Пример #1
0
			}//end if
		}catch(Exception $e){
			echo format("Could not write accounts XML to ".$lPasswordFilePath." - ".$e->getMessage(),"W");
			echo format("Using default version of accounts.txt","W");			
		};// end try
		
	} else {
		$lErrorDetected = TRUE;
		echo format("Warning: No records found when trying to build XML and text version of accounts table ".$lQueryResult,"W");
	}// end if ($lResultsFound)	
			
	$MySQLHandler->closeDatabaseConnection();

} catch (Exception $e) {
	$lErrorDetected = TRUE;
	echo $CustomErrorHandler->FormatError($e, $lQueryString);
}// end try

// if no errors were detected, send the user back to the page that requested the database be reset.
//We use JS instead of HTTP Location header so that HTML5 clearing JS above will run
if(!$lErrorDetected){
	/*If the user came from the database error page but we do not have 
	 * database errors anymore, send them to the home page.
	 */	
	$lReferredFromDBOfflinePage = preg_match("/database-offline.php/", $_SERVER["HTTP_REFERER"]);
	$lReferredFromPageWithURLParameters = preg_match("/\?/", $_SERVER["HTTP_REFERER"]);
	
	if ($lReferredFromDBOfflinePage || $lReferredFromPageWithURLParameters){
		$lPopUpNotificationCode = "&popUpNotificationCode=SUD1";
	}else{
		$lPopUpNotificationCode = "?popUpNotificationCode=SUD1";
 * ------------------------------------------ */
require_once '../classes/SQLQueryHandler.php';
$SQLQueryHandler = new SQLQueryHandler("../owasp-esapi-php/src/", $_SESSION["security-level"]);
/* ------------------------------------------
 * initialize custom error handler
 * ------------------------------------------ */
require_once '../classes/CustomErrorHandler.php';
$CustomErrorHandler = new CustomErrorHandler("../owasp-esapi-php/src/", $_SESSION["security-level"]);
try {
    $lPageName = $_GET["pagename"];
    $lQueryResult = $SQLQueryHandler->getPageHelpTexts($lPageName);
    echo '<div>&nbsp;</div>';
    if ($lQueryResult->num_rows > 0) {
        echo '	<div class="help-text-header">
					Hack with confidence.
					<br/>
					Page ' . $lPageName . ' is vulnerable to at least the following:</div>';
        while ($row = $lQueryResult->fetch_object()) {
            echo $row->help_text;
        }
        //end while $row
    } else {
        echo '	<div class="help-text-header">
					Page ' . $lPageName . ' does not have any help documentation.</div>';
    }
    //end if
    echo '<div>&nbsp;</div>';
} catch (Exception $e) {
    echo $CustomErrorHandler->FormatError($e, "Error selecting help text entries for page " . $lPageName);
}
// end try