Implement non-coding modes for the labs

git-svn-id: http://webgoat.googlecode.com/svn/trunk@211 4033779f-a91e-0410-96ef-6bf7bf53c507

webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java

@@ -197,7 +197,9 @@ public class CrossSiteScripting extends GoatHillsFinancial
 
     @Override
 	public String[] getStages() {
-		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4, STAGE5, STAGE6};
+    	if (getWebgoatContext().isCodingExercises())
+    		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4, STAGE5, STAGE6};
+    	return new String[] {STAGE1, STAGE3, STAGE5};
 	}
 
     public void handleRequest(WebSession s)

webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java

@@ -153,7 +153,9 @@ public class DBCrossSiteScripting extends GoatHillsFinancial
 
     @Override
 	public String[] getStages() {
-		return new String[] {STAGE1, STAGE2};
+    	if (getWebgoatContext().isCodingExercises())
+    		return new String[] {STAGE1, STAGE2};
+    	return new String[] {STAGE1};
 	}
 
     public void handleRequest(WebSession s)

webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java

@@ -124,7 +124,9 @@ public class DBSQLInjection extends GoatHillsFinancial
 
     @Override
 	public String[] getStages() {
-		return new String[] {STAGE1, STAGE2};
+    	if (getWebgoatContext().isCodingExercises())
+    		return new String[] {STAGE1, STAGE2};
+    	return new String[] {STAGE1};
 	}
 
     /**

webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java

@@ -123,7 +123,9 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
 
     @Override
 	public String[] getStages() {
-		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4};
+    	if (getWebgoatContext().isCodingExercises())
+    		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4};
+    	return new String[] {STAGE1, STAGE3};
 	}
 
     /**

webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java

@@ -131,7 +131,9 @@ public class SQLInjection extends GoatHillsFinancial
 
     @Override
 	public String[] getStages() {
-		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4};
+    	if (getWebgoatContext().isCodingExercises())
+    		return new String[] {STAGE1, STAGE2, STAGE3, STAGE4};
+    	return new String[] {STAGE1, STAGE3};
 	}
 
     /**

webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java

@@ -14,6 +14,8 @@ public class WebgoatContext {
 
 	public final static String ENTERPRISE = "Enterprise";
 
+	public final static String CODING_EXERCISES = "CodingExercises";
+	
 	public final static String SHOWCOOKIES = "ShowCookies";
 
 	public final static String SHOWPARAMS = "ShowParams";
@@ -52,6 +54,8 @@ public class WebgoatContext {
 
 	private boolean enterprise = false;
 
+	private boolean codingExercises = false;
+	
 	private String feedbackAddress = "<A HREF=mailto:webgoat@owasp.org>webgoat@owasp.org</A>";
 
 	private boolean isDebug = false;
@@ -74,6 +78,7 @@ public class WebgoatContext {
 		showSource = "true".equals( servlet.getInitParameter( SHOWSOURCE ) );
 		defuseOSCommands = "true".equals( servlet.getInitParameter( DEFUSEOSCOMMANDS ) );
 		enterprise = "true".equals( servlet.getInitParameter( ENTERPRISE ) );
+		codingExercises = "true".equals( servlet.getInitParameter( CODING_EXERCISES ) );
 		feedbackAddress = servlet.getInitParameter( FEEDBACK_ADDRESS ) != null ? servlet
 				.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;
 		showRequest = "true".equals( servlet.getInitParameter( SHOWREQUEST ) );
@@ -141,6 +146,10 @@ public class WebgoatContext {
 		return enterprise;
 	}
 
+	public boolean isCodingExercises() {
+		return codingExercises;
+	}
+	
 	public String getFeedbackAddress() {
 		return feedbackAddress;
 	}

webgoat/main/project/WebContent/WEB-INF/web-unix.xml

@@ -131,6 +131,11 @@
             <param-value>true</param-value>
       </init-param>
       
+      <init-param>
+            <param-name>CodingExercises</param-name>
+            <param-value>true</param-value>
+      </init-param>
+      
       <init-param>
       		<!-- Specify an address where you would like comments to be sent.  -->
       		<!-- This can be any URL or HTML tags, and will appear on the report card and lesson incomplete pages -->

webgoat/main/project/WebContent/WEB-INF/web-windows.xml

@@ -131,6 +131,11 @@
             <param-value>true</param-value>
       </init-param>
       
+      <init-param>
+            <param-name>CodingExercises</param-name>
+            <param-value>true</param-value>
+      </init-param>
+      
       <init-param>
       		<!-- Specify an address where you would like comments to be sent.  -->
       		<!-- This can be any URL or HTML tags, and will appear on the report card and lesson incomplete pages -->

webgoat/main/project/WebContent/WEB-INF/web.xml

@@ -131,6 +131,11 @@
             <param-value>true</param-value>
       </init-param>
       
+      <init-param>
+            <param-name>CodingExercises</param-name>
+            <param-value>true</param-value>
+      </init-param>
+      
       <init-param>
       		<!-- Specify an address where you would like comments to be sent.  -->
       		<!-- This can be any URL or HTML tags, and will appear on the report card and lesson incomplete pages -->