<% '============================================================================= ' FILE: displaymachine.asp ' PURPOSE: Display detailed machine information with edit capability ' SECURITY: Parameterized queries, HTML encoding, input validation ' UPDATED: 2025-10-27 - Migrated to secure patterns '============================================================================= %> <% theme = Request.Cookies("theme") If theme = "" Then theme = "bg-theme1" End If '============================================================================= ' SECURITY: Validate machineid or machinenumber parameter ' NOTE: This handles both database ID and machine number for flexibility '============================================================================= Dim machineid, machinenumber, paramValue machineid = GetSafeInteger("QS", "machineid", 0, 1, 999999) ' If machineid not provided, try machinenumber parameter IF machineid = 0 THEN machinenumber = Request.QueryString("machinenumber") IF machinenumber <> "" THEN ' Look up machineid by machinenumber Dim rsLookup, strLookupSQL strLookupSQL = "SELECT machineid FROM machines WHERE machinenumber = ? AND isactive = 1" Set rsLookup = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(machinenumber)) IF NOT rsLookup.EOF THEN machineid = rsLookup("machineid") END IF rsLookup.Close Set rsLookup = Nothing END IF ELSE ' We have a machineid, but it might actually be a machine number ' Try to look it up as a machineid first Dim rsCheck strLookupSQL = "SELECT machineid FROM machines WHERE machineid = ? AND isactive = 1" Set rsCheck = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(machineid)) ' If no machine found with that machineid, try treating it as a machine number IF rsCheck.EOF THEN rsCheck.Close strLookupSQL = "SELECT machineid FROM machines WHERE machinenumber = ? AND isactive = 1" Set rsCheck = ExecuteParameterizedQuery(objConn, strLookupSQL, Array(CStr(machineid))) IF NOT rsCheck.EOF THEN machineid = rsCheck("machineid") ELSE machineid = 0 ' Not found END IF END IF rsCheck.Close Set rsCheck = Nothing END IF IF machineid = 0 THEN objConn.Close Response.Redirect("default.asp") Response.End END IF '============================================================================= ' SECURITY: Use parameterized query to prevent SQL injection ' PHASE 2: Removed pc and networkinterfaces tables (migrated to machines) ' NOTE: Use explicit column names to avoid wildcard conflicts between tables '============================================================================= ' Phase 2: Only query columns that actually exist in machines table ' NOTE: machinetypeid is now sourced from models table (models.machinetypeid) not machines table strSQL = "SELECT machines.machineid, machines.machinenumber, machines.alias, machines.hostname, " & _ "machines.serialnumber, machines.machinenotes, machines.mapleft, machines.maptop, " & _ "machines.modelnumberid, machines.businessunitid, machines.printerid, machines.pctypeid, " & _ "machines.loggedinuser, machines.osid, machines.machinestatusid, " & _ "machines.controllertypeid, machines.controllerosid, machines.requires_manual_machine_config, " & _ "machines.lastupdated, machines.fqdn, " & _ "machinetypes.machinetype, " & _ "models.modelnumber, models.image, models.machinetypeid, " & _ "businessunits.businessunit, " & _ "functionalaccounts.functionalaccount, functionalaccounts.functionalaccountid, " & _ "vendors.vendor, vendors.vendorid, " & _ "printers.ipaddress AS printerip, " & _ "printers.printercsfname, printers.printerwindowsname, " & _ "machinestatus.machinestatus " & _ "FROM machines " & _ "LEFT JOIN models ON machines.modelnumberid = models.modelnumberid " & _ "LEFT JOIN machinetypes ON models.machinetypeid = machinetypes.machinetypeid " & _ "LEFT JOIN businessunits ON machines.businessunitid = businessunits.businessunitid " & _ "LEFT JOIN functionalaccounts ON machinetypes.functionalaccountid = functionalaccounts.functionalaccountid " & _ "LEFT JOIN vendors ON models.vendorid = vendors.vendorid " & _ "LEFT JOIN printers ON machines.printerid = printers.printerid " & _ "LEFT JOIN machinestatus ON machines.machinestatusid = machinestatus.machinestatusid " & _ "WHERE machines.machineid = " & CLng(machineid) Set rs = objConn.Execute(strSQL) ' Check if machine exists If rs.EOF Then rs.Close Set rs = Nothing objConn.Close Response.Redirect("default.asp") Response.End End If ' Check if machine has UDC data (only for equipment with machinenumber) Dim rsUDCCheck, hasUDCData, strSQL2, machineNum hasUDCData = False machineNum = rs("machinenumber") & "" If machineNum <> "" Then strSQL2 = "SELECT COUNT(*) as cnt FROM udcparts p " & _ "JOIN udcsessions s ON p.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ?" Set rsUDCCheck = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineNum)) If Not rsUDCCheck Is Nothing Then If Not rsUDCCheck.EOF Then If CLng(rsUDCCheck("cnt") & "0") > 0 Then hasUDCData = True End If rsUDCCheck.Close Set rsUDCCheck = Nothing End If End If %>
" alt="Card image cap">
" alt="profile-image" class="profile">
<%=Server.HTMLEncode(rs("machinenumber") & "")%>
<%=Server.HTMLEncode(rs("vendor") & "")%>
<%=Server.HTMLEncode(rs("machinetype") & "")%>
<%' machinedescription column doesn't exist in Phase 2 schema %>

<%=Server.HTMLEncode(rs("machinenotes") & "")%>

<% ' Only show Print Badge for equipment (has machinenumber), not servers/network devices If Trim(rs("machinenumber") & "") <> "" Then %> Print Badge <% End If %>
Configuration

Location:

Status:

Vendor:

Model:

Function:

BU:

IP Address:

MAC Address:

FQDN:

Controlling PC:

Printer:

<% Dim machineNumVal, vendorValM, modelValM, machineTypeVal, buVal, statusValM ' Get values and default to N/A if empty machineNumVal = rs("machinenumber") & "" If machineNumVal = "" Then machineNumVal = "N/A" statusValM = rs("machinestatus") & "" If statusValM = "" Then statusValM = "N/A" vendorValM = rs("vendor") & "" If vendorValM = "" Then vendorValM = "N/A" modelValM = rs("modelnumber") & "" If modelValM = "" Then modelValM = "N/A" machineTypeVal = rs("machinetype") & "" If machineTypeVal = "" Then machineTypeVal = "N/A" buVal = rs("businessunit") & "" If buVal = "" Then buVal = "N/A" %>

<% If machineNumVal <> "N/A" Then %> <%=Server.HTMLEncode(machineNumVal)%> <% Else Response.Write("N/A") End If %>

<%=Server.HTMLEncode(statusValM)%>

<%=Server.HTMLEncode(vendorValM)%>

<%=Server.HTMLEncode(modelValM)%>

<%=Server.HTMLEncode(machineTypeVal)%>

<%=Server.HTMLEncode(buVal)%>

<% ' Get primary communication (IP and MAC) from communications table Dim rsPrimaryCom, strPrimaryComSQL, primaryIP, primaryMAC strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE machineid = ? AND isprimary = 1 AND isactive = 1 LIMIT 1" Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(machineid)) If Not rsPrimaryCom.EOF Then primaryIP = rsPrimaryCom("address") & "" primaryMAC = rsPrimaryCom("macaddress") & "" Else ' Try to get first active communication if no primary set rsPrimaryCom.Close strPrimaryComSQL = "SELECT address, macaddress FROM communications WHERE machineid = ? AND isactive = 1 ORDER BY comid LIMIT 1" Set rsPrimaryCom = ExecuteParameterizedQuery(objConn, strPrimaryComSQL, Array(machineid)) If Not rsPrimaryCom.EOF Then primaryIP = rsPrimaryCom("address") & "" primaryMAC = rsPrimaryCom("macaddress") & "" Else primaryIP = "" primaryMAC = "" End If End If rsPrimaryCom.Close Set rsPrimaryCom = Nothing ' Display IP Address If primaryIP <> "" Then Response.Write("

" & Server.HTMLEncode(primaryIP) & "

") Else Response.Write("

N/A

") End If ' Display MAC Address If primaryMAC <> "" Then Response.Write("

" & Server.HTMLEncode(primaryMAC) & "

") Else Response.Write("

N/A

") End If ' Display FQDN Dim fqdnVal fqdnVal = rs("fqdn") & "" If fqdnVal <> "" Then Response.Write("

" & Server.HTMLEncode(fqdnVal) & "

") Else Response.Write("

N/A

") End If ' Get controlling PC from relationships - check both directions ' Direction 1: PC (machineid) controls this equipment (related_machineid) ' Direction 2: This equipment (machineid) is controlled by PC (related_machineid) Dim rsControlPC, strControlPCSQL, controlPCHostname, controlPCID ' First check: PC controls this equipment (standard direction) strControlPCSQL = "SELECT m.machineid, m.hostname, m.machinenumber FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "JOIN machines m ON mr.machineid = m.machineid " & _ "WHERE mr.related_machineid = ? AND rt.relationshiptype = 'Controls' AND mr.isactive = 1 " & _ "AND m.pctypeid IS NOT NULL LIMIT 1" Set rsControlPC = ExecuteParameterizedQuery(objConn, strControlPCSQL, Array(machineid)) If rsControlPC.EOF Then rsControlPC.Close ' Second check: This equipment has relationship to PC (reverse direction) strControlPCSQL = "SELECT m.machineid, m.hostname, m.machinenumber FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "JOIN machines m ON mr.related_machineid = m.machineid " & _ "WHERE mr.machineid = ? AND rt.relationshiptype = 'Controls' AND mr.isactive = 1 " & _ "AND m.pctypeid IS NOT NULL LIMIT 1" Set rsControlPC = ExecuteParameterizedQuery(objConn, strControlPCSQL, Array(machineid)) End If If Not rsControlPC.EOF Then controlPCHostname = rsControlPC("hostname") & "" controlPCID = rsControlPC("machineid") If controlPCHostname = "" Then controlPCHostname = rsControlPC("machinenumber") & "" Response.Write("

" & Server.HTMLEncode(controlPCHostname) & "

") Else Response.Write("

N/A

") End If rsControlPC.Close Set rsControlPC = Nothing ' SECURITY: HTML encode printer data to prevent XSS ' Printer data - check if exists (LEFT JOIN may return NULL) If Not IsNull(rs("printerid")) And rs("printerid") <> "" Then Dim printerNameVal printerNameVal = rs("printerwindowsname") & "" If printerNameVal = "" Then printerNameVal = "Printer #" & rs("printerid") Response.Write("

" & Server.HTMLEncode(printerNameVal) & "

") Else Response.Write("

N/A

") End If %>
Network Communications
<% ' Query communications for this machine strSQL2 = "SELECT c.*, ct.typename FROM communications c " & _ "JOIN comstypes ct ON c.comstypeid = ct.comstypeid " & _ "WHERE c.machineid = ? AND c.isactive = 1 ORDER BY c.isprimary DESC, c.comid ASC" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If rs2.EOF Then Response.Write("") Else Do While Not rs2.EOF Dim ipAddr, macAddr, ifaceName, isPrimary, statusBadge ipAddr = rs2("address") & "" macAddr = rs2("macaddress") & "" ifaceName = rs2("interfacename") & "" isPrimary = rs2("isprimary") If ipAddr = "" Then ipAddr = "N/A" If macAddr = "" Then macAddr = "N/A" If ifaceName = "" Then ifaceName = "N/A" If isPrimary Then statusBadge = "Primary" Else statusBadge = "" End If Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Loop End If rs2.Close Set rs2 = Nothing %>
Type IP Address MAC Address Interface Primary Status
No network communications configured
" & Server.HTMLEncode(rs2("typename") & "") & "" & ipAddr & "" & macAddr & "" & ifaceName & "" & statusBadge & "Active
Machine Relationships
Controlled By PC
<% ' Query PCs that control this machine (directly or via dualpath) ' Check both directions - the PC is identified by pctypeid IS NOT NULL ' Use GROUP_CONCAT to combine multiple IPs into one row per PC strSQL2 = "SELECT m.machineid, m.machinenumber, m.hostname, " & _ "GROUP_CONCAT(DISTINCT c.address ORDER BY c.address SEPARATOR ', ') as address, 'Controls' as relationshiptype " & _ "FROM machinerelationships mr " & _ "JOIN machines m ON (mr.machineid = m.machineid OR mr.related_machineid = m.machineid) " & _ "LEFT JOIN communications c ON m.machineid = c.machineid AND c.comstypeid IN (1, 3) AND c.isactive = 1 " & _ "WHERE (mr.machineid = ? OR mr.related_machineid = ?) AND mr.relationshiptypeid = 3 " & _ " AND m.pctypeid IS NOT NULL AND m.machineid <> ? AND mr.isactive = 1 " & _ "GROUP BY m.machineid, m.machinenumber, m.hostname" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid, machineid, machineid)) Dim pcHostname, pcIP, pcMachineID If rs2.EOF Then Response.Write("") Else Do While Not rs2.EOF pcHostname = rs2("hostname") & "" pcIP = rs2("address") & "" pcMachineID = rs2("machineid") If pcHostname = "" Then pcHostname = rs2("machinenumber") & "" If pcIP = "" Then pcIP = "N/A" Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Loop End If rs2.Close Set rs2 = Nothing %>
PC Hostname IP Address Location Relationship
No controlling PC assigned
" & Server.HTMLEncode(pcHostname) & "" & pcIP & "" & Server.HTMLEncode(rs2("relationshiptype") & "") & "
Machines Controlled by This Machine
<% ' Query other machines related to this one (excluding Controls which is shown in "Controlled By PC" section) ' This shows relationships like Cluster Member, Backup For, Master-Slave, etc. strSQL2 = "SELECT m.machineid, m.machinenumber, mt.machinetype, mo.modelnumber, rt.relationshiptype " & _ "FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "JOIN machines m ON mr.related_machineid = m.machineid " & _ "LEFT JOIN models mo ON m.modelnumberid = mo.modelnumberid " & _ "LEFT JOIN machinetypes mt ON mo.machinetypeid = mt.machinetypeid " & _ "WHERE mr.machineid = ? AND rt.relationshiptype NOT IN ('Controls', 'Dualpath', 'Connected To') AND mr.isactive = 1" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If rs2.EOF Then Response.Write("") Else Do While Not rs2.EOF Dim ctrlMachineNum, ctrlType, ctrlModel, ctrlMachineID ctrlMachineNum = rs2("machinenumber") & "" ctrlType = rs2("machinetype") & "" ctrlModel = rs2("modelnumber") & "" ctrlMachineID = rs2("machineid") If ctrlType = "" Then ctrlType = "N/A" If ctrlModel = "" Then ctrlModel = "N/A" Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Loop End If rs2.Close Set rs2 = Nothing %>
Machine Number Type Model Relationship
This machine does not control any other machines
" & Server.HTMLEncode(ctrlMachineNum) & "" & ctrlType & "" & ctrlModel & "" & Server.HTMLEncode(rs2("relationshiptype") & "") & "
Dualpath / Redundant Machines
<% ' Query dualpath relationships strSQL2 = "SELECT m.machineid, m.machinenumber, mt.machinetype, mo.modelnumber, rt.relationshiptype " & _ "FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "JOIN machines m ON mr.related_machineid = m.machineid " & _ "LEFT JOIN models mo ON m.modelnumberid = mo.modelnumberid " & _ "LEFT JOIN machinetypes mt ON mo.machinetypeid = mt.machinetypeid " & _ "WHERE mr.machineid = ? AND rt.relationshiptype = 'Dualpath' AND mr.isactive = 1" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If rs2.EOF Then Response.Write("") Else Do While Not rs2.EOF Dim dualMachineNum, dualType, dualModel, dualMachineID dualMachineNum = rs2("machinenumber") & "" dualType = rs2("machinetype") & "" dualModel = rs2("modelnumber") & "" dualMachineID = rs2("machineid") If dualType = "" Then dualType = "N/A" If dualModel = "" Then dualModel = "N/A" Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Loop End If rs2.Close Set rs2 = Nothing %>
Machine Number Type Model Relationship
No dualpath relationships
" & Server.HTMLEncode(dualMachineNum) & "" & dualType & "" & dualModel & "" & Server.HTMLEncode(rs2("relationshiptype") & "") & "
Network Connections
<% ' Query devices this machine is connected to (e.g., Camera -> IDF) strSQL2 = "SELECT m.machineid, m.machinenumber, m.alias, mt.machinetype, rt.relationshiptype " & _ "FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "LEFT JOIN machines m ON mr.related_machineid = m.machineid " & _ "LEFT JOIN models mo ON m.modelnumberid = mo.modelnumberid " & _ "LEFT JOIN machinetypes mt ON mo.machinetypeid = mt.machinetypeid " & _ "WHERE mr.machineid = ? AND rt.relationshiptype = 'Connected To' AND mr.isactive = 1" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If Not rs2.EOF Then While Not rs2.EOF Dim connAlias, connType connAlias = "" : If Not IsNull(rs2("alias")) Then connAlias = rs2("alias") & "" connType = "" : If Not IsNull(rs2("machinetype")) Then connType = rs2("machinetype") & "" Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Wend Else Response.Write("") End If rs2.Close ' Query devices connected to this machine (e.g., IDF -> Cameras) strSQL2 = "SELECT m.machineid, m.machinenumber, m.alias, mt.machinetype, rt.relationshiptype " & _ "FROM machinerelationships mr " & _ "JOIN relationshiptypes rt ON mr.relationshiptypeid = rt.relationshiptypeid " & _ "LEFT JOIN machines m ON mr.machineid = m.machineid " & _ "LEFT JOIN models mo ON m.modelnumberid = mo.modelnumberid " & _ "LEFT JOIN machinetypes mt ON mo.machinetypeid = mt.machinetypeid " & _ "WHERE mr.related_machineid = ? AND rt.relationshiptype = 'Connected To' AND mr.isactive = 1" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If Not rs2.EOF Then While Not rs2.EOF Dim connToAlias, connToType connToAlias = "" : If Not IsNull(rs2("alias")) Then connToAlias = rs2("alias") & "" connToType = "" : If Not IsNull(rs2("machinetype")) Then connToType = rs2("machinetype") & "" Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Wend End If rs2.Close Set rs2 = Nothing %>
Machine # Name/Description Type Relationship
" & Server.HTMLEncode(rs2("machinenumber") & "") & "" & Server.HTMLEncode(connAlias) & "" & Server.HTMLEncode(connType) & "" & Server.HTMLEncode(rs2("relationshiptype") & "") & "
No network connections
" & Server.HTMLEncode(rs2("machinenumber") & "") & "" & Server.HTMLEncode(connToAlias) & "" & Server.HTMLEncode(connToType) & "Connected From
Compliance & Security
<% ' Query compliance data strSQL2 = "SELECT * FROM compliance WHERE machineid = ?" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If Not rs2.EOF Then %>

Third Party Managed:

Third Party Manager:

OT Asset System:

DoD Asset Device Type:

Compliant:

<% Dim thirdPartyManaged, thirdPartyManager, otAssetSystem, dodAssetDeviceType, isCompliant thirdPartyManaged = rs2("isthirdpartymanaged") & "" thirdPartyManager = rs2("thirdpartymanager") & "" otAssetSystem = rs2("otenvironment") & "" dodAssetDeviceType = rs2("otassetdevicetype") & "" isCompliant = rs2("ischangerestricted") & "" ' Third party managed badge Dim tpmBadge If thirdPartyManaged = "Y" Then tpmBadge = "Yes" ElseIf thirdPartyManaged = "N" Then tpmBadge = "No" Else tpmBadge = "N/A" End If %>

<%=tpmBadge%>

<%=Server.HTMLEncode(thirdPartyManager)%>

<%=Server.HTMLEncode(otAssetSystem)%>

<%=Server.HTMLEncode(dodAssetDeviceType)%>

<% If isCompliant = "Y" Then Response.Write("Yes") ElseIf isCompliant = "N" Then Response.Write("No") Else Response.Write("Not Assessed") End If %>

Security Scans
<% rs2.Close Set rs2 = Nothing ' Query security scans strSQL2 = "SELECT * FROM compliancescans WHERE machineid = ? ORDER BY scandate DESC LIMIT 10" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) If rs2.EOF Then Response.Write("") Else Do While Not rs2.EOF Dim scanName, scanDate, scanResult, scanDetails, resultBadge scanName = rs2("scanname") & "" scanDate = rs2("scandate") & "" scanResult = rs2("scanresult") & "" scanDetails = rs2("scandetails") & "" If scanName = "" Then scanName = "Security Scan" If scanDetails = "" Then scanDetails = "No details" ' Result badge Select Case LCase(scanResult) Case "pass" resultBadge = "Pass" Case "fail" resultBadge = "Fail" Case "warning" resultBadge = "Warning" Case Else resultBadge = "Info" End Select Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rs2.MoveNext Loop End If rs2.Close Set rs2 = Nothing %>
Scan Name Date Result Details
No security scans recorded
" & Server.HTMLEncode(scanName) & "" & Server.HTMLEncode(scanDate) & "" & resultBadge & "" & scanDetails & "
<% Else Response.Write("

No compliance data available for this machine.

") rs2.Close Set rs2 = Nothing End If %>
<% If Not IsNull(rs("pctypeid")) Then %>
<% '============================================================================= ' SECURITY: Use parameterized query for installed applications '============================================================================= Dim appDisplay, appVer strSQL2 = "SELECT a.appname, av.version FROM installedapps ia " & _ "JOIN applications a ON ia.appid = a.appid " & _ "LEFT JOIN appversions av ON ia.appversionid = av.appversionid " & _ "WHERE ia.isactive = 1 AND ia.machineid = ? ORDER BY a.appname ASC" Set rs2 = ExecuteParameterizedQuery(objConn, strSQL2, Array(machineid)) Do While Not rs2.EOF appDisplay = Server.HTMLEncode(rs2("appname") & "") appVer = rs2("version") & "" If appVer <> "" Then appDisplay = appDisplay & " v" & Server.HTMLEncode(appVer) & "" Response.Write("") rs2.MoveNext Loop rs2.Close Set rs2 = Nothing %>
" & appDisplay & "
<% End If %> <% If hasUDCData Then %>
UDC Performance Data
<% ' Get today's UDC stats for this machine Dim rsUDCToday, todayParts, todayOOT, todayAvgCycle, todayLastBadge strSQL2 = "SELECT COUNT(*) as partstoday, " & _ "SUM(ootcount) as oottoday, " & _ "AVG(cycletime) as avgcycle, " & _ "(SELECT badgenumber FROM udcparts p2 JOIN udcsessions s2 ON p2.sessionid = s2.sessionid " & _ " WHERE s2.machinenumber = ? ORDER BY p2.programend DESC LIMIT 1) as lastbadge " & _ "FROM udcparts p " & _ "JOIN udcsessions s ON p.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ? AND DATE(p.programstart) = CURDATE()" Set rsUDCToday = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "", rs("machinenumber") & "")) If Not rsUDCToday.EOF Then todayParts = CLng(rsUDCToday("partstoday") & "0") todayOOT = CLng(rsUDCToday("oottoday") & "0") If Not IsNull(rsUDCToday("avgcycle")) Then todayAvgCycle = FormatNumber(CDbl(rsUDCToday("avgcycle")) / 60, 1) Else todayAvgCycle = "0" End If todayLastBadge = rsUDCToday("lastbadge") & "" Else todayParts = 0 todayOOT = 0 todayAvgCycle = "0" todayLastBadge = "" End If rsUDCToday.Close Set rsUDCToday = Nothing %>

<%=todayParts%>

Parts Today

<%=todayAvgCycle%>m

Avg Cycle Time
text-white">

<%=todayOOT%>

OOT Today

<%If todayLastBadge <> "" Then Response.Write(Server.HTMLEncode(todayLastBadge)) Else Response.Write("-")%>

Current Operator
Recent Activity
<% ' Get recent activity (violations + badge changes) for this machine Dim rsActivity, actBadge strSQL2 = "SELECT * FROM (" & _ "SELECT eventtime, 'Violation' as acttype, badgenumber, " & _ "CONCAT(crossingdesc, ': ', previousval, ' -> ', currentval) as details " & _ "FROM udcviolations WHERE machinenumber = ? " & _ "UNION ALL " & _ "SELECT eventtime, 'Badge Change' as acttype, badgenumber, details " & _ "FROM udcheaderupdates WHERE machinenumber = ? " & _ ") combined ORDER BY eventtime DESC LIMIT 15" Set rsActivity = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "", rs("machinenumber") & "")) If rsActivity.EOF Then Response.Write("") Else Do While Not rsActivity.EOF If rsActivity("acttype") = "Violation" Then actBadge = "Setting Change" Else actBadge = "Badge" End If Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rsActivity.MoveNext Loop End If rsActivity.Close Set rsActivity = Nothing %>
Time Type Badge Details
No recent activity
" & Server.HTMLEncode(rsActivity("eventtime") & "") & "" & actBadge & "" & Server.HTMLEncode(rsActivity("badgenumber") & "") & "" & Server.HTMLEncode(rsActivity("details") & "") & "
Tool Health
<% ' Get tool health summary for this machine (last 30 days) Dim rsToolSummary, toolCount, toolMeasurements, toolOOT, toolLastCheck strSQL2 = "SELECT COUNT(DISTINCT t.toolnumber) as unique_tools, " & _ "COUNT(*) as total_measurements, " & _ "SUM(t.oot) as oot_count, " & _ "MAX(t.eventtime) as last_check " & _ "FROM udctooldata t " & _ "JOIN udcsessions s ON t.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ? AND t.eventtime >= DATE_SUB(NOW(), INTERVAL 30 DAY)" Set rsToolSummary = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "")) If Not rsToolSummary.EOF Then toolCount = CLng(rsToolSummary("unique_tools") & "0") toolMeasurements = CLng(rsToolSummary("total_measurements") & "0") toolOOT = CLng(rsToolSummary("oot_count") & "0") toolLastCheck = rsToolSummary("last_check") & "" Else toolCount = 0 toolMeasurements = 0 toolOOT = 0 toolLastCheck = "" End If rsToolSummary.Close Set rsToolSummary = Nothing If toolMeasurements > 0 Then %>

<%=toolCount%>

Tools Monitored

<%=toolMeasurements%>

Measurements (30d)
text-white">

<%=toolOOT%>

Out of Tolerance
<%If toolLastCheck <> "" Then Response.Write(Server.HTMLEncode(Left(toolLastCheck, 16))) Else Response.Write("-")%>
Last Tool Check
<% ' Get tool status by tool number Dim rsTools, toolStatus, toolStatusClass, toolAvgDev, toolMaxDev, toolDevPct strSQL2 = "SELECT t.toolnumber, " & _ "MAX(t.description) as description, " & _ "COUNT(*) as measurements, " & _ "ROUND(AVG(t.deviation), 4) as avg_deviation, " & _ "ROUND(MAX(ABS(t.deviation)), 4) as max_deviation, " & _ "MAX(ABS(t.minval)) as tolerance_ref, " & _ "SUM(t.oot) as oot_count " & _ "FROM udctooldata t " & _ "JOIN udcsessions s ON t.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ? AND t.eventtime >= DATE_SUB(NOW(), INTERVAL 30 DAY) " & _ "GROUP BY t.toolnumber " & _ "ORDER BY oot_count DESC, measurements DESC " & _ "LIMIT 10" Set rsTools = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "")) If rsTools.EOF Then Response.Write("") Else Do While Not rsTools.EOF ' Calculate status based on OOT and deviation If CLng(rsTools("oot_count") & "0") > 0 Then toolStatus = "OOT" toolStatusClass = "bg-danger text-white" Else toolStatus = " OK" toolStatusClass = "" End If If Not IsNull(rsTools("avg_deviation")) Then toolAvgDev = FormatNumber(CDbl(rsTools("avg_deviation")), 4) Else toolAvgDev = "-" End If If Not IsNull(rsTools("max_deviation")) Then toolMaxDev = FormatNumber(CDbl(rsTools("max_deviation")), 4) Else toolMaxDev = "-" End If Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rsTools.MoveNext Loop End If rsTools.Close Set rsTools = Nothing %>
Tool # Description Checks Avg Dev Max Dev Status
No tool data available
" & Server.HTMLEncode(rsTools("toolnumber") & "") & "" & Server.HTMLEncode(Left(rsTools("description") & "", 30)) & "" & rsTools("measurements") & "" & toolAvgDev & "" & toolMaxDev & "" & toolStatus & "
<% ' Check for recent OOT events Dim rsOOT, ootEventCount strSQL2 = "SELECT COUNT(*) as cnt FROM udctooldata t " & _ "JOIN udcsessions s ON t.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ? AND t.oot = 1 AND t.eventtime >= DATE_SUB(NOW(), INTERVAL 7 DAY)" Set rsOOT = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "")) ootEventCount = 0 If Not rsOOT.EOF Then ootEventCount = CLng(rsOOT("cnt") & "0") rsOOT.Close Set rsOOT = Nothing If ootEventCount > 0 Then %>
Recent Out-of-Tolerance Events (7 days)
<% Dim rsOOTEvents strSQL2 = "SELECT t.eventtime, t.toolnumber, t.description, " & _ "t.actualval, t.minval, t.maxval, t.deviation " & _ "FROM udctooldata t " & _ "JOIN udcsessions s ON t.sessionid = s.sessionid " & _ "WHERE s.machinenumber = ? AND t.oot = 1 AND t.eventtime >= DATE_SUB(NOW(), INTERVAL 7 DAY) " & _ "ORDER BY t.eventtime DESC LIMIT 10" Set rsOOTEvents = ExecuteParameterizedQuery(objConn, strSQL2, Array(rs("machinenumber") & "")) Do While Not rsOOTEvents.EOF Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") Response.Write("") rsOOTEvents.MoveNext Loop rsOOTEvents.Close Set rsOOTEvents = Nothing %>
Time Tool # Description Actual Min/Max Deviation
" & Server.HTMLEncode(rsOOTEvents("eventtime") & "") & "" & Server.HTMLEncode(rsOOTEvents("toolnumber") & "") & "" & Server.HTMLEncode(Left(rsOOTEvents("description") & "", 25)) & "" & FormatNumber(CDbl(rsOOTEvents("actualval") & "0"), 4) & "" & FormatNumber(CDbl(rsOOTEvents("minval") & "0"), 4) & " / " & FormatNumber(CDbl(rsOOTEvents("maxval") & "0"), 4) & "" & FormatNumber(CDbl(rsOOTEvents("deviation") & "0"), 4) & "
<% End If ' ootEventCount > 0 Else ' toolMeasurements = 0 %>
No tool measurement data available for this machine.
<% End If ' toolMeasurements > 0 %>
" class="btn btn-primary"> View Full UDC Dashboard
<% End If %>
Select Machine Location
Click on the map to select a location
<% '============================================================================= ' CLEANUP '============================================================================= objConn.Close %>