public static void Init(HttpServerUtility server)
{
lock (_lock)
{
if (Debugger.IsAttached)
{
BasicConfigurator.Configure();
}
else
{
XmlConfigurator.Configure();
}
string configPath = Path.Combine(PARENT_CONFIG_PATH, DefaultConfigName);
DefaultConfigPath = server.MapPath(configPath);
RootDir = server.MapPath(".");
log.Debug("DYLD_FALLBACK_LIBRARY_PATH: " + Environment.GetEnvironmentVariable("DYLD_FALLBACK_LIBRARY_PATH"));
log.Debug("PWD: " + Environment.CurrentDirectory);
//Check if we are running as an Azure App Service with a MySQL In App database
string mysql = Environment.GetEnvironmentVariable("MYSQLCONNSTR_localdb");
if (mysql != null)
{
log.Debug("Loading config from env var MYSQLCONNSTR_localdb: " + mysql);
CurrentConfigFile = new MySqlConnStringConfig(mysql);
CurrentConfigFile.Load();
}
else
{
log.Debug("No env var detected for MYSQLCONNSTR_localdb");
//By default if there's no config let's create a sqlite db.
string defaultConfigPath = DefaultConfigPath;
string sqlitePath = Path.Combine(DATA_FOLDER, DEFAULT_SQLITE_NAME);
sqlitePath = server.MapPath(sqlitePath);
if (!File.Exists(defaultConfigPath))
{
ConfigFile file = new ConfigFile(defaultConfigPath);
file.Set(DbConstants.KEY_DB_TYPE, DbConstants.DB_TYPE_SQLITE);
file.Set(DbConstants.KEY_FILE_NAME, sqlitePath);
file.Save();
CurrentConfigFile = file;
}
else
{
CurrentConfigFile = new ConfigFile(defaultConfigPath);
CurrentConfigFile.Load();
}
}
CurrentDbProvider = DbProviderFactory.Create(CurrentConfigFile);
_inited = true;
}
}
public void FakeTest1()
{
// Arrange
string configName = Settings.DefaultConfigName;
string[] lines =
{
"dbtype=Sqlite",
"filename=webgoat_coins.sqlite"
};
File.WriteAllLines(configName, lines);
ConfigFile configFile = new ConfigFile(configName);
configFile.Load();
IDbProvider dbProvider = DbProviderFactory.Create(configFile);
string fakeEmail = "someone@somewhere";
string fakePassword = DateTime.Now.ToString();
string goodEmail = "*****@*****.**";
string goodPassword = Encoder.Decode("MTIzNDU2");
string hackEmail = "' or 1 = 1 --";
string hackPassword = "";
// Act
bool loginFail = dbProvider.IsValidCustomerLogin(fakeEmail, fakePassword);
bool loginOk = dbProvider.IsValidCustomerLogin(goodEmail, goodPassword);
bool hackFail = dbProvider.IsValidCustomerLogin(hackEmail, hackPassword);
// Assert
Assert.IsTrue(loginOk);
Assert.IsFalse(loginFail);
Assert.IsFalse(hackFail);
}
public static void Init(HttpServerUtility server)
{
string configPath = Path.Combine(PARENT_CONFIG_PATH, DefaultConfigName);
DefaultConfigPath = server.MapPath(configPath);
//By default if there's no config let's create a sqlite db.
string defaultConfigPath = DefaultConfigPath;
string sqlitePath = Path.Combine(DATA_FOLDER, DEFAULT_SQLITE_NAME);
sqlitePath = server.MapPath(sqlitePath);
if (!File.Exists(defaultConfigPath))
{
ConfigFile file = new ConfigFile(defaultConfigPath);
file.Set(DbConstants.KEY_DB_TYPE, DbConstants.DB_TYPE_SQLITE);
file.Set(DbConstants.KEY_FILE_NAME, sqlitePath);
file.Save();
CurrentConfigFile = file;
}
else
{
CurrentConfigFile = new ConfigFile(defaultConfigPath);
CurrentConfigFile.Load();
}
CurrentDbProvider = DbProviderFactory.Create(CurrentConfigFile);
}
public static void Init(HttpServerUtility server)
{
lock (_lock)
{
if (Debugger.IsAttached)
{
BasicConfigurator.Configure();
}
else
{
XmlConfigurator.Configure();
}
string configPath = Path.Combine(PARENT_CONFIG_PATH, DefaultConfigName);
DefaultConfigPath = server.MapPath(configPath);
RootDir = server.MapPath(".");
log.Debug("DYLD_FALLBACK_LIBRARY_PATH: " + Environment.GetEnvironmentVariable("DYLD_FALLBACK_LIBRARY_PATH"));
log.Debug("PWD: " + Environment.CurrentDirectory);
//By default if there's no config let's create a sqlite db.
string defaultConfigPath = DefaultConfigPath;
string sqlitePath = Path.Combine(DATA_FOLDER, DEFAULT_SQLITE_NAME);
sqlitePath = server.MapPath(sqlitePath);
if (!File.Exists(defaultConfigPath))
{
ConfigFile file = new ConfigFile(defaultConfigPath);
file.Set(DbConstants.KEY_DB_TYPE, DbConstants.DB_TYPE_SQLITE);
file.Set(DbConstants.KEY_FILE_NAME, sqlitePath);
file.Save();
CurrentConfigFile = file;
}
else
{
CurrentConfigFile = new ConfigFile(defaultConfigPath);
CurrentConfigFile.Load();
}
CurrentDbProvider = DbProviderFactory.Create(CurrentConfigFile);
_inited = true;
}
}
protected void btnRebuildDatabase_Click(object sender, EventArgs e)
{
IConfig config = Settings.CurrentConfigFile;
UpdateConfigFile(config);
Settings.CurrentDbProvider = DbProviderFactory.Create(config);
Settings.CurrentDbProvider.RecreateGoatDb();
if (Settings.CurrentDbProvider.TestConnection())
{
labelRebuildSuccess.Text = "Database Rebuild Successful!";
PanelRebuildSuccess.Visible = true;
Session["DBConfigured"] = true;
}
else
{
labelRebuildFailure.Text = "Error rebuilding database. Please see logs.";
PanelRebuildFailure.Visible = true;
Session["DBConfigured"] = null;
}
}
protected void btnTestConfiguration_Click(object sender, EventArgs e)
{
IConfig config = Settings.CurrentConfigFile;
//TODO: Need to provide interface for saving multiple configs need VS for it.
UpdateConfigFile(config);
Settings.CurrentDbProvider = DbProviderFactory.Create(config);
if (Settings.CurrentDbProvider.TestConnection())
{
labelSuccess.Text = "Connection to Database Successful!";
PanelSuccess.Visible = true;
Session["DBConfigured"] = true;
}
else
{
labelError.Text = "Error testing database. Please see logs.";
PanelError.Visible = true;
Session["DBConfigured"] = null;
}
}