Removed unused comments + headers

- Created potential fix to SQL Injection warning for delete animals, will monitor and modify/remove accordingly
tylerlight071 · Feb 8, 2024 · fee9302 · fee9302
1 parent 87e343e
commit fee9302
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 17 deletions.
diff --git a/.gitignore b/.gitignore
@@ -152,6 +152,9 @@ dmypy.json
 # Cython debug symbols
 cython_debug/
 
+# .vscode
+.vscode/
+
 # PyCharm
 #  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
 #  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore

diff --git a/N_P_P.py b/N_P_P.py
@@ -4,7 +4,7 @@
 from notifications import notifications
 from staff_portal import staff_portal
 from view_animals import view_animals
-from common_functions import clear_screen, log_action, hash_password, get_mongodb_uri, load_animal_data
+from common_functions import clear_screen, log_action, hash_password, get_mongodb_uri
 from login import login
 from client_database import client_database
 from pymongo import MongoClient

diff --git a/add_animal.py b/add_animal.py
@@ -29,7 +29,7 @@ def add_animal():
         print("Enter animal details or type 'exit' to cancel:")
 
         # Input fields for animal data
-        name = input(Fore.GREEN + "\nName: " + Style.RESET_ALL).strip().capitalize()  # Capitalize the first letter
+        name = input(Fore.GREEN + "\nName: " + Style.RESET_ALL).strip().capitalize()
 
         # Check if user wants to exit
         if name.lower() == 'exit':
@@ -39,9 +39,9 @@ def add_animal():
             print_animal_table(animals)
             break
 
-        species = input(Fore.GREEN + "Species: " + Style.RESET_ALL).strip().capitalize()  # Capitalize the first letter
-        breed = input(Fore.GREEN + "Breed: " + Style.RESET_ALL).strip().capitalize()  # Capitalize the first letter
-        gender = input(Fore.GREEN + "Gender: " + Style.RESET_ALL).strip().capitalize()  # Capitalize the first letter
+        species = input(Fore.GREEN + "Species: " + Style.RESET_ALL).strip().capitalize() 
+        breed = input(Fore.GREEN + "Breed: " + Style.RESET_ALL).strip().capitalize()  
+        gender = input(Fore.GREEN + "Gender: " + Style.RESET_ALL).strip().capitalize()  
         age = input(Fore.GREEN + "Age: " + Style.RESET_ALL).strip()
 
         # Validate input fields

diff --git a/common_functions.py b/common_functions.py
@@ -1,4 +1,5 @@
 import os
+import re
 from argon2 import PasswordHasher
 from argon2.exceptions import VerifyMismatchError
 import datetime
@@ -89,4 +90,9 @@ def get_input(prompt):
             return value
         else:
             print(Fore.RED + "\nThis field cannot be left blank. Please try again." + Style.RESET_ALL)
-            time.sleep(2)
+            time.sleep(2)
+
+def sanitize_input(input_string):
+    # Only allow alphanumeric characters and spaces
+    pattern = re.compile('a-zA-z')
+    return pattern.sub('', input_string)
diff --git a/edit_animal_entries.py b/edit_animal_entries.py
@@ -23,6 +23,7 @@
 
 def get_animal_name():
     return input(Fore.CYAN + "Enter the name of the animal to modify (enter 'exit' to leave): " + Style.RESET_ALL).strip().capitalize()
+
 
 def get_field_choice():
     return input("Enter the number of the field to modify or 'exit' to cancel: ")
@@ -75,6 +76,8 @@ def modify_animal():
         if field_choice.lower() == 'exit':
             print(Fore.YELLOW + "\nExiting..." + Style.RESET_ALL)
             time.sleep(2)
+            clear_screen()
+            print_animal_table(animals)
             return
 
         if field_choice.isdigit():

diff --git a/login.py b/login.py
@@ -1,7 +1,7 @@
 import getpass
 import time
 from colorama import Fore, Style
-from common_functions import clear_screen, log_action, hash_password, verify_password, get_mongodb_uri, get_input
+from common_functions import clear_screen, log_action, hash_password, verify_password, get_mongodb_uri
 from admin_dashboard import admin_dashboard
 from pymongo import MongoClient
 
@@ -34,11 +34,8 @@ def change_admin_password(username):
     # Check if passwords match
     if new_password == confirm_password:
         # Generate salt and hash password
-
         hashed_password = hash_password(new_password)
 
-        # Convert salt to hexadecimal string for serialization   
-
         # Update the password in the MongoDB collection for ADMIN
         users_collection.update_one(
             {'username': 'ADMIN'},
@@ -122,12 +119,6 @@ def login():
     time.sleep(2)
     exit()
 
-def get_user_credentials():
-    print("\n👤 User Login 👤")
-    username = input("\nEnter your username: ")
-    password = getpass.getpass("Enter your password: ")
-    return username, password
-
 def handle_successful_login(user, username, password):
     user_level = user['level']
     print("\nLogging in...")

diff --git a/view_animals.py b/view_animals.py
@@ -1,6 +1,6 @@
 import time
 from colorama import Fore, Style
-from common_functions import clear_screen, load_animal_data, log_action, get_mongodb_uri
+from common_functions import clear_screen, load_animal_data, log_action, get_mongodb_uri, sanitize_input
 from view_animal_profile import view_animals_full
 from sudo_user_login import SudoUserLevel1, SudoUser
 from edit_animal_entries import modify_animal
@@ -150,6 +150,9 @@ def sort_animals(animals, key='name', reverse=False):
     return sorted_animals
 
 def delete_animal(animal_name):
+
+    animal_name = sanitize_input(animal_name)
+
     try:
         animal_count = animals_collection.count_documents({"name": animal_name})