edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen token generierung erfolgt besser

Browse Source
This commit is contained in:
ja
2021-10-13 13:51:21 +02:00
parent f345d97210
commit 6014061cfd
3 changed files with 84 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

143
login/ForgotPW.aspx.vb
View File

@@ -13,78 +13,89 @@ Partial Class login_ForgotPW
End Sub
Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
Dim username As String
Dim password As String
Dim email As String
Dim tokenname As String
Dim username As String = String.Empty
Dim password As String = String.Empty
Dim email As String = String.Empty
Dim tokenname As String = String.Empty
valreqtxtEmail.Validate()
If valreqtxtEmail.IsValid() = True Then
username = txt_Username.Text
password = String.Empty
check_UserName_regex.Validate()
If valreqtxtEmail.IsValid = True Then
email = txtEmail.Text
tokenname = String.Empty
ElseIf valreqtxtEmail.IsValid = False Then
valreqtxtEmail.ErrorMessage = "ANnotation: The given Daomain is not the company domain."
regexval_txt_Email.Validate()
valreqtxtEmail.IsValid = True
End If
'cDBFunctions.GetNewOpenConnection()
Dim ConnectionString = String.Empty
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
If check_UserName_regex.IsValid = True Then
username = txt_Username.Text
Else
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
check_UserName_regex.ErrorMessage = "No valid Username found!"
End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
Try
regexval_txt_Email.Validate()
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail Prüfung fehlgeschlagen!" & vbCrLf + "Bitte erneut versuchen!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Fehler bei E-Mail Authentifizierung!"
MsgBox(Msg, Style, Title)
If MsgBox(Msg, Style, Title).Yes Then
txtEmail.Text = String.Empty
txtEmail.Focus()
ElseIf MsgBox(Msg, Style, Title).No Then
End If
End Try
End If
End Using
con.Close()
End Using
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
If SendEmail(username, password, email, tokenname) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
MsgBox("Token erfolgreich generiert.")
If String.IsNullOrEmpty(email) = False AndAlso String.IsNullOrEmpty(tokenname) = True AndAlso String.IsNullOrEmpty(password) = True AndAlso String.IsNullOrEmpty(username) = False Then
'cDBFunctions.GetNewOpenConnection()
Dim ConnectionString = String.Empty
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
MsgBox("Token ist nicht mehr gültig! Es wird ein neuer generiert!")
tokenname = genToken(username, password, email)
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Passwort wurde erfolgreich an die angegebene E-Mail Adresse gesendet."
ElseIf SendEmail(username, password, email, tokenname) = False Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Diese E-Mail ist nicht in unserer Datenbank vorhanden."
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
Try
regexval_txt_Email.Validate()
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail Prüfung fehlgeschlagen!" & vbCrLf + "Bitte erneut versuchen!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Fehler bei E-Mail Authentifizierung!"
MsgBox(Msg, Style, Title)
If MsgBox(Msg, Style, Title).Yes Then
txtEmail.Text = String.Empty
txtEmail.Focus()
ElseIf MsgBox(Msg, Style, Title).No Then
End If
End Try
End If
End Using
con.Close()
End Using
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
If SendEmail(username, password, email, tokenname) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
MsgBox("Token erfolgreich generiert.")
Else
MsgBox("Token ist nicht mehr gültig! Es wird ein neuer generiert!")
tokenname = genToken(username, password, email)
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Passwort wurde erfolgreich an die angegebene E-Mail Adresse gesendet."
ElseIf SendEmail(username, password, email, tokenname) = False Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Diese E-Mail ist nicht in unserer Datenbank vorhanden."
End If
Else
MsgBox("Die Felder sind nicht alle befüllt worden.", MsgBoxStyle.Critical, "Error08")
End If
End Sub
@@ -131,7 +142,7 @@ Partial Class login_ForgotPW
If getDateoftoken(tokennametemp) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
If Not String.IsNullOrEmpty(mailto) AndAlso Not String.IsNullOrEmpty(Betreff) AndAlso String.IsNullOrEmpty(htmlbody) Then
If Not String.IsNullOrEmpty(mailto) AndAlso Not String.IsNullOrEmpty(Betreff) AndAlso Not String.IsNullOrEmpty(htmlbody) Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")