diff --git a/login/Change_PW.aspx b/login/Change_PW.aspx
index 9e36bdc..be50071 100644
--- a/login/Change_PW.aspx
+++ b/login/Change_PW.aspx
@@ -223,7 +223,7 @@
|
-
+
|
diff --git a/login/Change_PW.aspx.vb b/login/Change_PW.aspx.vb
index e185c38..6dec28a 100644
--- a/login/Change_PW.aspx.vb
+++ b/login/Change_PW.aspx.vb
@@ -33,7 +33,7 @@ Partial Class login_Change_PW
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
- If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par3") = Not Nothing) Then
+ If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) = usrname AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3") = UsrID) Then
If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then
Try
txt_Pw_WH.Enabled = True
@@ -47,7 +47,7 @@ Partial Class login_Change_PW
lbl_messagetext.Text = exc.Message
End Try
Else
- btn_submitpw.Enabled = False
+ 'btn_submitpw.Enabled = False
txt_Pw.BackColor = Drawing.Color.Gray
txt_Pw.ForeColor = Drawing.Color.DarkGray
txt_Pw_WH.Enabled = False
@@ -73,7 +73,7 @@ Partial Class login_Change_PW
regexval_txt_Pw_WH.Validate()
confirmPasswordReq.Validate()
If confirmPasswordReq.IsValid Then
- btn_submitpw.Enabled = True
+ ' btn_submitpw.Enabled = True
Else
lbl_messagetext.ForeColor = Drawing.Color.Red
lbl_messagetext.Text = "Passwort stimmt nicht überein."
@@ -129,28 +129,51 @@ Partial Class login_Change_PW
Dim tempstr As String = ""
Dim Msg, Style, Title As String
- If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
+ If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True Then
reqPasswtxt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
reqPassw1txt.Validate()
+ Dim ConnectionString = ""
- If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then
- tempstr = txt_Pw.Text
+ If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+ VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
+ 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+ ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ Else
+ VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
+ ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
- ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then
- reqPasswtxt.Enabled = False
- reqPassw1txt_M.Enabled = False
- reqPasswtxt_M.Enabled = True
- reqPassw1txt_M.Enabled = True
- reqPasswtxt_M.Validate()
- reqPassw1txt_M.Validate()
+ Using con As New SqlConnection(ConnectionString)
+ ' Using cmd As New SqlCommand("Validate_User")
+ Using cmd As New SqlCommand("SELECT KundenNr,Username, Passwort FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
+ ' cmd.CommandType = CommandType.StoredProcedure
+ Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
+ Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
+ cmd.Parameters.AddWithValue("@Username", usrname)
+ cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+ cmd.Connection = con
+ con.Open()
+ ' userId = Convert.ToInt32(cmd.ExecuteScalar())
+ Dim dr As SqlDataReader = cmd.ExecuteReader()
+ If dr.HasRows Then
+ dr.Read()
+ If txt_Pw.Text = dr("Passwort") Or txt_Pw_WH.Text = dr("Passwort") Then
+ If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then
+ tempstr = txt_Pw.Text
+ End If
+ Else
+ lbl_messagetext.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
+ End If
+ End If
+ dr.Close()
+ End Using
+ con.Close()
+ End Using
- If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then
- tempstr = txt_Pw_M.Text
- End If
Else
tempstr = "Error01"
End If
@@ -190,39 +213,7 @@ Partial Class login_Change_PW
' If MsgBox(Msg, Style, Title).Ok Then
'Response.Redirect("login_FLEX.aspx")
'End If
- ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_M.Text) = True And tempstr = Not "Error01" Then
- Try
- Dim ConnectionString = ""
- Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
- Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
- If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
- 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
- ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
- Else
- ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
- 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
- End If
- Using con As New SqlConnection(ConnectionString)
- Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
- ' cmd.CommandType = CommandType.StoredProcedure
- cmd.Parameters.AddWithValue("@Username", usrname)
- cmd.Parameters.AddWithValue("@Password", tempstr)
- cmd.Parameters.AddWithValue("@KundenNr", UsrID)
- cmd.Connection = con
- cmd.ExecuteNonQuery()
- End Using
- End Using
- Catch ex As Exception
- lbl_messagetext.Text = ex.Message
- End Try
- regexval_txt_Pw.ForeColor = Drawing.Color.Green
- regexval_txt_Pw.Text = "Password has been changed successfully!"
- 'MsgBox(Msg, Style, Title)
-
- ' If MsgBox(Msg, Style, Title).Ok Then
- 'Response.Redirect("login_FLEX.aspx")
- 'End If
ElseIf tempstr = "Error01" Then
regexval_txt_Pw.ForeColor = Drawing.Color.MediumVioletRed
VERAG_VARIABLES.seterrorcount(2)
@@ -259,11 +250,117 @@ Partial Class login_Change_PW
regexval_txt_Pw_WH_M.Validate()
confirmPasswordReq_M.Validate()
If confirmPasswordReq_M.IsValid Then
- btn_submitpw_M.Enabled = True
+ 'btn_submitpw_M.Enabled = True
Else
lbl_messagetext_M.ForeColor = Drawing.Color.Red
lbl_messagetext_M.Text = "Passwort stimmt nicht überein."
'btn_submitpw.Enabled = False
End If
End Sub
+
+ Protected Sub btn_submitpw_M_Click(sender As Object, e As EventArgs)
+ Dim tempstr As String = ""
+ Dim Msg, Style, Title As String
+
+ If String.IsNullOrEmpty(txt_Pw_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True Then
+ reqPasswtxt.Enabled = False
+ reqPasswtxt.Enabled = False
+ reqPasswtxt_M.Enabled = True
+ reqPassw1txt_M.Enabled = True
+ reqPasswtxt_M.Validate()
+ reqPassw1txt_M.Validate()
+ Dim ConnectionString = ""
+
+ If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+ VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
+ 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+ ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ Else
+ VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
+ ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
+ End If
+ Using con As New SqlConnection(ConnectionString)
+ ' Using cmd As New SqlCommand("Validate_User")
+ Using cmd As New SqlCommand("SELECT KundenNr,Username, Passwort FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
+ ' cmd.CommandType = CommandType.StoredProcedure
+ Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
+ Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
+ cmd.Parameters.AddWithValue("@Username", usrname)
+ cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+ cmd.Connection = con
+ con.Open()
+ ' userId = Convert.ToInt32(cmd.ExecuteScalar())
+ Dim dr As SqlDataReader = cmd.ExecuteReader()
+ If dr.HasRows Then
+ dr.Read()
+ If txt_Pw_M.Text = dr("Passwort") Or txt_Pw_WH_M.Text = dr("Passwort") Then
+ If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then
+ tempstr = txt_Pw_M.Text
+ End If
+ Else
+ lbl_messagetext_M.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
+ End If
+ End If
+ dr.Close()
+ End Using
+ con.Close()
+ End Using
+ Else
+ tempstr = "Error01"
+ End If
+ If txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw.Text) = True And tempstr = Not "Error01" Then
+ Try
+ Dim ConnectionString = ""
+ Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
+ Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
+ If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+ 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+ ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ Else
+ ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+ 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
+ End If
+ Using con As New SqlConnection(ConnectionString)
+ Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
+ ' cmd.CommandType = CommandType.StoredProcedure
+ cmd.Parameters.AddWithValue("@Username", usrname)
+ cmd.Parameters.AddWithValue("@Password", tempstr)
+ cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+ cmd.Connection = con
+ cmd.ExecuteNonQuery()
+ regexval_txt_Pw_M.ForeColor = Drawing.Color.Green
+ regexval_txt_Pw_M.Text = "Password has been changed successfully!"
+ End Using
+ End Using
+ Catch ex As Exception
+ lbl_messagetext_M.Text = ex.Message
+ End Try
+
+
+ 'MsgBox(Msg, Style, Title)
+
+ ' If MsgBox(Msg, Style, Title).Ok Then
+ 'Response.Redirect("login_FLEX.aspx")
+ 'End If
+ ElseIf tempstr = "Error01" Then
+ regexval_txt_Pw_M.ForeColor = Drawing.Color.MediumVioletRed
+ VERAG_VARIABLES.seterrorcount(2)
+ regexval_txt_Pw_M.Text = VERAG_VARIABLES.geterrornumb + "Password has not been changed successfully!"
+ ' Msg = "PW nicht erfolgreich geändert!"
+ ' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
+ ' Title = "Error"
+ 'MsgBox(Msg, Style, Title)
+ 'If MsgBox(Msg, Style, Title).Retry Then
+ 'Response.Redirect(Request.RawUrl)
+ 'ElseIf MsgBox(Msg, Style, Title).Abort Then
+ ' Response.Redirect("../newPageJulius_Sidebar.aspx")
+ 'ElseIf MsgBox(Msg, Style, Title).Ignore Then
+ ' Try
+
+ ' Catch ex As Exception
+
+ ' End Try
+ End If
+ End Sub
End Class
\ No newline at end of file