diff --git a/login/ChangePW.aspx.vb b/login/ChangePW.aspx.vb index 603a92b..3e47722 100644 --- a/login/ChangePW.aspx.vb +++ b/login/ChangePW.aspx.vb @@ -100,13 +100,20 @@ Partial Class login_ChangePW End Sub Function getDateoftoken(tokenname As String) As Boolean - Dim data() As Byte = Convert.FromBase64String(tokenname) + Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0)) - + Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname) If wenn < DateTime.UtcNow.AddMinutes(-30) Then + nameoftoken = String.Empty + 'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!") + Session.Remove("TokenforEmail") Return False - tokenname = "" - MsgBox("Token nicht gefunden oder zu alt!" + Environment.NewLine + "Bitte erneut Mail senden!") + ElseIf nameoftoken = "Error04" Then + nameoftoken = String.Empty + Session.Remove("TokenforEmail") + Return False + ElseIf nameoftoken = "NotYet" Then + Return True Else Return True End If diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index 0e62441..c205014 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -94,7 +94,7 @@ Partial Class login_ForgotPW con.Close() End Using If Session.Item("TokenforEmail") = Nothing Then - tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email)) + tokenname = genToken(username, password, email) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail") @@ -114,7 +114,7 @@ Partial Class login_ForgotPW 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") If Session.Item("TokenforEmail") = Nothing Then - tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email)) + tokenname = genToken(username, password, email) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail") @@ -186,12 +186,12 @@ Partial Class login_ForgotPW Try If Session.Item("TokenforEmail") = Nothing Then tokenname = genToken(username, password, email) - Session.Add("TokenforEmail", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname)) + Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail").ToString() End If 'Dim Strtemp = Session.Keys.Item("urltochangepw") - If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then + If getDateoftoken(tokenname) = True Then ' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx") ' Msg.Attachments.Add(attachment) If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then @@ -210,7 +210,7 @@ Partial Class login_ForgotPW lblMessage.Text = "Error02: Mail not delivered!" 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") If Session.Item("TokenforEmail") = Nothing Then - tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email)) + tokenname = genToken(username, password, email) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail").ToString() @@ -229,7 +229,7 @@ Partial Class login_ForgotPW Dim Key() As Byte = Guid.NewGuid().ToByteArray() Dim token As String Try - token = Convert.ToBase64String(time.Concat(Key).ToArray()) + token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) Return token Catch Ex As Exception Dim Msg, Style, Title As String @@ -240,6 +240,7 @@ Partial Class login_ForgotPW 'If MsgBox(Msg, Style, Title).Retry Then 'genToken(username, password, email) + token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) If SendEmail(username, password, email, token) = False Then 'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error") Else @@ -261,18 +262,21 @@ Partial Class login_ForgotPW End Function Function getDateoftoken(tokenname As String) As Boolean - Dim data() As Byte = Convert.FromBase64String(tokenname) + Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0)) + Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname) If wenn < DateTime.UtcNow.AddMinutes(-30) Then - tokenname = String.Empty + nameoftoken = String.Empty + tokenname = nameoftoken 'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!") Session.Remove("TokenforEmail") Return False - ElseIf tokenname = "Error04" Then - tokenname = String.Empty + ElseIf nameoftoken = "Error04" Then + nameoftoken = String.Empty + tokenname = nameoftoken Session.Remove("TokenforEmail") Return False - ElseIf tokenname = "NotYet" Then + ElseIf nameoftoken = "NotYet" Then Return True Else Return True diff --git a/login/login_FLEX.aspx b/login/login_FLEX.aspx index 7967508..c5e5e33 100644 --- a/login/login_FLEX.aspx +++ b/login/login_FLEX.aspx @@ -207,7 +207,6 @@ function reloadpage() { window.parent.location.reload(); } - - + \ No newline at end of file