Encryption error fixing part III

2021-10-14 10:46:00 +02:00
parent 82dfe19b4f
commit a884941068
3 changed files with 27 additions and 17 deletions
--- a/login/ChangePW.aspx.vb
+++ b/login/ChangePW.aspx.vb
@@ -100,13 +100,20 @@ Partial Class login_ChangePW
    End Sub
    Function getDateoftoken(tokenname As String) As Boolean
-        Dim data() As Byte = Convert.FromBase64String(tokenname)
+        Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname))
        Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
-
+        Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)
        If wenn < DateTime.UtcNow.AddMinutes(-30) Then
            nameoftoken = String.Empty
            'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
            Session.Remove("TokenforEmail")
            Return False
-            tokenname = ""
+        ElseIf nameoftoken = "Error04" Then
-            MsgBox("Token nicht gefunden oder zu alt!" + Environment.NewLine + "Bitte erneut Mail senden!")
+            nameoftoken = String.Empty
            Session.Remove("TokenforEmail")
            Return False
        ElseIf nameoftoken = "NotYet" Then
            Return True
        Else
            Return True
        End If
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -94,7 +94,7 @@ Partial Class login_ForgotPW
                con.Close()
            End Using
            If Session.Item("TokenforEmail") = Nothing Then
-                tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email))
+                tokenname = genToken(username, password, email)
                Session.Add("TokenforEmail", tokenname)
            Else
                tokenname = Session.Item("TokenforEmail")
@@ -114,7 +114,7 @@ Partial Class login_ForgotPW
                    'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
                    If Session.Item("TokenforEmail") = Nothing Then
-                        tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email))
+                        tokenname = genToken(username, password, email)
                        Session.Add("TokenforEmail", tokenname)
                    Else
                        tokenname = Session.Item("TokenforEmail")
@@ -186,12 +186,12 @@ Partial Class login_ForgotPW
        Try
            If Session.Item("TokenforEmail") = Nothing Then
                tokenname = genToken(username, password, email)
-                Session.Add("TokenforEmail", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname))
+                Session.Add("TokenforEmail", tokenname)
            Else
                tokenname = Session.Item("TokenforEmail").ToString()
            End If
            'Dim Strtemp = Session.Keys.Item("urltochangepw")
-            If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then
+            If getDateoftoken(tokenname) = True Then
                '  Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
                '  Msg.Attachments.Add(attachment)
                If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
@@ -210,7 +210,7 @@ Partial Class login_ForgotPW
                lblMessage.Text = "Error02: Mail not delivered!"
                'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
                If Session.Item("TokenforEmail") = Nothing Then
-                    tokenname = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(genToken(username, password, email))
+                    tokenname = genToken(username, password, email)
                    Session.Add("TokenforEmail", tokenname)
                Else
                    tokenname = Session.Item("TokenforEmail").ToString()
@@ -229,7 +229,7 @@ Partial Class login_ForgotPW
        Dim Key() As Byte = Guid.NewGuid().ToByteArray()
        Dim token As String
        Try
-            token = Convert.ToBase64String(time.Concat(Key).ToArray())
+            token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
            Return token
        Catch Ex As Exception
            Dim Msg, Style, Title As String
@@ -240,6 +240,7 @@ Partial Class login_ForgotPW
            'If MsgBox(Msg, Style, Title).Retry Then
            'genToken(username, password, email)
            token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
            If SendEmail(username, password, email, token) = False Then
                'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
            Else
@@ -261,18 +262,21 @@ Partial Class login_ForgotPW
    End Function
    Function getDateoftoken(tokenname As String) As Boolean
-        Dim data() As Byte = Convert.FromBase64String(tokenname)
+        Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname))
        Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
        Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)
        If wenn < DateTime.UtcNow.AddMinutes(-30) Then
-            tokenname = String.Empty
+            nameoftoken = String.Empty
            tokenname = nameoftoken
            'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
            Session.Remove("TokenforEmail")
            Return False
-        ElseIf tokenname = "Error04" Then
+        ElseIf nameoftoken = "Error04" Then
-            tokenname = String.Empty
+            nameoftoken = String.Empty
            tokenname = nameoftoken
            Session.Remove("TokenforEmail")
            Return False
-        ElseIf tokenname = "NotYet" Then
+        ElseIf nameoftoken = "NotYet" Then
            Return True
        Else
            Return True
--- a/login/login_FLEX.aspx
+++ b/login/login_FLEX.aspx
@@ -208,6 +208,5 @@
             window.parent.location.reload();
         }
     </script>     
    </body>    
 </html>