edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sicherheitsmechnanismus zum nicht zu oft senden versuchen einer mail sowie einer Linkzufügung welche noch auf die Seite hinzeigen muss

Browse Source
This commit is contained in:
ja
2021-10-07 17:02:01 +02:00
parent fc086046e2
commit 6979627c87
4 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
login/ChangePW.aspx.vb
View File

@@ -3,12 +3,14 @@ Partial Class login_ChangePW
Inherits System.Web.UI.Page
Protected Sub Page_Load(sender As Object, e As EventArgs)
btn_submitpw.Enabled = False
txt_Pw_WH.Enabled = False
regexval_txt_Pw_WH.Enabled = False
If IsPostBack Then
reqPasswtxt.Validate()
reqPassw1txt.Validate()
Session.Add("urltochangepw", Request.Url.AbsoluteUri)
End If
End Sub

23
login/ForgotPW.aspx.vb
View File

@@ -10,7 +10,7 @@ Partial Class login_ForgotPW
Protected Sub Page_Load(sender As Object, e As EventArgs)
If txt_Username.Text = "" Then
Try
txt_Username.Text = Request.QueryString.Item("Par1")
txt_Username.Text = Request.QueryString.Item("urlofchangepwpage")
Catch ex As Exception
MsgBox(ex.Message)
End Try
@@ -74,7 +74,6 @@ Partial Class login_ForgotPW
tokenname = genToken(username, password, email)
If SendEmail(username, password, email) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
Dim msgboxstyle = vbDefaultButton1 + vbOK
@@ -106,20 +105,28 @@ Partial Class login_ForgotPW
End Function
Function SendEmail(username As String, password As String, email As String) As Boolean
Dim lkb As LinkButton = New LinkButton()
lkb.PostBackUrl = "ChangePW.aspx"
Try
Dim tokennametemp = genToken(username, password, email)
If getDateoftoken(tokennametemp) = True Then
Dim mailto As String = email
Dim Betreff As String = "Passwort reset"
Dim htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Der Link zum Zurücksetzen des Passwortes lautet:<br /><br /><br />.<br />" + Environment.NewLine + lkb.PostBackUrl + Environment.NewLine + "<br />Mit freundlichen Grüßen,", username, password)
Dim htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Der Link zum Zurücksetzen des Passwortes lautet:<br /><br /><br />.<br />" + Environment.NewLine + "<a href=" + "" + "/ChangePW.aspx" + ">This is default.aspx</a>" + Environment.NewLine + "<br />Mit freundlichen Grüßen,", username, password)
Try
Dim tokennametemp = genToken(username, password, email)
'Dim Strtemp = Session.Keys.Item("urltochangepw")
If getDateoftoken(tokennametemp) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
Dim count = 0
Do
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Loop
While count = 2
End While
MsgBox("SENT")
Return True
Else
tokennametemp = genToken(username, password, email)
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Return False
End If
Catch ex As Exception

3
login/login_FLEX.aspx
View File

@@ -145,7 +145,8 @@
</tr>
<tr style="color:#003680; height:50px;">
<td align="left" colspan="2">
<a ID="LinkButton2" runat="server" target="_top" href="ForgotPW.aspx">Passwort Vergessen</a>
<%Dim url As String = Session.Keys.Item("urltochangepw") %>
<a ID="LinkButton2" runat="server" target="_top" href="ForgotPW.aspx?urlofchangepwpage=<%=url%>">Passwort Vergessen</a>
</td>
</td>
</tr>

5
login/login_FLEX.aspx.vb
View File

@@ -5,7 +5,10 @@ Partial Class login_login_TEST
Inherits System.Web.UI.Page
Dim CustomerIDTextBox As TextBox
Protected Sub Page_Load(sender As Object, e As EventArgs)
If Not IsPostBack Then
Dim varlink As String = Request.Url.ToString
Response.Redirect(varlink, False)
End If
End Sub
Protected Sub ValidateUser(sender As Object, e As EventArgs)
Dim userId As Integer = 0