Sicherheitsmechnanismus zum nicht zu oft senden versuchen einer mail sowie einer Linkzufügung welche noch auf die Seite hinzeigen muss

2021-10-07 17:02:01 +02:00
parent fc086046e2
commit 6979627c87
4 changed files with 24 additions and 11 deletions
--- a/login/ChangePW.aspx.vb
+++ b/login/ChangePW.aspx.vb
@@ -3,12 +3,14 @@ Partial Class login_ChangePW
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(sender As Object, e As EventArgs)
+
        btn_submitpw.Enabled = False
        txt_Pw_WH.Enabled = False
        regexval_txt_Pw_WH.Enabled = False
        If IsPostBack Then
            reqPasswtxt.Validate()
            reqPassw1txt.Validate()
+            Session.Add("urltochangepw", Request.Url.AbsoluteUri)
        End If
    End Sub

--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -10,7 +10,7 @@ Partial Class login_ForgotPW
    Protected Sub Page_Load(sender As Object, e As EventArgs)
        If txt_Username.Text = "" Then
            Try
-                txt_Username.Text = Request.QueryString.Item("Par1")
+                txt_Username.Text = Request.QueryString.Item("urlofchangepwpage")
            Catch ex As Exception
                MsgBox(ex.Message)
            End Try
@@ -74,7 +74,6 @@ Partial Class login_ForgotPW
        tokenname = genToken(username, password, email)
        If SendEmail(username, password, email) = True Then
            'password = RandomString(New Random, 10)
-
            If (getDateoftoken(tokenname) = True) Then
                Dim msgboxstyle = vbDefaultButton1 + vbOK

@@ -106,20 +105,28 @@ Partial Class login_ForgotPW
    End Function

    Function SendEmail(username As String, password As String, email As String) As Boolean
-        Dim lkb As LinkButton = New LinkButton()
-        lkb.PostBackUrl = "ChangePW.aspx"
+        Dim mailto As String = email
+        Dim Betreff As String = "Passwort reset"
+        Dim htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Der Link zum Zurücksetzen des Passwortes lautet:<br /><br /><br />.<br />" + Environment.NewLine + "<a href=" + "" + "/ChangePW.aspx" + ">This is default.aspx</a>" + Environment.NewLine + "<br />Mit freundlichen Grüßen,", username, password)
        Try
            Dim tokennametemp = genToken(username, password, email)
+            'Dim Strtemp = Session.Keys.Item("urltochangepw")
            If getDateoftoken(tokennametemp) = True Then
-                Dim mailto As String = email
-                Dim Betreff As String = "Passwort reset"
-                Dim htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Der Link zum Zurücksetzen des Passwortes lautet:<br /><br /><br />.<br />" + Environment.NewLine + lkb.PostBackUrl + Environment.NewLine + "<br />Mit freundlichen Grüßen,", username, password)
                '     Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
                '     Msg.Attachments.Add(attachment)
-                VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
-                MsgBox("SENT")
+                Dim count = 0
+                Do
+                    VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
+                Loop
+                While count = 2
+                    End While
+
+                    MsgBox("SENT")
                Return True
            Else
+
+                tokennametemp = genToken(username, password, email)
+                VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
                Return False
            End If
        Catch ex As Exception
--- a/login/login_FLEX.aspx
+++ b/login/login_FLEX.aspx
@@ -145,7 +145,8 @@
                                    </tr>
                               <tr style="color:#003680; height:50px;">                                  
                                    <td align="left" colspan="2">                                  
-                                       <a ID="LinkButton2" runat="server" target="_top" href="ForgotPW.aspx">Passwort Vergessen</a> 
+                                       <%Dim url As String = Session.Keys.Item("urltochangepw") %>
+                                       <a ID="LinkButton2" runat="server" target="_top" href="ForgotPW.aspx?urlofchangepwpage=<%=url%>">Passwort Vergessen</a> 
                                   </td>
                                   </td>
                               </tr>
--- a/login/login_FLEX.aspx.vb
+++ b/login/login_FLEX.aspx.vb
@@ -5,7 +5,10 @@ Partial Class login_login_TEST
    Inherits System.Web.UI.Page
    Dim CustomerIDTextBox As TextBox
    Protected Sub Page_Load(sender As Object, e As EventArgs)
-
+        If Not IsPostBack Then
+            Dim varlink As String = Request.Url.ToString
+            Response.Redirect(varlink, False)
+        End If
    End Sub
    Protected Sub ValidateUser(sender As Object, e As EventArgs)
        Dim userId As Integer = 0