Änderungen

2021-11-15 09:55:08 +01:00
parent 59d56f9c5b
commit 93e5f1c77c
1 changed files with 15 additions and 13 deletions
--- a/login/Change_PW.aspx.vb
+++ b/login/Change_PW.aspx.vb
@@ -218,20 +218,22 @@ Partial Class login_Change_PW
                    'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
                End If
                If reqPassw1txt_M.IsValid = True Then
-                    Using con As New SqlConnection(ConnectionString)
-                        con.Open()
-                        Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
-                            ' cmd.CommandType = CommandType.StoredProcedure
-                            cmd.Parameters.AddWithValue("@Username", usrname)
-                            cmd.Parameters.AddWithValue("@Password", txt_Pw.Text)
-                            cmd.Parameters.AddWithValue("@KundenNr", UsrID)
-                            cmd.Connection = con
-                            cmd.ExecuteNonQuery()
+                    If String.Compare(txt_Pw_WH.Text, tempstr) = 0 AndAlso String.Compare(txt_Pw.Text, tempstr) = 0 AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And StrComp(tempstr, "Error01") = -1 Then
+                        Using con As New SqlConnection(ConnectionString)
+                            con.Open()
+                            Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
+                                ' cmd.CommandType = CommandType.StoredProcedure
+                                cmd.Parameters.AddWithValue("@Username", usrname)
+                                cmd.Parameters.AddWithValue("@Password", txt_Pw_WH.Text)
+                                cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                                cmd.Connection = con
+                                cmd.ExecuteNonQuery()
+                            End Using
+                            con.Close()
                        End Using
-                        con.Close()
-                    End Using
+                    End If
                Else
-                    VERAG_VARIABLES.seterrorcount(22)
+                        VERAG_VARIABLES.seterrorcount(22)
                    lbl_messagetext_M.ForeColor = Drawing.Color.Red
                    lbl_messagetext_M.Text = VERAG_VARIABLES.geterrornumb() + "Error bei der Validierung des Kennwortes."
                End If
@@ -377,7 +379,7 @@ Partial Class login_Change_PW
                        Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
                            ' cmd.CommandType = CommandType.StoredProcedure
                            cmd.Parameters.AddWithValue("@Username", usrname)
-                            cmd.Parameters.AddWithValue("@Password", tempstr)
+                            cmd.Parameters.AddWithValue("@Password", txt_Pw_WH_M.Text)
                            cmd.Parameters.AddWithValue("@KundenNr", UsrID)
                            cmd.Connection = con
                            cmd.ExecuteNonQuery()