ge-aerospace/shopdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security fixes and schema cleanup

Browse Source 
- Fix SQL injection in displayprofile.asp (parameterized query)
- Add HTMLEncode to XSS-vulnerable output in 5 display pages
- Add Option Explicit to computers.asp, displaymachines.asp, displaypcs.asp, displayapplication.asp, displayprofile.asp
- Update STANDARDS.md with test script reference, secrets management, column naming gotchas
- Fix equipment type ranges in CLAUDE.md and QUICK_REFERENCE.md (1-15, 21-25)
- Add migration SQL to cleanup redundant PC machinetypes (34-46)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
cproudlock
2025-12-12 07:22:16 -05:00
parent 693789138d
commit e0d89f9957
9 changed files with 258 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
displayprofile.asp
View File

@@ -1,3 +1,7 @@
<%@ Language=VBScript %>
<%
Option Explicit
%>
<!DOCTYPE html>
<html lang="en">
<head>
@@ -8,12 +12,19 @@
</head>
<%
Dim theme, sso, strSQL, rs, cmd
theme = Request.Cookies("theme")
IF theme = "" THEN
theme="bg-theme1"
END IF
' Validate SSO - must be numeric
sso = Request.Querystring("sso")
If Not IsNumeric(sso) Or sso = "" Then
sso = "1"
End If
sso = CLng(sso)
%>
<body class="bg-theme <%Response.Write(theme)%>">
@@ -45,20 +56,33 @@
<div class="card-img-block">
<%
' Use parameterized query to prevent SQL injection
Set cmd = Server.CreateObject("ADODB.Command")
cmd.ActiveConnection = objconn
cmd.CommandText = "SELECT * FROM employees WHERE SSO = ?"
cmd.CommandType = 1
cmd.Parameters.Append cmd.CreateParameter("@sso", 3, 1, , sso)
Set rs = cmd.Execute()
strSQL = "SELECT * from employees WHERE SSO="&sso
set rs = objconn.Execute(strSQL)
if rs.eof THEN
strSQL = "SELECT * from employees WHERE SSO=1"
set rs = objconn.Execute(strSQL)
END IF
If rs.EOF Then
' Default to SSO 1 if not found
rs.Close
Set rs = Nothing
Set cmd = Nothing
Set cmd = Server.CreateObject("ADODB.Command")
cmd.ActiveConnection = objconn
cmd.CommandText = "SELECT * FROM employees WHERE SSO = ?"
cmd.CommandType = 1
cmd.Parameters.Append cmd.CreateParameter("@sso", 3, 1, , 1)
Set rs = cmd.Execute()
End If
Set cmd = Nothing
%>
<img class="img-fluid" src="https://tsgwp00525.rd.ds.ge.com/EmployeeDBAPP/images/<%Response.Write(rs("Picture"))%>" alt="Card image cap">
<img class="img-fluid" src="https://tsgwp00525.rd.ds.ge.com/EmployeeDBAPP/images/<%=Server.HTMLEncode(rs("Picture") & "")%>" alt="Card image cap">
</div>
<div class="card-body pt-5">
<h5 class="card-title"><%Response.Write(rs("First_Name"))%>&nbsp;<%Response.Write(rs("Last_Name"))%></h5>
<h5 class="card-title"><%=Server.HTMLEncode(rs("First_Name") & "")%>&nbsp;<%=Server.HTMLEncode(rs("Last_Name") & "")%></h5>
</div>
<%
' Easter Egg for SSO 570005354
@@ -234,7 +258,7 @@ END IF
<h5 class="mb-3">Profile</h5>
<div class="row">
<div class="col-md-3">
<h6><%Response.Write(rs("First_Name"))%>&nbsp;<%Response.Write(rs("Last_Name"))%></h6>
<h6><%=Server.HTMLEncode(rs("First_Name") & "")%>&nbsp;<%=Server.HTMLEncode(rs("Last_Name") & "")%></h6>
<h6>SSO</h6>
<h6>Shift</h6>
<h6>Role</h6>
@@ -243,11 +267,11 @@ END IF
</div>
<div class="col-md-6">
<h6>&nbsp;<h6>
<h6><%Response.Write(rs("SSO"))%></h6>
<h6><%Response.Write(rs("shift"))%></h6>
<h6><%Response.Write(rs("Role"))%></h6>
<h6><%Response.Write(rs("Team"))%></h6>
<h6><%Response.Write(rs("Payno"))%></h6>
<h6><%=Server.HTMLEncode(rs("SSO") & "")%></h6>
<h6><%=Server.HTMLEncode(rs("shift") & "")%></h6>
<h6><%=Server.HTMLEncode(rs("Role") & "")%></h6>
<h6><%=Server.HTMLEncode(rs("Team") & "")%></h6>
<h6><%=Server.HTMLEncode(rs("Payno") & "")%></h6>
</div>
</div>
<!--/row-->