Weitere Absicherung gegen ScriptExploits
This commit is contained in:
ja
@@ -65,11 +65,11 @@
|
|||||||
<div>
|
<div>
|
||||||
<div style="height:0.936768149882904vh"></div>
|
<div style="height:0.936768149882904vh"></div>
|
||||||
<div class="col-12" style="margin-left:2px">
|
<div class="col-12" style="margin-left:2px">
|
||||||
<h2>Auftrags-Suche</h2>
|
<h2><%=Server.HtmlEncode("Auftrags-Suche")%></h2>
|
||||||
</div>
|
</div>
|
||||||
<div style="margin-left:6px">
|
<div style="margin-left:6px">
|
||||||
<div class="col-12" style="text-align:end">
|
<div class="col-12" style="text-align:end">
|
||||||
<asp:LinkButton ID="btn_resetForm" runat="server" onclick="btn_resetForm_Click">Filter zurücksetzen</asp:LinkButton>
|
<asp:LinkButton ID="btn_resetForm" runat="server" onclick="btn_resetForm_Click"><%=Server.HtmlEncode("Filter zurücksetzen") %></asp:LinkButton>
|
||||||
</div>
|
</div>
|
||||||
<div style="height:0.936768149882904vh"></div>
|
<div style="height:0.936768149882904vh"></div>
|
||||||
<div class="col-12" style="margin-left:8px" >
|
<div class="col-12" style="margin-left:8px" >
|
||||||
|
|||||||
@@ -160,28 +160,28 @@ Partial Class Kundenbereich_Default
|
|||||||
dt = Nothing
|
dt = Nothing
|
||||||
If txt_Absender.Text IsNot "" Then
|
If txt_Absender.Text IsNot "" Then
|
||||||
txt_Absender.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_Absender.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
Absender = Server.HtmlEncode(txt_Absender.Text)
|
Absender = txt_Absender.Text
|
||||||
ElseIf txt_Empfaenger.Text IsNot "" Then
|
ElseIf txt_Empfaenger.Text IsNot "" Then
|
||||||
txt_Empfaenger.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_Empfaenger.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
Empfaenger = Server.HtmlEncode(txt_Empfaenger.Text)
|
Empfaenger = txt_Empfaenger.Text
|
||||||
ElseIf txt_KdNrAuftrag.Text IsNot "" Then
|
ElseIf txt_KdNrAuftrag.Text IsNot "" Then
|
||||||
txt_KdNrAuftrag.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_KdNrAuftrag.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
KDNAFNR = Server.HtmlEncode(txt_KdNrAuftrag.Text)
|
KDNAFNR = txt_KdNrAuftrag.Text
|
||||||
ElseIf txt_LKWNr.Text IsNot "" Then
|
ElseIf txt_LKWNr.Text IsNot "" Then
|
||||||
txt_LKWNr.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_LKWNr.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
LKWNR = Server.HtmlEncode(txt_LKWNr.Text)
|
LKWNR = txt_LKWNr.Text
|
||||||
ElseIf txt_Absender_M.Text IsNot "" Then
|
ElseIf txt_Absender_M.Text IsNot "" Then
|
||||||
txt_Absender_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_Absender_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
Absender = Server.HtmlEncode(txt_Absender_M.Text)
|
Absender = txt_Absender_M.Text
|
||||||
ElseIf txt_Empfaenger_M.Text IsNot "" Then
|
ElseIf txt_Empfaenger_M.Text IsNot "" Then
|
||||||
txt_Empfaenger_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_Empfaenger_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
Empfaenger = Server.HtmlEncode(txt_Empfaenger_M.Text)
|
Empfaenger = txt_Empfaenger_M.Text
|
||||||
ElseIf txt_KdNrAuftrag_M.Text IsNot "" Then
|
ElseIf txt_KdNrAuftrag_M.Text IsNot "" Then
|
||||||
txt_KdNrAuftrag_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_KdNrAuftrag_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
KDNAFNR = Server.HtmlEncode(txt_KdNrAuftrag_M.Text)
|
KDNAFNR = txt_KdNrAuftrag_M.Text
|
||||||
ElseIf txt_LKWNr_M.Text IsNot "" Then
|
ElseIf txt_LKWNr_M.Text IsNot "" Then
|
||||||
txt_LKWNr_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
txt_LKWNr_M.ValidateRequestMode = UI.ValidateRequestMode.Enabled
|
||||||
LKWNR = Server.HtmlEncode(txt_LKWNr_M.Text)
|
LKWNR = txt_LKWNr_M.Text
|
||||||
End If
|
End If
|
||||||
|
|
||||||
If rbt_Alle.Selected = True Or rbt_Alle_M.Selected = True Then
|
If rbt_Alle.Selected = True Or rbt_Alle_M.Selected = True Then
|
||||||
@@ -198,8 +198,8 @@ Partial Class Kundenbereich_Default
|
|||||||
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
|
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
|
||||||
Else
|
Else
|
||||||
Try
|
Try
|
||||||
datevon = Date.Parse(pickdate1.Text)
|
datevon = Date.Parse(Server.HtmlEncode(pickdate1.Text))
|
||||||
datebis = Date.Parse(pickdate2.Text)
|
datebis = Date.Parse(Server.HtmlEncode(pickdate2.Text))
|
||||||
Catch ex As Exception
|
Catch ex As Exception
|
||||||
MsgBox(ex.StackTrace, MsgBoxStyle.Exclamation)
|
MsgBox(ex.StackTrace, MsgBoxStyle.Exclamation)
|
||||||
End Try
|
End Try
|
||||||
@@ -219,9 +219,9 @@ Partial Class Kundenbereich_Default
|
|||||||
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
|
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
|
||||||
Else
|
Else
|
||||||
Try
|
Try
|
||||||
datevon = Date.Parse(pickdate1.Text)
|
datevon = Date.Parse(Server.HtmlEncode(pickdate1.Text))
|
||||||
'MsgBox(pickdate1.Text)
|
'MsgBox(pickdate1.Text)
|
||||||
datebis = Date.Parse(pickdate2.Text)
|
datebis = Date.Parse(Server.HtmlEncode(pickdate2.Text))
|
||||||
' MsgBox(pickdate2.Text)
|
' MsgBox(pickdate2.Text)
|
||||||
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {1}, datevon, datebis, Absender, Empfaenger, LKWNR, KDNAFNR)
|
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {1}, datevon, datebis, Absender, Empfaenger, LKWNR, KDNAFNR)
|
||||||
Catch ex As Exception
|
Catch ex As Exception
|
||||||
|
|||||||
Reference in New Issue
Block a user