escapedModelNotes = Replace(newmodelnotes, "'", "''")
- escapedModelDocPath = Replace(newmodeldocpath, "'", "''")
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) " & _
- "VALUES ('" & escapedModelNumber & "', " & newvendorid & ", '" & escapedModelNotes & "', '" & escapedModelDocPath & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Write("
Error creating new model: " & Err.Description & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelid = rsNewModel("newid")
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes
- serialnumber = Replace(serialnumber, "'", "''")
- ipaddress = Replace(ipaddress, "'", "''")
- fqdn = Replace(fqdn, "'", "''")
- printercsfname = Replace(printercsfname, "'", "''")
- printerwindowsname = Replace(printerwindowsname, "'", "''")
-
- ' Build INSERT statement with map coordinates (default to 50,50 if not provided)
- Dim strSQL, maptopSQL, mapleftSQL
-
- ' Handle map coordinates - default to 50 if not provided
- If maptop <> "" And IsNumeric(maptop) Then
- maptopSQL = maptop
- Else
- maptopSQL = "50"
- End If
-
- If mapleft <> "" And IsNumeric(mapleft) Then
- mapleftSQL = mapleft
- Else
- mapleftSQL = "50"
- End If
-
- strSQL = "INSERT INTO printers (modelid, serialnumber, ipaddress, fqdn, printercsfname, printerwindowsname, machineid, maptop, mapleft, isactive) " & _
- "VALUES (" & modelid & ", '" & serialnumber & "', '" & ipaddress & "', '" & fqdn & "', '" & printercsfname & "', '" & printerwindowsname & "', " & machineid & ", " & maptopSQL & ", " & mapleftSQL & ", 1)"
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number <> 0 Then
- Response.Write("
Error inserting printer: " & Err.Description & "
")
- Response.Write("
SQL: " & Server.HTMLEncode(strSQL) & "
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
- On Error Goto 0
-
- ' Get the new printer ID
- Dim newPrinterId
- Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
- newPrinterId = CLng(rsCheck("newid"))
- rsCheck.Close
- Set rsCheck = Nothing
-
- objConn.Close
-
- If CLng(newPrinterId) > 0 Then
-%>
-
-<%
- Else
- Response.Write("Error: Printer was not added successfully.")
- End If
-%>
-
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If Len(vendor) > 50 Then
- Response.Write("
Error: Manufacturer name too long.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- If isprinter <> "1" AND ispc <> "1" AND ismachine <> "1" Then
- Response.Write("
Error: Please select at least one category.
")
- Response.Write("Go back")
- objConn.Close
- Response.End
- End If
-
- ' Check if exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM vendors WHERE LOWER(vendor) = LOWER('" & Replace(vendor, "'", "''") & "')"
- Set rsCheck = objConn.Execute(checkSQL)
- If rsCheck("cnt") > 0 Then
- rsCheck.Close
- Response.Write("
")
- End If
- Next
- End If
- On Error Goto 0
-
- If Not lowSuppliesFound Then
- Response.Write("
")
- Response.Write(" ")
- Response.Write("No supply issues found - All printers have adequate supplies")
- Response.Write("
")
- End If
-
- objConn.Close
-%>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/updatedevice_direct.asp.backup-20251027 b/updatedevice_direct.asp.backup-20251027
deleted file mode 100644
index 73e0968..0000000
--- a/updatedevice_direct.asp.backup-20251027
+++ /dev/null
@@ -1,223 +0,0 @@
-
-<%
- ' Get form data
- Dim pcid, pcstatusid, pctypeid, hostname, modelnumberid, machinenumber, isactive
-
- pcid = Trim(Request.Form("pcid"))
- pcstatusid = Trim(Request.Form("pcstatusid"))
- pctypeid = Trim(Request.Form("pctypeid"))
- hostname = Trim(Request.Form("hostname"))
- modelnumberid = Trim(Request.Form("modelnumberid"))
- machinenumber = Trim(Request.Form("machinenumber"))
- isactive = Trim(Request.Form("isactive"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required ID fields
- If Not IsNumeric(pcid) Or CLng(pcid) < 1 Then
- Response.Write("Invalid PC ID")
- objConn.Close
- Response.End
- End If
-
- If Not IsNumeric(pcstatusid) Or CLng(pcstatusid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- ' Verify the PC exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM pc WHERE pcid = " & CLng(pcid)
- Set rsCheck = objConn.Execute(checkSQL)
- If Not rsCheck.EOF Then
- If CLng(rsCheck("cnt")) = 0 Then
- rsCheck.Close
- objConn.Close
- Response.Redirect("default.asp")
- Response.End
- End If
- End If
- rsCheck.Close
-
- ' Set isactive: if checkbox not checked, it won't be in form data
- If isactive = "1" Then
- isactive = 1
- Else
- isactive = 0
- End If
-
- ' Validate optional ID fields - allow "new" as a valid value for model
- If pctypeid <> "" Then
- If Not IsNumeric(pctypeid) Or CLng(pctypeid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- If modelnumberid <> "" And modelnumberid <> "new" Then
- If Not IsNumeric(modelnumberid) Or CLng(modelnumberid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- ' Handle new model creation
- If modelnumberid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with ispc=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES ('" & escapedVendorName & "', 1, 0, 1, 0)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Err.Description))
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, isactive) VALUES ('" & escapedModelNumber & "', " & newvendorid & ", 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Err.Description))
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelnumberid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Validate field lengths
- If hostname <> "" And Len(hostname) > 255 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- If machinenumber <> "" And Len(machinenumber) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- hostname = Replace(hostname, "'", "''")
- machinenumber = Replace(machinenumber, "'", "''")
-
- ' Build UPDATE query dynamically
- Dim updateSQL
- updateSQL = "UPDATE pc SET pcstatusid = " & pcstatusid & ", isactive = " & isactive & ", "
-
- ' Add optional fields
- If pctypeid <> "" Then
- updateSQL = updateSQL & "pctypeid = " & pctypeid & ", "
- Else
- updateSQL = updateSQL & "pctypeid = NULL, "
- End If
-
- If hostname <> "" Then
- updateSQL = updateSQL & "hostname = '" & hostname & "', "
- Else
- updateSQL = updateSQL & "hostname = NULL, "
- End If
-
- If modelnumberid <> "" Then
- updateSQL = updateSQL & "modelnumberid = " & modelnumberid & ", "
- Else
- updateSQL = updateSQL & "modelnumberid = NULL, "
- End If
-
- If machinenumber <> "" Then
- updateSQL = updateSQL & "machinenumber = '" & machinenumber & "', "
- Else
- updateSQL = updateSQL & "machinenumber = NULL, "
- End If
-
- ' Add lastupdated timestamp and WHERE clause
- updateSQL = updateSQL & "lastupdated = NOW() WHERE pcid = " & pcid
-
- ' Execute update
- On Error Resume Next
- objConn.Execute updateSQL
-
- If Err.Number = 0 Then
- objConn.Close
- ' Success - redirect back to scan page ready for next scan
- Response.Redirect("./adddevice.asp")
- Else
- Dim errMsg
- errMsg = Err.Description
- objConn.Close
- Response.Redirect("./editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(errMsg))
- End If
-%>
diff --git a/updatedevice_direct.asp.backup-20251114 b/updatedevice_direct.asp.backup-20251114
deleted file mode 100644
index 29f870a..0000000
--- a/updatedevice_direct.asp.backup-20251114
+++ /dev/null
@@ -1,230 +0,0 @@
-<%
-'=============================================================================
-' FILE: updatedevice_direct.asp
-' PURPOSE: Update PC/device with optional vendor and model creation
-' SECURITY: Parameterized queries, HTML encoding, input validation
-' UPDATED: 2025-10-27 - Migrated to secure patterns
-'=============================================================================
-%>
-
-<%
- ' Get form data
- Dim pcid, machinestatusid, pctypeid, hostname, modelnumberid, machinenumber, isactive
-
- pcid = Trim(Request.Form("pcid"))
- machinestatusid = Trim(Request.Form("machinestatusid"))
- pctypeid = Trim(Request.Form("pctypeid"))
- hostname = Trim(Request.Form("hostname"))
- modelnumberid = Trim(Request.Form("modelnumberid"))
- machinenumber = Trim(Request.Form("machinenumber"))
- isactive = Trim(Request.Form("isactive"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid
- newmodelnumber = Trim(Request.Form("newmodelnumber"))
- newvendorid = Trim(Request.Form("newvendorid"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newvendorname"))
-
- ' Validate required ID fields
- If Not IsNumeric(pcid) Or CLng(pcid) < 1 Then
- Response.Write("Invalid PC ID")
- objConn.Close
- Response.End
- End If
-
- If Not IsNumeric(machinestatusid) Or CLng(machinestatusid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- ' Set isactive: if checkbox not checked, it won't be in form data
- If isactive = "1" Then
- isactive = 1
- Else
- isactive = 0
- End If
-
- ' Validate optional ID fields - allow "new" as a valid value for model
- If pctypeid <> "" Then
- If Not IsNumeric(pctypeid) Or CLng(pctypeid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- If modelnumberid <> "" And modelnumberid <> "new" Then
- If Not IsNumeric(modelnumberid) Or CLng(modelnumberid) < 1 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- ' Handle new model creation
- If modelnumberid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Handle new vendor creation (nested)
- If newvendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Insert new vendor using parameterized query (with ispc=1)
- Dim sqlNewVendor, cmdNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES (?, 1, 0, 1, 0)"
- Set cmdNewVendor = Server.CreateObject("ADODB.Command")
- cmdNewVendor.ActiveConnection = objConn
- cmdNewVendor.CommandText = sqlNewVendor
- cmdNewVendor.CommandType = 1
- cmdNewVendor.Parameters.Append cmdNewVendor.CreateParameter("@vendor", 200, 1, 50, newvendorname)
-
- On Error Resume Next
- cmdNewVendor.Execute
-
- If Err.Number <> 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Server.HTMLEncode(Err.Description)))
- Set cmdNewVendor = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newvendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- Set cmdNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Insert new model using parameterized query
- Dim sqlNewModel, cmdNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, isactive) VALUES (?, ?, 1)"
- Set cmdNewModel = Server.CreateObject("ADODB.Command")
- cmdNewModel.ActiveConnection = objConn
- cmdNewModel.CommandText = sqlNewModel
- cmdNewModel.CommandType = 1
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@modelnumber", 200, 1, 50, newmodelnumber)
- cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@vendorid", 3, 1, , CLng(newvendorid))
-
- On Error Resume Next
- cmdNewModel.Execute
-
- If Err.Number <> 0 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Server.HTMLEncode(Err.Description)))
- Set cmdNewModel = Nothing
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelnumberid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- Set cmdNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Validate field lengths
- If hostname <> "" And Len(hostname) > 255 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- If machinenumber <> "" And Len(machinenumber) > 50 Then
- Response.Redirect("editdevice.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Build UPDATE query using parameterized query
- Dim updateSQL, cmdUpdate
- updateSQL = "UPDATE machines SET machinestatusid = ?, isactive = ?, pctypeid = ?, hostname = ?, modelnumberid = ?, machinenumber = ?, lastupdated = NOW() WHERE machineid = ? AND pctypeid IS NOT NULL"
- Set cmdUpdate = Server.CreateObject("ADODB.Command")
- cmdUpdate.ActiveConnection = objConn
- cmdUpdate.CommandText = updateSQL
- cmdUpdate.CommandType = 1
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machinestatusid", 3, 1, , CLng(machinestatusid))
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@isactive", 3, 1, , isactive)
-
- ' Handle optional pctypeid
- If pctypeid <> "" Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@pctypeid", 3, 1, , CLng(pctypeid))
- Else
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@pctypeid", 3, 1, , Null)
- End If
-
- ' Handle optional hostname
- If hostname <> "" Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@hostname", 200, 1, 255, hostname)
- Else
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@hostname", 200, 1, 255, Null)
- End If
-
- ' Handle optional modelnumberid
- If modelnumberid <> "" Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@modelnumberid", 3, 1, , CLng(modelnumberid))
- Else
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@modelnumberid", 3, 1, , Null)
- End If
-
- ' Handle optional machinenumber
- If machinenumber <> "" Then
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machinenumber", 200, 1, 50, machinenumber)
- Else
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machinenumber", 200, 1, 50, Null)
- End If
-
- cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@machineid", 3, 1, , CLng(pcid))
-
- ' Execute update
- On Error Resume Next
- cmdUpdate.Execute
-
- If Err.Number = 0 Then
- Set cmdUpdate = Nothing
- objConn.Close
- ' Success - redirect back to scan page ready for next scan
- Response.Redirect("./adddevice.asp")
- Else
- Dim errMsg
- errMsg = Server.HTMLEncode(Err.Description)
- Set cmdUpdate = Nothing
- objConn.Close
- Response.Redirect("./editdevice.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(errMsg))
- End If
-%>
diff --git a/updatelink_direct.asp.backup-20251027 b/updatelink_direct.asp.backup-20251027
deleted file mode 100644
index c1b8e0a..0000000
--- a/updatelink_direct.asp.backup-20251027
+++ /dev/null
@@ -1,227 +0,0 @@
-
-<%
-' Get form inputs for KB article
-Dim linkid, linkurl, shortdescription, keywords, appid
-linkid = Trim(Request.Form("linkid"))
-linkurl = Trim(Request.Form("linkurl"))
-shortdescription = Trim(Request.Form("shortdescription"))
-keywords = Trim(Request.Form("keywords"))
-appid = Trim(Request.Form("appid"))
-
-' Get form inputs for new topic
-Dim newappname, newappdescription, newsupportteamid
-Dim newapplicationnotes, newinstallpath, newdocumentationpath, newisactive
-newappname = Trim(Request.Form("newappname"))
-newappdescription = Trim(Request.Form("newappdescription"))
-newsupportteamid = Trim(Request.Form("newsupportteamid"))
-newapplicationnotes = Trim(Request.Form("newapplicationnotes"))
-newinstallpath = Trim(Request.Form("newinstallpath"))
-newdocumentationpath = Trim(Request.Form("newdocumentationpath"))
-newisactive = Request.Form("newisactive")
-
-' Get form inputs for new support team
-Dim newsupportteamname, newsupportteamurl, newappownerid
-newsupportteamname = Trim(Request.Form("newsupportteamname"))
-newsupportteamurl = Trim(Request.Form("newsupportteamurl"))
-newappownerid = Trim(Request.Form("newappownerid"))
-
-' Get form inputs for new app owner
-Dim newappownername, newappownersso
-newappownername = Trim(Request.Form("newappownername"))
-newappownersso = Trim(Request.Form("newappownersso"))
-
-' Basic validation
-If Not IsNumeric(linkid) Or CLng(linkid) < 1 Then
- Response.Write("Invalid link ID")
- objConn.Close
- Response.End
-End If
-
-If Len(linkurl) = 0 Or Len(shortdescription) = 0 Or Len(appid) = 0 Then
- Response.Write("Required fields missing")
- objConn.Close
- Response.End
-End If
-
-If Len(linkurl) > 2000 Or Len(shortdescription) > 500 Or Len(keywords) > 500 Then
- Response.Write("Field length exceeded")
- objConn.Close
- Response.End
-End If
-
-' Handle new topic creation
-If appid = "new" Then
- If Len(newappname) = 0 Then
- Response.Write("New topic name is required")
- objConn.Close
- Response.End
- End If
-
- If Len(newsupportteamid) = 0 Then
- Response.Write("Support team is required for new topic")
- objConn.Close
- Response.End
- End If
-
- ' Validate field lengths for new topic
- If Len(newappname) > 50 Or Len(newappdescription) > 255 Or Len(newapplicationnotes) > 512 Or Len(newinstallpath) > 255 Or Len(newdocumentationpath) > 512 Then
- Response.Write("New topic field length exceeded")
- objConn.Close
- Response.End
- End If
-
- ' Handle new support team creation (nested)
- If newsupportteamid = "new" Then
- If Len(newsupportteamname) = 0 Then
- Response.Write("New support team name is required")
- objConn.Close
- Response.End
- End If
-
- If Len(newappownerid) = 0 Then
- Response.Write("App owner is required for new support team")
- objConn.Close
- Response.End
- End If
-
- If Len(newsupportteamname) > 50 Or Len(newsupportteamurl) > 512 Then
- Response.Write("New support team field length exceeded")
- objConn.Close
- Response.End
- End If
-
- ' Handle new app owner creation (doubly nested)
- If newappownerid = "new" Then
- If Len(newappownername) = 0 Or Len(newappownersso) = 0 Then
- Response.Write("App owner name and SSO are required")
- objConn.Close
- Response.End
- End If
-
- If Len(newappownername) > 50 Or Len(newappownersso) > 255 Then
- Response.Write("App owner field length exceeded")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes for new app owner
- Dim escapedOwnerName, escapedOwnerSSO
- escapedOwnerName = Replace(newappownername, "'", "''")
- escapedOwnerSSO = Replace(newappownersso, "'", "''")
-
- ' Insert new app owner
- Dim sqlNewOwner
- sqlNewOwner = "INSERT INTO appowners (appowner, sso, isactive) " & _
- "VALUES ('" & escapedOwnerName & "', '" & escapedOwnerSSO & "', 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewOwner
-
- If Err.Number <> 0 Then
- Response.Write("Error creating new app owner: " & Err.Description)
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created app owner ID
- Dim rsNewOwner
- Set rsNewOwner = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newappownerid = rsNewOwner("newid")
- rsNewOwner.Close
- Set rsNewOwner = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for new support team
- Dim escapedTeamName, escapedTeamURL
- escapedTeamName = Replace(newsupportteamname, "'", "''")
- escapedTeamURL = Replace(newsupportteamurl, "'", "''")
-
- ' Insert new support team with selected or newly created app owner
- Dim sqlNewTeam
- sqlNewTeam = "INSERT INTO supportteams (teamname, teamurl, appownerid, isactive) " & _
- "VALUES ('" & escapedTeamName & "', '" & escapedTeamURL & "', " & newappownerid & ", 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewTeam
-
- If Err.Number <> 0 Then
- Response.Write("Error creating new support team: " & Err.Description)
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created support team ID
- Dim rsNewTeam
- Set rsNewTeam = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- newsupportteamid = rsNewTeam("newid")
- rsNewTeam.Close
- Set rsNewTeam = Nothing
- On Error Goto 0
- End If
-
- ' Escape single quotes for new topic
- Dim escapedAppName, escapedAppDesc, escapedAppNotes, escapedInstallPath, escapedDocPath
- escapedAppName = Replace(newappname, "'", "''")
- escapedAppDesc = Replace(newappdescription, "'", "''")
- escapedAppNotes = Replace(newapplicationnotes, "'", "''")
- escapedInstallPath = Replace(newinstallpath, "'", "''")
- escapedDocPath = Replace(newdocumentationpath, "'", "''")
-
- ' Convert isactive checkbox
- Dim isActiveValue
- If newisactive = "1" Then
- isActiveValue = 1
- Else
- isActiveValue = 0
- End If
-
- ' Insert new application/topic
- Dim sqlNewApp
- sqlNewApp = "INSERT INTO applications (appname, appdescription, supportteamid, applicationnotes, installpath, documentationpath, isactive, isinstallable, ishidden, isprinter, islicenced) " & _
- "VALUES ('" & escapedAppName & "', '" & escapedAppDesc & "', " & newsupportteamid & ", '" & escapedAppNotes & "', '" & escapedInstallPath & "', '" & escapedDocPath & "', " & isActiveValue & ", 0, 0, 0, 0)"
-
- On Error Resume Next
- objConn.Execute sqlNewApp
-
- If Err.Number <> 0 Then
- Response.Write("Error creating new topic: " & Err.Description)
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created topic ID
- Dim rsNewApp
- Set rsNewApp = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- appid = rsNewApp("newid")
- rsNewApp.Close
- Set rsNewApp = Nothing
- On Error Goto 0
-End If
-
-' Escape single quotes for KB article
-linkurl = Replace(linkurl, "'", "''")
-shortdescription = Replace(shortdescription, "'", "''")
-keywords = Replace(keywords, "'", "''")
-
-' Build UPDATE statement
-Dim strSQL
-strSQL = "UPDATE knowledgebase SET " & _
- "linkurl = '" & linkurl & "', " & _
- "shortdescription = '" & shortdescription & "', " & _
- "keywords = '" & keywords & "', " & _
- "appid = " & appid & ", " & _
- "lastupdated = NOW() " & _
- "WHERE linkid = " & linkid
-
-On Error Resume Next
-objConn.Execute strSQL
-
-If Err.Number = 0 Then
- objConn.Close
- Response.Redirect("displayknowledgearticle.asp?linkid=" & linkid & "&status=updated")
-Else
- objConn.Close
- Response.Redirect("displayknowledgearticle.asp?linkid=" & linkid & "&status=error&msg=" & Server.URLEncode("Error: " & Err.Description))
-End If
-%>
diff --git a/updatenotification_direct.asp.backup-20251027 b/updatenotification_direct.asp.backup-20251027
deleted file mode 100644
index 02d1b90..0000000
--- a/updatenotification_direct.asp.backup-20251027
+++ /dev/null
@@ -1,117 +0,0 @@
-
-<%
-' Get form inputs
-Dim notificationid, notification, ticketnumber, starttime, endtime, isactive, isshopfloor, notificationtypeid, businessunitid
-notificationid = Trim(Request.Form("notificationid"))
-notification = Trim(Request.Form("notification"))
-ticketnumber = Trim(Request.Form("ticketnumber"))
-starttime = Trim(Request.Form("starttime"))
-endtime = Trim(Request.Form("endtime"))
-notificationtypeid = Trim(Request.Form("notificationtypeid"))
-businessunitid = Trim(Request.Form("businessunitid"))
-
-' Handle checkbox - if the hidden field is submitted but checkbox isn't, it means unchecked
-If Request.Form("isactive_submitted") = "1" Then
- If Request.Form("isactive") = "1" Then
- isactive = 1
- Else
- isactive = 0
- End If
-Else
- ' Fallback for backward compatibility
- If Request.Form("isactive") = "" Then
- isactive = 0
- Else
- isactive = 1
- End If
-End If
-
-' Handle isshopfloor checkbox - same pattern as isactive
-If Request.Form("isshopfloor_submitted") = "1" Then
- If Request.Form("isshopfloor") = "1" Then
- isshopfloor = 1
- Else
- isshopfloor = 0
- End If
-Else
- ' Fallback for backward compatibility
- If Request.Form("isshopfloor") = "" Then
- isshopfloor = 0
- Else
- isshopfloor = 1
- End If
-End If
-
-' Validate
-If Not IsNumeric(notificationid) Or CLng(notificationid) < 1 Then
- Response.Write("Invalid notification ID")
- objConn.Close
- Response.End
-End If
-
-' Default to TBD if no type selected
-If notificationtypeid = "" Or Not IsNumeric(notificationtypeid) Then
- notificationtypeid = "1"
-End If
-
-' Validate required fields (endtime is now optional)
-If Len(notification) = 0 Or Len(starttime) = 0 Then
- Response.Write("Required fields missing")
- objConn.Close
- Response.End
-End If
-
-If Len(notification) > 500 Or Len(ticketnumber) > 50 Then
- Response.Write("Field length exceeded")
- objConn.Close
- Response.End
-End If
-
-' Escape quotes
-notification = Replace(notification, "'", "''")
-ticketnumber = Replace(ticketnumber, "'", "''")
-
-' Convert datetime format for starttime
-starttime = Replace(starttime, "T", " ") & ":00"
-
-' Handle optional endtime - leave as NULL if blank (indefinite)
-Dim strSQL, endtimeSQL, businessunitSQL
-If Len(endtime) = 0 Then
- ' No end date - store as NULL for indefinite notifications
- endtimeSQL = "NULL"
-Else
- ' End date specified - convert format and wrap in quotes
- endtime = Replace(endtime, "T", " ") & ":00"
- endtimeSQL = "'" & endtime & "'"
-End If
-
-' Handle optional businessunitid - NULL means applies to all business units
-If businessunitid = "" Or Not IsNumeric(businessunitid) Then
- businessunitSQL = "NULL"
-Else
- businessunitSQL = businessunitid
-End If
-
-' UPDATE
-strSQL = "UPDATE notifications SET " & _
- "notificationtypeid = " & notificationtypeid & ", " & _
- "businessunitid = " & businessunitSQL & ", " & _
- "notification = '" & notification & "', " & _
- "ticketnumber = '" & ticketnumber & "', " & _
- "starttime = '" & starttime & "', " & _
- "endtime = " & endtimeSQL & ", " & _
- "isactive = " & isactive & ", " & _
- "isshopfloor = " & isshopfloor & " " & _
- "WHERE notificationid = " & notificationid
-
-On Error Resume Next
-objConn.Execute strSQL
-
-If Err.Number = 0 Then
- objConn.Close
- Response.Redirect("displaynotifications.asp")
-Else
- Response.Write("Error: " & Err.Description)
- objConn.Close
-End If
-%>
diff --git a/updatepc_direct.asp.backup-20251027 b/updatepc_direct.asp.backup-20251027
deleted file mode 100644
index 5ce71c7..0000000
--- a/updatepc_direct.asp.backup-20251027
+++ /dev/null
@@ -1,193 +0,0 @@
-
-<%
- ' Get form data
- Dim pcid, vendorid, modelnumberid, machinenumber
-
- pcid = Trim(Request.Form("pcid"))
- vendorid = Trim(Request.Form("vendorid"))
- modelnumberid = Trim(Request.Form("modelid"))
- machinenumber = Trim(Request.Form("machinenumber"))
-
- ' Get form inputs for new model
- Dim newmodelnumber, newvendorid
- newmodelnumber = Trim(Request.Form("newpcmodelnumber"))
- newvendorid = Trim(Request.Form("newpcmodelvendorid"))
-
- ' Get form inputs for new vendor
- Dim newvendorname
- newvendorname = Trim(Request.Form("newpcvendorname"))
-
- ' Validate required ID fields
- If Not IsNumeric(pcid) Or CLng(pcid) < 1 Then
- Response.Write("Invalid PC ID")
- objConn.Close
- Response.End
- End If
-
- ' Verify the PC exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM pc WHERE pcid = " & CLng(pcid)
- Set rsCheck = objConn.Execute(checkSQL)
- If Not rsCheck.EOF Then
- If CLng(rsCheck("cnt")) = 0 Then
- rsCheck.Close
- objConn.Close
- Response.Redirect("displaypcs.asp")
- Response.End
- End If
- End If
- rsCheck.Close
-
- ' Validate optional ID fields - allow "new" as a valid value for model and vendor
- If vendorid <> "" And vendorid <> "new" Then
- If Not IsNumeric(vendorid) Or CLng(vendorid) < 1 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- If modelnumberid <> "" And modelnumberid <> "new" Then
- If Not IsNumeric(modelnumberid) Or CLng(modelnumberid) < 1 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
- End If
-
- ' Handle new vendor creation
- If vendorid = "new" Then
- If Len(newvendorname) = 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorname) > 50 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes
- Dim escapedVendorName
- escapedVendorName = Replace(newvendorname, "'", "''")
-
- ' Insert new vendor (with ispc=1)
- Dim sqlNewVendor
- sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) VALUES ('" & escapedVendorName & "', 1, 0, 1, 0)"
-
- On Error Resume Next
- objConn.Execute sqlNewVendor
-
- If Err.Number <> 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Err.Description))
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created vendor ID
- Dim rsNewVendor
- Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- vendorid = CLng(rsNewVendor("newid"))
- rsNewVendor.Close
- Set rsNewVendor = Nothing
- On Error Goto 0
- End If
-
- ' Handle new model creation
- If modelnumberid = "new" Then
- If Len(newmodelnumber) = 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newvendorid) = 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- If Len(newmodelnumber) > 50 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' If vendor was also created new, use that vendor ID
- If vendorid <> "" And IsNumeric(vendorid) Then
- newvendorid = vendorid
- End If
-
- ' Escape single quotes for model
- Dim escapedModelNumber
- escapedModelNumber = Replace(newmodelnumber, "'", "''")
-
- ' Insert new model
- Dim sqlNewModel
- sqlNewModel = "INSERT INTO models (modelnumber, vendorid, isactive) VALUES ('" & escapedModelNumber & "', " & newvendorid & ", 1)"
-
- On Error Resume Next
- objConn.Execute sqlNewModel
-
- If Err.Number <> 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=db&msg=" & Server.URLEncode(Err.Description))
- objConn.Close
- Response.End
- End If
-
- ' Get the newly created model ID
- Dim rsNewModel
- Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
- modelnumberid = CLng(rsNewModel("newid"))
- rsNewModel.Close
- Set rsNewModel = Nothing
- On Error Goto 0
- End If
-
- ' Validate machine number length
- If machinenumber <> "" And Len(machinenumber) > 50 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Escape single quotes for machine number
- If machinenumber <> "" Then
- machinenumber = Replace(machinenumber, "'", "''")
- End If
-
- ' Build UPDATE statement for PC
- Dim strSQL
- strSQL = "UPDATE pc SET "
-
- ' Update model if provided
- If modelnumberid <> "" And IsNumeric(modelnumberid) Then
- strSQL = strSQL & "modelnumberid = " & modelnumberid & ", "
- End If
-
- ' Update machine number
- If machinenumber <> "" Then
- strSQL = strSQL & "machinenumber = '" & machinenumber & "', "
- Else
- strSQL = strSQL & "machinenumber = NULL, "
- End If
-
- ' Add lastupdated timestamp
- strSQL = strSQL & "lastupdated = NOW() WHERE pcid = " & pcid
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number <> 0 Then
- Response.Redirect("displaypc.asp?pcid=" & pcid & "&error=db")
- objConn.Close
- Response.End
- End If
-
- objConn.Close
-
- ' Success - redirect back to displaypc
- Response.Redirect("./displaypc.asp?pcid=" & pcid)
-%>
diff --git a/updatesubnet_direct.asp.backup-20251027 b/updatesubnet_direct.asp.backup-20251027
deleted file mode 100644
index 75d5e16..0000000
--- a/updatesubnet_direct.asp.backup-20251027
+++ /dev/null
@@ -1,167 +0,0 @@
-
-
-
-
-
-
-
-
-<%
- ' Get form inputs
- Dim subnetid, vlan, ipstart, cidr, description, subnettypeid, cidrarray, ipend
-
- subnetid = Trim(Request.Querystring("subnetid"))
- vlan = Trim(Request.Form("vlan"))
- ipstart = Trim(Request.Form("ipstart"))
- cidr = Trim(Request.Form("cidr"))
- description = Trim(Request.Form("description"))
- subnettypeid = Trim(Request.Form("subnettypeid"))
-
- ' Validate required ID fields
- If Not IsNumeric(subnetid) Or CLng(subnetid) < 1 Then
- Response.Write("Invalid subnet ID")
- objConn.Close
- Response.End
- End If
-
- ' Verify the subnet exists
- Dim checkSQL, rsCheck
- checkSQL = "SELECT COUNT(*) as cnt FROM subnets WHERE subnetid = " & subnetid
- Set rsCheck = objConn.Execute(checkSQL)
-
- Dim subnetExists
- subnetExists = False
- If Not rsCheck.EOF Then
- If Not IsNull(rsCheck("cnt")) Then
- If CLng(rsCheck("cnt")) > 0 Then
- subnetExists = True
- End If
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- If Not subnetExists Then
- Response.Redirect("displaysubnets.asp")
- objConn.Close
- Response.End
- End If
-
- ' Validate required fields
- If vlan = "" Or ipstart = "" Or cidr = "" Or subnettypeid = "" Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=REQUIRED_FIELD")
- objConn.Close
- Response.End
- End If
-
- ' Validate VLAN is numeric
- If Not IsNumeric(vlan) Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Basic IP address validation
- If Len(ipstart) < 7 Or Len(ipstart) > 15 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_IP")
- objConn.Close
- Response.End
- End If
-
- ' Validate subnet type ID
- If Not IsNumeric(subnettypeid) Or CLng(subnettypeid) < 1 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_ID")
- objConn.Close
- Response.End
- End If
-
- ' Parse CIDR value (expected format: "cidr,ipend")
- If InStr(cidr, ",") = 0 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- cidrarray = Split(cidr, ",")
- If UBound(cidrarray) < 1 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ipend = Trim(cidrarray(1))
- cidr = Trim(cidrarray(0))
-
- ' Remove leading slash if present (CIDR comes as "/24" format)
- If Left(cidr, 1) = "/" Then
- cidr = Mid(cidr, 2)
- End If
-
- ' Validate CIDR is numeric (0-32)
- If Not IsNumeric(cidr) Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- If CInt(cidr) < 0 Or CInt(cidr) > 32 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Validate ipend is numeric
- If Not IsNumeric(ipend) Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Validate description length
- If Len(description) > 500 Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=INVALID_INPUT")
- objConn.Close
- Response.End
- End If
-
- ' Escape quotes
- description = Replace(description, "'", "''")
- ipstart = Replace(ipstart, "'", "''")
-
- ' Verify subnet type exists
- checkSQL = "SELECT COUNT(*) as cnt FROM subnettypes WHERE subnettypeid = " & subnettypeid
- Set rsCheck = objConn.Execute(checkSQL)
-
- Dim typeExists
- typeExists = False
- If Not rsCheck.EOF Then
- If Not IsNull(rsCheck("cnt")) Then
- If CLng(rsCheck("cnt")) > 0 Then
- typeExists = True
- End If
- End If
- End If
- rsCheck.Close
- Set rsCheck = Nothing
-
- If Not typeExists Then
- Response.Redirect("displaysubnet.asp?subnetid=" & subnetid & "&error=NOT_FOUND")
- objConn.Close
- Response.End
- End If
-
- ' Update
- Dim strSQL
- strSQL = "UPDATE subnets SET vlan = " & vlan & ", ipstart = INET_ATON('" & ipstart & "'), ipend = (INET_ATON('" & ipstart & "') + " & ipend & "), cidr = '" & cidr & "', subnettypeid = " & subnettypeid & ", description = '" & description & "' WHERE subnetid = " & subnetid
-
- On Error Resume Next
- objConn.Execute strSQL
-
- If Err.Number = 0 Then
- objConn.Close
- Response.Redirect("./displaysubnet.asp?subnetid=" & subnetid)
- Else
- Response.Write("Error: " & Err.Description)
- objConn.Close
- End If
-%>
" alt="Card image cap">
- 
" alt="Card image cap">
- 
" alt="Card image cap">
- 
" alt="Card image cap">
-