Änderung des Buttons und MD5 hash überprüfung erfolgreich
This commit is contained in:
ja
@@ -234,9 +234,9 @@ Partial Class login_Change_PW
|
|||||||
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
|
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
|
||||||
End If
|
End If
|
||||||
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
|
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
|
||||||
Dim istokenDBhash As String = gensaltToken(UsrIdDB, pwDB, EmailDB, Session.IsNewSession)
|
Dim istokenDBhash As String = gensaltToken(UsernameDB, pwDB, EmailDB, Session.IsNewSession)
|
||||||
If regexval_txt_Pw.IsValid = True And IsPWRequal = False Then
|
If regexval_txt_Pw.IsValid = True Then
|
||||||
If String.Equals(istokenhash, istokenDBhash, StringComparison.CurrentCulture) = True Then
|
If String.Equals(istokenhash, istokenDBhash) = False Then
|
||||||
Using con As New SqlConnection(ConnectionString)
|
Using con As New SqlConnection(ConnectionString)
|
||||||
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
|
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
|
||||||
' cmd.CommandType = CommandType.StoredProcedure
|
' cmd.CommandType = CommandType.StoredProcedure
|
||||||
@@ -248,9 +248,10 @@ Partial Class login_Change_PW
|
|||||||
If String.IsNullOrEmpty(usrname) = False Then
|
If String.IsNullOrEmpty(usrname) = False Then
|
||||||
cmd.ExecuteNonQuery()
|
cmd.ExecuteNonQuery()
|
||||||
btn_submitpw.Visible = True
|
btn_submitpw.Visible = True
|
||||||
|
btn_submitpw.Text = "zum Login"
|
||||||
Else
|
Else
|
||||||
VERAG_VARIABLES.seterrorcount(25)
|
VERAG_VARIABLES.seterrorcount(25)
|
||||||
'lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb() + "Error at changing the Password."
|
lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb() + "Passwords shouldn't match!"
|
||||||
End If
|
End If
|
||||||
End Using
|
End Using
|
||||||
con.Close()
|
con.Close()
|
||||||
@@ -268,6 +269,13 @@ Partial Class login_Change_PW
|
|||||||
|
|
||||||
regexval_txt_Pw.ForeColor = Drawing.Color.Green
|
regexval_txt_Pw.ForeColor = Drawing.Color.Green
|
||||||
regexval_txt_Pw.Text = "Passwort has been changed successfully!"
|
regexval_txt_Pw.Text = "Passwort has been changed successfully!"
|
||||||
|
btn_submitpw.Text = "Back to Login!"
|
||||||
|
btn_submitpw.PostBackUrl = "login_FLEX.aspx"
|
||||||
|
confirmPasswordReq.Enabled = False
|
||||||
|
confirmPasswordReq_M.Enabled = False
|
||||||
|
reqPasswtxt.Enabled = False
|
||||||
|
reqPassw1txt.Enabled = False
|
||||||
|
'Response.Redirect("login_FLEX.apsx")
|
||||||
'MsgBox(Msg, Style, Title)
|
'MsgBox(Msg, Style, Title)
|
||||||
' If MsgBox(Msg, Style, Title).Ok Then
|
' If MsgBox(Msg, Style, Title).Ok Then
|
||||||
'Response.Redirect("login_FLEX.aspx")
|
'Response.Redirect("login_FLEX.aspx")
|
||||||
@@ -277,6 +285,9 @@ Partial Class login_Change_PW
|
|||||||
VERAG_VARIABLES.seterrorcount(2)
|
VERAG_VARIABLES.seterrorcount(2)
|
||||||
btn_submitpw.Text = "Back to Login!"
|
btn_submitpw.Text = "Back to Login!"
|
||||||
btn_submitpw.PostBackUrl = "login_FLEX.apsx"
|
btn_submitpw.PostBackUrl = "login_FLEX.apsx"
|
||||||
|
reqPasswtxt.Enabled = False
|
||||||
|
reqPassw1txt.Enabled = False
|
||||||
|
'Response.Redirect("login_FLEX.aspx")
|
||||||
'regexval_txt_Pw.Text = VERAG_VARIABLES.geterrornumb + "Passwords could not be found!"
|
'regexval_txt_Pw.Text = VERAG_VARIABLES.geterrornumb + "Passwords could not be found!"
|
||||||
' Msg = "PW nicht erfolgreich geändert!"
|
' Msg = "PW nicht erfolgreich geändert!"
|
||||||
' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
|
' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
|
||||||
@@ -393,7 +404,6 @@ Partial Class login_Change_PW
|
|||||||
Dim dr As SqlDataReader = cmd.ExecuteReader()
|
Dim dr As SqlDataReader = cmd.ExecuteReader()
|
||||||
If dr.HasRows Then
|
If dr.HasRows Then
|
||||||
dr.Read()
|
dr.Read()
|
||||||
If String.Equals(txt_Pw_M.Text, dr("Password").ToString, StringComparison.CurrentCulture) = False Or String.Equals(txt_Pw_WH_M.Text, dr("Password").ToString, StringComparison.CurrentCulture) = False Then
|
|
||||||
tempstr = txt_Pw_M.Text
|
tempstr = txt_Pw_M.Text
|
||||||
EmailDB = dr("Email").ToString
|
EmailDB = dr("Email").ToString
|
||||||
pwDB = dr("Password").ToString
|
pwDB = dr("Password").ToString
|
||||||
@@ -415,10 +425,7 @@ Partial Class login_Change_PW
|
|||||||
If String.Equals(THEUsrID, customerIDDB, StringComparison.CurrentCulture) = True Then
|
If String.Equals(THEUsrID, customerIDDB, StringComparison.CurrentCulture) = True Then
|
||||||
isctmrIDright = True
|
isctmrIDright = True
|
||||||
End If
|
End If
|
||||||
Else
|
|
||||||
lbl_messagetext_M.ForeColor = Drawing.Color.Red
|
|
||||||
lbl_messagetext_M.Text = "The chosen password should not be the old one!"
|
|
||||||
End If
|
|
||||||
If String.Compare(usrname, dr("Username")) = True Then
|
If String.Compare(usrname, dr("Username")) = True Then
|
||||||
isusernameright = True
|
isusernameright = True
|
||||||
End If
|
End If
|
||||||
@@ -448,8 +455,8 @@ Partial Class login_Change_PW
|
|||||||
Using con As New SqlConnection(ConnectionString)
|
Using con As New SqlConnection(ConnectionString)
|
||||||
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
|
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
|
||||||
Dim istokenDBhash As String = gensaltToken(usrnmDB, pwDB, EmailDB, Session.IsNewSession)
|
Dim istokenDBhash As String = gensaltToken(usrnmDB, pwDB, EmailDB, Session.IsNewSession)
|
||||||
If regexval_txt_Pw.IsValid = True And ispwrEqual = False Then
|
If regexval_txt_Pw.IsValid = True Then
|
||||||
If String.Equals(istokenhash, istokenDBhash, StringComparison.CurrentCulture) = True Then
|
If String.Equals(istokenhash, istokenDBhash, StringComparison.CurrentCulture) = False Then
|
||||||
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
|
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
|
||||||
' cmd.CommandType = CommandType.StoredProcedure
|
' cmd.CommandType = CommandType.StoredProcedure
|
||||||
cmd.Parameters.AddWithValue("@Username", usrname)
|
cmd.Parameters.AddWithValue("@Username", usrname)
|
||||||
@@ -461,9 +468,17 @@ Partial Class login_Change_PW
|
|||||||
cmd.ExecuteNonQuery()
|
cmd.ExecuteNonQuery()
|
||||||
regexval_txt_Pw_M.ForeColor = Drawing.Color.Green
|
regexval_txt_Pw_M.ForeColor = Drawing.Color.Green
|
||||||
regexval_txt_Pw_M.Text = "Password has been changed sucessfully!"
|
regexval_txt_Pw_M.Text = "Password has been changed sucessfully!"
|
||||||
|
btn_submitpw.Text = "Back to Login!"
|
||||||
|
btn_submitpw.PostBackUrl = "login_FLEX.aspx"
|
||||||
|
confirmPasswordReq_M.Enabled = False
|
||||||
|
confirmPasswordReq_M.Enabled = False
|
||||||
|
reqPasswtxt_M.Enabled = False
|
||||||
Else
|
Else
|
||||||
btn_submitpw_M.Text = "Back to Login!"
|
btn_submitpw.Text = "Back to Login!"
|
||||||
btn_submitpw_M.PostBackUrl = "login_FLEX.apsx"
|
btn_submitpw.PostBackUrl = "login_FLEX.aspx"
|
||||||
|
confirmPasswordReq.Enabled = False
|
||||||
|
confirmPasswordReq_M.Enabled = False
|
||||||
|
reqPasswtxt_M.Enabled = False
|
||||||
End If
|
End If
|
||||||
End Using
|
End Using
|
||||||
End If
|
End If
|
||||||
@@ -482,8 +497,11 @@ Partial Class login_Change_PW
|
|||||||
regexval_txt_Pw_M.ForeColor = Drawing.Color.MediumVioletRed
|
regexval_txt_Pw_M.ForeColor = Drawing.Color.MediumVioletRed
|
||||||
VERAG_VARIABLES.seterrorcount(2)
|
VERAG_VARIABLES.seterrorcount(2)
|
||||||
regexval_txt_Pw_M.Text = VERAG_VARIABLES.geterrornumb + "Passwort konnte nicht erfolgreich geändert werden!"
|
regexval_txt_Pw_M.Text = VERAG_VARIABLES.geterrornumb + "Passwort konnte nicht erfolgreich geändert werden!"
|
||||||
btn_submitpw_M.Text = "Back to Login!"
|
|
||||||
btn_submitpw_M.PostBackUrl = "login_FLEX.apsx"
|
btn_submitpw.Text = "Back to Login!"
|
||||||
|
btn_submitpw.PostBackUrl = "login_FLEX.aspx"
|
||||||
|
confirmPasswordReq.Enabled = False
|
||||||
|
confirmPasswordReq_M.Enabled = False
|
||||||
'Button hierher
|
'Button hierher
|
||||||
|
|
||||||
' Msg = "PW nicht erfolgreich geändert!"
|
' Msg = "PW nicht erfolgreich geändert!"
|
||||||
@@ -506,9 +524,9 @@ Partial Class login_Change_PW
|
|||||||
Function gensaltToken(username As String, password As String, email As String, isnewSession As Boolean) As String
|
Function gensaltToken(username As String, password As String, email As String, isnewSession As Boolean) As String
|
||||||
If isnewSession = False Then
|
If isnewSession = False Then
|
||||||
Dim token As String
|
Dim token As String
|
||||||
|
If String.IsNullOrEmpty(username) = False AndAlso String.IsNullOrEmpty(email) = False Then
|
||||||
Dim intzahl = RandomInteger(Math.Pow(2, 5), Math.Pow(2, 8))
|
Dim intzahl = RandomInteger(Math.Pow(2, 6), Math.Pow(2, 8))
|
||||||
Dim intzahl2 = RandomInteger(Math.Pow(2, 5), Math.Pow(2, 6))
|
Dim intzahl2 = RandomInteger(Math.Pow(2, 6), Math.Pow(2, 8))
|
||||||
Dim Rand As Random = New Random
|
Dim Rand As Random = New Random
|
||||||
If String.IsNullOrEmpty(password) = False Then
|
If String.IsNullOrEmpty(password) = False Then
|
||||||
Try
|
Try
|
||||||
@@ -533,6 +551,7 @@ Partial Class login_Change_PW
|
|||||||
Else
|
Else
|
||||||
Return String.Empty
|
Return String.Empty
|
||||||
End If
|
End If
|
||||||
|
End If
|
||||||
Else
|
Else
|
||||||
Return "Error in Session ID. It has changed. Please check admin!"
|
Return "Error in Session ID. It has changed. Please check admin!"
|
||||||
End If
|
End If
|
||||||
|
|||||||
Reference in New Issue
Block a user