public string initiate(int intSessionId)
{
string strTotalDoc = "";
string strHeader = "";
string strUserAgent = "";
System.Text.StringBuilder objFormSubmissionStr = new System.Text.StringBuilder();
strGuid = "" + System.Guid.NewGuid().ToString();
mSessionId = intSessionId;
objSession.id = mSessionId;
objSession.populate();
devCafe.framework.frameworkListItems objFrameWorkListItem = new devCafe.framework.frameworkListItems();
objFrameWorkListItem.id = objSession.userAgent;
objFrameWorkListItem.populate();
strUserAgent = objFrameWorkListItem.listItemName;
#region Construct Report Header
strHeader += "<header>";
strHeader += "<application>beretta</application>";
strHeader += "<version>1.0</version>";
strHeader += "<sessionId>" + objSession.id.ToString() + "</sessionId>";
strHeader += "<date>" + System.DateTime.Now + "</date>";
if (objSession.authenticationType == 0)
{
strHeader += "<authenticationType>None</authenticationType>";
}
else if (objSession.authenticationType == 1)
{
strHeader += "<authenticationType>Forms</authenticationType>";
}
else if (objSession.authenticationType == 2)
{
strHeader += "<authenticationType>Raw</authenticationType>";
}
strHeader += "<sessionName>" + objSession.sessionName + "</sessionName>";
strHeader += "<sessionDescription>" + objSession.sessionDescription + "</sessionDescription>";
strHeader += "</header>";
#endregion
objUrlsDataSet = urlsDataAccess.getAllForSession(objSession.id);
//For each URL in session
foreach (DataRow objUrlRow in objUrlsDataSet.Tables[0].Rows)
{
//Manual Scan
urlWorker objUrlWorker = new urlWorker();
objUrlWorker.sessionId = objSession.id;
objUrlWorker.authenticationType = objSession.authenticationType;
objUrlWorker.urlId = System.Convert.ToInt32(objUrlRow["id"]);
objUrlWorker.userAgent = strUserAgent;
objUrlWorker.scanManual();
strUrls = strUrls + "<url>" + objUrlWorker.url + "</url>";
if (objUrlWorker.objBerettaResultHashTable != null && objUrlWorker.objBerettaResultHashTable.Count > 0)
{
objStringBuilder.Append(buildResults(objUrlWorker.objBerettaResultHashTable));
}
objFormSubmissionStr.Append(buildSubmission(objUrlWorker.objBerettaSubmissionHashTable));
objUrlWorker = null;
//Auto Scan
if (objSession.useAutoScan == 1)
{
urlWorker objUrlWorkerAuto = new urlWorker();
objUrlWorkerAuto.sessionId = objSession.id;
objUrlWorkerAuto.authenticationType = objSession.authenticationType;
objUrlWorkerAuto.urlId = System.Convert.ToInt32(objUrlRow["id"]);
objUrlWorkerAuto.userAgent = strUserAgent;
objUrlWorkerAuto.scanAuto();
if (objUrlWorkerAuto.objBerettaResultHashTable != null && objUrlWorkerAuto.objBerettaResultHashTable.Count > 0)
{
objStringBuilder.Append(buildResults(objUrlWorkerAuto.objBerettaResultHashTable));
}
objFormSubmissionStr.Append(buildSubmission(objUrlWorkerAuto.objBerettaSubmissionHashTable));
objUrlWorkerAuto = null;
}
}
#region Construct XML report
strTotalDoc += "<report>";
strTotalDoc += "" + strHeader;
strTotalDoc += "" + "<body>";
strTotalDoc += "" + "<urlsScanned>" + strUrls + "</urlsScanned>";
strTotalDoc += "<scanItems>" + objStringBuilder.ToString() + "</scanItems>";
strTotalDoc += "<formSubmissions>" + objFormSubmissionStr.ToString() + "</formSubmissions>";
strTotalDoc += "" + "</body>";
strTotalDoc += "</report>";
#endregion
#region Write XML report
string strPath = "" + System.Configuration.ConfigurationSettings.AppSettings.Get("outputDir") + strGuid + ".XML";
StreamWriter objStreamWriter;
//Add XSL file ref
string strXslFile = "" + devCafe.framework.keyDataAccess.get("defaultScanXSL");
strTotalDoc = "<?xml-stylesheet href='../xsl/" + strXslFile + "' type='text/xsl'?>" + strTotalDoc;
objStreamWriter = System.IO.File.CreateText(strPath);
objStreamWriter.WriteLine(strTotalDoc);
objStreamWriter.Close();
#endregion
return("./" + strGuid + ".XML");
}
private void Page_Load(object sender, System.EventArgs e)
{
try
{
//Start new recording session
if ("" + Request.QueryString["action"] == "reset")
{
clearSession();
}
if ("" + Session["sessionId"] != "")
{
objSession.id = System.Convert.ToInt32(Session["sessionId"]);
objSession.populate();
}
//Set Buttons
if (Session["mode"].ToString() == "record")
{
cmdRecord.Enabled = false;
cmdPause.Enabled = true;
cmdStop.Enabled = true;
}
if (Session["mode"].ToString() == "pause")
{
cmdRecord.Enabled = true;
cmdPause.Enabled = false;
cmdStop.Enabled = true;
}
try
{
strRedirectUrl = "" + Request.QueryString["pageUrl"].ToString();
}
catch
{
}
//Get Form Submission
if ("" + Session["mode"].ToString() == "record")
{
string strPayload = "" + Request.Form;
//replace modified view state field
strPayload = strPayload.Replace("__RETREIVEDVIEWSTATE", "__VIEWSTATE");
//add this payload if we are in record mode
objPayload.payloadName = "Auto Generated for " + objSession.sessionName + ", " + Session["url"].ToString();
objPayload.description = "" + Session["url"].ToString();
objPayload.payloadData = "" + strPayload;
objPayload.payloadOrder = System.Convert.ToInt32(Session["payloadOrder"]);
objPayload.type = 0;
objPayload.add();
txtPayload.Text = "" + objPayload.payloadData;
txtCurrentURL.Text = "" + strRedirectUrl;
payloadDataAccess.addSessionPayload(System.Convert.ToInt32(Session["sessionId"]), objPayload.id, System.Convert.ToInt32(Session["urlId"]), System.Convert.ToInt32(Session["payloadOrder"]));
intTmp = System.Convert.ToInt32(Session["payloadOrder"]);
intTmp = intTmp + 1;
Session["payloadOrder"] = intTmp.ToString();
}
//Display Results of form submission on page
if ("" + Session["mode"].ToString() == "pause" || Session["mode"].ToString() == "record")
{
//Increment recording values
intTmp = System.Convert.ToInt32(Session["order"]);
intTmp = intTmp + 1;
Session["order"] = intTmp;
objUrl.description = "Auto Generated URL";
objUrl.sessionId = System.Convert.ToInt32(Session["sessionId"]);
objUrl.sessionOrder = System.Convert.ToInt32(Session["order"]);
objUrl.url = strRedirectUrl;
objUrl.add();
Session["urlId"] = objUrl.id.ToString();
Session["url"] = "" + objUrl.url;
strHtml = "" + objFormSubmitter.submitData("" + objPayload.payloadData, strRedirectUrl, true, "POST", "");
strHtml = strHtml.Replace("__VIEWSTATE", "__RETREIVEDVIEWSTATE");
strHtml = objFormRedirect.rewriteForm(strHtml, System.Configuration.ConfigurationSettings.AppSettings.Get("siteRoot") + "default.aspx?pageId=46&pageUrl=" + System.Web.HttpUtility.UrlEncode(strRedirectUrl), System.Configuration.ConfigurationSettings.AppSettings.Get("siteRoot") + "default.aspx?pageId=46&pageUrl=", objSession.applicationBaseUrl);
Literal objLiteral = new Literal();
objLiteral.Text = strHtml;
panelHtml.Controls.Add(objLiteral);
panelInitialSessionSetup.Visible = false;
panelRecord.Visible = true;
panelRetrievedSite.Visible = true;
}
else if ("" + Session["mode"].ToString() == "start")
{
Session["mode"] = "record";
}
}
catch
{
}
}
