Security fixes and schema cleanup

- Fix SQL injection in displayprofile.asp (parameterized query) - Add HTMLEncode to XSS-vulnerable output in 5 display pages - Add Option Explicit to computers.asp, displaymachines.asp, displaypcs.asp, displayapplication.asp, displayprofile.asp - Update STANDARDS.md with test script reference, secrets management, column naming gotchas - Fix equipment type ranges in CLAUDE.md and QUICK_REFERENCE.md (1-15, 21-25) - Add migration SQL to cleanup redundant PC machinetypes (34-46) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 07:22:16 -05:00
parent 693789138d
commit e0d89f9957
9 changed files with 258 additions and 57 deletions
--- a/docs/QUICK_REFERENCE.md
+++ b/docs/QUICK_REFERENCE.md
@@ -39,9 +39,10 @@ machines (machineid, hostname, serialnumber, alias, machinenumber,
          loggedinuser, machinenotes, isactive, maptop, mapleft, lastupdated)

 -- Identify record type:
--   PCs:             pctypeid IS NOT NULL (machinetypeid 33-35)
--   Equipment:       pctypeid IS NULL AND machinetypeid < 16
+--   PCs:             pctypeid IS NOT NULL (machinetypeid 33+)
+--   Equipment:       pctypeid IS NULL AND machinetypeid NOT IN (16,17,18,19,20) AND machinetypeid < 33
 --   Network Devices: machinetypeid IN (16,17,18,19,20)
+-- Equipment types: 1-15, 21-25 (e.g., Lathe, Mill, CMM, Hobbing Machine, etc.)
 ```

 ### PC-Related Tables