From 1237262ba02850ccf365f20fdf1c008aeb53ad89 Mon Sep 17 00:00:00 2001 From: ja Date: Mon, 18 Oct 2021 15:59:05 +0200 Subject: [PATCH] =?UTF-8?q?SQL=20Update=20Befehl=20mit=20=C3=9Cbergabe=20d?= =?UTF-8?q?er=20Parameter=20in=20URl=20und=20ABgleich=20in=20Sessionvariab?= =?UTF-8?q?len?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Global.asax | 1 + login/ChangePW.aspx.vb | 62 ++++++++++++++++++++++++++-------------- login/ForgotPW.aspx | 14 ++++----- login/ForgotPW.aspx.vb | 43 ++++++++++++++++------------ login/login_FLEX.aspx | 20 ++++++------- login/login_FLEX.aspx.vb | 2 ++ 6 files changed, 86 insertions(+), 56 deletions(-) diff --git a/Global.asax b/Global.asax index 751ad5f..b698a99 100644 --- a/Global.asax +++ b/Global.asax @@ -45,5 +45,6 @@ Session.Remove("TokenforEmail"); Session.Remove("SessID"); Session.Remove("urltochangepw"); + Session.Remove("USerID"); } diff --git a/login/ChangePW.aspx.vb b/login/ChangePW.aspx.vb index 4198ab4..ab6af7d 100644 --- a/login/ChangePW.aspx.vb +++ b/login/ChangePW.aspx.vb @@ -7,7 +7,7 @@ Partial Class login_ChangePW Protected Sub Page_Load(sender As Object, e As EventArgs) Dim url = Request.ServerVariables("URL") Session.Add("urltochangepw", url) - If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing Then + If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing And VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("USerID").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) Then If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then txt_Pw_WH.Enabled = True txt_Pw.Enabled = True @@ -57,27 +57,36 @@ Partial Class login_ChangePW Dim Msg, Style, Title As String If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then + reqPassw1txt_M.Enabled = False + reqPasswtxt_M.Enabled = False + reqPasswtxt.Enabled = True + reqPassw1txt.Enabled = True reqPasswtxt.Validate() reqPassw1txt.Validate() - reqPassw1txt_M.Enabled = False - reqPasswtxt.Enabled = True - tempstr = txt_Pw.Text - ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then + If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then + tempstr = txt_Pw.Text + End If + ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then reqPasswtxt.Enabled = False reqPassw1txt.Enabled = False + reqPasswtxt_M.Enabled = True + reqPassw1txt_M.Enabled = True reqPasswtxt_M.Validate() reqPassw1txt_M.Validate() - tempstr = txt_Pw_M.Text + + If reqPassw1txt_M.IsValid And reqPasswtxt_M.IsValid Then + tempstr = txt_Pw_M.Text + End If Else tempstr = "Error01" End If - If txt_Pw.Text = tempstr And txt_Pw_WH.Text = tempstr AndAlso txt_Pw_M.Text = String.Empty And txt_Pw_WH_M.Text = String.Empty Then Try Dim ConnectionString = "" Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) + Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" @@ -86,25 +95,17 @@ Partial Class login_ChangePW 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" End If Using con As New SqlConnection(ConnectionString) - '####################################################### - 'Überprüfung Andreas - '####################################################### - - Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password") + Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr") ' cmd.CommandType = CommandType.StoredProcedure cmd.Parameters.AddWithValue("@Username", usrname) cmd.Parameters.AddWithValue("@Password", tempstr) + cmd.Parameters.AddWithValue("@KundenNr", UsrID) cmd.Connection = con - con.Open() - 'Modifizierung der Datenbank ist im Debug aus - - 'Dim integ As Integer = cmd.ExecuteNonQuery() - 'MsgBox(integ.ToString) - con.Close() + cmd.ExecuteNonQuery() End Using End Using Catch ex As Exception - + lbl_messagetext.Text = ex.Message End Try Msg = "PW erfolgreich geändert!" Style = vbOKOnly + vbInformation + vbDefaultButton1 @@ -118,9 +119,28 @@ Partial Class login_ChangePW 'End If ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso txt_Pw.Text = String.Empty And txt_Pw_M.Text = String.Empty Then Try - + Dim ConnectionString = "" + Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) + Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) + If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then + 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" + ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" + Else + ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" + 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" + End If + Using con As New SqlConnection(ConnectionString) + Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr") + ' cmd.CommandType = CommandType.StoredProcedure + cmd.Parameters.AddWithValue("@Username", usrname) + cmd.Parameters.AddWithValue("@Password", tempstr) + cmd.Parameters.AddWithValue("@KundenNr", UsrID) + cmd.Connection = con + cmd.ExecuteNonQuery() + End Using + End Using Catch ex As Exception - + lbl_messagetext.Text = ex.Message End Try Msg = "PW erfolgreich geändert!" Style = vbOKOnly + vbInformation + vbDefaultButton1 diff --git a/login/ForgotPW.aspx b/login/ForgotPW.aspx index 8c0045e..d8aefd0 100644 --- a/login/ForgotPW.aspx +++ b/login/ForgotPW.aspx @@ -279,16 +279,16 @@ --> - - - - + + + + - - - + + + diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index e2d851a..ec01ed9 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -19,6 +19,8 @@ Partial Class login_ForgotPW Dim password As String = String.Empty Dim email As String = String.Empty Dim tokenname As String = String.Empty + Dim userID As String = String.Empty + If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then regexval_2_txt_Email_M.Enabled = False valreqtxtEmail_M.Enabled = False @@ -85,7 +87,7 @@ Partial Class login_ForgotPW 'Erweiterte Degub Msg-Box 'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text) - If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False Then + If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(userID) = True Then If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" @@ -98,7 +100,7 @@ Partial Class login_ForgotPW Using con As New SqlConnection(ConnectionString) ' Using cmd As New SqlCommand("Validate_User") - Using cmd As New SqlCommand("SELECT Username,Password,Email FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username") + Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username") ' cmd.CommandType = CommandType.StoredProcedure cmd.Parameters.AddWithValue("@Username", username) cmd.Connection = con @@ -109,18 +111,19 @@ Partial Class login_ForgotPW username = dr("Username").ToString() password = dr("Password").ToString() email = dr("Email").ToString() + userID = VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(dr("KundenNr").ToString()) Try - If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True Then + If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then check_UserName_regex_M.Enabled = False check_UserName_regex.Enabled = True check_UserName_regex.IsValid = True username = txt_Username.Text - ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty Then + ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then check_UserName_regex.Enabled = False check_UserName_regex_M.Enabled = True check_UserName_regex_M.IsValid = True username = txt_Username_M.Text - ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True Then + ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then check_UserName_regex_M.MatchTimeout = 3000 check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" check_UserName_regex_M.IsValid = False @@ -129,7 +132,7 @@ Partial Class login_ForgotPW check_UserName_regex.ErrorMessage = "No valid Username found in out database!" check_UserName_regex.IsValid = False End If - If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) Then + If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then regexval_txt_Email_M.Enabled = False regexval_txt_Email.Enabled = True regexval_txt_Email.Validate() @@ -141,6 +144,9 @@ Partial Class login_ForgotPW email = txtEmail_M.Text lblMessage_M.ForeColor = Color.Green lblMessage_M.Text = "The given e-mail exists in our database." + ElseIf String.IsNullOrEmpty(userID) = True Then + lblMessage_M.ForeColor = Color.Red + lblMessage_M.Text = "The given User does not exist in our database." Else lblMessage_M.ForeColor = Color.Red lblMessage_M.Text = "The given e-mail does not exist in our database." @@ -163,14 +169,14 @@ Partial Class login_ForgotPW con.Close() End Using If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) + tokenname = genToken(username, password, email, userID) Session.Add("TokenforEmail", tokenname) Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) Else tokenname = Session.Item("TokenforEmail") End If - If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then + If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = True Then 'password = RandomString(New Random, 10) If (getDateoftoken(tokenname) = True) Then 'Dim msgboxstyle = vbDefaultButton1 + vbOK @@ -184,7 +190,7 @@ Partial Class login_ForgotPW 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) + tokenname = genToken(username, password, email, userID) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail") @@ -194,7 +200,7 @@ Partial Class login_ForgotPW 'MsgBox("Mail would be sent successfully!") lblMessage.ForeColor = Color.Green lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address." - ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = False Then + ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = False Then 'MsgBox("Mail would not be sent successfully!") lblMessage.ForeColor = Color.Red If String.IsNullOrWhiteSpace(username) = True Then @@ -226,7 +232,7 @@ Partial Class login_ForgotPW 'Return sb.ToString() 'End Function - Function SendEmail(username As String, password As String, email As String, tokenname As String) As Boolean + Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean Dim getdomianenvironment As String = String.Empty Dim pagename As String = String.Empty Dim ServPort As String = String.Empty @@ -244,7 +250,7 @@ Partial Class login_ForgotPW Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear, {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "" + Environment.NewLine + "


Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + htmlbody = String.Format("Dear, {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "


Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") ServPort = String.Empty @@ -255,7 +261,7 @@ Partial Class login_ForgotPW Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear, {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "" + Environment.NewLine + "


Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + htmlbody = String.Format("Dear, {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "


Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") lblMessage.ForeColor = Color.OrangeRed @@ -266,7 +272,7 @@ Partial Class login_ForgotPW Try If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) + tokenname = genToken(username, password, email, userID) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail").ToString() @@ -291,8 +297,9 @@ Partial Class login_ForgotPW lblMessage.Text = "Error02: Mail not delivered!" 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) + tokenname = genToken(username, password, email, userID) Session.Add("TokenforEmail", tokenname) + Session.Add("USerID", userID) Else tokenname = Session.Item("TokenforEmail").ToString() End If @@ -305,7 +312,7 @@ Partial Class login_ForgotPW Return False End Function - Function genToken(username As String, password As String, email As String) As String + Function genToken(username As String, password As String, email As String, UserID As String) As String Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()) Dim Key() As Byte = Guid.NewGuid().ToByteArray() Dim token As String @@ -322,7 +329,7 @@ Partial Class login_ForgotPW 'If MsgBox(Msg, Style, Title).Retry Then 'genToken(username, password, email) token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) - If SendEmail(username, password, email, token) = False Then + If SendEmail(username, password, email, token, UserID) = False Then 'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error") Else 'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!") @@ -335,7 +342,7 @@ Partial Class login_ForgotPW If jetzt < wenn Then Return "NotYet" Else - token = genToken(username, password, email) + token = genToken(username, password, email, UserID) Return token 'End If End If diff --git a/login/login_FLEX.aspx b/login/login_FLEX.aspx index c8fad52..ade8ccd 100644 --- a/login/login_FLEX.aspx +++ b/login/login_FLEX.aspx @@ -229,8 +229,8 @@ #tblrowbuttons{ height:40px; } - #lbl_for_chkbox{ - font-size:18px; + #lbl_for_chkbox_M{ + font-size:19px; margin-left:8px; color:#003680; } @@ -282,7 +282,7 @@ - + @@ -335,22 +335,22 @@ - - + + - - + + - - + + @@ -360,7 +360,7 @@ - + I forgot my password diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb index 761bcf6..de96a03 100644 --- a/login/login_FLEX.aspx.vb +++ b/login/login_FLEX.aspx.vb @@ -60,7 +60,9 @@ Partial Class login_FLEX End Sub Protected Sub LoginButton_Click(sender As Object, e As EventArgs) + Validate("Login") End Sub Protected Sub LoginButton_M_Click(sender As Object, e As EventArgs) + Validate("Login_M") End Sub End Class