From 0aec73ccf68309152e283d7116f8363993c07904 Mon Sep 17 00:00:00 2001
From: ja <ja@verag.ag>
Date: Thu, 11 Nov 2021 15:38:59 +0100
Subject: [PATCH] =?UTF-8?q?=C3=84nderungen=20GUI=20und=20Logik=20der=20Val?=
 =?UTF-8?q?idierungen?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 login/Change_PW.aspx    |   6 +-
 login/Change_PW.aspx.vb | 270 ++++++++++++++++++++++------------------
 2 files changed, 149 insertions(+), 127 deletions(-)

diff --git a/login/Change_PW.aspx b/login/Change_PW.aspx
index 15de21c..9e36bdc 100644
--- a/login/Change_PW.aspx
+++ b/login/Change_PW.aspx
@@ -169,7 +169,7 @@
                          </tr>
                         <tr style="color:#003680;height:15.67px;">
                             <td>    
-                                <asp:Button ID="btn_submitpw" runat="server" Text="Change the password!" OnClick="btn_submitpw_Click" Width="250px" style="margin-left:46px;border:none"/>
+                                <asp:Button ID="btn_submitpw" runat="server" Text="Change the password!" Width="250px" style="margin-left:46px;border:none"/>
                             </td>
                         </tr>
                               <tr style="color:#003680;height:10px;">
@@ -197,7 +197,7 @@
                           </tr>                    
                           <tr style="color:#003680;height:36.67px;">
                             <td>
-                                <asp:TextBox id="txt_Pw_M" CssClass="bg-key-icon" runat="server" Font-Size="1.125em" ValidationGroup="TXT_val_M" TextMode="Password" Width="245px" Font-Names="Verdana" OnTextChanged="txt_Pw_TextChanged" AutoCompleteType="Disabled" style="margin-left:22px;color:#003680" Placeholder="Enter Password"></asp:TextBox> 
+                                <asp:TextBox id="txt_Pw_M" CssClass="bg-key-icon" runat="server" Font-Size="1.125em" ValidationGroup="TXT_val_M" TextMode="Password" Width="245px" Font-Names="Verdana" OnTextChanged="txt_Pw_M_TextChanged" AutoCompleteType="Disabled" style="margin-left:22px;color:#003680" Placeholder="Enter Password"></asp:TextBox> 
                                 <span></span></td>
                                 <td>
                                 <asp:ImageButton ID="Image1_M" runat="server" ImageUrl="~/images/Icons/service/hilfe.png" Height="22px" Width="19px" style="margin-left:12px"/>
@@ -210,7 +210,7 @@
                               </tr>                                 
                          <tr style="color:#003680;height:36.67px;">
                             <td>
-                                <asp:TextBox id="txt_Pw_WH_M" CssClass="bg-key-icon" Width="245px" Font-Size="1.125em" ValidationGroup="TXT_val_WH_M" OnTextChanged="txt_Pw_WH_TextChanged" runat="server" TextMode="Password" Font-Names="Verdana" AutoCompleteType="Disabled" style="margin-left:22px;color:#003680;border-radius: 8px 8px 8px 8px;-webkit-border-radius: 8px;-moz-border-radius: 8px;" Placeholder="Repeat Password"></asp:TextBox>  
+                                <asp:TextBox id="txt_Pw_WH_M" CssClass="bg-key-icon" Width="245px" Font-Size="1.125em" ValidationGroup="TXT_val_WH_M" OnTextChanged="txt_Pw_WH_M_TextChanged" runat="server" TextMode="Password" Font-Names="Verdana" AutoCompleteType="Disabled" style="margin-left:22px;color:#003680;border-radius: 8px 8px 8px 8px;-webkit-border-radius: 8px;-moz-border-radius: 8px;" Placeholder="Repeat Password"></asp:TextBox>  
                                 <span></span></td>
                                 <td>
                                 <asp:ImageButton ID="Image2_M" runat="server" ImageUrl="~/images/Icons/service/hilfe.png" Height="22px" Width="19px" style="margin-left:12px;border:none;margin-top:15px" />
diff --git a/login/Change_PW.aspx.vb b/login/Change_PW.aspx.vb
index c5cc14e..e185c38 100644
--- a/login/Change_PW.aspx.vb
+++ b/login/Change_PW.aspx.vb
@@ -33,7 +33,7 @@ Partial Class login_Change_PW
                 Dim dr As SqlDataReader = cmd.ExecuteReader()
                 If dr.HasRows Then
                     dr.Read()
-                    If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par3") = Not Nothing And VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) = Not Nothing) Then
+                    If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par3") = Not Nothing) Then
                         If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then
                             Try
                                 txt_Pw_WH.Enabled = True
@@ -67,7 +67,6 @@ Partial Class login_Change_PW
             End Using
             con.Close()
         End Using
-
     End Sub
 
     Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs)
@@ -76,131 +75,12 @@ Partial Class login_Change_PW
         If confirmPasswordReq.IsValid Then
             btn_submitpw.Enabled = True
         Else
-            btn_submitpw.Enabled = False
+            lbl_messagetext.ForeColor = Drawing.Color.Red
+            lbl_messagetext.Text = "Passwort stimmt nicht überein."
+            'btn_submitpw.Enabled = False
         End If
     End Sub
 
-
-    Protected Sub btn_submitpw_Click(sender As Object, e As EventArgs) Handles btn_submitpw.Click
-        Dim tempstr As String = ""
-        Dim Msg, Style, Title As String
-
-        If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
-            reqPasswtxt_M.Enabled = False
-            reqPasswtxt_M.Enabled = False
-            reqPasswtxt.Enabled = True
-            reqPassw1txt.Enabled = True
-            reqPasswtxt.Validate()
-            reqPassw1txt.Validate()
-
-            If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then
-                tempstr = txt_Pw.Text
-            End If
-        ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
-            reqPasswtxt.Enabled = False
-            reqPassw1txt_M.Enabled = False
-            reqPasswtxt_M.Enabled = True
-            reqPassw1txt_M.Enabled = True
-            reqPasswtxt_M.Validate()
-            reqPassw1txt_M.Validate()
-
-            If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then
-                tempstr = txt_Pw_M.Text
-            End If
-        Else
-            tempstr = "Error01"
-        End If
-
-        If txt_Pw.Text = tempstr And txt_Pw_WH.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And tempstr = Not "Error01" Then
-            Try
-                Dim ConnectionString = ""
-                Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
-                Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
-                If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
-                    'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
-                    ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                Else
-                    ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                    'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
-                End If
-                Using con As New SqlConnection(ConnectionString)
-                    Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
-                        ' cmd.CommandType = CommandType.StoredProcedure
-                        cmd.Parameters.AddWithValue("@Username", usrname)
-                        cmd.Parameters.AddWithValue("@Password", tempstr)
-                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
-                        cmd.Connection = con
-                        cmd.ExecuteNonQuery()
-                    End Using
-                End Using
-            Catch ex As Exception
-                lbl_messagetext.Text = ex.Message
-            End Try
-            Msg = "PW erfolgreich geändert!"
-            Style = vbOKOnly + vbInformation + vbDefaultButton1
-            Title = "Information"
-            regexval_txt_Pw.ForeColor = Drawing.Color.Green
-            regexval_txt_Pw.Text = "Password has been changed successfully!"
-            'MsgBox(Msg, Style, Title)
-
-            ' If MsgBox(Msg, Style, Title).Ok Then
-            'Response.Redirect("login_FLEX.aspx")
-            'End If
-        ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_M.Text) = True And tempstr = Not "Error01" Then
-            Try
-                Dim ConnectionString = ""
-                Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
-                Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
-                If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
-                    'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
-                    ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                Else
-                    ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                    'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
-                End If
-                Using con As New SqlConnection(ConnectionString)
-                    Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
-                        ' cmd.CommandType = CommandType.StoredProcedure
-                        cmd.Parameters.AddWithValue("@Username", usrname)
-                        cmd.Parameters.AddWithValue("@Password", tempstr)
-                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
-                        cmd.Connection = con
-                        cmd.ExecuteNonQuery()
-                    End Using
-                End Using
-            Catch ex As Exception
-                lbl_messagetext.Text = ex.Message
-            End Try
-
-            regexval_txt_Pw.ForeColor = Drawing.Color.Green
-            regexval_txt_Pw.Text = "Password has been changed successfully!"
-            'MsgBox(Msg, Style, Title)
-
-            ' If MsgBox(Msg, Style, Title).Ok Then
-            'Response.Redirect("login_FLEX.aspx")
-            'End If
-        ElseIf tempstr = "Error01" Then
-            regexval_txt_Pw.ForeColor = Drawing.Color.MediumVioletRed
-            VERAG_VARIABLES.seterrorcount(2)
-            regexval_txt_Pw.Text = VERAG_VARIABLES.geterrornumb + "Password has not been changed successfully!"
-            '   Msg = "PW nicht erfolgreich geändert!"
-            '  Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
-            ' Title = "Error"
-            'MsgBox(Msg, Style, Title)
-            'If MsgBox(Msg, Style, Title).Retry Then
-            'Response.Redirect(Request.RawUrl)
-            'ElseIf MsgBox(Msg, Style, Title).Abort Then
-            '   Response.Redirect("../newPageJulius_Sidebar.aspx")
-            'ElseIf MsgBox(Msg, Style, Title).Ignore Then
-            '   Try
-
-            '   Catch ex As Exception
-
-            '   End Try
-        End If
-
-    End Sub
-
     Protected Sub txt_Pw_TextChanged(sender As Object, e As EventArgs)
         regexval_txt_Pw.Validate()
         If regexval_txt_Pw.IsValid Then
@@ -244,4 +124,146 @@ Partial Class login_Change_PW
     Protected Sub Image1_M_Click(sender As Object, e As ImageClickEventArgs)
         MsgBox("")
     End Sub
+
+    Protected Sub btn_submitpw_Click(sender As Object, e As EventArgs)
+        Dim tempstr As String = ""
+        Dim Msg, Style, Title As String
+
+        If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
+            reqPasswtxt_M.Enabled = False
+            reqPasswtxt_M.Enabled = False
+            reqPasswtxt.Enabled = True
+            reqPassw1txt.Enabled = True
+            reqPasswtxt.Validate()
+            reqPassw1txt.Validate()
+
+            If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then
+                tempstr = txt_Pw.Text
+            End If
+        ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
+            reqPasswtxt.Enabled = False
+            reqPassw1txt_M.Enabled = False
+            reqPasswtxt_M.Enabled = True
+            reqPassw1txt_M.Enabled = True
+            reqPasswtxt_M.Validate()
+            reqPassw1txt_M.Validate()
+
+            If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then
+                tempstr = txt_Pw_M.Text
+            End If
+        Else
+            tempstr = "Error01"
+        End If
+
+        If txt_Pw.Text = tempstr And txt_Pw_WH.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And tempstr = Not "Error01" Then
+            Try
+                Dim ConnectionString = ""
+                Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
+                Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
+                If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+                    'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+                    ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                Else
+                    ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                    'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
+                End If
+                Using con As New SqlConnection(ConnectionString)
+                    Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
+                        ' cmd.CommandType = CommandType.StoredProcedure
+                        cmd.Parameters.AddWithValue("@Username", usrname)
+                        cmd.Parameters.AddWithValue("@Password", tempstr)
+                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                        cmd.Connection = con
+                        cmd.ExecuteNonQuery()
+                    End Using
+                End Using
+            Catch ex As Exception
+                lbl_messagetext.Text = ex.Message
+            End Try
+            Msg = "PW erfolgreich geändert!"
+            Style = vbOKOnly + vbInformation + vbDefaultButton1
+            Title = "Information"
+            regexval_txt_Pw.ForeColor = Drawing.Color.Green
+            regexval_txt_Pw.Text = "Password has been changed successfully!"
+            'MsgBox(Msg, Style, Title)
+
+            ' If MsgBox(Msg, Style, Title).Ok Then
+            'Response.Redirect("login_FLEX.aspx")
+            'End If
+        ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_M.Text) = True And tempstr = Not "Error01" Then
+            Try
+                Dim ConnectionString = ""
+                Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
+                Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
+                If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+                    'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+                    ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                Else
+                    ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                    'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
+                End If
+                Using con As New SqlConnection(ConnectionString)
+                    Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
+                        ' cmd.CommandType = CommandType.StoredProcedure
+                        cmd.Parameters.AddWithValue("@Username", usrname)
+                        cmd.Parameters.AddWithValue("@Password", tempstr)
+                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                        cmd.Connection = con
+                        cmd.ExecuteNonQuery()
+                    End Using
+                End Using
+            Catch ex As Exception
+                lbl_messagetext.Text = ex.Message
+            End Try
+
+            regexval_txt_Pw.ForeColor = Drawing.Color.Green
+            regexval_txt_Pw.Text = "Password has been changed successfully!"
+            'MsgBox(Msg, Style, Title)
+
+            ' If MsgBox(Msg, Style, Title).Ok Then
+            'Response.Redirect("login_FLEX.aspx")
+            'End If
+        ElseIf tempstr = "Error01" Then
+            regexval_txt_Pw.ForeColor = Drawing.Color.MediumVioletRed
+            VERAG_VARIABLES.seterrorcount(2)
+            regexval_txt_Pw.Text = VERAG_VARIABLES.geterrornumb + "Password has not been changed successfully!"
+            '   Msg = "PW nicht erfolgreich geändert!"
+            '  Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
+            ' Title = "Error"
+            'MsgBox(Msg, Style, Title)
+            'If MsgBox(Msg, Style, Title).Retry Then
+            'Response.Redirect(Request.RawUrl)
+            'ElseIf MsgBox(Msg, Style, Title).Abort Then
+            '   Response.Redirect("../newPageJulius_Sidebar.aspx")
+            'ElseIf MsgBox(Msg, Style, Title).Ignore Then
+            '   Try
+
+            '   Catch ex As Exception
+
+            '   End Try
+        End If
+    End Sub
+
+    Protected Sub txt_Pw_M_TextChanged(sender As Object, e As EventArgs)
+        regexval_txt_Pw_M.Validate()
+        If regexval_txt_Pw_M.IsValid Then
+            txt_Pw_WH_M.ReadOnly = False
+            regexval_txt_Pw_WH_M.Enabled = True
+        Else
+            txt_Pw_WH_M.ReadOnly = True
+            regexval_txt_Pw_WH_M.Enabled = False
+        End If
+    End Sub
+
+    Protected Sub txt_Pw_WH_M_TextChanged(sender As Object, e As EventArgs)
+        regexval_txt_Pw_WH_M.Validate()
+        confirmPasswordReq_M.Validate()
+        If confirmPasswordReq_M.IsValid Then
+            btn_submitpw_M.Enabled = True
+        Else
+            lbl_messagetext_M.ForeColor = Drawing.Color.Red
+            lbl_messagetext_M.Text = "Passwort stimmt nicht überein."
+            'btn_submitpw.Enabled = False
+        End If
+    End Sub
 End Class
\ No newline at end of file