From 1fbe8e8d444db6983965932918fb9b6948055233 Mon Sep 17 00:00:00 2001
From: ja <ja@verag.ag>
Date: Thu, 14 Oct 2021 09:14:32 +0200
Subject: [PATCH] =?UTF-8?q?Bei=20nichteinhaltung=20der=20Datumsgrenze=20od?=
 =?UTF-8?q?er=20sonstigen=20Fehlern=20wird=20der=20Token=20aus=20Sicherhei?=
 =?UTF-8?q?tsgr=C3=BCnden=20aus=20dem=20Sessionspeicher=20entfernt.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 login/ForgotPW.aspx.vb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb
index 90541fd..20f5ab4 100644
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -243,14 +243,16 @@ Partial Class login_ForgotPW
     Function getDateoftoken(tokenname As String) As Boolean
         Dim data() As Byte = Convert.FromBase64String(tokenname)
         Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
-        If wenn < DateTime.UtcNow.AddMinutes(-30) Then
+        If wenn > DateTime.UtcNow.AddMinutes(-30) Then
             tokenname = String.Empty
-
             'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
+            Session.Remove("TokenforEmail")
             Return False
         ElseIf tokenname = "NotYet" Then
+            Session.Remove("TokenforEmail")
             Return False
         ElseIf tokenname = "Error04" Then
+            Session.Remove("TokenforEmail")
             Return False
         Else
             Return True