diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb
index e2d851a..ec01ed9 100644
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -19,6 +19,8 @@ Partial Class login_ForgotPW
Dim password As String = String.Empty
Dim email As String = String.Empty
Dim tokenname As String = String.Empty
+ Dim userID As String = String.Empty
+
If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then
regexval_2_txt_Email_M.Enabled = False
valreqtxtEmail_M.Enabled = False
@@ -85,7 +87,7 @@ Partial Class login_ForgotPW
'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
- If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False Then
+ If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(userID) = True Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
@@ -98,7 +100,7 @@ Partial Class login_ForgotPW
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
- Using cmd As New SqlCommand("SELECT Username,Password,Email FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
+ Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
@@ -109,18 +111,19 @@ Partial Class login_ForgotPW
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
+ userID = VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(dr("KundenNr").ToString())
Try
- If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True Then
+ If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex_M.Enabled = False
check_UserName_regex.Enabled = True
check_UserName_regex.IsValid = True
username = txt_Username.Text
- ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty Then
+ ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex.Enabled = False
check_UserName_regex_M.Enabled = True
check_UserName_regex_M.IsValid = True
username = txt_Username_M.Text
- ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True Then
+ ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
@@ -129,7 +132,7 @@ Partial Class login_ForgotPW
check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False
End If
- If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) Then
+ If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
regexval_txt_Email_M.Enabled = False
regexval_txt_Email.Enabled = True
regexval_txt_Email.Validate()
@@ -141,6 +144,9 @@ Partial Class login_ForgotPW
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
+ ElseIf String.IsNullOrEmpty(userID) = True Then
+ lblMessage_M.ForeColor = Color.Red
+ lblMessage_M.Text = "The given User does not exist in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
@@ -163,14 +169,14 @@ Partial Class login_ForgotPW
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
- tokenname = genToken(username, password, email)
+ tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
- If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then
+ If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
@@ -184,7 +190,7 @@ Partial Class login_ForgotPW
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
- tokenname = genToken(username, password, email)
+ tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
@@ -194,7 +200,7 @@ Partial Class login_ForgotPW
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address."
- ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = False Then
+ ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = False Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
@@ -226,7 +232,7 @@ Partial Class login_ForgotPW
'Return sb.ToString()
'End Function
- Function SendEmail(username As String, password As String, email As String, tokenname As String) As Boolean
+ Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
@@ -244,7 +250,7 @@ Partial Class login_ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
- htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
+ htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = String.Empty
@@ -255,7 +261,7 @@ Partial Class login_ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
- htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
+ htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage.ForeColor = Color.OrangeRed
@@ -266,7 +272,7 @@ Partial Class login_ForgotPW
Try
If Session.Item("TokenforEmail") = Nothing Then
- tokenname = genToken(username, password, email)
+ tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
@@ -291,8 +297,9 @@ Partial Class login_ForgotPW
lblMessage.Text = "Error02: Mail not delivered!"
'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
If Session.Item("TokenforEmail") = Nothing Then
- tokenname = genToken(username, password, email)
+ tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
+ Session.Add("USerID", userID)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
@@ -305,7 +312,7 @@ Partial Class login_ForgotPW
Return False
End Function
- Function genToken(username As String, password As String, email As String) As String
+ Function genToken(username As String, password As String, email As String, UserID As String) As String
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
@@ -322,7 +329,7 @@ Partial Class login_ForgotPW
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
- If SendEmail(username, password, email, token) = False Then
+ If SendEmail(username, password, email, token, UserID) = False Then
'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
Else
'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!")
@@ -335,7 +342,7 @@ Partial Class login_ForgotPW
If jetzt < wenn Then
Return "NotYet"
Else
- token = genToken(username, password, email)
+ token = genToken(username, password, email, UserID)
Return token
'End If
End If
diff --git a/login/login_FLEX.aspx b/login/login_FLEX.aspx
index c8fad52..ade8ccd 100644
--- a/login/login_FLEX.aspx
+++ b/login/login_FLEX.aspx
@@ -229,8 +229,8 @@
#tblrowbuttons{
height:40px;
}
- #lbl_for_chkbox{
- font-size:18px;
+ #lbl_for_chkbox_M{
+ font-size:19px;
margin-left:8px;
color:#003680;
}
@@ -282,7 +282,7 @@
|