From 88a730f225046e5f90957bd8414a6848f735066c Mon Sep 17 00:00:00 2001 From: mayhew64 Date: Tue, 3 Feb 2009 17:55:27 +0000 Subject: [PATCH] Removed errors introduced in previous checkin. String and integer conflicts in JSP git-svn-id: http://webgoat.googlecode.com/svn/trunk@374 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../RoleBasedAccessControl/ViewProfile.jsp | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp b/webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp index 6b5ecab0d..896eec8f3 100644 --- a/webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp +++ b/webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp @@ -2,9 +2,9 @@ import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl" errorPage="" %> <% - WebSession webSession = ((WebSession)session.getAttribute("websession")); Employee employee = (Employee) session.getAttribute("RoleBasedAccessControl." + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY); - //int myUserId = webSession.getUserIdInLesson(); + WebSession webSession = ((WebSession)session.getAttribute("websession")); +// int myUserId = getIntSessionAttribute(webSession, "RoleBasedAccessControl." + RoleBasedAccessControl.USER_ID); %>
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
@@ -13,71 +13,71 @@ First Name: - <%=(employee == null ? "unknown" : employee.getFirstName())%> + <%=employee.getFirstName()%> Last Name: - <%=(employee == null ? "unknown" : employee.getLastName())%> + <%=employee.getLastName()%> Street: - <%=(employee == null ? "unknown" : employee.getAddress1())%> + <%=employee.getAddress1()%> City/State: - <%=(employee == null ? "unknown" : employee.getAddress2())%> + <%=employee.getAddress2()%> Phone: - <%=(employee == null ? "unknown" : employee.getPhoneNumber())%> + <%=employee.getPhoneNumber()%> Start Date: - <%=(employee == null ? "unknown" : employee.getStartDate())%> + <%=employee.getStartDate()%> SSN: - <%=(employee == null ? "unknown" : employee.getSsn())%> + <%=employee.getSsn()%> Salary: - <%=(employee == null ? "unknown" : employee.getSalary())%> + <%=employee.getSalary()%> Credit Card: - <%=(employee == null ? "unknown" : employee.getCcn())%> + <%=employee.getCcn()%> Credit Card Limit: - <%=(employee == null ? "unknown" : employee.getCcnLimit())%> + <%=employee.getCcnLimit()%> Comments: - <%=(employee == null ? "unknown" : employee.getPersonalDescription())%> + <%=employee.getPersonalDescription()%> @@ -88,11 +88,11 @@ Disc. Dates: - <%=(employee == null ? "unknown" : employee.getDisciplinaryActionDate())%> + <%=employee.getDisciplinaryActionDate()%> - <%=(employee == null ? "unknown" : employee.getDisciplinaryActionNotes())%> + <%=employee.getDisciplinaryActionNotes()%> @@ -100,7 +100,7 @@ Manager: - <%=(employee == null ? "unknown" : employee.getManager())%> + <%=employee.getManager()%> @@ -114,7 +114,7 @@ { %>
- "> +
<% @@ -126,7 +126,7 @@ { %>
- "> +
<% @@ -139,7 +139,7 @@ { %>
- "> +
<%