Änderungen Sicherheitsaspekte Passworthashingiterationen sowie Speicherplatznutzung zur Hashdechiffrierung und Anpassung der LKWs-Seite.

2022-01-11 11:58:54 +01:00
parent 3f7b85ac2b
commit 2199fc877c
8 changed files with 1430 additions and 1184 deletions
--- a/Customers/Default.aspx
+++ b/Customers/Default.aspx
@@ -50,6 +50,8 @@ Nam pretium turpis et arcu. Duis arcu tortor, suscipit eget, imperdiet nec, impe
    <!--<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js" integrity="sha384-cs/chFZiN24E4KMATLdqdvsezGxaGsi4hLGOzlXwp5UZB1LY//20VyM2taTB4QvJ" crossorigin="anonymous"></script>-->
    <!-- Production version -->
 <script src="https://unpkg.com/@popperjs/core@2"></script>    
+          <!-- jQuery CDN - min version -->
+   <script  src="https://code.jquery.com/jquery-3.3.1.min.js"  integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
    </ContentTemplate></asp:UpdatePanel>
 </asp:Content>

--- a/Customers/Invoices.aspx
+++ b/Customers/Invoices.aspx
@@ -51,7 +51,8 @@
    <link rel="stylesheet" type="text/css" href="../css/Customers/Invoices.css"/>   
    
 <link href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
-    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
+    <!-- jQuery CDN - min version -->
+   <script  src="https://code.jquery.com/jquery-3.3.1.min.js"  integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
    <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/jquery-ui.min.js"></script>    
 </asp:Content>

--- a/Customers/LKWs.aspx
+++ b/Customers/LKWs.aspx
@@ -1,8 +1,7 @@
 <%@ Page Title="" Language="VB" MasterPageFile="~/Customers/Customers.master" AutoEventWireup="false" CodeFile="LKWs.aspx.vb" Inherits="LKWS" %>

 <asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server" >
-      <!-- Bootstrap -->
-    <html lang="en"></html>
+      
    <!-- Required meta tags -->
    <meta charset="utf-8"/>
      
@@ -88,9 +87,29 @@
                            </div>
                              <div class="col-12"style="height:10px;"></div>
                            <div id="conovertab" class="col-12" style="margin-left:-10px;background-color:#fff;overflow-y:auto;">
-                                <asp:Table ID="tbl_mainpage" ClientIDMode="Static" runat="server" Width="100%" style="background-color:#fff;overflow-y:auto;" CssClass="table table-striped col-12">
+                               <!-- <asp:Table ID="tbl_mainpage" ClientIDMode="Static" runat="server" Width="100%" style="background-color:#fff;overflow-y:auto;" CssClass="table table-striped col-12">
                                    <asp:TableHeaderRow ID="headrow1" runat="server" style="background-color:#043381;color:#fff;height:10px"><asp:TableHeaderCell ID="tblhc_SDLNr">SDL-Nr</asp:TableHeaderCell><asp:TableHeaderCell ID="tblhc_Bez">Bezeichnung</asp:TableHeaderCell><asp:TableHeaderCell ID="tbl_gueltig">Gültig Bis</asp:TableHeaderCell><asp:TableHeaderCell ID="tblhc_KarteNr">Karten-Nummer</asp:TableHeaderCell></asp:TableHeaderRow>
-                               </asp:Table>
+                               </asp:Table>-->
+                                <table runat="server" id="tablemain" class="col-12">
+                                    <tr style="background-color: #043381; color: #fff">
+                                        <th style="text-align: center">
+                                            <td style="font-weight: 600; color: white; text-align: center">SDL
+                                            </td>
+                                        </th>
+                                        <th style="text-align: center">
+                                            <td style="font-weight: 600; color: white; text-align: center">Bezeichnung
+                                            </td>
+                                        </th>
+                                        <th style="text-align: center">
+                                            <td style="font-weight: 600; color: white; text-align: center">Gültig bis
+                                            </td>
+                                        </th>
+                                        <th style="text-align: center">
+                                            <td style="font-weight: 600; color: white; text-align: center">Kartennummer
+                                            </td>
+                                        </th>
+                                    </tr>
+                                </table>
                            </div>
                        </div>                          
                </div>                      
@@ -130,17 +149,43 @@
                                        </div>
                                        <div class="col-12" style="height:15px"></div>
                                        <div id="conovertab_M" class="col-12" style="margin-left:-10px;background-color:#fff;overflow-x:auto">
-                                            <asp:Table ID="tbl_mainpage_M" ClientIDMode="Static" runat="server" Width="100%" CssClass="table table-striped col-12">
+                                           <!-- <asp:Table ID="tbl_mainpage_M" ClientIDMode="Static" runat="server" Width="100%" CssClass="table table-striped col-12">
                                                <asp:TableHeaderRow runat="server" ID="headrow_M" style="background-color:#043381;color:#fff"><asp:TableHeaderCell ID="tblhc_SDLNr_M">SDL_Nr</asp:TableHeaderCell><asp:TableHeaderCell ID="tblhc_Bez_M">Bezeichnung</asp:TableHeaderCell><asp:TableHeaderCell ID="tbl_gueltig_M">Gültig Bis</asp:TableHeaderCell><asp:TableHeaderCell ID="tblhc_KarteNr_M">Karten-Nummer</asp:TableHeaderCell></asp:TableHeaderRow>
-                                            </asp:Table>
+                                            </asp:Table>-->
+                                            <table runat="server" id="tablemain_m" class="col-12">
+                                                <tr style="background-color:#043381;color:#fff">
+                                                    <th style="text-align:center">
+                                                        <td style="font-weight: 600;color:white">
+                                                            SDL
+                                                        </td>
+                                                    </th>
+                                                    <th style="text-align: center">
+                                                        <td style="font-weight: 600; color: white; text-align: center">
+                                                            Bezeichnung
+                                                        </td>
+                                                    </th>
+                                                    <th style="text-align: center">
+                                                        <td style="font-weight: 600; color: white; text-align: center">
+                                                            Gültig bis
+                                                        </td>
+                                                    </th>
+                                                    <th style="text-align: center">
+                                                        <td style="font-weight: 600; color: white; text-align: center">
+                                                            Kartennummer
+                                                        </td>
+                                                    </th>
+                                                </tr>
+                                            </table>
+                                        </div>
                                            </div>
                                        </div>
-                                    </div>         
+                                    </div> </div>        
         </ContentTemplate></asp:UpdatePanel>       
     <!-- jQuery CDN - Slim version (=without AJAX) 
        <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>-->
-    <!-- jQuery CDN - min version -->
-    <script src="https://code.jquery.com/jquery-3.1.1.min.js">
+    <!--Below is the reference for JQuery as it will be needed for the ajax call and table creation-->
+ <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+   
    <!-- Popper.JS -->
    <!--<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js" integrity="sha384-cs/chFZiN24E4KMATLdqdvsezGxaGsi4hLGOzlXwp5UZB1LY//20VyM2taTB4QvJ" crossorigin="anonymous"></script>-->
    <!-- Production version -->
@@ -314,7 +359,7 @@
            let Speditionslabel = document.getElementById('<%=lbl_sped_Placeholder.ClientID%>');
            let natplaceholder = document.getElementById('<%=lbl_Placeholder.ClientID%>');
            alert(id)
-            let table = document.getElementById('<%=tbl_mainpage.ClientID%>');
+            let table = document.getElementById('<%=tablemain.ClientID%>');
            var rowCount = table.rows.length;

            for (let i = rowCount - 1; i > 0; i--) {
@@ -333,54 +378,46 @@
                //addNewRow(SDL,Bez,Datguenstig,KartNr)
                // Pagemethods.filltable2(<%' =tbl_mainpage %> , SDL, Bez, Datguenstig, KartNr)
            //}
-            var data = {};
-            data['Kennzeichen'] = id.split(',')[0];
-           
-       
+            var data = {
+                "Kennzeichen": id.split(',')[0]
+            };       
            
            $.ajax({
                type: "POST",
                url: "LKWs.aspx/filltable2",
                contentType: "application/json; charset=utf-8",
-                dataType: "json",
-                async: true,
+                dataType: "json",                
                data: JSON.stringify(data),
                success: function (data) {
-                    result = data.d;
+                    let JSONObj = data.d;
                   // addheader();
-                    let strHTML = '<tr><th><td>SDL-Nr</td></th><th><td>Bezeichnung</td></th><th><td>Gueltig bis</td></th><th><td>Karten Nummer</td></th></tr>';
+                    let strHTML = '<tr style="background-color:#043381;color:#fff"><th><td style="font-weight:600; color:white">SDL-Nr</td></th><th><td style="font-weight:600; color:white">Bezeichnung</td></th><th><td style="font-weight:600; color:white">Gueltig bis</td></th><th><td style="font-weight:600; color:white">Karten-Nummer</td></th></tr>';
                    alert('Horray! 200 status code!');
                   // alert(result.rows.length)
-                    $(result).each(function () {
+                    $(JSONObj).each(function () {
                        let row = $(this)[0];
                        strHTML += '<tr><td>' + row["SDL"] + '</td><td>' + row["Bez"] + '</td><td>' + row["Gueltigbis"] + '</td><td>' + row["KartNr"] + '</td></tr>';
-
-                        alert(row)
-                        $('#<%=tbl_mainpage.ClientID%>').innerHTML = strHTML;
+                        alert(strHTML)                        
                    });
+                    $('#<%=tablemain.ClientID%>').html(strHTML);
                },
                error: function (jqXHR, textStatus, errorThrown) {
                    alert("Status:" + jqXHR.status + "\nStatusText: " + textStatus + "\nError:" + errorThrown);
                }
-
-            });
-                       
+            });                       
            //filltable2(id.split(',')[0])
        }
        function doPostBack_M(id_M) {
            let Speditionslabel = document.getElementById('<%=lbl_sped_Placeholder_M.ClientID%>');
            let natplaceholder = document.getElementById('<%=lbl_Placeholder_M.ClientID%>');
            alert(id_M)
-            let table_M = document.getElementById('<%=tbl_mainpage_M.ClientID%>');
+            let table_M = document.getElementById('<%=tablemain_m.ClientID%>');
            let rowCount = table_M.rows.length;
-
            for (let i = rowCount - 1; i > 0; i--) {
                table_M.deleteRow(i);
            }
            Speditionslabel.textContent = id_M.split(',')[0];
            natplaceholder.textContent = id_M.split(',')[1];
-           
-            //debugger

            //for (let i = 0; i <= 5; i++) {
            //      let SDL = "453543535434334543";
@@ -390,36 +427,33 @@
            //addNewRow(SDL,Bez,Datguenstig,KartNr)
            // Pagemethods.filltable2(<%' =tbl_mainpage_M%> , SDL, Bez, Datguenstig, KartNr)
            //}
-            var data_m = {};
-            data_m['Kennzeichen'] = id.split(',')[0];
+            var data = {
+                "Kennzeichen": id_M.split(',')[0]                
+            };
            
            $.ajax({
                type: "POST",
                url: "LKWs.aspx/filltable2_M",
                contentType: "application/json; charset=utf-8",
                dataType: "json",
-                data: JSON.stringify(data_m),
-                async: true,
-                success: function (data_m) {
-                    result = data_m.d;
+                data: JSON.stringify(data),               
+                success: function (data) {
+                    result = data.d;
                   // addheader();
-                    let strHTML = '<tr><th><td> SDL-Nr </td></th><th><td> Bezeichnung </td></th><th><td> Gueltig bis</td></th><th><td>Karten Nummer</td></th></tr>';
+                    let strHTML = '<tr style="background-color:#043381;color:#fff"><th><td style="font-weight:600; color:white">SDL-Nr</td></th><th><td style="font-weight:600; color:white">Bezeichnung</td></th><th><td style="font-weight:600; color:white">Gueltig bis</td></th><th><td style="font-weight:600; color:white">Karten-Nummer</td></th></tr>';
                    alert('Horray! 200 status code!');
                    
                    $(result).each(function () {
                        let row = $(this)[0];
                         strHTML += '<tr><td>' + row["SDL"] + '</td><td>' + row["Bez"] + '</td><td>' + row["Gueltigbis"] + '</td><td>' + row["KartNr"] + '</td></tr>';
-
-                        alert(row)
-                        $('#<%=tbl_mainpage_M.ClientID%>').innerHTML = strHTML;
+                        alert(strHTML)                       
                    });
+                    $('#<%=tablemain_m.ClientID%>').html(strHTML);
                        },
                        error: function (jqXHR, textStatus, errorThrown) {
                            alert("Status:" + jqXHR.status + "\nStatusText: " + textStatus + "\nError:" + errorThrown);
-                        }
-                        
-            });
-                   
+                        }                        
+            });                   
            //filltable2(id.split(',')[0])
        }
    </script>
--- a/Customers/LKWs.aspx.vb
+++ b/Customers/LKWs.aspx.vb
@@ -32,7 +32,8 @@ Partial Class LKWS
        If Me.Page.User.Identity.IsAuthenticated Then
            Try
                Kdnrtext = Session.Item("CustomerID")
-            Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Kdnrtext)
+            Catch A As UnauthorizedAccessException When String.IsNullOrEmpty(Session.Item("CustomerID"))
+                FormsAuthentication.RedirectToLoginPage()
                'MsgBox("Dieser Bereich ist nicht gestattet! Ein Fehler ist bei der Validierung der ID aufgetreten! Bitte erneut versuchen!", MsgBoxStyle.Information, "Error in User Area!")
            End Try
        Else
@@ -55,7 +56,7 @@ Partial Class LKWS

        Dim cnt As Integer = 0

-        list = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(401940)
+        list = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")))
        Dim tblhrow As TableHeaderRow = New TableHeaderRow
        tblhrow.Cells.Add(tbhc_KFZKennz)
        tblhrow.Cells.Add(tbhc_Nat)
@@ -125,7 +126,7 @@ Partial Class LKWS
            Dim strtemparr As String = String.Empty
            Dim strtemp2 As String = String.Empty
            Dim strarrtemp = String.Empty
-            Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(401940, l1.KfzKennzeichen)
+            Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")), l1.KfzKennzeichen)
            Dim stringtemtr As String = String.Empty
            Dim tr As TableRow = New TableRow
            Dim list3 As List(Of String) = New List(Of String)
@@ -198,7 +199,7 @@ Partial Class LKWS
    Protected Sub btn_Suchen_Click(sender As Object, e As EventArgs)
        Dim txt_LkwNr As TextBox = txt_lkw

-        list = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(401940)
+        list = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")))
        Dim tblhrow As TableHeaderRow = New TableHeaderRow()
        Dim cnt As Integer = 0
        Dim list3 As List(Of String) = New List(Of String)
@@ -267,7 +268,7 @@ Partial Class LKWS
            VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
        End If
        tbl_2.Rows.Clear()
-        list_M = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(401940)
+        list_M = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")))
        Dim cnt As Integer = 0

        headrow_M.Cells.Add(tbhc_KFZKennz_M)
@@ -327,7 +328,8 @@ Partial Class LKWS

        tbl_mainpage_M.Rows.Clear()
        Dim cnt As Integer = 0
-        list_M = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(401940)
+
+        list_M = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")))
        Dim tblhrow_M As TableHeaderRow = New TableHeaderRow

        tblhrow_M.Cells.Add(tbhc_KFZKennz_M)
@@ -402,15 +404,24 @@ Partial Class LKWS
    <ScriptMethod(ResponseFormat:=ResponseFormat.Json)>
    Public Shared Function filltable2(Kennzeichen As String) As List(Of Entry)
        Dim list As List(Of Entry) = New List(Of Entry)
-        Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(401940, Kennzeichen)
-        For Each l2 In list2
-            Dim Entrytemp As New Entry
-            Entrytemp.SDL = l2.SDLNr.ToString
-            Entrytemp.Bez = l2.Kategorie.ToString
-            Entrytemp.Gueltigbis = l2.GültigBis.ToString
-            Entrytemp.KartNr = l2.KartenNr.ToString
-            list.Add(Entrytemp)
-        Next
+        Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")), Kennzeichen)
+        If list2.Count >= 1 Then
+            For Each l2 In list2
+                Dim Entrytemp As New Entry
+                Entrytemp.SDL = l2.SDLNr.ToString
+                Entrytemp.Bez = l2.Kategorie.ToString
+                Entrytemp.Gueltigbis = l2.GültigBis.ToString
+                Entrytemp.KartNr = l2.KartenNr.ToString
+                list.Add(Entrytemp)
+            Next
+        ElseIf list2.Count = 0 Then
+            Dim Entrytempempty As New Entry
+            Entrytempempty.SDL = "Keine"
+            Entrytempempty.Bez = "Daten"
+            Entrytempempty.Gueltigbis = "gefunden!"
+            Entrytempempty.KartNr = String.Empty
+            list.Add(Entrytempempty)
+        End If
        Return list
    End Function
    Public Class Entry
@@ -423,15 +434,24 @@ Partial Class LKWS
    <ScriptMethod(ResponseFormat:=ResponseFormat.Json, UseHttpGet:=False)>
    Public Shared Function filltable2_M(Kennzeichen As String) As List(Of Entry)
        Dim list As List(Of Entry) = New List(Of Entry)
-        Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(401940, Kennzeichen)
-        For Each l2 In list2
-            Dim Entrytemp As New Entry
-            Entrytemp.SDL = l2.SDLNr.ToString
-            Entrytemp.Bez = l2.Kategorie.ToString
-            Entrytemp.Gueltigbis = l2.GültigBis.ToString
-            Entrytemp.KartNr = l2.KartenNr.ToString
-            list.Add(Entrytemp)
-        Next
+        Dim list2 As List(Of VERAG_PROG_ALLGEMEIN.cSDL) = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(Integer.Parse(HttpContext.Current.Session.Item("CustomerID")), Kennzeichen)
+        If list2.Count >= 1 Then
+            For Each l2 In list2
+                Dim Entrytemp As New Entry
+                Entrytemp.SDL = l2.SDLNr.ToString
+                Entrytemp.Bez = l2.Kategorie.ToString
+                Entrytemp.Gueltigbis = l2.GültigBis.ToString
+                Entrytemp.KartNr = l2.KartenNr.ToString
+                list.Add(Entrytemp)
+            Next
+        ElseIf list2.Count = 0 Then
+            Dim Entrytempempty As New Entry
+            Entrytempempty.SDL = "Keine"
+            Entrytempempty.Bez = "Daten"
+            Entrytempempty.Gueltigbis = "gefunden!"
+            Entrytempempty.KartNr = String.Empty
+            list.Add(Entrytempempty)
+        End If
        Return list
    End Function
 End Class