ge-aerospace/shopdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1e17fd30262f341c90691679f00e222b4d6a377b
shopdb/updatelinkdirect.asp
cproudlock 249bfbba8c Standardize ASP filenames: remove underscores 
Renamed 45 ASP files to follow lowercase concatenated naming convention:
- Direct handlers: save_machine_direct.asp -> savemachinedirect.asp
- USB files: checkin_usb.asp -> checkinusb.asp
- API files: api_usb.asp -> apiusb.asp
- Map files: network_map.asp -> networkmap.asp
- Printer files: printer_lookup.asp -> printerlookup.asp

Also:
- Updated 84+ internal references across all ASP and JS files
- Deleted 6 test/duplicate files (editmacine.asp, test_*.asp)
- Updated production migration guide with filename changes
- Added rename scripts for Linux (bash) and Windows (PowerShell)
2025-12-10 20:40:05 -05:00

252 lines
9.1 KiB
Plaintext
Raw Blame History

<%
'=============================================================================
' FILE: updatelinkdirect.asp
' PURPOSE: Update knowledge base article with nested entity creation (topic, support team, app owner)
' SECURITY: Parameterized queries, HTML encoding, input validation
' UPDATED: 2025-10-27 - Migrated to secure patterns
'=============================================================================
%>
<!--#include file="./includes/sql.asp"-->
<%
' Get form inputs for KB article
Dim linkid, linkurl, shortdescription, keywords, appid
linkid = Trim(Request.Form("linkid"))
linkurl = Trim(Request.Form("linkurl"))
shortdescription = Trim(Request.Form("shortdescription"))
keywords = Trim(Request.Form("keywords"))
appid = Trim(Request.Form("appid"))
' Get form inputs for new topic
Dim newappname, newappdescription, newsupportteamid
Dim newapplicationnotes, newinstallpath, newdocumentationpath, newisactive
newappname = Trim(Request.Form("newappname"))
newappdescription = Trim(Request.Form("newappdescription"))
newsupportteamid = Trim(Request.Form("newsupportteamid"))
newapplicationnotes = Trim(Request.Form("newapplicationnotes"))
newinstallpath = Trim(Request.Form("newinstallpath"))
newdocumentationpath = Trim(Request.Form("newdocumentationpath"))
newisactive = Request.Form("newisactive")
' Get form inputs for new support team
Dim newsupportteamname, newsupportteamurl, newappownerid
newsupportteamname = Trim(Request.Form("newsupportteamname"))
newsupportteamurl = Trim(Request.Form("newsupportteamurl"))
newappownerid = Trim(Request.Form("newappownerid"))
' Get form inputs for new app owner
Dim newappownername, newappownersso
newappownername = Trim(Request.Form("newappownername"))
newappownersso = Trim(Request.Form("newappownersso"))
' Basic validation
If linkid = "" Or Not IsNumeric(linkid) Then
Response.Write("Invalid link ID")
objConn.Close
Response.End
End If
If CLng(linkid) < 1 Then
Response.Write("Invalid link ID")
objConn.Close
Response.End
End If
If Len(linkurl) = 0 Or Len(shortdescription) = 0 Or Len(appid) = 0 Then
Response.Write("Required fields missing")
objConn.Close
Response.End
End If
If Len(linkurl) > 2000 Or Len(shortdescription) > 500 Or Len(keywords) > 500 Then
Response.Write("Field length exceeded")
objConn.Close
Response.End
End If
' Handle new topic creation
If appid = "new" Then
If Len(newappname) = 0 Then
Response.Write("New topic name is required")
objConn.Close
Response.End
End If
If Len(newsupportteamid) = 0 Then
Response.Write("Support team is required for new topic")
objConn.Close
Response.End
End If
' Validate field lengths for new topic
If Len(newappname) > 50 Or Len(newappdescription) > 255 Or Len(newapplicationnotes) > 512 Or Len(newinstallpath) > 255 Or Len(newdocumentationpath) > 512 Then
Response.Write("New topic field length exceeded")
objConn.Close
Response.End
End If
' Handle new support team creation (nested)
If newsupportteamid = "new" Then
If Len(newsupportteamname) = 0 Then
Response.Write("New support team name is required")
objConn.Close
Response.End
End If
If Len(newappownerid) = 0 Then
Response.Write("App owner is required for new support team")
objConn.Close
Response.End
End If
If Len(newsupportteamname) > 50 Or Len(newsupportteamurl) > 512 Then
Response.Write("New support team field length exceeded")
objConn.Close
Response.End
End If
' Handle new app owner creation (doubly nested)
If newappownerid = "new" Then
If Len(newappownername) = 0 Or Len(newappownersso) = 0 Then
Response.Write("App owner name and SSO are required")
objConn.Close
Response.End
End If
If Len(newappownername) > 50 Or Len(newappownersso) > 255 Then
Response.Write("App owner field length exceeded")
objConn.Close
Response.End
End If
' Insert new app owner using parameterized query
Dim sqlNewOwner, cmdNewOwner
sqlNewOwner = "INSERT INTO appowners (appowner, sso, isactive) VALUES (?, ?, 1)"
Set cmdNewOwner = Server.CreateObject("ADODB.Command")
cmdNewOwner.ActiveConnection = objConn
cmdNewOwner.CommandText = sqlNewOwner
cmdNewOwner.CommandType = 1
cmdNewOwner.Parameters.Append cmdNewOwner.CreateParameter("@appowner", 200, 1, 50, newappownername)
cmdNewOwner.Parameters.Append cmdNewOwner.CreateParameter("@sso", 200, 1, 255, newappownersso)
On Error Resume Next
cmdNewOwner.Execute
If Err.Number <> 0 Then
Response.Write("Error creating new app owner: " & Server.HTMLEncode(Err.Description))
Set cmdNewOwner = Nothing
objConn.Close
Response.End
End If
' Get the newly created app owner ID
Dim rsNewOwner
Set rsNewOwner = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
newappownerid = rsNewOwner("newid")
rsNewOwner.Close
Set rsNewOwner = Nothing
Set cmdNewOwner = Nothing
On Error Goto 0
End If
' Insert new support team using parameterized query
Dim sqlNewTeam, cmdNewTeam
sqlNewTeam = "INSERT INTO supportteams (teamname, teamurl, appownerid, isactive) VALUES (?, ?, ?, 1)"
Set cmdNewTeam = Server.CreateObject("ADODB.Command")
cmdNewTeam.ActiveConnection = objConn
cmdNewTeam.CommandText = sqlNewTeam
cmdNewTeam.CommandType = 1
cmdNewTeam.Parameters.Append cmdNewTeam.CreateParameter("@teamname", 200, 1, 50, newsupportteamname)
cmdNewTeam.Parameters.Append cmdNewTeam.CreateParameter("@teamurl", 200, 1, 512, newsupportteamurl)
cmdNewTeam.Parameters.Append cmdNewTeam.CreateParameter("@appownerid", 3, 1, , CLng(newappownerid))
On Error Resume Next
cmdNewTeam.Execute
If Err.Number <> 0 Then
Response.Write("Error creating new support team: " & Server.HTMLEncode(Err.Description))
Set cmdNewTeam = Nothing
objConn.Close
Response.End
End If
' Get the newly created support team ID
Dim rsNewTeam
Set rsNewTeam = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
newsupportteamid = rsNewTeam("newid")
rsNewTeam.Close
Set rsNewTeam = Nothing
Set cmdNewTeam = Nothing
On Error Goto 0
End If
' Convert isactive checkbox
Dim isActiveValue
If newisactive = "1" Then
isActiveValue = 1
Else
isActiveValue = 0
End If
' Insert new application/topic using parameterized query
Dim sqlNewApp, cmdNewApp
sqlNewApp = "INSERT INTO applications (appname, appdescription, supportteamid, applicationnotes, installpath, documentationpath, isactive, isinstallable, ishidden, isprinter, islicenced) " & _
"VALUES (?, ?, ?, ?, ?, ?, ?, 0, 0, 0, 0)"
Set cmdNewApp = Server.CreateObject("ADODB.Command")
cmdNewApp.ActiveConnection = objConn
cmdNewApp.CommandText = sqlNewApp
cmdNewApp.CommandType = 1
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@appname", 200, 1, 50, newappname)
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@appdescription", 200, 1, 255, newappdescription)
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@supportteamid", 3, 1, , CLng(newsupportteamid))
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@applicationnotes", 200, 1, 512, newapplicationnotes)
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@installpath", 200, 1, 255, newinstallpath)
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@documentationpath", 200, 1, 512, newdocumentationpath)
cmdNewApp.Parameters.Append cmdNewApp.CreateParameter("@isactive", 11, 1, , CBool(isActiveValue))
On Error Resume Next
cmdNewApp.Execute
If Err.Number <> 0 Then
Response.Write("Error creating new topic: " & Server.HTMLEncode(Err.Description))
Set cmdNewApp = Nothing
objConn.Close
Response.End
End If
' Get the newly created topic ID
Dim rsNewApp
Set rsNewApp = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
appid = rsNewApp("newid")
rsNewApp.Close
Set rsNewApp = Nothing
Set cmdNewApp = Nothing
On Error Goto 0
End If
' UPDATE knowledge base article using parameterized query
Dim strSQL, cmdUpdate
strSQL = "UPDATE knowledgebase SET linkurl = ?, shortdescription = ?, keywords = ?, appid = ?, lastupdated = NOW() WHERE linkid = ?"
Set cmdUpdate = Server.CreateObject("ADODB.Command")
cmdUpdate.ActiveConnection = objConn
cmdUpdate.CommandText = strSQL
cmdUpdate.CommandType = 1
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@linkurl", 200, 1, 2000, linkurl)
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@shortdescription", 200, 1, 500, shortdescription)
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@keywords", 200, 1, 500, keywords)
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@appid", 3, 1, , CLng(appid))
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@linkid", 3, 1, , CLng(linkid))
On Error Resume Next
cmdUpdate.Execute
If Err.Number = 0 Then
Set cmdUpdate = Nothing
objConn.Close
Response.Redirect("displayknowledgearticle.asp?linkid=" & linkid & "&status=updated")
Else
Set cmdUpdate = Nothing
objConn.Close
Response.Redirect("displayknowledgearticle.asp?linkid=" & linkid & "&status=error&msg=" & Server.URLEncode("Error: " & Server.HTMLEncode(Err.Description)))
End If
%>
Reference in New Issue View Git Blame Copy Permalink