renamed JavaSource -> java, WebContent -> webapp regarding to Maven convention

git-svn-id: http://webgoat.googlecode.com/svn/trunk@392 4033779f-a91e-0410-96ef-6bf7bf53c507
2009-11-01 11:04:59 +00:00
parent bb15524a7a
commit 791341000c
1033 changed files with 13 additions and 13 deletions
--- a/webgoat/main/project/webapp/lessons/RoleBasedAccessControl/EditProfile.jsp
+++ b/webgoat/main/project/webapp/lessons/RoleBasedAccessControl/EditProfile.jsp
@ -0,0 +1,137 @@
+<%@ page contentType="text/html; charset=ISO-8859-1" language="java" 
+	import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl" 
+	errorPage="" %>
+<%
+	WebSession webSession = ((WebSession)session.getAttribute("websession"));
+	Employee employee = (Employee) session.getAttribute("RoleBasedAccessControl.Employee");
+%>
+		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span> - Edit Profile Page</div>
+		<div class="lesson_text">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
+<Table border="0" cellpadding="0" cellspacing="0">
+				<TR><TD width="110">
+						First Name:
+					</TD>
+					<TD width="193">
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.FIRST_NAME%>" type="text" value="<%=employee.getFirstName()%>"/>
+				  </TD>
+					<TD width="110">				
+						Last Name:					</TD>
+					<TD width="196">
+					 	<input class="lesson_text_db" name="<%=RoleBasedAccessControl.LAST_NAME%>" type="text" value="<%=employee.getLastName()%>"/>
+				  </TD>
+				</TR>
+				<TR><TD>				
+						Street: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.ADDRESS1%>" type="text" value="<%=employee.getAddress1()%>"/>
+					</TD>
+					<TD>				
+						City/State: 
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.ADDRESS2%>" type="text" value="<%=employee.getAddress2()%>"/>
+					</TD>
+				</TR>
+				<TR><TD>
+						Phone: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.PHONE_NUMBER%>" type="text" value="<%=employee.getPhoneNumber()%>"/>
+					</TD>
+					<TD>				
+						Start Date: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.START_DATE%>" type="text" value="<%=employee.getStartDate()%>"/>
+					</TD>
+				</TR>
+				<TR><TD>
+			    		SSN: 
+			    	</TD>
+			    	<TD>
+			    		<input class="lesson_text_db" name="<%=RoleBasedAccessControl.SSN%>" type="text" value="<%=employee.getSsn()%>"/> 
+					</TD>
+					<TD>				
+						Salary: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.SALARY%>" type="text" value="<%=employee.getSalary()%>"/>
+					</TD>
+				</TR>
+				<TR><TD>
+						Credit Card: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.CCN%>" type="text" value="<%=employee.getCcn()%>"/>
+					</TD>
+					<TD>				
+						Credit Card Limit: 
+					</TD>
+					<TD>
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.CCN_LIMIT%>" type="text" value="<%=employee.getCcnLimit()%>"/>
+					</TD>
+				</TR>
+				<TR><TD>
+						Comments: 
+					</TD>
+					<TD colspan="3">
+						<input name="<%=RoleBasedAccessControl.DESCRIPTION%>" type="text" class="lesson_text_db" value="<%=employee.getPersonalDescription()%>" size="58"/>
+					</TD>
+				<TR>
+					<TD colspan="2">				
+						Disciplinary Explanation:  
+					</TD>
+					<TD>			
+						Disc. Date:
+					</TD>
+					<TD>			
+						<input class="lesson_text_db" name="<%=RoleBasedAccessControl.DISCIPLINARY_DATE%>" type="text" value="<%=employee.getDisciplinaryActionDate()%>"/>
+					</TD>
+				</TR>
+				<TR>
+					<TD colspan="4">
+						<textarea name="<%=RoleBasedAccessControl.DISCIPLINARY_NOTES%>" cols="53" rows="2" wrap="off" class="lesson_text_db" ><%=employee.getDisciplinaryActionNotes()%></textarea>
+					</TD>
+				</TR>
+				<TR>	
+				<TD>				
+						Manager: 
+					</TD>
+					<TD>
+						<select class="lesson_text_db" name="<%=RoleBasedAccessControl.MANAGER%>">
+						<%
+				      	List employees = (List) session.getAttribute("RoleBasedAccessControl.Staff");
+				      	Iterator i = employees.iterator();
+						while (i.hasNext())
+						{
+							EmployeeStub stub = (EmployeeStub) i.next();
+								%>
+								<option value="<%=Integer.toString(stub.getId())%>"><%=stub.getFirstName() + " " + stub.getLastName()%></option>
+						<%}%>
+						</select>
+					</TD>	
+				</TR>
+				</Table>
+				<BR>
+				<div class="lesson_buttons_bottom">
+				<table width="460" height="20" border="0" cellpadding="0" cellspacing="0">
+               		<tr>
+                     		<td width="57">
+							<input type="submit" name="action" value="<%=RoleBasedAccessControl.VIEWPROFILE_ACTION%>"/>
+				  		</td>
+				  		
+                       	<td width="81">
+ 							<input name="<%=RoleBasedAccessControl.EMPLOYEE_ID%>" type="hidden" value="<%=employee.getId()%>">
+							<input name="<%=RoleBasedAccessControl.TITLE%>" type="hidden" value="<%=employee.getTitle()%>">
+							<input type="submit" name="action" value="<%=RoleBasedAccessControl.UPDATEPROFILE_ACTION%>"/>
+						</td>
+                        	<td width="211"></td>
+                        	<td width="83">
+	 						<input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGOUT_ACTION%>"/>
+						</td>
+                 	</tr>
+              	</table>			
+			</div></form>
+		</div>
+