Forums
Dani was asked to replace a shopping system (that had been developed by a Highly Paid Consultant) with a better one. Dani expected to find high quality, well organized code that would be easy to modify. Undoubtedly, there would be some database housing all of the data.
Dani searched the code for the database connection to know where to connect and found this in a file named: shop$db.asp:
Dim database Dim dbname Dim SError Dim con Dim rsorder 'for record paging Dim mypagesize Dim maxpages 'Products Dim lngCatalogid Dim strCcode Dim strCname Dim memCdescription Dim curCprice Dim strCimageurl Dim datCdateavailable Dim lngCstock Dim lngCcategory Dim strCategory Dim strMfg Dim strDescURL ' link to extended description page Dim strWeight Dim strFeatures ' Product Features 2.11 Dim strButtonImage Dim StrcDescURL Dim strPOther1 Dim strPOther2 Dim strpOther3 Dim lngpSubcatID ' Version 2.3 Dim strSpecialoffer ' 2.4 Dim strRetailPrice '2.4 Dim strAllowusertext ' 2.45 Dim MemUserText Dim strPother4 Dim strPother5 Dim strTemplate '2.50 Dim memExDesc Dim strExtendedimage '2.50 2 Dim strProductUserid ' 2.50 Dim strSelectList ' 2.50 Dim strkeywords ' 2.50 Dim lngDiscount ' calculated 3.0 Dim NewCustomerPrice ' calculated 3.0 Dim curOriginalPrice Dim strlevel3, strlevel4, strlevel5 ' 3.0 Dim ProductFieldValid Dim strGiftCertificate Dim strMinimumquantity Dim strsupplierid ' 3.50 Dim strcrossSelling Dim boolhide Dim strgroupfordiscount Dim strclanguage Dim strattachment, strdownload Dim strcustomermatch, strproductmatch, strcustomertype Dim strpoints,strpointstobuy, strprice2,strprice3 ' 4.50 Dim strmaximumquantity '5.0 Dim strfrontpage ' 5.0 Dim strtaxfree, strfreeshipping '5.50 ' Customer Data Dim strCustomerId Dim strFirstname Dim strLastname Dim strAddress Dim strCity Dim strState Dim strPostcode Dim strCountry Dim strCompany Dim strPhone Dim strWorkphone Dim strMobilephone Dim strFax Dim strEmail Dim strWebsite Dim lngContacttypeid Dim strComments Dim strContactreason Dim lngLoginCount Dim StrDiscount Dim strcustuserid Dim strcdualprice ' dual price from product record Dim straddress2, strshipaddress2, strinventoryproducts Dim strshipname Dim strShipAddress Dim strShipTown Dim strShipZip Dim strShipState Dim StrShipCountry Dim StrshipCompany Dim strShipMethodType Dim strShipCost 3 Dim strShipComment Dim blnMailList Dim blncookieQuestion Dim strvatnumber ' 4.5 Dim strhearaboutus ' 5.0 ' Shipping table Dim lngShipmethodid Dim strShipmethod ' shipping method Dim curSmprice ' price Dim curShipbasecost ' base cost Dim curShipextracost ' extra per item Dim strShipother1 ' unused Dim strShipother2 ' unused Dim curShipcost2 ' unused Dim curShipcost1 ' unused ' Database Access Dim SQL Dim objRS Dim rsprod Dim mypage Dim maxrecs Dim DESCRIPTION Dim CATEGORY Dim CAT_ID Dim SUBCAT Dim Recno Dim maxrec Dim databasecnt 'features Dim lngFeaturenum Dim strFeaturecaption Dim strFeaturename Dim curFeatureprice Dim strFeatureother Dim strFeatureType Dim StrFeatureMulti Dim strFeatureRequired Dim strfeatureother1 Dim strfeatureweight '5.0 Dim strfeatureimage '5.0 Dim strfeaturepercent '5.0 Dim ProductOptions(100) Dim FeatureRS ' SubCategories Dim lngSubcategoryid Dim strSubcategory Dim strSubcatOther Dim lngCategoryid Dim Errors 4
Dani's heart sank a bit. Then Dani discovered this recursive date formatting function:
Function Shopdateformat (iDate, itype) Dim strDate Dim intTrim intTrim = 1 if len(itype) = 0 Then Shopdateformat = "" Else 'Enter recursive function to format date Select Case Left(itype,1) Case "d" if Mid(itype, 2, 1) = "d" Then strDate = weekdayname(weekday(iDate)) & " " & datepart("d",iDate) intTrim = 2 Else strDate = day(iDate) End If Case "m" if Mid(itype, 2, 1) = "m" Then strDate = monthname(month(iDate)) intTrim = 2 Else strDate = month(iDate) End If Case "y" if Mid(itype, 2, 3) = "yyy" Then strDate = year(iDate) intTrim = 4 ElseIf Mid(itype, 2, 1) = "y" Then strDate = Right(year(iDate), 2) intTrim = 2 Else strDate = Right(year(iDate), 2) End If Case " " strDate = " " Case "/" strDate = "/" Case "-" strDate = "-" Case "." strDate = "." Case Else Response.Write "<BR>** Error in date format string **" End Select Shopdateformat = strDate & Shopdateformat(iDate, Right(itype, Len(itype) -intTrim)) End If End Function
Not to be deterred, Dani continued and found the hacker protection:
'******************************************************************** ' See if hacker is trying to run something '***************************************************************** Sub CleanseMessage (msg, rc) Dim badChars,i,lmsg, pos Dim newChars badChars = array(";", "--", "@@","=","<script>","\", "/") newChars = lcase(msg) for i = 0 to uBound(badChars) if instr(1,newchars,badchars(i),1)>0 then rc=4 exit sub end if next rc=0 end sub
Upon spotting that they forgot the SQL injection part of hacker protection, Dani realized that perhaps shopping for a better job might be task 1.
[Advertisement]
BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!