Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Move resources dir to 'Resources', delete bin files as they are

automatically generated. Delete user preferences since they are unique
to each environment and are auto-generated anyway.
  • Loading branch information...
commit 1ef56a8a7588c9b023dfa16d032716d738a7f4f6 1 parent b2403f0
Harry Papaxenopoulos authored
Showing with 210 additions and 246 deletions.
  1. BIN  .DS_Store
  2. +10 −0 .gitignore
  3. +0 −47 WebGoat.NET.userprefs
  4. +107 −106 WebGoat/Content/PathManipulation.aspx.cs
  5. +19 −19 WebGoat/Content/StoredXSS.aspx.cs
  6. +32 −32 WebGoat/ProxySetup.aspx.designer.cs
  7. 0  WebGoat/{resources → Resources}/Master-Pages/Site.Master
  8. 0  WebGoat/{resources → Resources}/Master-Pages/Site.Master.cs
  9. 0  WebGoat/{resources → Resources}/Master-Pages/Site.Master.designer.cs
  10. 0  WebGoat/{resources → Resources}/client-scripts/.DS_Store
  11. 0  WebGoat/{resources → Resources}/client-scripts/jquery-1.3.2.min.js
  12. 0  WebGoat/{resources → Resources}/client-scripts/jquery-1.4.2.min.js
  13. 0  WebGoat/{resources → Resources}/client-scripts/jquery-1.6.2.min.js
  14. 0  WebGoat/{resources → Resources}/client-scripts/jquery-ui-1.8.16.custom.min.js
  15. 0  WebGoat/{resources → Resources}/client-scripts/jquery.autocomplete-min.js
  16. 0  WebGoat/{resources → Resources}/client-scripts/jquery.autocomplete.js
  17. 0  WebGoat/{resources → Resources}/client-scripts/menu.js
  18. 0  WebGoat/{resources → Resources}/images/infrared_logo.png
  19. 0  WebGoat/{resources → Resources}/images/moreinfo.png
  20. 0  WebGoat/{resources → Resources}/images/moreinfo1.png
  21. 0  WebGoat/{resources → Resources}/images/moreinfo2.png
  22. 0  WebGoat/{resources → Resources}/jquery-libs/autocomplete/images/shadow.png
  23. 0  WebGoat/{resources → Resources}/jquery-libs/autocomplete/styles.css
  24. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_diagonals-thick_90_eeeeee_40x40.png
  25. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_flat_15_cd0a0a_40x100.png
  26. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_glass_100_e4f1fb_1x400.png
  27. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_glass_50_3baae3_1x400.png
  28. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_glass_80_d7ebf9_1x400.png
  29. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_highlight-hard_100_f2f5f7_1x100.png
  30. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_highlight-hard_70_000000_1x100.png
  31. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_highlight-soft_100_deedf7_1x100.png
  32. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-bg_highlight-soft_25_ffef8f_1x100.png
  33. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-icons_2694e8_256x240.png
  34. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-icons_2e83ff_256x240.png
  35. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-icons_3d80b3_256x240.png
  36. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-icons_72a7cf_256x240.png
  37. 0  WebGoat/{resources → Resources}/jquery-ui/images/ui-icons_ffffff_256x240.png
  38. 0  WebGoat/{resources → Resources}/jquery-ui/jquery-ui-1.8.16.custom.css
  39. +41 −41 WebGoat/WebGoat.NET.csproj
  40. BIN  WebGoat/WebGoat.NET.pidb
  41. +1 −1  WebGoat/WebGoatCoins/ProductDetails.aspx.cs
  42. BIN  WebGoat/bin/DotNetGoat.dll
  43. BIN  WebGoat/bin/DotNetGoat.dll.mdb
  44. BIN  WebGoat/bin/DotNetGoat.pdb
  45. BIN  WebGoat/bin/System.Data.SQLite.dll
  46. BIN  WebGoat/bin/TechInfoSystems.Data.SQLiteProvider.dll
  47. BIN  WebGoat/bin/TechInfoSystems.Data.SQLiteProvider.dll.mdb
  48. BIN  WebGoat/bin/mysql.data.dll
  49. BIN  WebGoat/bin/mysql.data.entity.dll
  50. BIN  WebGoat/bin/mysql.visualstudio.dll
  51. BIN  WebGoat/bin/mysql.web.dll
  52. BIN  WebGoat/obj/.DS_Store
View
BIN  .DS_Store
Binary file not shown
View
10 .gitignore
@@ -0,0 +1,10 @@
+# Project Files #
+#################
+*.userprefs
+WebGoat/WebGoat.NET.pidb
+WebGoat/bin
+WebGoat/obj
+
+# Trash Files #
+###############
+.DS_Store
View
47 WebGoat.NET.userprefs
@@ -1,47 +0,0 @@
-<Properties>
- <MonoDevelop.Ide.Workspace ActiveConfiguration="Debug" />
- <MonoDevelop.Ide.Workbench ActiveDocument="WebGoat/RebuildDatabase.aspx">
- <Files>
- <File FileName="WebGoat/Web.sitemap" Line="243" Column="1" />
- <File FileName="WebGoat/Web.config" Line="211" Column="1" />
- <File FileName="WebGoat/RebuildDatabase.aspx" Line="18" Column="14" />
- <File FileName="WebGoat/dbtest.aspx.cs" Line="30" Column="14" />
- <File FileName="WebGoat/ProxySetup.aspx.designer.cs" Line="16" Column="50" />
- <File FileName="WebGoat/ProxySetup.aspx.cs" Line="31" Column="1" />
- <File FileName="WebGoat/LoginPage.aspx.designer.cs" Line="29" Column="1" />
- <File FileName="WebGoat/LoginPage.aspx.cs" Line="1" Column="1" />
- <File FileName="WebGoat/LoginPage.aspx" Line="2" Column="1" />
- <File FileName="WebGoat/Global.asax" Line="1" Column="1" />
- <File FileName="WebGoat/ForgotPassword.aspx" Line="11" Column="2" />
- <File FileName="WebGoat/Default.aspx" Line="1" Column="69" />
- <File FileName="WebGoat/ChangePassword.aspx" Line="10" Column="1" />
- <File FileName="WebGoat/Default.aspx.cs" Line="1" Column="1" />
- <File FileName="WebGoat/App_Code/DatabaseUtilities.cs" Line="496" Column="10" />
- <File FileName="WebGoat/App_Code/IOHelper.cs" Line="1" Column="1" />
- <File FileName="WebGoat/Content/SQLInjection.aspx" Line="1" Column="1" />
- <File FileName="WebGoat/Content/SQLInjection.aspx.cs" Line="20" Column="26" />
- </Files>
- <Pads>
- <Pad Id="ProjectPad">
- <State expanded="True">
- <Node name="WebGoat.NET" expanded="True">
- <Node name="App_Themes" expanded="True" />
- <Node name="Resources" expanded="True" />
- </Node>
- </State>
- </Pad>
- <Pad Id="ClassPad">
- <State expanded="True" selected="True" />
- </Pad>
- <Pad Id="MonoDevelop.Debugger.WatchPad">
- <State />
- </Pad>
- </Pads>
- </MonoDevelop.Ide.Workbench>
- <MonoDevelop.Ide.DebuggingService.Breakpoints>
- <BreakpointStore>
- <Breakpoint file="/Users/Jerry/Desktop/WebGoat.NET/WebGoat/Content/SQLInjection.aspx.cs" line="24" />
- </BreakpointStore>
- </MonoDevelop.Ide.DebuggingService.Breakpoints>
- <MonoDevelop.Ide.DebuggingService.PinnedWatches />
-</Properties>
View
213 WebGoat/Content/PathManipulation.aspx.cs
@@ -1,37 +1,37 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Web;
-using System.Web.UI;
-using System.Web.UI.WebControls;
-using System.IO;
-
-namespace OWASP.WebGoat.NET
-{
- public partial class PathManipulation : System.Web.UI.Page
- {
- protected void Page_Load(object sender, EventArgs e)
- {
- //if(Request.QueryString["filename"] == null)
- //{
- DirectoryInfo di = new DirectoryInfo(Server.MapPath("~/Downloads"));
- int i = 0;
-
- foreach(FileInfo fi in di.GetFiles())
- {
- HyperLink HL = new HyperLink();
- HL.ID = "HyperLink" + i++;
- HL.Text = fi.Name;
- HL.NavigateUrl = Request.FilePath + "?filename="+fi.Name;
- ContentPlaceHolder cph = (ContentPlaceHolder)this.Master.FindControl("BodyContentPlaceholder");
- cph.Controls.Add(HL);
- cph.Controls.Add(new LiteralControl("<br/>"));
- }
- //}
- //else
- //{
- string filename = Request.QueryString["filename"];
- if(filename != null)
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.UI;
+using System.Web.UI.WebControls;
+using System.IO;
+
+namespace OWASP.WebGoat.NET
+{
+ public partial class PathManipulation : System.Web.UI.Page
+ {
+ protected void Page_Load(object sender, EventArgs e)
+ {
+ //if(Request.QueryString["filename"] == null)
+ //{
+ DirectoryInfo di = new DirectoryInfo(Server.MapPath("~/Downloads"));
+ int i = 0;
+
+ foreach(FileInfo fi in di.GetFiles())
+ {
+ HyperLink HL = new HyperLink();
+ HL.ID = "HyperLink" + i++;
+ HL.Text = fi.Name;
+ HL.NavigateUrl = Request.FilePath + "?filename="+fi.Name;
+ ContentPlaceHolder cph = (ContentPlaceHolder)this.Master.FindControl("BodyContentPlaceholder");
+ cph.Controls.Add(HL);
+ cph.Controls.Add(new LiteralControl("<br/>"));
+ }
+ //}
+ //else
+ //{
+ string filename = Request.QueryString["filename"];
+ if(filename != null)
{
try
{
@@ -39,77 +39,78 @@ protected void Page_Load(object sender, EventArgs e)
}
catch (Exception ex)
{
+ Console.WriteLine(ex.Message);
lblStatus.Text = "File not found: " + filename;
- }
- }
- //}
- }
-
- public static bool ResponseFile(HttpRequest _Request, HttpResponse _Response, string _fileName, string _fullPath, long _speed)
- {
- try
- {
- FileStream myFile = new FileStream(_fullPath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
- BinaryReader br = new BinaryReader(myFile);
- try
- {
-
- _Response.AddHeader("Accept-Ranges", "bytes");
- _Response.Buffer = false;
- long fileLength = myFile.Length;
- long startBytes = 0;
-
- int pack = 10240; //10K bytes
- if (_Request.Headers["Range"] != null)
- {
- _Response.StatusCode = 206;
- string[] range = _Request.Headers["Range"].Split(new char[] { '=', '-' });
- startBytes = Convert.ToInt64(range[1]);
- }
- _Response.AddHeader("Content-Length", (fileLength - startBytes).ToString());
-
- if (startBytes != 0)
- {
- _Response.AddHeader("Content-Range", string.Format(" bytes {0}-{1}/{2}", startBytes, fileLength - 1, fileLength));
- }
-
- _Response.AddHeader("Connection", "Keep-Alive");
- _Response.ContentType = "application/octet-stream";
- _Response.AddHeader("Content-Disposition", "attachment;filename=" + HttpUtility.UrlEncode(_fileName, System.Text.Encoding.UTF8));
-
- br.BaseStream.Seek(startBytes, SeekOrigin.Begin);
- int maxCount = (int)Math.Floor((double)((fileLength - startBytes) / pack)) + 1;
-
- for (int i = 0; i < maxCount; i++)
- {
- if (_Response.IsClientConnected)
- {
- _Response.BinaryWrite(br.ReadBytes(pack));
- }
- else
- {
- i = maxCount;
- }
- }
- }
- catch(Exception ex)
- {
- Console.WriteLine(ex.Message);
- return false;
- }
- finally
- {
- br.Close();
- myFile.Close();
- }
- }
- catch(Exception ex)
- {
- Console.WriteLine(ex.Message);
- return false;
- }
- return true;
- }
-
- }
+ }
+ }
+ //}
+ }
+
+ public static bool ResponseFile(HttpRequest _Request, HttpResponse _Response, string _fileName, string _fullPath, long _speed)
+ {
+ try
+ {
+ FileStream myFile = new FileStream(_fullPath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
+ BinaryReader br = new BinaryReader(myFile);
+ try
+ {
+
+ _Response.AddHeader("Accept-Ranges", "bytes");
+ _Response.Buffer = false;
+ long fileLength = myFile.Length;
+ long startBytes = 0;
+
+ int pack = 10240; //10K bytes
+ if (_Request.Headers["Range"] != null)
+ {
+ _Response.StatusCode = 206;
+ string[] range = _Request.Headers["Range"].Split(new char[] { '=', '-' });
+ startBytes = Convert.ToInt64(range[1]);
+ }
+ _Response.AddHeader("Content-Length", (fileLength - startBytes).ToString());
+
+ if (startBytes != 0)
+ {
+ _Response.AddHeader("Content-Range", string.Format(" bytes {0}-{1}/{2}", startBytes, fileLength - 1, fileLength));
+ }
+
+ _Response.AddHeader("Connection", "Keep-Alive");
+ _Response.ContentType = "application/octet-stream";
+ _Response.AddHeader("Content-Disposition", "attachment;filename=" + HttpUtility.UrlEncode(_fileName, System.Text.Encoding.UTF8));
+
+ br.BaseStream.Seek(startBytes, SeekOrigin.Begin);
+ int maxCount = (int)Math.Floor((double)((fileLength - startBytes) / pack)) + 1;
+
+ for (int i = 0; i < maxCount; i++)
+ {
+ if (_Response.IsClientConnected)
+ {
+ _Response.BinaryWrite(br.ReadBytes(pack));
+ }
+ else
+ {
+ i = maxCount;
+ }
+ }
+ }
+ catch(Exception ex)
+ {
+ Console.WriteLine(ex.Message);
+ return false;
+ }
+ finally
+ {
+ br.Close();
+ myFile.Close();
+ }
+ }
+ catch(Exception ex)
+ {
+ Console.WriteLine(ex.Message);
+ return false;
+ }
+ return true;
+ }
+
+ }
}
View
38 WebGoat/Content/StoredXSS.aspx.cs
@@ -1,15 +1,15 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Web;
-using System.Web.UI;
-using System.Web.UI.WebControls;
-using System.Data;
-
-namespace OWASP.WebGoat.NET
-{
- public partial class StoredXSS : System.Web.UI.Page
- {
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.UI;
+using System.Web.UI.WebControls;
+using System.Data;
+
+namespace OWASP.WebGoat.NET
+{
+ public partial class StoredXSS : System.Web.UI.Page
+ {
protected void Page_Load (object sender, EventArgs e)
{
lblMessage.Visible = false;
@@ -19,13 +19,13 @@ protected void Page_Load (object sender, EventArgs e)
}
- protected void btnSave_Click(object sender, EventArgs e)
+ protected void btnSave_Click(object sender, EventArgs e)
{
try
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string error_message = du.AddComment("user_cmt", txtEmail.Text, txtComment.Text);
- txtComment.Text = string.Empty;
+ txtComment.Text = error_message;
lblMessage.Visible = true;
LoadComments();
}
@@ -33,9 +33,9 @@ protected void btnSave_Click(object sender, EventArgs e)
{
lblMessage.Text = ex.Message;
lblMessage.Visible = true;
- }
- }
-
+ }
+ }
+
void LoadComments()
{
DatabaseUtilities du = new DatabaseUtilities(Server);
@@ -49,6 +49,6 @@ void LoadComments()
}
lblComments.Text = comments;
- }
- }
+ }
+ }
}
View
64 WebGoat/ProxySetup.aspx.designer.cs
@@ -1,32 +1,32 @@
-// ------------------------------------------------------------------------------
-// <autogenerated>
-// This code was generated by a tool.
-// Mono Runtime Version: 4.0.30319.1
-//
-// Changes to this file may cause incorrect behavior and will be lost if
-// the code is regenerated.
-// </autogenerated>
-// ------------------------------------------------------------------------------
-
-namespace OWASP.WebGoat.NET {
-
-
- public partial class ProxySetup {
-
- protected System.Web.UI.WebControls.Content Content1;
-
- protected System.Web.UI.WebControls.Content Content3;
-
- protected System.Web.UI.WebControls.Content Content2;
-
- protected System.Web.UI.WebControls.RequiredFieldValidator valNameRequired;
-
- protected System.Web.UI.WebControls.RegularExpressionValidator valRegEx;
-
- protected System.Web.UI.WebControls.TextBox txtName;
-
- protected System.Web.UI.WebControls.Button btnReverse;
-
- protected System.Web.UI.WebControls.Label lblOutput;
- }
-}
+// ------------------------------------------------------------------------------
+// <autogenerated>
+// This code was generated by a tool.
+// Mono Runtime Version: 4.0.30319.1
+//
+// Changes to this file may cause incorrect behavior and will be lost if
+// the code is regenerated.
+// </autogenerated>
+// ------------------------------------------------------------------------------
+
+namespace OWASP.WebGoat.NET {
+
+
+ public partial class ProxySetup {
+
+ protected System.Web.UI.WebControls.Content Content1;
+
+ protected System.Web.UI.WebControls.Content Content3;
+
+ protected System.Web.UI.WebControls.Content Content2;
+
+ protected System.Web.UI.WebControls.RequiredFieldValidator valNameRequired;
+
+ protected System.Web.UI.WebControls.RegularExpressionValidator valRegEx;
+
+ protected System.Web.UI.WebControls.TextBox txtName;
+
+ protected System.Web.UI.WebControls.Button btnReverse;
+
+ protected System.Web.UI.WebControls.Label lblOutput;
+ }
+}
View
0  WebGoat/resources/Master-Pages/Site.Master → WebGoat/Resources/Master-Pages/Site.Master
File renamed without changes
View
0  WebGoat/resources/Master-Pages/Site.Master.cs → WebGoat/Resources/Master-Pages/Site.Master.cs
File renamed without changes
View
0  ...at/resources/Master-Pages/Site.Master.designer.cs → ...at/Resources/Master-Pages/Site.Master.designer.cs
File renamed without changes
View
0  WebGoat/resources/client-scripts/.DS_Store → WebGoat/Resources/client-scripts/.DS_Store
File renamed without changes
View
0  WebGoat/resources/client-scripts/jquery-1.3.2.min.js → WebGoat/Resources/client-scripts/jquery-1.3.2.min.js
File renamed without changes
View
0  WebGoat/resources/client-scripts/jquery-1.4.2.min.js → WebGoat/Resources/client-scripts/jquery-1.4.2.min.js
File renamed without changes
View
0  WebGoat/resources/client-scripts/jquery-1.6.2.min.js → WebGoat/Resources/client-scripts/jquery-1.6.2.min.js
File renamed without changes
View
0  ...ces/client-scripts/jquery-ui-1.8.16.custom.min.js → ...ces/client-scripts/jquery-ui-1.8.16.custom.min.js
File renamed without changes
View
0  ...sources/client-scripts/jquery.autocomplete-min.js → ...sources/client-scripts/jquery.autocomplete-min.js
File renamed without changes
View
0  ...t/resources/client-scripts/jquery.autocomplete.js → ...t/Resources/client-scripts/jquery.autocomplete.js
File renamed without changes
View
0  WebGoat/resources/client-scripts/menu.js → WebGoat/Resources/client-scripts/menu.js
File renamed without changes
View
0  WebGoat/resources/images/infrared_logo.png → WebGoat/Resources/images/infrared_logo.png
File renamed without changes
View
0  WebGoat/resources/images/moreinfo.png → WebGoat/Resources/images/moreinfo.png
File renamed without changes
View
0  WebGoat/resources/images/moreinfo1.png → WebGoat/Resources/images/moreinfo1.png
File renamed without changes
View
0  WebGoat/resources/images/moreinfo2.png → WebGoat/Resources/images/moreinfo2.png
File renamed without changes
View
0  ...ources/jquery-libs/autocomplete/images/shadow.png → ...ources/jquery-libs/autocomplete/images/shadow.png
File renamed without changes
View
0  ...oat/resources/jquery-libs/autocomplete/styles.css → ...oat/Resources/jquery-libs/autocomplete/styles.css
File renamed without changes
View
0  .../images/ui-bg_diagonals-thick_90_eeeeee_40x40.png → .../images/ui-bg_diagonals-thick_90_eeeeee_40x40.png
File renamed without changes
View
0  .../jquery-ui/images/ui-bg_flat_15_cd0a0a_40x100.png → .../jquery-ui/images/ui-bg_flat_15_cd0a0a_40x100.png
File renamed without changes
View
0  ...jquery-ui/images/ui-bg_glass_100_e4f1fb_1x400.png → ...jquery-ui/images/ui-bg_glass_100_e4f1fb_1x400.png
File renamed without changes
View
0  .../jquery-ui/images/ui-bg_glass_50_3baae3_1x400.png → .../jquery-ui/images/ui-bg_glass_50_3baae3_1x400.png
File renamed without changes
View
0  .../jquery-ui/images/ui-bg_glass_80_d7ebf9_1x400.png → .../jquery-ui/images/ui-bg_glass_80_d7ebf9_1x400.png
File renamed without changes
View
0  .../images/ui-bg_highlight-hard_100_f2f5f7_1x100.png → .../images/ui-bg_highlight-hard_100_f2f5f7_1x100.png
File renamed without changes
View
0  ...i/images/ui-bg_highlight-hard_70_000000_1x100.png → ...i/images/ui-bg_highlight-hard_70_000000_1x100.png
File renamed without changes
View
0  .../images/ui-bg_highlight-soft_100_deedf7_1x100.png → .../images/ui-bg_highlight-soft_100_deedf7_1x100.png
File renamed without changes
View
0  ...i/images/ui-bg_highlight-soft_25_ffef8f_1x100.png → ...i/images/ui-bg_highlight-soft_25_ffef8f_1x100.png
File renamed without changes
View
0  ...rces/jquery-ui/images/ui-icons_2694e8_256x240.png → ...rces/jquery-ui/images/ui-icons_2694e8_256x240.png
File renamed without changes
View
0  ...rces/jquery-ui/images/ui-icons_2e83ff_256x240.png → ...rces/jquery-ui/images/ui-icons_2e83ff_256x240.png
File renamed without changes
View
0  ...rces/jquery-ui/images/ui-icons_3d80b3_256x240.png → ...rces/jquery-ui/images/ui-icons_3d80b3_256x240.png
File renamed without changes
View
0  ...rces/jquery-ui/images/ui-icons_72a7cf_256x240.png → ...rces/jquery-ui/images/ui-icons_72a7cf_256x240.png
File renamed without changes
View
0  ...rces/jquery-ui/images/ui-icons_ffffff_256x240.png → ...rces/jquery-ui/images/ui-icons_ffffff_256x240.png
File renamed without changes
View
0  ...t/resources/jquery-ui/jquery-ui-1.8.16.custom.css → ...t/Resources/jquery-ui/jquery-ui-1.8.16.custom.css
File renamed without changes
View
82 WebGoat/WebGoat.NET.csproj
@@ -62,21 +62,10 @@
<Content Include="Configuration\db-config.txt" />
<Content Include="Content\ForgotPassword.aspx" />
<Content Include="Content\UploadPathManipulation.aspx" />
- <Content Include="Resources\client-scripts\jquery-1.3.2.min.js" />
- <Content Include="Resources\client-scripts\jquery.autocomplete-min.js" />
- <Content Include="Resources\client-scripts\jquery.autocomplete.js" />
- <Content Include="Resources\images\moreinfo.png" />
<Content Include="Global.asax" />
- <Content Include="Resources\images\moreinfo1.png" />
- <Content Include="Resources\images\moreinfo2.png" />
- <Content Include="Resources\jquery-libs\autocomplete\images\shadow.png" />
- <Content Include="Resources\jquery-libs\autocomplete\styles.css" />
- <Content Include="Resources\Master-Pages\Site.Master" />
<Content Include="Web.sitemap">
<SubType>Designer</SubType>
</Content>
- <Content Include="Resources\client-scripts\menu.js" />
- <Content Include="Resources\client-scripts\jquery-1.4.2.min.js" />
<Content Include="App_Themes\Default\left-menu.css" />
<Content Include="App_Themes\Default\grids.css" />
<Content Include="App_Themes\Default\Forms.css" />
@@ -146,27 +135,9 @@
<Content Include="ChangePassword.aspx" />
<Content Include="Content\PathManipulation.aspx" />
<Content Include="Content\PwdComplexity.aspx" />
- <Content Include="Resources\client-scripts\jquery-ui-1.8.16.custom.min.js" />
- <Content Include="Resources\jquery-ui\jquery-ui-1.8.16.custom.css" />
- <Content Include="Resources\jquery-ui\images\ui-icons_ffffff_256x240.png" />
- <Content Include="Resources\jquery-ui\images\ui-icons_2694e8_256x240.png" />
- <Content Include="Resources\jquery-ui\images\ui-icons_72a7cf_256x240.png" />
- <Content Include="Resources\jquery-ui\images\ui-icons_3d80b3_256x240.png" />
- <Content Include="Resources\jquery-ui\images\ui-icons_2e83ff_256x240.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_highlight-soft_100_deedf7_1x100.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_highlight-soft_25_ffef8f_1x100.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_highlight-hard_100_f2f5f7_1x100.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_highlight-hard_70_000000_1x100.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_glass_100_e4f1fb_1x400.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_glass_80_d7ebf9_1x400.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_glass_50_3baae3_1x400.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_flat_15_cd0a0a_40x100.png" />
- <Content Include="Resources\jquery-ui\images\ui-bg_diagonals-thick_90_eeeeee_40x40.png" />
<Content Include="Web.config" />
<Content Include="RebuildDatabase.aspx" />
<Content Include="AddNewUser.aspx" />
- <Content Include="Resources\images\infrared_logo.png" />
- <Content Include="Resources\client-scripts\jquery-1.6.2.min.js" />
<Content Include="WebGoatCoins\Catalog.aspx" />
<Content Include="WebGoatCoins\ChangePassword.aspx" />
<Content Include="WebGoatCoins\CustomerLogin.aspx" />
@@ -326,6 +297,35 @@
<Content Include="WebGoatCoins\Orders.aspx" />
<Content Include="ProxySetup.aspx" />
<Content Include="App_Themes\Default\images\header-grad.png" />
+ <Content Include="Resources\client-scripts\jquery-1.3.2.min.js" />
+ <Content Include="Resources\client-scripts\jquery.autocomplete-min.js" />
+ <Content Include="Resources\client-scripts\jquery.autocomplete.js" />
+ <Content Include="Resources\images\moreinfo.png" />
+ <Content Include="Resources\images\moreinfo1.png" />
+ <Content Include="Resources\images\moreinfo2.png" />
+ <Content Include="Resources\jquery-libs\autocomplete\images\shadow.png" />
+ <Content Include="Resources\jquery-libs\autocomplete\styles.css" />
+ <Content Include="Resources\Master-Pages\Site.Master" />
+ <Content Include="Resources\client-scripts\menu.js" />
+ <Content Include="Resources\client-scripts\jquery-1.4.2.min.js" />
+ <Content Include="Resources\client-scripts\jquery-ui-1.8.16.custom.min.js" />
+ <Content Include="Resources\jquery-ui\jquery-ui-1.8.16.custom.css" />
+ <Content Include="Resources\jquery-ui\images\ui-icons_ffffff_256x240.png" />
+ <Content Include="Resources\jquery-ui\images\ui-icons_2694e8_256x240.png" />
+ <Content Include="Resources\jquery-ui\images\ui-icons_72a7cf_256x240.png" />
+ <Content Include="Resources\jquery-ui\images\ui-icons_3d80b3_256x240.png" />
+ <Content Include="Resources\jquery-ui\images\ui-icons_2e83ff_256x240.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_highlight-soft_100_deedf7_1x100.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_highlight-soft_25_ffef8f_1x100.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_highlight-hard_100_f2f5f7_1x100.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_highlight-hard_70_000000_1x100.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_glass_100_e4f1fb_1x400.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_glass_80_d7ebf9_1x400.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_glass_50_3baae3_1x400.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_flat_15_cd0a0a_40x100.png" />
+ <Content Include="Resources\jquery-ui\images\ui-bg_diagonals-thick_90_eeeeee_40x40.png" />
+ <Content Include="Resources\images\infrared_logo.png" />
+ <Content Include="Resources\client-scripts\jquery-1.6.2.min.js" />
</ItemGroup>
<ItemGroup>
<Compile Include="App_Code\CustomerLoginData.cs" />
@@ -348,13 +348,6 @@
<Compile Include="Global.asax.cs">
<DependentUpon>Global.asax</DependentUpon>
</Compile>
- <Compile Include="Resources\Master-Pages\Site.Master.cs">
- <DependentUpon>Site.Master</DependentUpon>
- <SubType>ASPXCodeBehind</SubType>
- </Compile>
- <Compile Include="Resources\Master-Pages\Site.Master.designer.cs">
- <DependentUpon>Site.Master</DependentUpon>
- </Compile>
<Compile Include="Content\About.aspx.cs">
<DependentUpon>About.aspx</DependentUpon>
<SubType>ASPXCodeBehind</SubType>
@@ -751,6 +744,13 @@
<Compile Include="ProxySetup.aspx.designer.cs">
<DependentUpon>ProxySetup.aspx</DependentUpon>
</Compile>
+ <Compile Include="Resources\Master-Pages\Site.Master.cs">
+ <DependentUpon>Site.Master</DependentUpon>
+ <SubType>ASPXCodeBehind</SubType>
+ </Compile>
+ <Compile Include="Resources\Master-Pages\Site.Master.designer.cs">
+ <DependentUpon>Site.Master</DependentUpon>
+ </Compile>
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
<!--Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /-->
@@ -789,16 +789,16 @@
<None Include="App_Data\tabledata.sql" />
<None Include="App_Data\data.sql" />
<None Include="App_Data\app_data.sqlite" />
- <None Include="Downloads\authentication.pdf" />
- <None Include="Downloads\csrf.pdf" />
- <None Include="Downloads\transport_layer.pdf" />
- <None Include="Downloads\architecture.pdf" />
<None Include="App_Data\Provider.sqlite" />
<Content Include="WebGoatCoins\ProductDetails.aspx" />
<Content Include="WebGoatCoins\Web.config" />
<Content Include="WebGoatCoins\Autocomplete.ashx" />
+ <None Include="downloads\authentication.pdf" />
+ <None Include="downloads\csrf.pdf" />
+ <None Include="downloads\transport_layer.pdf" />
+ <None Include="downloads\architecture.pdf" />
</ItemGroup>
<ItemGroup />
<Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
<Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v9.0\WebApplications\Microsoft.WebApplication.targets" />
-</Project>
+</Project>
View
BIN  WebGoat/WebGoat.NET.pidb
Binary file not shown
View
2  WebGoat/WebGoatCoins/ProductDetails.aspx.cs
@@ -37,7 +37,7 @@ protected void btnSave_Click(object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string error_message = du.AddComment(hiddenFieldProductID.Value, txtEmail.Text, txtComment.Text);
- txtComment.Text = string.Empty;
+ txtComment.Text = error_message;
lblMessage.Visible = true;
LoadComments();
}
View
BIN  WebGoat/bin/DotNetGoat.dll
Binary file not shown
View
BIN  WebGoat/bin/DotNetGoat.dll.mdb
Binary file not shown
View
BIN  WebGoat/bin/DotNetGoat.pdb
Binary file not shown
View
BIN  WebGoat/bin/System.Data.SQLite.dll
Binary file not shown
View
BIN  WebGoat/bin/TechInfoSystems.Data.SQLiteProvider.dll
Binary file not shown
View
BIN  WebGoat/bin/TechInfoSystems.Data.SQLiteProvider.dll.mdb
Binary file not shown
View
BIN  WebGoat/bin/mysql.data.dll
Binary file not shown
View
BIN  WebGoat/bin/mysql.data.entity.dll
Binary file not shown
View
BIN  WebGoat/bin/mysql.visualstudio.dll
Binary file not shown
View
BIN  WebGoat/bin/mysql.web.dll
Binary file not shown
View
BIN  WebGoat/obj/.DS_Store
Binary file not shown
Please sign in to comment.
Something went wrong with that request. Please try again.