Skip to content

Commit

Permalink
Automate MySql db reset/rebuild.
Browse files Browse the repository at this point in the history
  • Loading branch information
@fervidnerd
fervidnerd committed Aug 7, 2012
1 parent 93c52d3 commit 5c5bc0c
Show file tree
Hide file tree
Showing 7 changed files with 157 additions and 78 deletions.
6 changes: 3 additions & 3 deletions WebGoat.NET.sln
View file
Expand Up @@ -35,9 +35,9 @@ Global
$4.EventAddBraceStyle = NextLine
$4.EventRemoveBraceStyle = NextLine
$4.StatementBraceStyle = NextLine
$4.PlaceElseOnNewLine = True
$4.PlaceCatchOnNewLine = True
$4.PlaceFinallyOnNewLine = True
$4.ElseNewLinePlacement = NewLine
$4.CatchNewLinePlacement = NewLine
$4.FinallyNewLinePlacement = NewLine
$4.BeforeMethodDeclarationParentheses = False
$4.BeforeMethodCallParentheses = False
$4.BeforeConstructorDeclarationParentheses = False
Expand Down
97 changes: 91 additions & 6 deletions WebGoat/App_Code/DB/MySqlDbProvider.cs
View file
Expand Up @@ -3,6 +3,8 @@
using MySql.Data.MySqlClient;
using log4net;
using System.Reflection;
using System.Diagnostics;
using System.IO;

namespace OWASP.WebGoat.NET.App_Code.DB
{
Expand All @@ -13,15 +15,28 @@ public class MySqlDbProvider : IDbProvider

public string Name { get { return DbConstants.DB_TYPE_MYSQL; } }

private static string ConfigConnection(ConfigFile configFile)
private string ConfigConnection(ConfigFile configFile)
{
return string.Format("SERVER={0};PORT={1};DATABASE={2};UID={3};PWD={4}",
if (configFile == null)
return string.Empty;

if (!string.IsNullOrEmpty(configFile.Get(DbConstants.KEY_PWD)))
{
return string.Format("SERVER={0};PORT={1};DATABASE={2};UID={3};PWD={4}",
configFile.Get(DbConstants.KEY_HOST),
configFile.Get(DbConstants.KEY_PORT),
configFile.Get(DbConstants.KEY_DATABASE),
configFile.Get(DbConstants.KEY_UID),
"root");//configFile.Get(DbConstants.KEY_PWD));
//FIXME Password constant needs to use password defined by user
configFile.Get(DbConstants.KEY_PWD));
}
else
{
return string.Format("SERVER={0};PORT={1};DATABASE={2};UID={3}",
configFile.Get(DbConstants.KEY_HOST),
configFile.Get(DbConstants.KEY_PORT),
configFile.Get(DbConstants.KEY_DATABASE),
configFile.Get(DbConstants.KEY_UID));
}
}

private ConfigFile _configFile;
Expand Down Expand Up @@ -51,7 +66,7 @@ public bool TestConnection()

return true;
}
catch(Exception ex)
catch (Exception ex)
{
log.Error("Error testing DB", ex);
return false;
Expand All @@ -71,9 +86,79 @@ public DataSet GetCatalogData()
}
}

private void ExecMySqlScript(string script)
{
ProcessStartInfo whichProcInfo = new ProcessStartInfo
{
FileName = "which",
Arguments = "mysql",
UseShellExecute = false,
RedirectStandardOutput = true,
};

Process whichProc = Process.Start(whichProcInfo);

string sqlExec = whichProc.StandardOutput.ReadLine();

whichProc.WaitForExit();
whichProc.Close();

string args;

if (string.IsNullOrEmpty(DbConfigFile.Get(DbConstants.KEY_PWD)))
{
args = string.Format("--user={0} --database={1} --host={2} -f",
DbConfigFile.Get(DbConstants.KEY_UID),
DbConfigFile.Get(DbConstants.KEY_DATABASE),
DbConfigFile.Get(DbConstants.KEY_HOST));
}
else
{
args = string.Format("--user={0} --password={1} --database={2} --host={3} -f",
DbConfigFile.Get(DbConstants.KEY_UID),
DbConfigFile.Get(DbConstants.KEY_PWD),
DbConfigFile.Get(DbConstants.KEY_DATABASE),
DbConfigFile.Get(DbConstants.KEY_HOST));
}

Process process = new Process();

process.EnableRaisingEvents = false;
process.StartInfo.FileName = sqlExec;
process.StartInfo.Arguments = args;
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardInput = true;

process.Start();

using (StreamReader reader = new StreamReader(new FileStream(script, FileMode.Open)))
{
string line;

while ((line = reader.ReadLine()) != null)
process.StandardInput.WriteLine(line);
}

process.WaitForExit(10 * 1000);
process.Close();
}

public bool RecreateGoatDb()
{
return false;
try
{
log.Info("Running recreate");

ExecMySqlScript(DbConstants.DB_CREATE_SCRIPT);
ExecMySqlScript(DbConstants.DB_LOAD_MYSQL_SCRIPT);

return true;
}
catch (Exception ex)
{
log.Error("Error rebuilding DB", ex);
return false;
}
}

public bool IsValidCustomerLogin(string email, string password)
Expand Down
102 changes: 45 additions & 57 deletions WebGoat/App_Code/DB/SqliteDbProvider.cs
View file
Expand Up @@ -104,76 +104,64 @@ public bool IsValidCustomerLogin(string email, string password)
}
}

public bool RecreateGoatDb()
private void ExecSqliteScript(string script)
{
string dbFile = DbConfigFile.Get(DbConstants.KEY_FILE_NAME);
ProcessStartInfo whichProcInfo = new ProcessStartInfo
{
FileName = "which",
Arguments = "sqlite3",
UseShellExecute = false,
RedirectStandardOutput = true,
};

log.Info("Running recreate");
var whichProc = Process.Start(whichProcInfo);

try
{
Process process = new Process();
process.EnableRaisingEvents = false;
process.StartInfo.FileName = "/usr/bin/sqlite3";
process.StartInfo.Arguments = dbFile;
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.StartInfo.RedirectStandardError = true;
process.StartInfo.RedirectStandardInput = true;
string sqlExec = whichProc.StandardOutput.ReadLine();

whichProc.WaitForExit();
whichProc.Close();


Process process = new Process();
process.EnableRaisingEvents = false;
process.StartInfo.FileName = sqlExec;
process.StartInfo.Arguments = DbConfigFile.Get(DbConstants.KEY_FILE_NAME);
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.StartInfo.RedirectStandardError = true;
process.StartInfo.RedirectStandardInput = true;

process.Start();
process.Start();

using(StreamReader reader = new StreamReader(new FileStream(DbConstants.DB_CREATE_SCRIPT, FileMode.Open)))
{
string line;
using (StreamReader reader = new StreamReader(new FileStream(script, FileMode.Open)))
{
string line;

while((line = reader.ReadLine()) != null)
process.StandardInput.WriteLine(line);
}


log.Info(process.StandardOutput.ReadToEnd());

string error = process.StandardError.ReadToEnd();

if (!string.IsNullOrEmpty(error))
log.Error(error);

process.WaitForExit();
process.Close();
while ((line = reader.ReadLine()) != null)
process.StandardInput.WriteLine(line);
}

log.Info(process.StandardOutput.ReadToEnd());

process = new Process();
process.EnableRaisingEvents = false;
process.StartInfo.FileName = "/usr/bin/sqlite3";
process.StartInfo.Arguments = dbFile;
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.StartInfo.RedirectStandardError = true;
process.StartInfo.RedirectStandardInput = true;
process.Start();
string error = process.StandardError.ReadToEnd();

using(StreamReader reader = new StreamReader(new FileStream(DbConstants.DB_LOAD_SQLITE_SCRIPT, FileMode.Open)))
{
string line;

while((line = reader.ReadLine()) != null)
process.StandardInput.WriteLine(line);
}
if (!string.IsNullOrEmpty(error))
log.Error(error);


log.Info(process.StandardOutput.ReadToEnd());

error = process.StandardError.ReadToEnd();
process.WaitForExit();
process.Close();
}

public bool RecreateGoatDb()
{
try
{
log.Info("Running recreate");

process.WaitForExit();
process.Close();
ExecSqliteScript(DbConstants.DB_CREATE_SCRIPT);
ExecSqliteScript(DbConstants.DB_LOAD_SQLITE_SCRIPT);

if (!string.IsNullOrEmpty(error))
log.Error(error);

return true;

}
catch (Exception ex)
{
Expand Down
3 changes: 3 additions & 0 deletions WebGoat/App_Code/Settings.cs
View file
Expand Up @@ -13,6 +13,9 @@ public static void Init()
string configPath = Path.Combine(ParentConfigPath, DefaultConfigName);
configPath = Path.Combine(Environment.CurrentDirectory, configPath);

string path = Environment.GetEnvironmentVariable("PATH");
Environment.SetEnvironmentVariable("PATH", string.Format("{0}:/usr/local/mysql/bin", path));

CurrentDbProvider = DbProviderFactory.Create(configPath);
}

Expand Down
20 changes: 10 additions & 10 deletions WebGoat/DB_Scripts/load_webgoatcoins.sql
View file
Expand Up @@ -43,53 +43,53 @@ DELETE FROM Comments;

/* Load records into the tables. There should be no warnings.*/

LOAD DATA LOCAL INFILE './datafiles/customers.txt' INTO TABLE Customers
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/customers.txt' INTO TABLE Customers
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/customerlogin.txt' INTO TABLE CustomerLogin
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/customerlogin.txt' INTO TABLE CustomerLogin
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/securityquestions.txt' INTO TABLE SecurityQuestions
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/securityquestions.txt' INTO TABLE SecurityQuestions
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/employees.txt' INTO TABLE Employees
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/employees.txt' INTO TABLE Employees
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/offices.txt' INTO TABLE Offices
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/offices.txt' INTO TABLE Offices
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/orderdetails.txt' INTO TABLE OrderDetails
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/orderdetails.txt' INTO TABLE OrderDetails
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/orders.txt' INTO TABLE Orders
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/orders.txt' INTO TABLE Orders
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;

LOAD DATA LOCAL INFILE './datafiles/payments.txt' INTO TABLE Payments
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/payments.txt' INTO TABLE Payments
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 100;

LOAD DATA LOCAL INFILE './datafiles/categories.txt' INTO TABLE Categories
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/categories.txt' INTO TABLE Categories
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 100;


LOAD DATA LOCAL INFILE './datafiles/products.txt' INTO TABLE Products
LOAD DATA LOCAL INFILE 'DB_Scripts/datafiles/products.txt' INTO TABLE Products
FIELDS TERMINATED BY '|' LINES TERMINATED BY '\n';

SHOW WARNINGS LIMIT 10;
Expand Down
6 changes: 5 additions & 1 deletion WebGoat/Global.asax.cs
View file
Expand Up @@ -6,6 +6,7 @@
using System.Security.Principal;
using OWASP.WebGoat.NET.App_Code;
using log4net.Config;
using System.Diagnostics;

namespace OWASP.WebGoat.NET
{
Expand All @@ -14,7 +15,10 @@ public class Global : System.Web.HttpApplication

protected void Application_Start(object sender, EventArgs e)
{
XmlConfigurator.Configure();
if (Debugger.IsAttached)
BasicConfigurator.Configure();
else
XmlConfigurator.Configure();

Settings.Init();
}
Expand Down
1 change: 0 additions & 1 deletion WebGoat/WebGoat.NET.csproj
View file
Expand Up @@ -982,7 +982,6 @@
<None Include="DB_Scripts\datafiles\products_old.txt" />
<None Include="DB_Scripts\datafiles\securityquestions.txt" />
<None Include="DB_Scripts\products\.DS_Store" />
<None Include="DB_Scripts\sqlite3.sh" />
</ItemGroup>
<ItemGroup />
<Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
Expand Down

0 comments on commit 5c5bc0c

Please sign in to comment.