2.11.20 Adding view account profile

.tools/push-development-branch.sh

@@ -1,9 +1,8 @@
 #!/bin/bash
-# Purpose: Merge development branch into main branch and tag with version
+# Purpose: Push the development branch and avoid any interaction with the main branch
 # Usage: ./push-development-branch.sh <version> <annotation>
-# Description: This script merges the development branch into the main branch,
-# tags the main branch with the specified version, and
-# calls another script 'git.sh' with the version and annotation.
+# Description: This script pushes the development branch only and calls another script 'git.sh'
+# with the version and annotation.
 
 # Function to print messages with a timestamp
 print_message() {
@@ -19,9 +18,8 @@ show_help() {
     echo "  -h, --help     Display this help message."
     echo ""
     echo "Description:"
-    echo "This script merges the development branch into the main branch,"
-    echo "tags the main branch with the specified version, and"
-    echo "calls another script 'git.sh' with the version and annotation."
+    echo "This script pushes the development branch with the specified version,"
+    echo "and calls another script 'git.sh' with the version and annotation."
     exit 0
 }
 
@@ -55,22 +53,18 @@ if [[ ! -x "$GIT_SCRIPT" ]]; then
     handle_error "'git.sh' script not found or not executable"
 fi
 
-# Tag and merge operations
-print_message "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\""
-"$GIT_SCRIPT" "$VERSION" "$ANNOTATION" || handle_error "Failed to call git.sh"
-
-print_message "Checking out main branch"
-git checkout main || handle_error "Failed to checkout main branch"
-
-print_message "Merging development branch"
-git merge development || handle_error "Failed to merge development branch"
-
+# Call git.sh script for tagging or other operations
 print_message "Calling git.sh with tag $VERSION with annotation \"$ANNOTATION\""
 "$GIT_SCRIPT" "$VERSION" "$ANNOTATION" || handle_error "Failed to call git.sh"
 
+# Check out the development branch
 print_message "Checking out development branch"
 git checkout development || handle_error "Failed to checkout development branch"
 
+# Push the development branch
+print_message "Pushing development branch to origin"
+git push origin development || handle_error "Failed to push development branch"
+
 # Show git status
 print_message "Git status"
 git status || handle_error "Failed to show git status"

src/edit-account-profile.php

@@ -1,7 +1,8 @@
 <?php
     require_once __SITE_ROOT__.'/classes/CSRFTokenHandler.php';
     $lCSRFTokenHandler = new CSRFTokenHandler($_SESSION["security-level"], "edit-account-profile");
-
+    $lHTMLControls = 'minlength="1" maxlength="15" required="required"';
+
     switch ($_SESSION["security-level"]){
 		default: // Default case: This code is insecure
         case "0": // This code is insecure
@@ -173,7 +174,7 @@
 			echo "var lValidateInput = \"TRUE\"" . PHP_EOL;
 		}else{
 			echo "var lValidateInput = \"FALSE\"" . PHP_EOL;
-		}// end if		
+		}// end if
 	?>
 
 	function onSubmitOfForm(/*HTMLFormElement*/ theForm){
@@ -201,7 +202,7 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 
 <span>
 	<a style="text-decoration: none; cursor: pointer;" href="./webservices/rest/ws-user-account.php">
-		<img style="vertical-align: middle;" src="./images/ajax_logo-75-79.jpg" height="75px" width="78px" />
+		<img style="vertical-align: middle;" src="./images/ajax_logo-75-79.jpg" height="75px" width="78px" alt="AJAX" />
 		<span style="font-weight:bold;">Switch to RESTful Web Service Version of this Page</span>
 	</a>
 </span>
@@ -221,25 +222,15 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 				<td class="label">Username</td>
 				<td>
 					<input type="text" name="username" size="15" autofocus="autofocus"
-						<?php
-							if ($lEnableHTMLControls) {
-								echo('minlength="1" maxlength="15" required="required"');
-							}// end if
-						    echo('value="' . $lUsername . '"');
-						?>
+						<?php if ($lEnableHTMLControls) { echo $lHTMLControls; }?>
 					/>
 				</td>
 			</tr>
 			<tr>
 				<td class="label">Password</td>
 				<td>
 					<input type="password" name="password" size="15" 
-						<?php
-							if ($lEnableHTMLControls) {
-								echo('minlength="1" maxlength="15" required="required"');
-							}// end if
-						    echo('value="' . $lPassword . '"');
-						?>
+						<?php if ($lEnableHTMLControls) { echo $lHTMLControls; }?>
 					/>
 					&nbsp;
 					<a href="index.php?page=password-generator.php&username=<?php echo $logged_in_user ?>" target="_blank">Password Generator</a>
@@ -249,12 +240,7 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 				<td class="label">Confirm Password</td>
 				<td>
 					<input type="password" name="confirm_password" size="15"
-						<?php
-							if ($lEnableHTMLControls) {
-								echo('minlength="1" maxlength="15" required="required"');
-							}// end if
-							echo('value="' . $lPassword . '"');
-						?>
+						<?php if ($lEnableHTMLControls) { echo $lHTMLControls; }?>
 					/>
 				</td>
 			</tr>
@@ -269,7 +255,7 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 						?>
 					><?php echo $lSignature; ?></textarea>
 				</td>
-			</tr>			
+			</tr>
 			<tr><td>&nbsp;</td></tr>
 			<tr>
 				<td colspan="2" style="text-align:center;">
@@ -283,9 +269,9 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 
 <div id="id-profile-not-found-div" style="text-align: center; display: none;">
 	<table>
-		<tr>
+		<th>
 			<td class="label">User profile not found. You may <a href="index.php?page=login.php">login here</a></td>
-		</tr>
+		</th>
 		<tr><td></td></tr>
 		<tr><td></td></tr>
 		<tr>
@@ -304,7 +290,7 @@ function onSubmitOfForm(/*HTMLFormElement*/ theForm){
 	}else{
 		document.getElementById("id-edit-account-profile-form-div").style.display="none";
 		document.getElementById("id-profile-not-found-div").style.display="";		
-	}// end if lResultsFound	
+	}// end if lResultsFound
 </script>
 
 <?php

src/includes/constants.php

@@ -2,7 +2,7 @@
 	/* ------------------------------------------
 	 * @VERSION
 	 * ------------------------------------------*/
-	$C_VERSION = "2.11.19";
+	$C_VERSION = "2.11.20";
 	$C_VERSION_STRING = "Version: " . $C_VERSION;
 	$C_MAX_HINT_LEVEL = 1;
 

src/includes/header.php

@@ -2,6 +2,7 @@
     $lSecurityLevel = $_SESSION["security-level"];
 
     switch ($lSecurityLevel){
+		default: // Default case: This code is insecure
         case "0": // This code is insecure
             $lSecurityLevelMessage = "Security Level: ".$lSecurityLevel." (Hosed)";
             break;
@@ -21,7 +22,8 @@
 	if($_SESSION["user_is_logged_in"] == "True"){
 
 	    switch ($lSecurityLevel){
-	   		case "0": // This code is insecure
+			default: // Default case: This code is insecure
+			case "0": // This code is insecure
 	   		case "1": // This code is insecure
 	   			// DO NOTHING: This is equivalent to using client side security
 				$logged_in_user = $_SESSION["logged_in_user"];
@@ -49,6 +51,8 @@
 			'Logged In ' .
 			$lUserAuthorizationLevelText . ": " .
 			'<span class="logged-in-user">'.$logged_in_user.'</span>'.
+			'<a href="index.php?page=view-account-profile.php&uid='.$lUserID.'">'.
+            '<img src="images/view-icon-20-20.png" /></a>' .
 			'<a href="index.php?page=edit-account-profile.php&uid='.$lUserID.'">'.
             '<img src="images/edit-icon-20-20.png" /></a>';
 	} else {
@@ -66,7 +70,7 @@
 
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
-<html>
+<html lang="en">
 <head>
 	<link rel="shortcut icon" href="./images/favicon.ico" type="image/x-icon" />
 
@@ -90,7 +94,7 @@
 <table class="main-table-frame">
 	<tr class="main-table-frame-dark">
 		<td class="main-table-frame-first-bar" colspan="2">
-			<img src="images/coykillericon-50-38.png"/>
+			<img src="images/coykillericon-50-38.png" alt="Coykiller Icon"/>
 			OWASP Mutillidae II: Keep Calm and Pwn On
 		</td>
 	</tr>

version

@@ -1 +1 @@
-2.11.19
+2.11.20