edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Funktion geht jetzt zum PW updaten in der sQL datenbank

Browse Source
This commit is contained in:
ja
2021-11-15 09:48:22 +01:00
parent bdf8692deb
commit 59d56f9c5b
3 changed files with 37 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
login/Change_PW.aspx.vb
View File

@@ -23,9 +23,9 @@ Partial Class login_Change_PW
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2"))
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
Dim decr As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par1"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
@@ -35,7 +35,7 @@ Partial Class login_Change_PW
If dr.HasRows Then
dr.Read()
If String.IsNullOrEmpty(usrname) = False Then
If getDateoftoken(decr) = True AndAlso usrname = dr("Username") AndAlso UsrID = dr("KundenNr") Then
If getDateoftoken(Request.QueryString("Par1")) = True AndAlso usrname = dr("Username") AndAlso UsrID = dr("KundenNr") Then
Try
If IsPostBack Then
@@ -90,9 +90,9 @@ Partial Class login_Change_PW
End Sub
Function getDateoftoken(tokenname As String) As Boolean
Dim data() As Byte = Convert.FromBase64String(tokenname)
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(tokenname))
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
Dim nameoftoken = tokenname
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(tokenname)
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
nameoftoken = String.Empty
tokenname = nameoftoken
@@ -115,7 +115,7 @@ Partial Class login_Change_PW
VERAG_VARIABLES.seterrorcount(500)
Dim Betreff As String = "Session ID" + VERAG_VARIABLES.geterrornumb
htmlbody = "<p> Der User " + VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2")) + "hat eine ungültige oder geänderte Session-ID </p> <table><th><td>User</td></th><th><td>neue ID</td></th><tr><td>" + VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2")) + "</td><td>" + Session.SessionID + "</td></tr></table>"
htmlbody = "<p> Der User " + VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) + "hat eine ungültige oder geänderte Session-ID </p> <table><th><td>User</td></th><th><td>neue ID</td></th><tr><td>" + VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) + "</td><td>" + Session.SessionID + "</td></tr></table>"
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Return False
@@ -135,8 +135,8 @@ Partial Class login_Change_PW
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True Then
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH.Enabled = False
txt_Pw_WH.Enabled = False
reqPassw1txt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
@@ -146,7 +146,7 @@ Partial Class login_Change_PW
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
End If
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
@@ -163,7 +163,7 @@ Partial Class login_Change_PW
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2"))
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
@@ -173,7 +173,7 @@ Partial Class login_Change_PW
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If txt_Pw.Text = Not dr("Password") Or txt_Pw_WH.Text = Not dr("Password") Then
If String.Compare(txt_Pw.Text, dr("Password").ToString) = -1 Or String.Compare(txt_Pw_WH.Text, dr("Password").ToString) = -1 Then
tempstr = txt_Pw.Text
Else
lbl_messagetext.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
@@ -192,23 +192,23 @@ Partial Class login_Change_PW
tempstr = "Error01"
End If
If String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And tempstr = Not "Error01" Then
If String.Compare(txt_Pw.Text, tempstr) = 1 AndAlso String.Compare(txt_Pw_WH.Text, tempstr) = 1 AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And String.Compare(tempstr, "Error01") = -1 Then
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH_M.Enabled = False
reqPasswtxt.Enabled = False
reqPassw1txt.Enabled = False
reqPassw1txt.Enabled = True
reqPasswtxt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
txt_Pw_WH_M.Enabled = False
reqPasswtxt.Enabled = False
reqPassw1txt.Enabled = False
reqPassw1txt.Enabled = True
reqPasswtxt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
Try
Dim ConnectionString = ""
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2"))
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
@@ -219,14 +219,16 @@ Partial Class login_Change_PW
End If
If reqPassw1txt_M.IsValid = True Then
Using con As New SqlConnection(ConnectionString)
con.Open()
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@Password", tempstr)
cmd.Parameters.AddWithValue("@Password", txt_Pw.Text)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
cmd.ExecuteNonQuery()
End Using
con.Close()
End Using
Else
VERAG_VARIABLES.seterrorcount(22)
@@ -311,7 +313,6 @@ Partial Class login_Change_PW
Protected Sub btn_submitpw_M_Click(sender As Object, e As EventArgs)
Dim tempstr As String = ""
Dim Msg, Style, Title As String
Dim ConnectionString = ""
If String.IsNullOrEmpty(txt_Pw_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True Then
reqPasswtxt.Enabled = False
@@ -333,9 +334,9 @@ Partial Class login_Change_PW
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username, Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2")).ToString
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")).ToString
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")).ToString
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
@@ -359,10 +360,10 @@ Partial Class login_Change_PW
Else
tempstr = "Error01"
End If
If txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_WH.Text) = True And Not tempstr = "Error01" Then
If String.Compare(txt_Pw_WH_M.Text, tempstr) = 0 AndAlso String.Compare(txt_Pw_M.Text, tempstr) = 0 AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_WH.Text) = True And StrComp(tempstr, "Error01") = -1 Then
Try
ConnectionString = ""
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par2")).ToString
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")).ToString
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")).ToString
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"