-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
129 lines (111 loc) · 6.19 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
const express = require('express');
const app = express();
const http = require("http").Server(app);
const bodyParser = require("body-parser");
app.use(express.static("public"));
//setup app
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(express.static("public"));
var engines = require("consolidate");
app.engine("html", engines.hogan);
app.set("views", __dirname + "/views");
//access the access database
const ADODB = require('node-adodb');
const conn = ADODB.open(process.env.DATABASE_PATH);
//home page
app.get('/', (req, res) => {
res.sendFile(__dirname + "/views/index.html");
})
//search aida database home page
app.get('/SearchAida', (req, res) => {
conn.query("SELECT DISTINCT Report.RHost FROM Report;").then(data => {
console.log(data)
res.render("searchAida.html", { Names: data });
}).catch(err => console.log(err));
})
//search pctrack database home page
app.get('/SearchPcTrack', (req, res) => {
conn.query("SELECT DISTINCT PcTrack.ComputerName FROM PcTrack;").then(data => {
console.log(data)
res.render("searchPcTrack.html", { Names: data });
}).catch(err => console.log(err));
})
//pc track page
app.get('/pctrack', (req, res) => {
res.sendFile(__dirname + "/views/pctrack.html");
})
//return serial nunmber to client for pc track form
app.post('/pctrackpost', (req, res) => {
//insert into pc track database
var sql = 'INSERT INTO PcTrack(UserName, ComputerName, SerialNumber, ESNNumber, Building, Department, Room, RemoteComputerName, Function, Instrument, Orientation, Browser, TimeSubmitted) VALUES ("' + req.body.username + '","' + req.body.computername + '","' + req.body.serialnumber + '","' + req.body.ESNNumber + '","' + req.body.Building + '","' + req.body.Department + '","' + req.body.Room + '","' + req.body.RemoteComputerName + '","' + req.body.Function + '","' + req.body.Instrument + '","' + req.body.Orientation + '","' + req.body.Browser + '","' + req.body.Timestamp + '")'
conn
.execute(sql, 'SELECT @@Identity AS id')
.then(data => {
console.log(JSON.stringify(data, null, 2));
})
.catch(error => {
console.error(error);
});
//go back to homepage
res.redirect("/")
})
//display hardware
app.post
('/hardware', (req, res) => {
console.log(req)
console.log("hello")
//do not need to worry about sql injection because user cannot type in the input
var sql = "SELECT DISTINCT Item.IField, Item.IValue, Report.RHost FROM Item INNER JOIN Report ON Report.ID = Item.ReportID WHERE Report.RHost='" + req.body.submit + "'AND ( (((Item.ReportID)=Report.ID) And ((Item.IID)=538)) Or (((Item.IID)=539)) Or (((Item.IID)=2581)) Or (((Item.IID)=518)) Or (((Item.IID)=520)) Or (((Item.IID)=528)) Or (((Item.IID)=530)) Or (((Item.IID)=1028)) Or (((Item.IID)=514)) Or (((Item.IID)=2583)) Or (((Item.IID)=534)) Or (((Item.IID)=517)) Or (((Item.IID)=3845)) Or (((Item.IID)=3847)) Or (((Item.IID)=540)) Or (((Item.IID)=3859)) Or (((Item.IID)=3864)) Or (((Item.IID)=2306)) Or (((Item.IID)=523)) Or (((Item.IID)=524)) Or (((Item.IID)=526)) Or (((Item.IID)=536)) Or (((Item.IID)=2582)));"
conn.query(sql).then(data => {
console.log(data);
res.render("hardwaredisplay.html", { Report: data });
}).catch(err => console.log(err));
})
//display software
app.post
('/software', (req, res) => {
//do not need to worry about sql injection because user cannot type in the input
var sql = "SELECT DISTINCT Item.IField, Item.IID, Report.RHost, Item.IDevice FROM Report INNER JOIN Item ON Report.ID = Item.ReportID WHERE Report.RHost='" + req.body.submit + "'AND (((Item.IID)=1281));";
conn.query(sql).then(data => {
console.log(data);
res.render("softwaredisplay.html", { Report: data });
}).catch(err => console.log(err));
})
//get pc track info
app.post
('/pctrackinfo', (req, res) => {
conn.query("SELECT DISTINCT PcTrack.ComputerName, PcTrack.SerialNumber, PcTrack.ESNNumber, PcTrack.Building, PcTrack.Department, PcTrack.Room, PcTrack.RemoteComputerName, PcTrack.Function, PcTrack.Instrument, PcTrack.Orientation, PcTrack.Browser FROM PcTrack WHERE PcTrack.ComputerName='" + req.body.submit + "'").then(data => {
console.log(data);
res.render("pctrackdisplay.html", { Report: data });
}).catch(err => console.log(err));
})
//get comp info from pc track by department
app.post
('/department', (req, res) => {
conn.query("SELECT DISTINCT PcTrack.ComputerName, PcTrack.SerialNumber, PcTrack.ESNNumber, PcTrack.Building, PcTrack.Department, PcTrack.Room, PcTrack.RemoteComputerName, PcTrack.Function, PcTrack.Instrument, PcTrack.Orientation, PcTrack.Browser FROM PcTrack WHERE PcTrack.Department='" + req.body.submit + "'").then(data => {
console.log(data);
res.render("pctrackdisplay.html", { Report: data });
}).catch(err => console.log(err));
})
app.post('/printerinfo', (req, res) => {
conn.query("SELECT DISTINCT Item.IField, Item.IValue, Item.IID, Report.RHost, Item.IDevice FROM Report INNER JOIN Item ON Report.ID = Item.ReportID WHERE (((Item.IID)=1028)) OR (((Item.IID)=536));").then(data => {
console.log(data)
res.render("printerdisplay.html", { Report: data });
}).catch(err => console.log(err));
})
app.post('/softwarecount', (req, res) => {
conn.query("SELECT DISTINCT COUNT(Item.IDevice), Item.IDevice, Report.RHost FROM Report INNER JOIN Item ON Report.ID = Item.ReportID WHERE ((Item.IID)=1281) GROUP BY Item.IID, Item.IDevice, Report.RHost;").then(data => {
console.log(data)
res.render("softwarecount.html", { Report: data });
}).catch(err => console.log(err));
})
app.post('/softwarecount-computernames', (req, res) => {
console.log(req.body.submit)
conn.query("SELECT DISTINCT Item.IDevice, Report.RHost FROM Report INNER JOIN Item ON Report.ID = Item.ReportID WHERE Item.IDevice='" + req.body.submit + "'").then(data => {
console.log(data);
res.render("softwarecount-computername.html", { Report: data });
}).catch(err => console.log(err));
})
//port from IIS server
app.listen(process.env.PORT);