edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen Validierungen und GUI-Anpassungen

Browse Source
This commit is contained in:
ja
2021-11-12 11:41:41 +01:00
parent d5dcfcc523
commit cc413a81b6
3 changed files with 202 additions and 161 deletions
Download Patch File Download Diff File Expand all files Collapse all files

329
login/Change_PW.aspx.vb
View File

@@ -33,15 +33,34 @@ Partial Class login_Change_PW
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) = usrname AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3") = UsrID) Then
If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then
If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing Then
If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) = dr("Username") AndAlso VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) = dr("KundenNr") Then
Try
txt_Pw_WH.Enabled = True
txt_Pw.Enabled = True
regexval_txt_Pw_WH.Enabled = True
If IsPostBack Then
reqPasswtxt.Validate()
reqPassw1txt.Validate()
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH.Enabled = False
reqPassw1txt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
ElseIf String.IsNullOrEmpty(txt_Pw_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = False Then
txt_Pw_WH_M.Enabled = False
reqPasswtxt.Enabled = False
reqPassw1txt.Enabled = False
reqPassw1txt_M.Enabled = True
reqPasswtxt_M.Enabled = True
reqPasswtxt_M.Validate()
If reqPasswtxt_M.IsValid = True Then
txt_Pw_WH_M.Enabled = True
reqPassw1txt_M.Validate()
End If
End If
End If
Catch exc As Exception
lbl_messagetext.Text = exc.Message
@@ -69,29 +88,6 @@ Partial Class login_Change_PW
End Using
End Sub
Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Pw_WH.Validate()
confirmPasswordReq.Validate()
If confirmPasswordReq.IsValid Then
' btn_submitpw.Enabled = True
Else
lbl_messagetext.ForeColor = Drawing.Color.Red
lbl_messagetext.Text = "Passwort stimmt nicht überein."
'btn_submitpw.Enabled = False
End If
End Sub
Protected Sub txt_Pw_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Pw.Validate()
If regexval_txt_Pw.IsValid Then
txt_Pw_WH.ReadOnly = False
regexval_txt_Pw_WH.Enabled = True
Else
txt_Pw_WH.ReadOnly = True
regexval_txt_Pw_WH.Enabled = False
End If
End Sub
Function getDateoftoken(tokenname As String) As Boolean
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname))
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
@@ -130,12 +126,19 @@ Partial Class login_Change_PW
Dim Msg, Style, Title As String
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True Then
reqPasswtxt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
reqPassw1txt.Validate()
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH.Enabled = False
reqPassw1txt_M.Enabled = False
reqPasswtxt_M.Enabled = False
reqPasswtxt.Enabled = True
reqPassw1txt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
End If
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
@@ -147,38 +150,54 @@ Partial Class login_Change_PW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username, Passwort FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If txt_Pw.Text = dr("Passwort") Or txt_Pw_WH.Text = dr("Passwort") Then
If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then
If reqPassw1txt.IsValid = True Then
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If txt_Pw.Text = Not dr("Password") Or txt_Pw_WH.Text = Not dr("Password") Then
tempstr = txt_Pw.Text
Else
lbl_messagetext.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
End If
Else
lbl_messagetext.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
End If
End If
dr.Close()
End Using
con.Close()
End Using
con.Close()
End Using
Else
VERAG_VARIABLES.seterrorcount(22)
lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb + "Error in Passwort Validation."
End If
Else
tempstr = "Error01"
tempstr = "Error01"
End If
If txt_Pw.Text = tempstr And txt_Pw_WH.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And tempstr = Not "Error01" Then
If String.IsNullOrEmpty(txt_Pw.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = False Then
txt_Pw_WH_M.Enabled = False
reqPasswtxt.Enabled = False
reqPassw1txt.Enabled = False
reqPassw1txt.Enabled = True
reqPasswtxt.Enabled = True
reqPasswtxt.Validate()
If reqPasswtxt.IsValid = True Then
txt_Pw_WH.Enabled = True
reqPassw1txt.Validate()
End If
End If
Try
Dim ConnectionString = ""
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
@@ -190,16 +209,21 @@ Partial Class login_Change_PW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@Password", tempstr)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
cmd.ExecuteNonQuery()
If reqPassw1txt_M.IsValid = True Then
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@Password", tempstr)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
cmd.ExecuteNonQuery()
End Using
End Using
End Using
Else
VERAG_VARIABLES.seterrorcount(22)
lbl_messagetext_M.Text = VERAG_VARIABLES.geterrornumb() + "Error mit der Validierung des Kennwortes."
End If
Catch ex As Exception
lbl_messagetext.Text = ex.Message
End Try
@@ -209,11 +233,9 @@ Partial Class login_Change_PW
regexval_txt_Pw.ForeColor = Drawing.Color.Green
regexval_txt_Pw.Text = "Password has been changed successfully!"
'MsgBox(Msg, Style, Title)
' If MsgBox(Msg, Style, Title).Ok Then
'Response.Redirect("login_FLEX.aspx")
'End If
ElseIf tempstr = "Error01" Then
regexval_txt_Pw.ForeColor = Drawing.Color.MediumVioletRed
VERAG_VARIABLES.seterrorcount(2)
@@ -228,12 +250,32 @@ Partial Class login_Change_PW
' Response.Redirect("../newPageJulius_Sidebar.aspx")
'ElseIf MsgBox(Msg, Style, Title).Ignore Then
' Try
' Catch ex As Exception
' End Try
End If
End Sub
Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Pw_WH.Validate()
confirmPasswordReq.Validate()
If confirmPasswordReq.IsValid Then
' btn_submitpw.Enabled = True
Else
lbl_messagetext.ForeColor = Drawing.Color.Red
lbl_messagetext.Text = "Passwort stimmt nicht überein."
'btn_submitpw.Enabled = False
End If
End Sub
Protected Sub txt_Pw_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Pw.Validate()
If regexval_txt_Pw.IsValid Then
txt_Pw_WH.ReadOnly = False
regexval_txt_Pw_WH.Enabled = True
Else
txt_Pw_WH.ReadOnly = True
regexval_txt_Pw_WH.Enabled = False
End If
End Sub
Protected Sub txt_Pw_M_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Pw_M.Validate()
@@ -261,7 +303,7 @@ Partial Class login_Change_PW
Protected Sub btn_submitpw_M_Click(sender As Object, e As EventArgs)
Dim tempstr As String = ""
Dim Msg, Style, Title As String
Dim ConnectionString = ""
If String.IsNullOrEmpty(txt_Pw_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = False AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True Then
reqPasswtxt.Enabled = False
reqPasswtxt.Enabled = False
@@ -269,98 +311,97 @@ Partial Class login_Change_PW
reqPassw1txt_M.Enabled = True
reqPasswtxt_M.Validate()
reqPassw1txt_M.Validate()
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username, Passwort FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If txt_Pw_M.Text = dr("Passwort") Or txt_Pw_WH_M.Text = dr("Passwort") Then
If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then
tempstr = txt_Pw_M.Text
End If
Else
lbl_messagetext_M.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
End If
End If
dr.Close()
End Using
con.Close()
End Using
Else
tempstr = "Error01"
End If
If txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw.Text) = True And tempstr = Not "Error01" Then
Try
Dim ConnectionString = ""
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
If reqPasswtxt_M.IsValid = True AndAlso reqPassw1txt_M.IsValid = True Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username, Passwort FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@Password", tempstr)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
cmd.ExecuteNonQuery()
regexval_txt_Pw_M.ForeColor = Drawing.Color.Green
regexval_txt_Pw_M.Text = "Password has been changed successfully!"
con.Open()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows Then
dr.Read()
If txt_Pw_M.Text = Not dr("Passwort") Or txt_Pw_WH_M.Text = Not dr("Passwort") Then
tempstr = txt_Pw_M.Text
Else
lbl_messagetext_M.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
End If
End If
dr.Close()
End Using
con.Close()
End Using
Catch ex As Exception
lbl_messagetext_M.Text = ex.Message
End Try
Else
tempstr = "Error01"
End If
If txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso String.IsNullOrEmpty(txt_Pw.Text) = True And String.IsNullOrEmpty(txt_Pw_WH.Text) = True And tempstr = Not "Error01" Then
Try
ConnectionString = ""
Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2"))
Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", usrname)
cmd.Parameters.AddWithValue("@Password", tempstr)
cmd.Parameters.AddWithValue("@KundenNr", UsrID)
cmd.Connection = con
cmd.ExecuteNonQuery()
regexval_txt_Pw_M.ForeColor = Drawing.Color.Green
regexval_txt_Pw_M.Text = "Password has been changed successfully!"
End Using
End Using
Catch ex As Exception
lbl_messagetext_M.Text = ex.Message
End Try
'MsgBox(Msg, Style, Title)
'MsgBox(Msg, Style, Title)
' If MsgBox(Msg, Style, Title).Ok Then
'Response.Redirect("login_FLEX.aspx")
'End If
ElseIf tempstr = "Error01" Then
regexval_txt_Pw_M.ForeColor = Drawing.Color.MediumVioletRed
VERAG_VARIABLES.seterrorcount(2)
regexval_txt_Pw_M.Text = VERAG_VARIABLES.geterrornumb + "Password has not been changed successfully!"
' Msg = "PW nicht erfolgreich geändert!"
' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
' Title = "Error"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Retry Then
'Response.Redirect(Request.RawUrl)
'ElseIf MsgBox(Msg, Style, Title).Abort Then
' Response.Redirect("../newPageJulius_Sidebar.aspx")
'ElseIf MsgBox(Msg, Style, Title).Ignore Then
' Try
' If MsgBox(Msg, Style, Title).Ok Then
'Response.Redirect("login_FLEX.aspx")
'End If
ElseIf tempstr = "Error01" Then
regexval_txt_Pw_M.ForeColor = Drawing.Color.MediumVioletRed
VERAG_VARIABLES.seterrorcount(2)
regexval_txt_Pw_M.Text = VERAG_VARIABLES.geterrornumb + "Password has not been changed successfully!"
' Msg = "PW nicht erfolgreich geändert!"
' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1
' Title = "Error"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Retry Then
'Response.Redirect(Request.RawUrl)
'ElseIf MsgBox(Msg, Style, Title).Abort Then
' Response.Redirect("../newPageJulius_Sidebar.aspx")
'ElseIf MsgBox(Msg, Style, Title).Ignore Then
' Try
' Catch ex As Exception
' Catch ex As Exception
' End Try
' End Try
End If
End If
End Sub
End Class