edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen in Abfrage Reset pW token

Browse Source
This commit is contained in:
ja
2021-11-11 13:53:38 +01:00
parent 943ec78da3
commit 4607b0165f
2 changed files with 214 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
login/Change_PW.aspx.vb
View File

@@ -4,38 +4,70 @@ Imports System.Data.SqlClient
Partial Class login_Change_PW Partial Class login_Change_PW
Inherits System.Web.UI.Page Inherits System.Web.UI.Page
Protected Sub Page_Load(sender As Object, e As EventArgs) Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
Dim url = Request.ServerVariables("URL") Dim url = Request.ServerVariables("URL")
Session.Add("urltochangepw", url) Session.Add("urltochangepw", url)
If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing And VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("CustomerID").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par3") And VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Session.Item("test")) = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))) Then Dim ConnectionString = ""
If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then
Try If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
txt_Pw_WH.Enabled = True VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
txt_Pw.Enabled = True 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
regexval_txt_Pw_WH.Enabled = True ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
If IsPostBack Then
reqPasswtxt.Validate()
reqPassw1txt.Validate()
End If
Catch exc As Exception
MsgBox(exc)
End Try
Else
btn_submitpw.Enabled = False
txt_Pw.BackColor = Drawing.Color.Gray
txt_Pw.ForeColor = Drawing.Color.DarkGray
txt_Pw_WH.Enabled = False
txt_Pw_WH.BackColor = Drawing.Color.Gray
txt_Pw_WH.ForeColor = Drawing.Color.DarkGray
txt_Pw.Enabled = False
regexval_txt_Pw_WH.Enabled = False
End If
Else Else
VERAG_VARIABLES.initerrorcount() VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
VERAG_VARIABLES.seterrorcount(1) ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Link ist abgelaufen. Bitte neue E-Mail senden." 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
Response.Redirect("ForgotPW.aspx")
End If End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par3") = Not Nothing And VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) = Not Nothing) Then
If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then
Try
txt_Pw_WH.Enabled = True
txt_Pw.Enabled = True
regexval_txt_Pw_WH.Enabled = True
If IsPostBack Then
reqPasswtxt.Validate()
reqPassw1txt.Validate()
End If
Catch exc As Exception
lbl_messagetext.Text = exc.Message
End Try
Else
btn_submitpw.Enabled = False
txt_Pw.BackColor = Drawing.Color.Gray
txt_Pw.ForeColor = Drawing.Color.DarkGray
txt_Pw_WH.Enabled = False
txt_Pw_WH.BackColor = Drawing.Color.Gray
txt_Pw_WH.ForeColor = Drawing.Color.DarkGray
txt_Pw.Enabled = False
regexval_txt_Pw_WH.Enabled = False
End If
Else
VERAG_VARIABLES.initerrorcount()
VERAG_VARIABLES.seterrorcount(1)
lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Link ist abgelaufen. Bitte neue E-Mail senden."
Response.Redirect("ForgotPW.aspx")
End If
dr.Close()
End If
End Using
con.Close()
End Using
End Sub End Sub
Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs) Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs)
@@ -49,11 +81,11 @@ Partial Class login_Change_PW
End Sub End Sub
Protected Sub btn_submitpw_Click(sender As Object, e As EventArgs) Protected Sub btn_submitpw_Click(sender As Object, e As EventArgs) Handles btn_submitpw.Click
Dim tempstr As String = "" Dim tempstr As String = ""
Dim Msg, Style, Title As String Dim Msg, Style, Title As String
If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
reqPasswtxt_M.Enabled = False reqPasswtxt_M.Enabled = False
reqPasswtxt_M.Enabled = False reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True reqPasswtxt.Enabled = True
@@ -139,9 +171,7 @@ Partial Class login_Change_PW
Catch ex As Exception Catch ex As Exception
lbl_messagetext.Text = ex.Message lbl_messagetext.Text = ex.Message
End Try End Try
Msg = "PW erfolgreich geändert!"
Style = vbOKOnly + vbInformation + vbDefaultButton1
Title = "Information"
regexval_txt_Pw.ForeColor = Drawing.Color.Green regexval_txt_Pw.ForeColor = Drawing.Color.Green
regexval_txt_Pw.Text = "Password has been changed successfully!" regexval_txt_Pw.Text = "Password has been changed successfully!"
'MsgBox(Msg, Style, Title) 'MsgBox(Msg, Style, Title)
@@ -188,10 +218,10 @@ Partial Class login_Change_PW
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname) Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname)
If wenn < DateTime.UtcNow.AddMinutes(-30) Then If wenn < DateTime.UtcNow.AddMinutes(-30) Then
nameoftoken = String.Empty nameoftoken = String.Empty
If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("Mob").ToString()) = "True" Then If VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Mob").ToString()) = "True" Then
VERAG_VARIABLES.seterrorcount(101) VERAG_VARIABLES.seterrorcount(101)
lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!" lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!"
ElseIf VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("Mob").ToString()) = "False" Then ElseIf VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Mob").ToString()) = "False" Then
VERAG_VARIABLES.seterrorcount(101) VERAG_VARIABLES.seterrorcount(101)
lbl_messagetext_M.Text = VERAG_VARIABLES.geterrornumb + "Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!" lbl_messagetext_M.Text = VERAG_VARIABLES.geterrornumb + "Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!"
End If End If

304
login/ForgotPW.aspx.vb
View File

@@ -248,8 +248,8 @@ Partial Class ForgotPW
End Sub End Sub
Protected Sub btn_Send_M_Click(sender As Object, e As EventArgs) Protected Sub btn_Send_M_Click(sender As Object, e As EventArgs)
Try
Dim username As String = String.Empty Dim username As String = String.Empty
Dim password As String = String.Empty Dim password As String = String.Empty
Dim email As String = String.Empty Dim email As String = String.Empty
Dim tokenname As String = String.Empty Dim tokenname As String = String.Empty
@@ -329,158 +329,152 @@ Partial Class ForgotPW
lblMessage_M.Text = "Error 08. The form has not been filled completeley." lblMessage_M.Text = "Error 08. The form has not been filled completeley."
End If End If
'Erweiterte Degub Msg-Box 'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text) 'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
If String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True Then If String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Parameters.AddWithValue("@Email", email)
cmd.Parameters.AddWithValue("@CUSTOMERId", customerID)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("KundenNr").ToString()
Try
If (txt_CustomerID_M.Text = dr("KundenNr").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
customerID = txt_CustomerID_M.Text
lblMessage_M.ForeColor = Color.Green
isuserIDright = True
VERAG_VARIABLES.seterrorcount(17)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Customer-ID exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isuserIDright = False
VERAG_VARIABLES.seterrorcount(18)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Customer-ID does not exist in our database."
Return
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Customer-ID validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
Try
If (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
email = txtEmail_M.Text
isuserEmailright = True
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isuserEmailright = False
VERAG_VARIABLES.seterrorcount(19)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given E-Mail does not exist in our database."
Return
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
Try
If (txt_Username_M.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
username = txt_Username_M.Text
lblMessage_M.ForeColor = Color.Green
isusernameright = True
lblMessage_M.Text = "The given Username exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isusernameright = False
VERAG_VARIABLES.seterrorcount(20)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Username does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Username validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "Token generated successfully."
'MsgBox("Token generated successfully.")
Else
lblMessage_M.ForeColor = Color.Red
VERAG_VARIABLES.seterrorcount(100)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Token is not valid anymore. Please generate a new one by sending a new e-mail!"
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
End If
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The password has been sent sucessfully on the given valid e-mail address."
ElseIf SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
'MsgBox("Mail would not be sent successfully!")
lblMessage_M.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(10)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Username not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(email) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(11)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Email not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(password) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(12)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "An internal password searching error occured in our systems ."
End If
End If
Else Else
lblMessage_M.ForeColor = Drawing.Color.Red VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
VERAG_VARIABLES.seterrorcount(15) ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Error with Database or the connection." + Environment.NewLine + "Please contact the admin." 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If End If
Catch Exc As Exception
lblMessage.ForeColor = Drawing.Color.Red Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Parameters.AddWithValue("@Email", email)
cmd.Parameters.AddWithValue("@CUSTOMERId", customerID)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("KundenNr").ToString()
Try
If (txt_CustomerID_M.Text = dr("KundenNr").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
customerID = txt_CustomerID_M.Text
lblMessage_M.ForeColor = Color.Green
isuserIDright = True
VERAG_VARIABLES.seterrorcount(17)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Customer-ID exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isuserIDright = False
VERAG_VARIABLES.seterrorcount(18)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Customer-ID does not exist in our database."
Return
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Customer-ID validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
Try
If (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
email = txtEmail_M.Text
isuserEmailright = True
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isuserEmailright = False
VERAG_VARIABLES.seterrorcount(19)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given E-Mail does not exist in our database."
Return
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
Try
If (txt_Username_M.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
username = txt_Username_M.Text
lblMessage_M.ForeColor = Color.Green
isusernameright = True
lblMessage_M.Text = "The given Username exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
isusernameright = False
VERAG_VARIABLES.seterrorcount(20)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The given Username does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Username validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "Token generated successfully."
'MsgBox("Token generated successfully.")
Else
lblMessage_M.ForeColor = Color.Red
VERAG_VARIABLES.seterrorcount(100)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Token is not valid anymore. Please generate a new one by sending a new e-mail!"
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
End If
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The password has been sent sucessfully on the given valid e-mail address."
ElseIf SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
'MsgBox("Mail would not be sent successfully!")
lblMessage_M.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(10)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Username not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(email) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(11)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Email not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(password) = True Then
lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(12)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "An internal password searching error occured in our systems ."
End If
End If
Else
lblMessage_M.ForeColor = Drawing.Color.Red lblMessage_M.ForeColor = Drawing.Color.Red
VERAG_VARIABLES.seterrorcount(8) VERAG_VARIABLES.seterrorcount(15)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Error08: No input found." + Environment.NewLine + Exc.Message lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Error with Database or the connection." + Environment.NewLine + "Please contact the admin."
End Try End If
End Sub End Sub
Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean) As Boolean Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean) As Boolean
@@ -504,7 +498,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + ">http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards,<br /><br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password) htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + ">http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards,<br /><br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
'MsgBox(getdomianenvironment) 'MsgBox(getdomianenvironment)
@@ -517,7 +511,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + ">http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "</a>" + Environment.NewLine + "<br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password) htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + ">http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "</a>" + Environment.NewLine + "<br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage_M.ForeColor = Color.OrangeRed lblMessage_M.ForeColor = Color.OrangeRed
@@ -585,7 +579,7 @@ Partial Class ForgotPW
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False Then If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
MsgBox(getdomianenvironment) 'MsgBox(getdomianenvironment)
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = ":" + Request.ServerVariables("SERVER_PORT") ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME") 'pagename = Request.ServerVariables("SCRIPT_NAME")
@@ -599,7 +593,7 @@ Partial Class ForgotPW
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password) htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrEmpty(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then ElseIf String.IsNullOrEmpty(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
MsgBox(getdomianenvironment) 'MsgBox(getdomianenvironment)
ServPort = ":" + Request.ServerVariables("SERVER_PORT") ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME") 'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email mailto = email