From 48cf6c7b36a01f51a20b862248935f441125c854 Mon Sep 17 00:00:00 2001
From: ja <ja@verag.ag>
Date: Mon, 18 Oct 2021 16:56:06 +0200
Subject: [PATCH] User-ID Validierung erfolgreich implementiert.

---
 login/login_FLEX.aspx.vb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb
index 0687133..5c3ec2b 100644
--- a/login/login_FLEX.aspx.vb
+++ b/login/login_FLEX.aspx.vb
@@ -22,13 +22,19 @@ Partial Class login_FLEX
         Dim tb As TextBox = form1.FindControl("UserID")
         Dim reqfieldvaluserID As RequiredFieldValidator = Page.FindControl("CustomerIDrequired")
         reqfieldvaluserID.Validate()
+        Dim user_ID As String
+        If reqfieldvaluserID.IsValid Then
+            user_ID = tb.Text
+        Else
+            user_ID = ""
+        End If
         ' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
         Using con As New SqlConnection(ConnectionString)
             ' Using cmd As New SqlCommand("Validate_User")
             Using cmd As New SqlCommand("SELECT COUNT(*) FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND Kundennr=@UserID")
                 ' cmd.CommandType = CommandType.StoredProcedure
                 cmd.Parameters.AddWithValue("@Username", Login1.UserName)
-                cmd.Parameters.AddWithValue("UserID", tb.Text)
+                cmd.Parameters.AddWithValue("UserID", user_ID)
                 cmd.Parameters.AddWithValue("@Password", Login1.Password)
                 cmd.Connection = con
                 con.Open()