2.11.23 Update the StackHawk scan action script

.github/workflows/scan-application-with-stackhawk.yml

@@ -95,7 +95,7 @@ jobs:
       - uses: actions/setup-java@main
         with:
           distribution: 'temurin'
-          java-version: '21'
+          java-version: '17'
 
       # Step 8: Run StackHawk Scan
       - name: Run StackHawk Scan
@@ -104,5 +104,17 @@ jobs:
           workspace: mutillidae  # Path to the workspace.
           apiKey: ${{ secrets.HAWK_API_KEY }}     # Secret key for authentication.
           configurationFiles: .github/workflows/config/stackhawk.yml  # Path to configuration file relative to workspace.
-          codeScanningAlerts: true   # Enable code scanning alerts.
           githubToken: ${{ github.token }}   # GitHub token for authentication to Code Scanning Alerts
+        env:
+          APP_ID: ${{ secrets.HAWK_APP_ID }}
+          NO_PROGRESS: true
+          SARIF_ARTIFACT: true
+
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@main
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: stackhawk.sarif
+          # Optional category for the results
+          # Used to differentiate multiple results for one commit
+          category: StackHawk

src/webservices/rest/ws-user-account.php

@@ -219,8 +219,8 @@ function jsonEncodeQueryResults($pQueryResult){
 				/* $_POST array is not auto-populated for DELETE method. Parse input into an array. */
 				populatePOSTSuperGlobal();
 
-				$lAccountUsername = getPOSTParameter("username", TRUE);
-				$lAccountPassword = getPOSTParameter("password", TRUE);
+				$lAccountUsername = getPOSTParameter("username", true);
+				$lAccountPassword = getPOSTParameter("password", true);
 
 				if($SQLQueryHandler->accountExists($lAccountUsername)){