edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen an seitensicherheitsmechanismus um Angirffe abzuwehen und nur authentifizierte nutzer zuzulassen, welche von der Login-Page kommen und so eine Session variable erzeugt haben mit der CustomerId drin, um Querystrings zu sparen. Auch das Page_Laod Event wird überarbeitet.

Browse Source
This commit is contained in:
ja
2021-10-29 14:37:24 +02:00
parent 7df36dc972
commit 014fefb710
16 changed files with 362 additions and 352 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Customers/Cards_Boxes.aspx.vb
View File

@@ -1,5 +1,21 @@

Partial Class Customers_Default
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Else
FormsAuthentication.RedirectToLoginPage()
End If
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
End Class

21
Customers/Customers.master
View File

@@ -223,12 +223,12 @@
lastloggedin = dr("LastLoginDate").ToString()
createdUserDate = dr("CreatedDate").ToString()
emailuser = dr("Email").ToString()
CustomerID = dr("KundenNr").ToString()
Session.Add("CustomerID", VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID))
CustomerID = dr("KundenNr").ToString
End If
End Using
con.Close()
End Using
%>
<li class="wrapper">
<!-- Sidebar -->
@@ -270,13 +270,13 @@
<ul style="list-style: none;"class="collapse list-unstyled" id="RechnungenSubmenu1">
<span class="navbar-toggler-icon"></span>-->
<%If Me.Page.User.Identity.Name = "test" Then %>
<li><a href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<li><a href="Invoices.aspx" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<%ElseIf Me.Page.User.Identity.Name = "test2" Then %>
<li><a href="LKWs.aspx" style="background-color:#fff;color:#043381;text-align:left;border:none">LKWs</a></li>
<%ElseIf Me.Page.User.Identity.Name = "userwithlongername" Then%>
<li><a type="button" class="btn btn-primary" href="#" aria-disabled="true" data-bs-toggle="tooltip" data-bs-placement="top" title="Bald verfügbar!" style="background-color:#fff;color:#043381;text-align:left;border:none">Coming soon</a></li>
<%ElseIf Me.Page.User.Identity.Name = "Userwithlongername" Then%>
<li><a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<li><a type="button" class="btn btn-primary" href="Invoices.aspx" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<%End If %>
<!-- </ul>-->
</li>
@@ -302,11 +302,11 @@
<%If Me.Page.User.Identity.Name = "test" Then %>
<li><a href="#" aria-disabled="true" data-bs-toggle="tooltip" data-bs-placement="top" title="Bald verfügbar!" style="background-color:#fff;color:#043381;text-align:left;border:none">Coming soon</a></li>
<%ElseIf Me.Page.User.Identity.Name = "test2" Then %>
<li><a href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<li><a href="Invoices.aspx" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<%ElseIf Me.Page.User.Identity.Name = "userwithlongername" Then%>
<li><a type="button" class="btn btn-primary" href="#" aria-disabled="true" data-bs-toggle="tooltip" data-bs-placement="top" title="Bald verfügbar!" style="background-color:#fff;color:#043381;text-align:left;border:none">Coming soon</a></li>
<%ElseIf Me.Page.User.Identity.Name = "Userwithlongername" Then%>
<li><a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID) %>" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<li><a type="button" class="btn btn-primary" href="Invoices.aspx" style="background-color:#fff;color:#043381;text-align:left;border:none">Rechnungen</a></li>
<%End If %>
<!-- </ul>-->
</li>
@@ -345,6 +345,7 @@
<li> Registriert seit: <%=createdUserDate %></li>
<li> Email: <%=emailuser %></li>
<li>letzter Login: <%=lastloggedin %></li>
<li>Kundenummer: <%=CustomerID %></li>
<li> Die Berechtigungen im Überblick:</li>
<ul>
@@ -457,9 +458,9 @@
<%If Me.Page.User.Identity.Name = "test" Then %>
<a type="button" class="btn btn-primary" href="CustomsAviso.aspx">Aufträge</a>
<%ElseIf Me.Page.User.Identity.Name = "test2" Then%>
<a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>">Rechnungen</a>
<a type="button" class="btn btn-primary" href="Invoices.aspx">Rechnungen</a>
<%ElseIf Me.Page.User.Identity.Name = "userwithlongername" Then%>
<a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>">Rechnungen</a>
<a type="button" class="btn btn-primary" href="Invoices.aspx">Rechnungen</a>
<%ElseIf Me.Page.User.Identity.Name = "Userwithlongername" Then%>
<a type="button" class="btn btn-primary" href="CustomsAviso.aspx" aria-disabled="false" data-bs-toggle="tooltip" data-bs-placement="top" title="Aufträge" style="background-color:#fff;color:#043381;text-align:left;border:none">Aufträge</a>
<% End If %>
@@ -476,13 +477,13 @@
</div>
<div class="btn-group">
<%If Me.Page.User.Identity.Name = "test" Then %>
<a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>">Rechnungen</a>
<a type="button" class="btn btn-primary" href="Invoices.aspx">Rechnungen</a>
<%ElseIf Me.Page.User.Identity.Name = "test2" Then%>
<a type="button" class="btn btn-primary" href="Cards_Boxes.aspx">Karten_Boxen</a>
<%ElseIf Me.Page.User.Identity.Name = "userwithlongername" Then%>
<a type="button" class="btn btn-primary" href="CustomsAviso.aspx" aria-disabled="false" data-bs-toggle="tooltip" data-bs-placement="top" title="Aufträge" style="background-color:#fff;color:#043381;text-align:left;border:none">Aufträge</a>
<%ElseIf Me.Page.User.Identity.Name = "Userwithlongername" Then%>
<a type="button" class="btn btn-primary" href="Invoices.aspx?P4=<%=VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(CustomerID)%>">Rechnungen</a>
<a type="button" class="btn btn-primary" href="Invoices.aspx">Rechnungen</a>
<% End If %>
<!-- <button type="button" class="btn btn-danger dropdown-toggle dropdown-toggle-split" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="background-color:#fff; color:#043381;border:hidden;">
<span class="visually-hidden">Toggle Dropdown</span>

4
Customers/Customers.master.vb
View File

@@ -1,7 +1,11 @@

Partial Class Customers_Customers
Inherits System.Web.UI.MasterPage
Protected Sub LogoutButton1_Click(sender As Object, e As EventArgs)
Page.MaintainScrollPositionOnPostBack = True
Page.MetaDescription = "Die Masterpage für alle Unterseiten"
Response.Redirect("../login/Logout.aspx")
End Sub

23
Customers/CustomsAviso.aspx.vb
View File

@@ -15,10 +15,19 @@ Partial Class CustomsAviso
Dim Art As String = ""
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Page.UnobtrusiveValidationMode = UnobtrusiveValidationMode.WebForms
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
DataBind()
tbl_Header_row.TableSection = TableRowSection.TableHeader
' MsgBox(datebis)
If (Page.IsPostBack And normaltable.EnableViewState = False) Then
Page.MaintainScrollPositionOnPostBack = True
normaltable.EnableViewState = True
If rbt_Alle.Checked = True Then
lbl_von.Visible = True
@@ -69,6 +78,7 @@ Partial Class CustomsAviso
datevon = Date.Parse(pickdate1.Text)
datebis = Date.Parse(pickdate2.Text)
Else
Page.MaintainScrollPositionOnPostBack = False
rbt_Alle.Checked = True
normaltable.EnableViewState = True
lbl_von.Visible = True
@@ -127,6 +137,9 @@ Partial Class CustomsAviso
regval_txt_Absender_M.Enabled = True
End If
End If
Else
FormsAuthentication.RedirectToLoginPage()
End If
End Sub
Protected Sub initcells(tr As TableRow, t1 As TableCell, t2 As TableCell, t3 As TableCell, t4 As TableCell, t5 As TableCell, t6 As TableCell, t7 As TableCell, t8 As TableCell, th1 As TableHeaderCell, th2 As TableHeaderCell, th3 As TableHeaderCell, th4 As TableHeaderCell, th5 As TableHeaderCell, th6 As TableHeaderCell, th7 As TableHeaderCell, th8 As TableHeaderCell)
@@ -237,14 +250,8 @@ Partial Class CustomsAviso
End Sub
Protected Sub btn_Auftraege_Click(sender As Object, e As EventArgs)
'MsgBox(Session.Item("test").ToString)
'MsgBox(Session.Item("CustomerID").ToString)
'MsgBox(Session.Item("PW").ToString)
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When Kdnrtext = Nothing
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
dt = Nothing
If txt_Absender.Text IsNot "" Then
txt_Absender.ValidateRequestMode = UI.ValidateRequestMode.Enabled

18
Customers/Default.aspx.vb
View File

@@ -1,5 +1,21 @@

Partial Class Customers_Default
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(sender As Object, e As EventArgs)
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Else
FormsAuthentication.RedirectToLoginPage()
End If
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
End Class

18
Customers/Default2.aspx.vb
View File

@@ -1,5 +1,21 @@

Partial Class Customers_Default2
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(sender As Object, e As EventArgs)
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Else
FormsAuthentication.RedirectToLoginPage()
End If
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
End Class

35
Customers/Invoices.aspx
View File

@@ -90,13 +90,13 @@
<div class="col-12" id="cont4">
<div class="col-12" id="container2" style="margin-left:2px">
<asp:Label ID="lbl_von" runat="server" Text="Von:"></asp:Label>
<asp:TextBox ID="pickdate1" Type="Date" CssClass="classTarget" requiered="true" OnTextChanged="pickdate1_TextChanged" minDate="<%=New Date(Now().Year, Now().Month, 1) %>" runat="server"></asp:TextBox>
<asp:RequiredFieldValidator ControlToValidate="pickdate1" Display="Dynamic" ID="valreq_pickdate1" runat="server" ErrorMessage=""></asp:RequiredFieldValidator>
<asp:CustomValidator runat="server" ID="valDateRange_1" ControlToValidate="pickdate1" Display="Dynamic" OnServerValidate="valDateRange_1_ServerValidate" ErrorMessage="" SetFocusOnError="true" ValidationGroup="Datevalid"></asp:CustomValidator>
<asp:TextBox ID="pickdate1" Type="Date" CssClass="classTarget" minDate="<%=New Date(Now().Year, Now().Month, 1) %>" runat="server"></asp:TextBox>
<asp:RequiredFieldValidator ControlToValidate="pickdate1" Display="Dynamic" ID="valreq_pickdate1" runat="server" ErrorMessage="Missing date1"></asp:RequiredFieldValidator>
<asp:CustomValidator runat="server" ID="valDateRange_1" ControlToValidate="pickdate1" Display="Dynamic" ErrorMessage="Error in date1" SetFocusOnError="true" ValidationGroup="Datevalid"></asp:CustomValidator>
<asp:Label ID="lbl_bis" runat="server" Text="Bis:"></asp:Label>
<asp:TextBox ID="pickdate2" Type="Date" CssClass="classTarget" OnTextChanged="pickdate2_TextChanged" required="true" runat="server" minDate="<%= DateTime.Now.Date %>"></asp:TextBox>
<asp:RequiredFieldValidator ControlToValidate="pickdate2" Display="Dynamic" ID="valreq_pickdate2" runat="server" ErrorMessage=""></asp:RequiredFieldValidator>
<asp:CustomValidator runat="server" ID="valDateRange_2" ControlToValidate="pickdate2" Display="Dynamic" OnServerValidate="valDateRange_2_ServerValidate" ErrorMessage="" SetFocusOnError="true" ValidationGroup="Datevalid"></asp:CustomValidator>
<asp:TextBox ID="pickdate2" Type="Date" CssClass="classTarget" runat="server" minDate="<%= DateTime.Now.Date %>"></asp:TextBox>
<asp:RequiredFieldValidator ControlToValidate="pickdate2" Display="Dynamic" ID="valreq_pickdate2" runat="server" ErrorMessage="Missing date2"></asp:RequiredFieldValidator>
<asp:CustomValidator runat="server" ID="valDateRange_2" ControlToValidate="pickdate2" Display="Dynamic" ErrorMessage="Error in date2" SetFocusOnError="true" ValidationGroup="Datevalid"></asp:CustomValidator>
</div>
<div id="Abstand"></div>
<hr>
@@ -105,32 +105,31 @@
<div id="Abstand"></div>
<!--Desktop/Tablet-->
<div class="d-none d-md-block">
<!-- optionale Suchparameter -->
<div class="row">
<div id="rowcol1" class="col-12">
<form class="myform" id="commentform">
<asp:Label ID="lbl_LKWNr" runat="server" Text="LKW Kennzeichen"></asp:Label>
<asp:TextBox ID="txt_LKWNr" runat="server" style="width:117px;margin-left:32px" OnTextChanged="txt_LKWNr_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_LKWNr" runat="server" style="width:117px;margin-left:32px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_LKWNr" runat="server" ID="regexval_txt_LKW" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{30})\d$" Display="Dynamic" ErrorMessage="LKW Kennzeichen: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:Label ID="lbl_KdNrAuftrag" runat="server" Text="Kunden Auftrags Nr" style="margin-left:45px"></asp:Label>
<asp:TextBox ID="txt_KdNrAuftrag" runat="server" style="width:117px;margin-left:6px" OnTextChanged="txt_KdNrAuftrag_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_KdNrAuftrag" runat="server" style="width:117px;margin-left:6px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_KdNrAuftrag" runat="server" ID="regexval_txt_KdNrAuftrag" ValidationGroup="additional_TXTs" ValidationExpression="^([0-9]{8})$" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
<div id="rowcol2" class="col-12">
<form class="myform" id="commentform_2">
<asp:Label ID="lbl_Absender" runat="server" Text="Absender"></asp:Label>
<asp:TextBox ID="txt_Absender" runat="server" style="width:117px;margin-left:78px" OnTextChanged="txt_Absender_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_Absender" runat="server" style="width:117px;margin-left:78px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Absender" runat="server" ID="regexval_txt_Absender" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ErrorMessage="Absender: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:Label ID="lbl_Empfaenger" runat="server" Text="Empfaenger" style="margin-left:45px"></asp:Label>
<asp:TextBox id="txt_Empfaenger" runat="server" style="width:155px;margin-left:49px" OnTextChanged="txt_Empfaenger_TextChanged"></asp:TextBox>
<asp:TextBox id="txt_Empfaenger" runat="server" style="width:155px;margin-left:49px" ></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Empfaenger" runat="server" ID="regexval_txt_Empfaenger" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ErrorMessage="Empfänger: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
<div id="rowcol3" class="col-12">
<form class="myform" id="commentform_3">
<asp:Label ID="lbl_ReNr" runat="server" Text="Rechnungs-Nummer:"></asp:Label>
<asp:TextBox ID="txt_ReNr" runat="server" style="width:117px;margin-left:8px" OnTextChanged="txt_ReNr_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_ReNr" runat="server" style="width:117px;margin-left:8px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_ReNr" runat="server" ID="regexval_txt_ReNr" ValidationGroup="additional_TXTs" ValidationExpression="^([1-9]{8})$" Display="Dynamic" ErrorMessage="Rechnungsnummer: Falsches Format" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
@@ -142,27 +141,27 @@
<div id="rowcol4" class="col-12 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<form class="myform_M" id="commentform_4">
<asp:Label ID="lbl_LKWNr_M" runat="server" Text="LKW Kennzeichen"></asp:Label>
<asp:TextBox ID="txt_LKWNr_M" runat="server" style="width:105px;margin-left:29px" OnTextChanged="txt_LKWNr_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_LKWNr_M" runat="server" style="width:105px;margin-left:29px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_LKWNr_M" runat="server" ID="regexval_txt_LKW_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{30})\d$" Display="Dynamic" ErrorMessage="LKW Kennzeichen: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:Label ID="lbl_KdNrAuftrag_M" runat="server" Text="Kunden Auftrags Nr" ></asp:Label>
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" style="width:105px;margin-left:13px" OnTextChanged="txt_KdNrAuftrag_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" style="width:105px;margin-left:13px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_KdNrAuftrag_M" runat="server" ID="regexval_txt_KdNrAuftrag_M" ValidationGroup="additional_TXTs" ValidationExpression="^([0-9]{7})$" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
<div id="rowcol5" class="col-12 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<form class="myform_M" id="commentform_5">
<asp:Label ID="lbl_Absender_M" runat="server" Text="Absender"></asp:Label>
<asp:TextBox ID="txt_Absender_M" runat="server" style="width:105px;margin-left:85px" OnTextChanged="txt_Absender_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_Absender_M" runat="server" style="width:105px;margin-left:85px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Absender_M" runat="server" ID="regexval_txt_Absender_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ErrorMessage="Absender: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:Label ID="lbl_Empfaenger_M" runat="server" Text="Empfaenger"></asp:Label>
<asp:TextBox id="txt_Empfaenger_M" runat="server" style="width:105px;margin-left:65px" OnTextChanged="txt_Empfaenger_M_TextChanged"></asp:TextBox>
<asp:TextBox id="txt_Empfaenger_M" runat="server" style="width:105px;margin-left:65px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Empfaenger_M" runat="server" ID="regexval_txt_Empfaenger_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ErrorMessage="Empfänger: Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
<div id="rowcol6" class="col-12 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<form class="myform_M" id="commentform_6">
<asp:Label ID="lbl_ReNr_M" runat="server" Text="Rechnungs-Nummer"></asp:Label>
<asp:TextBox ID="txt_ReNr_M" runat="server" style="width:105px;margin-left:0px" OnTextChanged="txt_ReNr_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_ReNr_M" runat="server" style="width:105px;margin-left:0px"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_ReNr_M" runat="server" ID="regexval_txt_ReNr_M" ValidationGroup="additional_TXTs" ValidationExpression="^([1-9]{8})$" Display="Dynamic" ErrorMessage="Rechnungsnummer: Falsches Format" SetFocusOnError="true"></asp:RegularExpressionValidator>
</form>
</div>
@@ -185,7 +184,7 @@
</div>
</div>
<div id="Abstand_laenger" style="height: /*24px*/ 1.873536299765808vh;"></div>
<asp:Button ID="Send_Data" CssClass=" btn-primary" runat="server" Text="Erhalte Rechnungen" style="font-size:1.33em;width:18%;height:30px;color:#fff" OnClick="Send_Data_Click" /><asp:Button ID="btn_Send" runat="server" Text="Erhalte Rechnungen" CssClass="btn btn-primary" />
<asp:Button ID="Send_Data" class="btn btn-primary" OnClick="Send_Data_Click" runat="server" Text="Erhalte Rechnungen" CausesValidation="false" Autopostback="True" style="font-size:1.33em;width:260px;height:30px;color:#fff" />
<div id="Abstand_lang" style="height: /*32px*/ 2.498048399687744vh;"></div>
<div class="g-3">
<div id="conovertab" style="overflow-x:auto;margin-left:-2px">

161
Customers/Invoices.aspx.vb
View File

@@ -14,28 +14,31 @@ Partial Class Customers_Invoices
Dim reNr As String = ""
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Page.UnobtrusiveValidationMode = UnobtrusiveValidationMode.WebForms
DataBind()
tbl_Header_row.TableSection = TableRowSection.TableHeader
If (Page.IsPostBack) Then
valreq_pickdate1.Validate()
valreq_pickdate2.Validate()
If valreq_pickdate1.IsValid And valreq_pickdate2.IsValid Then
valDateRange_1.Validate()
valDateRange_2.Validate()
If valDateRange_1.IsValid AndAlso valDateRange_2.IsValid Then
If (Page.IsPostBack And normaltable.EnableViewState = False) Then
Page.MaintainScrollPositionOnPostBack = True
normaltable.EnableViewState = True
datevon = Date.Parse(pickdate1.Text)
datebis = Date.Parse(pickdate2.Text)
End If
End If
Else
Page.MaintainScrollPositionOnPostBack = False
normaltable.EnableViewState = True
lbl_von.Visible = True
lbl_bis.Visible = True
valDateRange_1.Enabled = True
valDateRange_2.Enabled = True
Dim erster = New Date(Now().Year, Now().Month, 1)
Dim ersterdat = erster.Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString
Dim ersterdat = "1." + Now().Month.ToString + "." + Now().Year.ToString
pickdate1.Text = erster.Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString
' MsgBox(ersterdat)
datevon = ersterdat
@@ -43,6 +46,9 @@ Partial Class Customers_Invoices
pickdate2.Text = Now().ToShortDateString()
pickdate1.Text = erster.Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString
End If
Else
FormsAuthentication.RedirectToLoginPage()
End If
End Sub
Protected Sub initcells(tr As TableRow, t1 As TableCell, t2 As TableCell, t3 As TableCell, t4 As TableCell, t5 As TableCell, t6 As TableCell, t7 As TableCell, t8 As TableCell, th1 As TableHeaderCell, th2 As TableHeaderCell, th3 As TableHeaderCell, th4 As TableHeaderCell, th5 As TableHeaderCell, th6 As TableHeaderCell, th7 As TableHeaderCell, th8 As TableHeaderCell)
@@ -158,122 +164,17 @@ Partial Class Customers_Invoices
reNr = ""
End Sub
Protected Sub pickdate1_TextChanged(sender As Object, e As EventArgs)
End Sub
Protected Sub valDateRange_1_ServerValidate(source As Object, args As ServerValidateEventArgs)
Dim minDate As DateTime = DateTime.Parse("01.04.2001")
Dim maxDate As DateTime = DateTime.Parse(DateTime.Now.ToShortDateString)
Dim dt As DateTime
args.IsValid = (DateTime.TryParse(args.Value, dt) AndAlso
dt <= maxDate AndAlso
dt >= minDate)
End Sub
Protected Sub pickdate2_TextChanged(sender As Object, e As EventArgs)
End Sub
Protected Sub valDateRange_2_ServerValidate(source As Object, args As ServerValidateEventArgs)
Dim minDate As DateTime = DateTime.Parse("01." + Date.Now.Month.ToString + ".2001")
Dim maxDate As DateTime = DateTime.Parse(DateTime.Now.ToShortDateString)
Dim dt As DateTime
args.IsValid = (DateTime.TryParse(args.Value, dt) AndAlso
dt <= maxDate AndAlso
dt >= minDate) And dt < Date.Now.AddDays(-1)
End Sub
Protected Sub txt_LKWNr_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_LKWNr.Text) Then
regexval_txt_LKW.Enabled = False
Else
regexval_txt_LKW.Enabled = True
End If
End Sub
Protected Sub txt_Empfaenger_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_Empfaenger.Text) Then
regexval_txt_Empfaenger.Enabled = False
Else
regexval_txt_Empfaenger.Enabled = True
End If
End Sub
Protected Sub txt_Absender_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_Absender.Text) Then
regexval_txt_Absender.Enabled = False
Else
regexval_txt_Absender.Enabled = True
End If
End Sub
Protected Sub txt_ReNr_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_ReNr_M.Text) Then
regexval_txt_ReNr_M.Enabled = False
Else
regexval_txt_ReNr_M.Enabled = True
End If
End Sub
Protected Sub txt_KdNrAuftrag_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_KdNrAuftrag.Text) Then
regexval_txt_KdNrAuftrag.Enabled = False
Else
regexval_txt_KdNrAuftrag.Enabled = True
End If
End Sub
Protected Sub txt_LKWNr_M_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_LKWNr_M.Text) Then
regexval_txt_LKW_M.Enabled = False
Else
regexval_txt_LKW_M.Enabled = True
End If
End Sub
Protected Sub txt_KdNrAuftrag_M_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_KdNrAuftrag_M.Text) Then
regexval_txt_KdNrAuftrag_M.Enabled = False
Else
regexval_txt_KdNrAuftrag_M.Enabled = True
End If
End Sub
Protected Sub txt_Absender_M_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_Absender_M.Text) Then
regexval_txt_Absender_M.Enabled = False
Else
regexval_txt_Absender_M.Enabled = True
End If
End Sub
Protected Sub txt_ReNr_M_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_ReNr_M.Text) Then
regexval_txt_ReNr_M.Enabled = False
Else
regexval_txt_ReNr_M.Enabled = False
End If
End Sub
Protected Sub txt_Empfaenger_M_TextChanged(sender As Object, e As EventArgs)
If String.IsNullOrEmpty(txt_Empfaenger_M.Text) Then
regexval_txt_Empfaenger_M.Enabled = False
Else
regexval_txt_Empfaenger_M.Enabled = True
End If
End Sub
Protected Sub Send_Data_Click(sender As Object, e As EventArgs)
dt = Nothing
pickdate1.ValidateRequestMode = UI.ValidateRequestMode.Enabled
pickdate2.ValidateRequestMode = UI.ValidateRequestMode.Enabled
valreq_pickdate1.Validate()
valreq_pickdate2.Validate()
If valreq_pickdate1.IsValid And valreq_pickdate2.IsValid And Kdnrtext = Not "" Then
If txt_Absender.Text IsNot "" Then
valDateRange_1.Validate()
valDateRange_2.Validate()
If Not String.IsNullOrEmpty(txt_Absender.Text) And valDateRange_1.IsValid And valDateRange_2.IsValid Then
regexval_txt_Absender.Enabled = True
regexval_txt_Absender.Validate()
txt_Absender.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -287,7 +188,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_Empfaenger.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_Empfaenger.Text) Then
regexval_txt_Empfaenger.Enabled = True
regexval_txt_Empfaenger.Validate()
txt_Empfaenger.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -301,7 +202,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_KdNrAuftrag.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_KdNrAuftrag.Text) Then
regexval_txt_KdNrAuftrag.Enabled = True
regexval_txt_KdNrAuftrag.Validate()
txt_KdNrAuftrag.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -315,7 +216,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_LKWNr.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_LKWNr.Text) Then
regexval_txt_LKW.Enabled = True
regexval_txt_LKW.Validate()
txt_LKWNr.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -329,7 +230,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_ReNr.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_ReNr.Text) Then
regexval_txt_ReNr.Enabled = True
regexval_txt_ReNr.Validate()
txt_ReNr.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -344,7 +245,7 @@ Partial Class Customers_Invoices
End Try
End If
If txt_Absender_M.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_Absender_M.Text) Then
txt_Absender_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
Try
Absender = txt_Absender_M.Text
@@ -352,7 +253,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_Empfaenger_M.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_Empfaenger_M.Text) Then
txt_Empfaenger_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
Try
Empfaenger = txt_Empfaenger_M.Text
@@ -360,7 +261,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_KdNrAuftrag_M.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_KdNrAuftrag_M.Text) Then
txt_KdNrAuftrag_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
Try
KDNAFNR = txt_KdNrAuftrag_M.Text
@@ -368,7 +269,7 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_LKWNr_M.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_LKWNr_M.Text) Then
txt_LKWNr_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
Try
LKWNR = txt_LKWNr_M.Text
@@ -376,7 +277,8 @@ Partial Class Customers_Invoices
MsgBox(ex.Message)
End Try
End If
If txt_ReNr_M.Text IsNot "" Then
If Not String.IsNullOrEmpty(txt_ReNr_M.Text) Then
txt_ReNr_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
Try
reNr = txt_ReNr_M.Text
@@ -406,12 +308,11 @@ Partial Class Customers_Invoices
End Try
End If
Kdnrtext = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("P4"))
'MsgBox(Kdnrtext)
If String.IsNullOrEmpty(Kdnrtext) = False And String.IsNullOrEmpty(datevon.ToString) = False And String.IsNullOrEmpty(datebis.ToString) = False Then
dt = VERAG_PROG_ALLGEMEIN.cRechnungsausgang.GET_LIST_WEB(Integer.Parse(Kdnrtext), datevon, datebis, Integer.Parse(reNr), Absender, Empfaenger, LKWNR, KDNAFNR)
ElseIf String.IsNullOrEmpty(Kdnrtext) = True Or String.IsNullOrEmpty(datevon.ToString) = True And String.IsNullOrEmpty(datebis.ToString) = True And String.IsNullOrEmpty(reNr) = True And String.IsNullOrEmpty(Absender) = False And String.IsNullOrEmpty(LKWNR) = False And String.IsNullOrEmpty(Empfaenger) = False And String.IsNullOrEmpty(KDNAFNR) = False Then
dt = VERAG_PROG_ALLGEMEIN.cRechnungsausgang.GET_LIST_WEB(Integer.Parse(Kdnrtext), datevon, datebis, Integer.Parse(reNr), Absender, Empfaenger, LKWNR, KDNAFNR)
valreq_pickdate1.Validate()
valreq_pickdate2.Validate()
End If

17
Customers/LKWs.aspx.vb
View File

@@ -1,5 +1,22 @@

Partial Class LKWS
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Else
FormsAuthentication.RedirectToLoginPage()
End If
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
End Class

11
Customers/Welcome.aspx.vb
View File

@@ -1,5 +1,14 @@

Partial Class Welcome
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
End If
End Sub
End Class

18
Customers/pdfviewer.aspx.vb
View File

@@ -1,5 +1,21 @@

Partial Class Customers_Default3
Inherits System.Web.UI.Page
Dim Kdnrtext As String = String.Empty
Protected Sub Page_Load(sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Me.Page.User.Identity.IsAuthenticated Then
Try
Kdnrtext = Session.Item("CustomerID")
Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
End Try
Else
FormsAuthentication.RedirectToLoginPage()
End If
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
End Class

8
Web.config
View File

@@ -1,4 +1,4 @@
<?xml version="1.0"?>
<?xml version="1.0" encoding="utf-8"?>
<!--
Weitere Informationen zum Konfigurieren der ASP.NET-Anwendung finden Sie unter
http://go.microsoft.com/fwlink/?LinkId=169433
@@ -132,6 +132,12 @@
</authorization>
</system.web>
</location>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
<!--ProjectGuid: 9b651bc0-361a-4f93-8118-dd8a986f2371-->
<!--Deny access for 'images' folder-->

9
css/Customers/Invoices.css
View File

@@ -1,6 +1,7 @@
.btn btn-primary {
color: #043381;
background-color: #fff;
}
#tableSearch {
@@ -60,9 +61,9 @@ hr {
#btn_resetForm {
margin-right: 2px;
}
#Send_Data {
ContentPlaceHolder1_Send_Data {
height: 15px;
width: 120%;
width: 240px;
}
@media (max-width: 558.98px) {
#conovertab {
@@ -139,9 +140,9 @@ hr {
max-width: /*390px;*/ 85.90308370044053vw;
overflow-x: auto;
}
#Send_Data {
#ContentPlaceHolder1_Send_Data {
height: 15px;
width: 120%;
width: 300px;
}
#pickdate1 {
border: 1px solid #000000;

8
login/login_FLEX.aspx.vb
View File

@@ -125,7 +125,7 @@ Partial Class login_FLEX
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT UserId,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND UserId=@KundenNr")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", UserNaMe)
cmd.Parameters.AddWithValue("@KundenNr", Customer_ID)
@@ -145,8 +145,8 @@ Partial Class login_FLEX
Login1.FailureText = "Account ist nicht freigeschaltet."
Exit Select
Case Else
If tb.Text = dr("UserId") Then
Customer_ID = dr("UserId").ToString
If tb.Text = dr("KundenNr") Then
Customer_ID = dr("KundenNr").ToString
Else
Login1.FailureText = "ID cannot be found in the database!"
End If
@@ -156,7 +156,7 @@ Partial Class login_FLEX
Login1.FailureText = "Username is not in the database!"
End If
If tb3.Text = dr("Password") Then
passw = dr("Password").ToString
passw = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(dr("Password").ToString)
Else
Login1.FailureText = "Password is not in the database!"
End If

2
login/login_TEST.aspx.vb
View File

@@ -22,7 +22,7 @@ Partial Class login_TEST
Using cmd As New SqlCommand("SELECT COUNT(*) FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", Login1.UserName)
cmd.Parameters.AddWithValue("@Password", Login1.Password)
cmd.Parameters.AddWithValue("@Password", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Login1.Password))
cmd.Connection = con
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())

1
packages.config
View File

@@ -10,6 +10,7 @@
<package id="Microsoft.CodeAnalysis.CSharp" version="3.9.0" targetFramework="net47" />
<package id="Microsoft.CodeAnalysis.CSharp.Scripting" version="3.9.0" targetFramework="net47" />
<package id="Microsoft.CodeAnalysis.Scripting.Common" version="3.9.0" targetFramework="net47" />
<package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.0" targetFramework="net47" />
<package id="Microsoft.CSharp" version="4.3.0" targetFramework="net47" />
<package id="Microsoft.CST.DevSkim" version="0.4.253" targetFramework="net47" />
<package id="Microsoft.CST.OAT" version="1.0.88" targetFramework="net47" />