Änderungen algorithmus verschlüsselung session key email pw reset

2021-10-14 11:14:04 +02:00
parent 146a86a83e
commit 888ea5150d
3 changed files with 6 additions and 6 deletions
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -96,6 +96,7 @@ Partial Class login_ForgotPW
            If Session.Item("TokenforEmail") = Nothing Then
                tokenname = genToken(username, password, email)
                Session.Add("TokenforEmail", tokenname)
+                Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
            Else
                tokenname = Session.Item("TokenforEmail")
            End If
@@ -157,7 +158,6 @@ Partial Class login_ForgotPW
        Dim getdomianenvironment As String = String.Empty
        Dim pagename As String = String.Empty
        Dim ServPort As String = String.Empty
-
        Dim mailto As String = String.Empty
        Dim Betreff As String = String.Empty
        Dim htmlbody As String = String.Empty
@@ -167,14 +167,14 @@ Partial Class login_ForgotPW
            'pagename = Request.ServerVariables("SCRIPT_NAME")
            mailto = email
            Betreff = "Passwort reset"
-            htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
+            htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
        ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
            getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
            ServPort = String.Empty
            'pagename = Request.ServerVariables("SCRIPT_NAME")
            mailto = email
            Betreff = "Passwort reset"
-            htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + tokenname + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
+            htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
        ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
            'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
            lblMessage.ForeColor = Color.OrangeRed