Dani was asked to replace a shopping system (that had been developed by a Highly Paid Consultant) with a better one. Dani expected to find high quality, well organized code that would be easy to modify. Undoubtedly, there would be some database housing all of the data.

Dani searched the code for the database connection to know where to connect and found this in a file named: shop$db.asp:

  Dim database 
  Dim dbname 
  Dim SError 
  Dim con 
  Dim rsorder 
'for record paging 
  Dim mypagesize 
  Dim maxpages 
'Products 
  Dim lngCatalogid 
  Dim strCcode 
  Dim strCname 
  Dim memCdescription 
  Dim curCprice 
  Dim strCimageurl 
  Dim datCdateavailable 
  Dim lngCstock 
  Dim lngCcategory 
  Dim strCategory 
  Dim strMfg 
  Dim strDescURL ' link to extended description page 
  Dim strWeight 
  Dim strFeatures ' Product Features 2.11 
  Dim strButtonImage 
  Dim StrcDescURL 
  Dim strPOther1 
  Dim strPOther2 
  Dim strpOther3 
  Dim lngpSubcatID ' Version 2.3 
  Dim strSpecialoffer ' 2.4 
  Dim strRetailPrice '2.4 
  Dim strAllowusertext ' 2.45 
  Dim MemUserText 
  Dim strPother4 
  Dim strPother5 
  Dim strTemplate '2.50 
  Dim memExDesc 
  Dim strExtendedimage '2.50 2
  Dim strProductUserid ' 2.50 
  Dim strSelectList ' 2.50 
  Dim strkeywords ' 2.50 
  Dim lngDiscount ' calculated 3.0 
  Dim NewCustomerPrice ' calculated 3.0 
  Dim curOriginalPrice 
  Dim strlevel3, strlevel4, strlevel5 ' 3.0
  Dim ProductFieldValid 
  Dim strGiftCertificate 
  Dim strMinimumquantity 
  Dim strsupplierid ' 3.50 
  Dim strcrossSelling 
  Dim boolhide 
  Dim strgroupfordiscount 
  Dim strclanguage 
  Dim strattachment, strdownload 
  Dim strcustomermatch, strproductmatch, strcustomertype 
  Dim strpoints,strpointstobuy, strprice2,strprice3 ' 4.50 
  Dim strmaximumquantity '5.0 
  Dim strfrontpage ' 5.0 
  Dim strtaxfree, strfreeshipping '5.50 
' Customer Data 
  Dim strCustomerId 
  Dim strFirstname 
  Dim strLastname 
  Dim strAddress 
  Dim strCity 
  Dim strState 
  Dim strPostcode 
  Dim strCountry 
  Dim strCompany 
  Dim strPhone 
  Dim strWorkphone 
  Dim strMobilephone 
  Dim strFax 
  Dim strEmail 
  Dim strWebsite 
  Dim lngContacttypeid 
  Dim strComments 
  Dim strContactreason 
  Dim lngLoginCount 
  Dim StrDiscount 
  Dim strcustuserid 
  Dim strcdualprice ' dual price from product record 
  Dim straddress2, strshipaddress2, strinventoryproducts 
 
  Dim strshipname 
  Dim strShipAddress 
  Dim strShipTown 
  Dim strShipZip 
  Dim strShipState 
  Dim StrShipCountry 
  Dim StrshipCompany 
  Dim strShipMethodType 
  Dim strShipCost 3
  Dim strShipComment 
  Dim blnMailList 
  Dim blncookieQuestion 
  Dim strvatnumber ' 4.5 
  Dim strhearaboutus ' 5.0 
 
' Shipping table 
  Dim lngShipmethodid 
  Dim strShipmethod ' shipping method 
  Dim curSmprice ' price 
  Dim curShipbasecost ' base cost 
  Dim curShipextracost ' extra per item 
  Dim strShipother1 ' unused 
  Dim strShipother2 ' unused 
  Dim curShipcost2 ' unused 
  Dim curShipcost1 ' unused 
 
' Database Access 
  Dim SQL 
  Dim objRS 
  Dim rsprod 
  Dim mypage 
  Dim maxrecs 
  Dim DESCRIPTION 
  Dim CATEGORY 
  Dim CAT_ID 
  Dim SUBCAT 
  Dim Recno 
  Dim maxrec 
  Dim databasecnt 
'features 
  Dim lngFeaturenum 
  Dim strFeaturecaption 
  Dim strFeaturename 
  Dim curFeatureprice 
  Dim strFeatureother 
  Dim strFeatureType 
  Dim StrFeatureMulti 
  Dim strFeatureRequired 
  Dim strfeatureother1 
  Dim strfeatureweight '5.0 
  Dim strfeatureimage '5.0 
  Dim strfeaturepercent '5.0 
 
  Dim ProductOptions(100) 
  Dim FeatureRS 
' SubCategories 
  Dim lngSubcategoryid 
  Dim strSubcategory 
  Dim strSubcatOther 
  Dim lngCategoryid 
  Dim Errors 4

Dani's heart sank a bit. Then Dani discovered this recursive date formatting function:

Function Shopdateformat (iDate, itype) 
   Dim strDate 
   Dim intTrim 
   intTrim = 1 
   if len(itype) = 0 Then 
      Shopdateformat = "" 
   Else 
      'Enter recursive function to format date 
      Select Case Left(itype,1) 
         Case "d" 
                  if Mid(itype, 2, 1) = "d" Then 
                     strDate = weekdayname(weekday(iDate)) & " " & datepart("d",iDate) 
                     intTrim = 2 
                  Else 
                     strDate = day(iDate) 
                  End If 
         Case "m" 
                  if Mid(itype, 2, 1) = "m" Then 
                     strDate = monthname(month(iDate)) 
                     intTrim = 2 
                  Else 
                     strDate = month(iDate) 
                  End If 
         Case "y" 
                  if Mid(itype, 2, 3) = "yyy" Then 
                     strDate = year(iDate) 
                     intTrim = 4 
                  ElseIf Mid(itype, 2, 1) = "y" Then 
                     strDate = Right(year(iDate), 2) 
                     intTrim = 2 
                  Else 
                     strDate = Right(year(iDate), 2) 
                  End If 
         Case " " 
                  strDate = " " 
         Case "/" 
                  strDate = "/" 
         Case "-" 
                  strDate = "-" 
         Case "." 
                  strDate = "." 
         Case Else 
                  Response.Write "<BR>** Error in date format string **" 
      End Select 
      Shopdateformat = strDate & Shopdateformat(iDate, Right(itype, Len(itype) -intTrim)) 
   End If 
End Function

Not to be deterred, Dani continued and found the hacker protection:

'******************************************************************** 
' See if hacker is trying to run something 
'***************************************************************** 
Sub CleanseMessage (msg, rc) 
  Dim badChars,i,lmsg, pos 
  Dim newChars 
  badChars = array(";", "--", "@@","=","<script>","\", "/") 
  newChars = lcase(msg) 
  for i = 0 to uBound(badChars) 
      if instr(1,newchars,badchars(i),1)>0 then 
         rc=4 
         exit sub 
      end if 
  next 
  rc=0 
end sub

Upon spotting that they forgot the SQL injection part of hacker protection, Dani realized that perhaps shopping for a better job might be task 1.

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!