edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen dass bestimmte Seiten nur vom Admin besucht werden können. Außerdem diverse Änderumgen:

Browse Source 
- im Design der Seite ChangePW.aspx mit Tabelle sowie neubau der Eerrorseite, um zukünftige Errors dort anzeigen zu lassen statt der gelben Seite wo Pfade etc revealt werden könnten.
- Reperatur der Prüfungen mit den neu übergebenen bzw den angepassten Variablen in der Codebehind Datei von ChangePW.aspx.vb
- Übersetzung der Forgot PW Seite und Krrektur um die neuen Parameter nur temporär zu speichern (verschlüsselt)
-
This commit is contained in:
ja
2021-11-16 11:33:44 +01:00
parent 8b10e82db3
commit 67ed982029
8 changed files with 259 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Customers/Default2.aspx
View File

@@ -1,13 +1,16 @@
<%@ Page Title="" Language="VB" MasterPageFile="~/Customers/Customers.master" AutoEventWireup="false" CodeFile="Default2.aspx.vb" Inherits="Customers_Default2" %>
<asp:Content ID="Content1" ContentPlaceHolderID="ContentPlaceHolder2" Runat="Server">
<asp:Content ID="Content1" ContentPlaceHolderID="ContentPlaceHolder2" Runat="Server"><%If String.Equals(Page.User.Identity.Name, "Admin") = False Then
FormsAuthentication.RedirectToLoginPage()
End If %>
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="head" Runat="Server">
<!-- Bootstrap -->
<html lang="en"></html>
<!-- Required meta tags -->
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1" title="Verag Spedition AG AvisoTV Flex"/>
<meta name="viewport" content="width=device-width, initial-scale=1" title="Verag Spedition AG Test Site Not Important"/>
<link rel="shortcut icon" href="../images/Icons/favicon/favicon.ico"/>

8
login/Change_PW.aspx
View File

@@ -242,8 +242,12 @@
<asp:CompareValidator ID="confirmPasswordReq_M" runat="server" ControlToCompare="txt_Pw_M" Enabled="false" ControlToValidate="txt_Pw_WH_M" ValidationGroup="TXT_val_WH_M" Font-Size="19" ForeColor="Red" ErrorMessage="Please try again! The passwords didn't match." Display="Dynamic"></asp:CompareValidator>
<asp:RegularExpressionValidator ID="regexval_txt_Pw_WH_M" runat="server" Enabled="false" ControlToValidate="txt_Pw_WH_M" ValidationGroup="TXT_val_WH_M" ForeColor="Red" Font-Size="19" ValidationExpression="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z\d]).{4,35}$" Display="Dynamic" ErrorMessage="The Password has to match the criterias of the info-button." SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:RegularExpressionValidator ControlToValidate="txt_Pw_M" runat="server" Enabled="false" ID="regexval_txt_Pw_M" ValidationGroup="TXT_val_M" ForeColor="Red" Font-Size="19" ValidationExpression="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z\d]).{4,35}$" Display="Dynamic" ErrorMessage="The Password has to match the criterias of the info-button." SetFocusOnError="true"></asp:RegularExpressionValidator>
<asp:Label ID="lbl_messagetext_M" runat="server" Text=""></asp:Label>
</td>
</td>
</tr>
<tr>
<td>
<asp:Label ID="lbl_messagetext_M" runat="server" Text=""></asp:Label>
</td>
</tr>
</table>
</div>

29
login/Change_PW.aspx.vb
View File

@@ -21,10 +21,11 @@ Partial Class login_Change_PW
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT UserId,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
Using cmd As New SqlCommand("SELECT UserId,Username,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
Dim KundenNr As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par4"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@UserId", UsrID)
cmd.Connection = con
@@ -34,9 +35,8 @@ Partial Class login_Change_PW
If dr.HasRows Then
dr.Read()
If String.IsNullOrEmpty(usrname) = False Then
If getDateoftoken(Request.QueryString("Par1")) = True AndAlso usrname = dr("Username") AndAlso UsrID = dr("UserId") Then
If getDateoftoken(Request.QueryString("Par1")) = True AndAlso usrname = dr("Username") AndAlso String.Equals(KundenNr, dr("KundenNr")) = True Then
Try
If IsPostBack Then
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH.Enabled = False
@@ -134,17 +134,16 @@ Partial Class login_Change_PW
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True Then
txt_Pw_WH.Enabled = False
reqPassw1txt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
Dim ConnectionString = ""
@@ -342,10 +341,11 @@ Partial Class login_Change_PW
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT UserId,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
Using cmd As New SqlCommand("SELECT UserId,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId And UserId=@UserId")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")).ToString
Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")).ToString
Dim THEUsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par4")).ToString
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@UserId", UsrID)
cmd.Connection = con
@@ -401,7 +401,6 @@ Partial Class login_Change_PW
lbl_messagetext_M.Text = ex.Message
End Try
'MsgBox(Msg, Style, Title)
' If MsgBox(Msg, Style, Title).Ok Then

178
login/Error.aspx Normal file
View File

@@ -0,0 +1,178 @@
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Error.aspx.vb" Inherits="login_Default" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>Error 404 VERAG</title>
<style>
.textfronterror{
color:#003680;
}
</style>
<%@ import Namespace="MySql.Data.MySqlClient"%>
<%'Dim url As String = Session.Keys.Item("urltochangepw")%>
<!-- Bootstrap -->
<html lang="en"></html>
<!-- Required meta tags -->
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1" title="Verag Spedition AG AvisoTV Flex"/>
<!-- Bootstrap CSS -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://unpkg.com/bootstrap-table@1.18.3/dist/bootstrap-table.min.css"/>
<!-- Bootstrap CSS -->
<!--<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">-->
<link href="bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://unpkg.com/bootstrap-table@1.18.3/dist/bootstrap-table.min.css"/>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<link rel="stylesheet" type="text/css" href="../css/main.css"/>
<link rel="stylesheet" type="text/css" href="../css/style.css"/>
<LINK REL="SHORTCUT ICON" HREF="../images/Icons/favicon/favicon.ico" />
<!-- <link rel="stylesheet" type="text/css" href="css/edit_main.css"> -->
<script src="js/netzwerk.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="../css/login/ForgotPW.css"/>
<link rel="stylesheet" type="text/css" href="../css/example.css"/>
<script type="text/javascript">
// Vergebe den Event-Handler
document.onkeydown = handleKeyEvent;
// Funktion, die den Event verarbeitet
function handleKeyEvent(e) {
// MSIE nimmt das Event-Objekt aus window.event, DOM-kompatible Browser aus dem e-Funktionsparameter
if (!e) e = window.event;
// keyCode muss 70 sein und ctrlKey true
if (e.keyCode == 68 && e.ctrlKey) {
alert('Strg+D wurde gedrückt');
//topup
}
}
</script>
<style>
.txt_design2 {
color: #003680;
font-size: 1.725em;
}
@media (max-width: 558.98px) {
body {
font-family: 'Poppins', sans-serif;
background: #fafafa;
background-image: url(../../images/road.jpg);
background-position: center center;
background-repeat: no-repeat;
background-attachment: fixed;
background-size: cover;
background-color: #fff;
overflow-y: clip;
overflow-x: clip;
}
#content_container {
display: flex;
justify-content: center;
align-items: center;
width: 400px;
height: 613px;
margin: 0 auto;
margin-top: 0px;
margin-left: 5%;
}
.container-fluid {
width: 395px;
height: 613px;
background-color: rgba(255,255,255,0.5);
top: 50%;
bottom: auto;
left: -2px;
right: 520px;
margin: auto;
}
#lbl_Ueberschrift_M {
background-color: #003680;
font-size: 1.85em;
color: #fff;
}
#lbl_login_M {
background-color: #003680;
font-size: 2em;
color: #fff;
}
.txt_design {
color: #003680;
font-size: 1.85em;
}
.txt_design2 {
color: #003680;
font-size: 1.895em;
margin-right: 1px;
}
#btn_Send_M {
background-color: #003680;
color: #fff;
width: 325px;
height: 32px;
margin-bottom: 0px;
margin-left:-4px;
padding-inline: 2px 2px;
padding: -10px 0px 10px 1px;
font-weight:600;
}
#btn_Back_M {
background-color: #003680;
color: #fff;
width: 325px;
height: 32px;
margin-bottom: -50px;
margin-left:16px;
padding-inline: 2px 2px;
padding: -10px 0px 12px 1px;
border:none;
font-size:18px;
}
}
</style>
</head>
<body>
<div id="content_container">
<div class="container-fluid">
<form id="form1" runat="server">
<center>
<!-- Große Bildschirme-->
<div class="d-none d-md-block">
<table id="tbl_main" cellpadding="0" style="margin: 15px auto auto auto; border:none;">
<center>
<tr style="color:#003680;height:48px;">
<td colspan="8">
<asp:Label ID="lbl_error" style="color:#003680;font-weight:200" runat="server">Error</asp:Label>
</td>
<td colspan="4">
<asp:Label ID="lbl_erranz" ClientIDMode="AutoID" style="color:#ff0000;font-weight:300" runat="server"></asp:Label>
</td>
</tr>
</center>
</table>
</div>
<!--Smartphone-Bildschirme-->
<div class="d-md-none">
<table id="tbl_main_M" cellpadding="0" style="margin:10px 8px 10px 8px; border: none;">
<center>
<tr style="color:#003680;height:48px;">
<td>
<asp:Label ID="lbl_error_M" style="color:#003680;font-weight:200" Font-Size="22px" runat="server">Error</asp:Label>
</td>
<td>
<asp:Label ID="lbl_erranz_M" style="color:#ff0000;font-display:swap" ClientIDMode="AutoID" runat="server"></asp:Label>
</td>
</tr>
</center>
</table>
</div>
</center>
</form>
</div></div>
</body>
</html>

5
login/Error.aspx.vb Normal file
View File

@@ -0,0 +1,5 @@

Partial Class login_Default
Inherits System.Web.UI.Page
End Class

6
login/ForgotPW.aspx
View File

@@ -286,7 +286,7 @@
</tr>
<tr style="color:#003680; height:32px;font-size:14px">
<td align="center" colspan="2" style="color:#fff;font-kerning:auto;font-weight:700;">
<asp:Label ID="lbl_PWvergessen" Text="Passwort vergessen?" runat="server" style="color:#003680; margin-left:72px;font-size:20px;font-weight:300"></asp:Label>
<asp:Label ID="lbl_PWvergessen" Text="Forgot your Password?" runat="server" style="color:#003680; margin-left:75px;font-size:20px;font-weight:300"></asp:Label>
</td></tr>
<!-- <tr style=" background-color:#fff; color:#003680; height:30px;font-size:12px">
<td align="center" colspan="2" style="color:#fff;font-kerning:auto;font-weight:700;">
@@ -294,7 +294,7 @@
</td></tr> -->
<tr style="color:#003680; height:38px;">
<td align="right" colspan="2">
<asp:label ID="lbl_filldatahere" runat="server" Text="Daten hier eintragen:" Font-Size="20px" style="margin-left:94px; margin-top:-4px;color:#003680;font-weight:300"></asp:label>
<asp:label ID="lbl_filldatahere" runat="server" Text="Fill your data in here:" Font-Size="20px" style="margin-left:94px; margin-top:-4px;color:#003680;font-weight:300"></asp:label>
</td></tr>
<tr style="color:#003680; height:38px;"><td colspan="2">
<asp:TextBox ID="txt_CustomerID" CssClass="bg-UID-icon" runat="server" ValidationGroup="val-desk" SetFocusOnError="true" Width="265" Placeholder="Customer-ID" style="margin-left:45px;color:#003680;border-radius: 8px 8px 8px 8px;-webkit-border-radius: 8px;-moz-border-radius: 8px;" Font-Size="1.125em"></asp:TextBox>
@@ -342,7 +342,7 @@
</td></tr>
<tr style="color:#003680;height:20px">
<td>
<asp:Label ID="lbl_filldatahere_M" Text="Daten hier eintragen" runat="server" style="color:#003680;margin-left:67px;font-weight:300" Font-Size="22px"></asp:Label>
<asp:Label ID="lbl_filldatahere_M" Text="Fill in your data here" runat="server" style="color:#003680;margin-left:67px;font-weight:300" Font-Size="22px"></asp:Label>
</td>
</tr>
<tr style="color:#003680;height:40px;">

92
login/ForgotPW.aspx.vb
View File

@@ -27,6 +27,7 @@ Partial Class ForgotPW
Dim isusrnmright As Boolean = False
Dim isCustomeridright As Boolean = False
Dim isemailright As Boolean = False
Dim UserID As String = String.Empty
If String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False And String.IsNullOrEmpty(txt_CustomerID.Text) = False And String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txt_CustomerID_M.Text) = True Then
valreqtxtusername.Enabled = True
valreqtxtEmail.Enabled = True
@@ -116,7 +117,7 @@ Partial Class ForgotPW
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,UserId FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND UserId=@CUSTOMERId")
Using cmd As New SqlCommand("SELECT UserId,Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Parameters.AddWithValue("@Email", email)
@@ -129,10 +130,11 @@ Partial Class ForgotPW
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("UserId").ToString()
customerID = dr("KundenNr").ToString()
UserID = dr("UserId").ToString()
Try
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False And String.IsNullOrEmpty(UserID) = False Then
username = txt_Username.Text
isusrnmright = True
ElseIf String.IsNullOrEmpty(txt_Username.Text) = True Then
@@ -146,38 +148,36 @@ Partial Class ForgotPW
isusrnmright = False
End Try
End If
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(UserID) = False Then
email = txtEmail.Text
lblMessage.ForeColor = Color.Green
isemailright = True
lblMessage.Text = "Die Email besteht in der Datenbank."
ElseIf String.IsNullOrEmpty(email) = True Then
lblMessage_M.ForeColor = Color.Red
lblMessage.ForeColor = Color.Red
isemailright = False
VERAG_VARIABLES.seterrorcount(6)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Die eingegebene E-Mail passt nicht zum Datenbankeintrag. Bitte erneut versuchen."
lblMessage.Text = VERAG_VARIABLES.geterrornumb + "Die eingegebene E-Mail passt nicht zum Datenbankeintrag. Bitte erneut versuchen."
Else
lblMessage_M.ForeColor = Color.Red
isemailright = False
VERAG_VARIABLES.seterrorcount(7)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Die E-Mail existiert in unserer Datenbank nicht."
lblMessage.Text = VERAG_VARIABLES.geterrornumb + "Die E-Mail existiert in unserer Datenbank nicht."
End If
If (txt_CustomerID.Text = dr("UserId").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID_M.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
email = txtEmail.Text
If (txt_CustomerID.Text = dr("KundenNr").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID_M.Text) = True) And String.IsNullOrEmpty(UserID) = False Then
customerID = txt_CustomerID.Text
lblMessage.ForeColor = Color.Green
isCustomeridright = True
VERAG_VARIABLES.seterrorcount(8)
lblMessage.Text = VERAG_VARIABLES.geterrornumb + "Die Benutzer-ID ist fehlerhaft"
ElseIf String.IsNullOrEmpty(customerID) = True Then
lblMessage_M.ForeColor = Color.Red
isCustomeridright = False
VERAG_VARIABLES.seterrorcount(9)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Die einegebene Nutzernummer steht nicht in unserer Datenbank."
lblMessage.Text = VERAG_VARIABLES.geterrornumb + "Die einegebene Nutzernummer steht nicht in unserer Datenbank."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage.ForeColor = Color.Red
isCustomeridright = False
VERAG_VARIABLES.seterrorcount(10)
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Die Nutzernummer ist nicht in der Datenbank vorhanden."
VERAG_VARIABLES.seterrorcount(8)
lblMessage.Text = VERAG_VARIABLES.geterrornumb + "Die Nutzernummer ist nicht in der Datenbank vorhanden."
End If
Catch ex As Exception
VERAG_VARIABLES.seterrorcount(408)
@@ -195,14 +195,14 @@ Partial Class ForgotPW
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession) = True Then
If SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
@@ -217,7 +217,7 @@ Partial Class ForgotPW
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
@@ -226,8 +226,8 @@ Partial Class ForgotPW
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "DasPasswort wurde erfolgreich an die hinterlegte E-Mail gesendet. Bitte prüfen Sie den Posteingang sowie den Spam-Ordner."
ElseIf SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession) = True Then
lblMessage.Text = "Das Passwort wurde erfolgreich an die hinterlegte E-Mail gesendet. Bitte prüfen Sie den Posteingang sowie den Spam-Ordner."
ElseIf SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID) = True Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
@@ -262,6 +262,7 @@ Partial Class ForgotPW
Dim email As String = String.Empty
Dim tokenname As String = String.Empty
Dim customerID As String = String.Empty
Dim UserID As String = String.Empty
Dim isusernameright As Boolean = False
Dim isuserIDright As Boolean = False
Dim isuserEmailright As Boolean = False
@@ -353,7 +354,7 @@ Partial Class ForgotPW
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,UserId FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND UserId=@CUSTOMERId")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr,UserId FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Parameters.AddWithValue("@Email", email)
@@ -366,9 +367,10 @@ Partial Class ForgotPW
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("UserId").ToString()
customerID = dr("KundenNr").ToString()
UserID = dr("UserId").ToString()
Try
If (txt_CustomerID_M.Text = dr("UserId").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
If (txt_CustomerID_M.Text = dr("KundenNr").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(customerID) = False And String.IsNullOrEmpty(UserID) = False Then
customerID = txt_CustomerID_M.Text
lblMessage_M.ForeColor = Color.Green
isuserIDright = True
@@ -429,14 +431,14 @@ Partial Class ForgotPW
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession, UserID)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail_M(username, password, email, tokenname, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
If SendEmail_M(username, password, email, tokenname, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession, UserID) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
@@ -451,7 +453,7 @@ Partial Class ForgotPW
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession, UserID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
@@ -461,7 +463,7 @@ Partial Class ForgotPW
'MsgBox("Mail would be sent successfully!")
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The password has been sent sucessfully on the given valid e-mail address."
ElseIf SendEmail_M(username, password, email, tokenname, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession) = True Then
ElseIf SendEmail_M(username, password, email, tokenname, customerID, isusernameright, isuserIDright, isuserEmailright, Session.IsNewSession, UserID) = True Then
'MsgBox("Mail would not be sent successfully!")
lblMessage_M.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
@@ -485,7 +487,7 @@ Partial Class ForgotPW
End If
End Sub
Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean) As Boolean
Function SendEmail_M(username As String, password As String, email As String, tokenname As String, customerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean, theUserID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
@@ -493,7 +495,7 @@ Partial Class ForgotPW
Dim Betreff As String = String.Empty
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False Then
If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False AndAlso String.IsNullOrEmpty(theUserID) = False And String.IsNullOrEmpty(customerID) = False Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'MsgBox(getdomianenvironment)
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
@@ -506,7 +508,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrEmpty(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
'MsgBox(getdomianenvironment)
@@ -519,7 +521,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage_M.ForeColor = Color.OrangeRed
@@ -531,7 +533,7 @@ Partial Class ForgotPW
Try
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
@@ -558,9 +560,9 @@ Partial Class ForgotPW
lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Mail not delivered!"
'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID)
Session.Add("TokenforEmail", tokenname)
Session.Add("USerID", userID)
Session.Add("USerID", customerID)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
@@ -577,7 +579,7 @@ Partial Class ForgotPW
End If
End Function
Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean) As Boolean
Function SendEmail(username As String, password As String, email As String, tokenname As String, customerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, sessionisnew As Boolean, theUserID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
@@ -585,7 +587,7 @@ Partial Class ForgotPW
Dim Betreff As String = String.Empty
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False Then
If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True And sessionisnew = False AndAlso String.IsNullOrEmpty(theUserID) = False And String.IsNullOrEmpty(customerID) = False Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'MsgBox(getdomianenvironment)
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
@@ -598,7 +600,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrEmpty(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
'MsgBox(getdomianenvironment)
@@ -611,7 +613,7 @@ Partial Class ForgotPW
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(customerID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "&Par4=" + VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(theUserID) + "</a>" + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / ><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage.ForeColor = Color.OrangeRed
@@ -623,7 +625,7 @@ Partial Class ForgotPW
Try
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
@@ -649,9 +651,9 @@ Partial Class ForgotPW
lblMessage.Text = "Error02: Mail not delivered!"
'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession)
tokenname = genToken(username, password, email, customerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID)
Session.Add("TokenforEmail", tokenname)
Session.Add("USerID", userID)
Session.Add("USerID", customerID)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
@@ -669,12 +671,12 @@ Partial Class ForgotPW
End If
End Function
Function genToken(username As String, password As String, email As String, CustomerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, isnewSession As Boolean) As String
Function genToken(username As String, password As String, email As String, CustomerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, isnewSession As Boolean, theUserID As String) As String
If isnewSession = False Then
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
If isusrnmright = True And iscstmIDright = True And isemailright = True Then
If isusrnmright = True And iscstmIDright = True And isemailright = True AndAlso String.IsNullOrEmpty(theUserID) = False Then
Try
token = VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
Return token
@@ -688,7 +690,7 @@ Partial Class ForgotPW
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
If SendEmail(username, password, email, token, CustomerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession) = True Then
If SendEmail(username, password, email, token, CustomerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID) = True Then
'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
Else
'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!")
@@ -701,7 +703,7 @@ Partial Class ForgotPW
If jetzt < wenn Then
Return "NotYet"
Else
token = genToken(username, password, email, CustomerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession)
token = genToken(username, password, email, CustomerID, isusrnmright, iscstmIDright, isemailright, Session.IsNewSession, theUserID)
Return token
'End If
End If

3
login/login_FLEX.aspx.vb
View File

@@ -76,7 +76,7 @@ Partial Class login_FLEX
Customer_ID = tb_M.Text
Else
VERAG_VARIABLES.seterrorcount(2)
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Username does not have any special characters in it."
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Customer-ID does not have any special characters in it."
End If
End If
End If
@@ -173,7 +173,6 @@ Partial Class login_FLEX
VERAG_VARIABLES.seterrorcount(9)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the database!"
End If
MsgBox("Erfolgreich validiert.")
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)