diff --git a/Customers/Customers.master.vb b/Customers/Customers.master.vb index 84e29ec..3c18d2a 100644 --- a/Customers/Customers.master.vb +++ b/Customers/Customers.master.vb @@ -2,6 +2,7 @@ Partial Class Customers_Customers Inherits System.Web.UI.MasterPage Protected isPageRefresh As Boolean = False + Dim arr As String() Protected Sub Page_Load(ByRef sender As Object, ByVal e As EventArgs) If (Session.Item("CheckRefresh") = True) Then Session.Item("CheckRefresh") = Nothing @@ -19,5 +20,6 @@ Partial Class Customers_Customers Response.Redirect("../login/Logout.aspx") End Sub + End Class diff --git a/login/Change_PW.aspx.vb b/login/Change_PW.aspx.vb index 5ade364..71043bd 100644 --- a/login/Change_PW.aspx.vb +++ b/login/Change_PW.aspx.vb @@ -22,14 +22,15 @@ Partial Class login_Change_PW Using con As New SqlConnection(ConnectionString) ' Using cmd As New SqlCommand("Validate_User") - Using cmd As New SqlCommand("SELECT UserId,Password,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId") + Using cmd As New SqlCommand("SELECT UserId,Password,Username,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId") ' cmd.CommandType = CommandType.StoredProcedure Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) Dim KundenNr As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par4")) - Dim Email As String = VERAG_PROG_ALLGEMEIN.cCryptography3.Decrypt(Request.QueryString("Par5")) + Dim Email As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par5")) cmd.Parameters.AddWithValue("@Username", usrname) cmd.Parameters.AddWithValue("@UserId", UsrID) + cmd.Connection = con con.Open() ' userId = Convert.ToInt32(cmd.ExecuteScalar()) @@ -65,10 +66,10 @@ Partial Class login_Change_PW End If Catch exc As Exception lbl_messagetext.Text = exc.Message - End Try + End Try Else - VERAG_VARIABLES.initerrorcount() + VERAG_VARIABLES.initerrorcount() VERAG_VARIABLES.seterrorcount(1) lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Link is invalid. Please send a new E-Mail!" btn_submitpw.Text = "Return to Login!" diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index 9bbd853..1c5240f 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -13,7 +13,6 @@ Partial Class ForgotPW Dim ConnectionString As String = String.Empty Dim salt As String = String.Empty Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load - If Page.IsPostBack = True Then Page.MaintainScrollPositionOnPostBack = True VERAG_VARIABLES.initerrorcount() @@ -21,7 +20,6 @@ Partial Class ForgotPW Page.MaintainScrollPositionOnPostBack = False VERAG_VARIABLES.initerrorcount() End If - End Sub Protected Sub btn_Back_Click(sender As Object, e As EventArgs) Response.Redirect("login_FLEX.aspx") diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb index 947d3ef..f39b1ea 100644 --- a/login/login_FLEX.aspx.vb +++ b/login/login_FLEX.aspx.vb @@ -121,7 +121,6 @@ Partial Class login_FLEX If String.IsNullOrEmpty(tb3_M.Text) = False AndAlso String.IsNullOrEmpty(tb3.Text) = True Then reqfieldvalpassw.Enabled = False reqfieldvalpassw_M.Enabled = True - reqfieldvalpassw_M.Validate() If reqfieldvalpassw_M.IsValid = True Then passw = tb3_M.Text @@ -239,6 +238,8 @@ Partial Class login_FLEX Dim salt As String = VERAG_VARIABLES.GenerateSalt(My1stRandomNumber) Dim passw As String = password token = VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(VERAG_VARIABLES.HashPassword(passw, salt, 101, My1stRandomNumber)) + Session.Add("Tokensalt", VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(token)) + Session.Add("salt", VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(salt)) Return token Catch Ex As Exception 'Dim Msg, Style, Title As String