From ce1c15e144a4b2fdb084d906b18379cb64f7a74b Mon Sep 17 00:00:00 2001
From: ja <ja@verag.ag>
Date: Wed, 20 Oct 2021 10:38:41 +0200
Subject: [PATCH] Implementierung der Validatoren

---
 login/ForgotPW.aspx    |  12 ++---
 login/ForgotPW.aspx.vb | 111 ++++++++++++++++++++++++++---------------
 2 files changed, 78 insertions(+), 45 deletions(-)

diff --git a/login/ForgotPW.aspx b/login/ForgotPW.aspx
index c7da485..50e1515 100644
--- a/login/ForgotPW.aspx
+++ b/login/ForgotPW.aspx
@@ -273,9 +273,9 @@
             <h2 style="margin-left:94px; margin-top:-4px">Fill in your data here:</h2>
                                              </td></tr>
                <tr><td>
-               <asp:TextBox ID="CustomerID" CssClass="bg-UID-icon" runat="server" required="true" ValidationGroup="val-desk" Width="265" Placeholder="Customer-ID" style="" Font-Size="1.125em"></asp:TextBox>                                             
-                            <asp:RequiredFieldValidator ID="CustomerIDrequired" runat="server" ControlToValidate="CustomerID" ForeColor="Red" SetFocusOnError="true" ValidationGroup="val-desk" ErrorMessage="Please enter the Customer-ID."></asp:RequiredFieldValidator>                                      
-                                            <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="val-desk" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{4,10}"></asp:RegularExpressionValidator>
+               <asp:TextBox ID="txt_CustomerID" CssClass="bg-UID-icon" runat="server" required="true" ValidationGroup="val-desk" Width="265" Placeholder="Customer-ID" style="" Font-Size="1.125em"></asp:TextBox>                                             
+                            <asp:RequiredFieldValidator ID="CustomerIDrequired" runat="server" ControlToValidate="txt_CustomerID" ForeColor="Red" SetFocusOnError="true" ValidationGroup="val-desk" ErrorMessage="Please enter the Customer-ID."></asp:RequiredFieldValidator>                                      
+                             <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="val-desk" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{4,10}"></asp:RegularExpressionValidator>
                     </td></tr>
                 <tr style="color:#003680; height:30px;">                                 
                     <td align="left" colspan="2">  
@@ -315,9 +315,9 @@
                    </td></tr>                
               <tr style="color:#003680;height:40px;">                                
                      <td align="left" colspan="2">  
-                         <asp:TextBox ID="CustomerID_M" CssClass="bg-UID-icon" runat="server" required="true" ValidationGroup="val-mobil" Width="325" Placeholder="Customer-ID" Font-Size="2.025em" style="margin:0 21px auto 22px"></asp:TextBox>                                             
-                         <asp:RequiredFieldValidator ID="CustomerID_M_required" runat="server" ControlToValidate="CustomerID_M" SetFocusOnError="false" ForeColor="Red" Font-Size="24px" style="margin-left:22px;" ValidationGroup="val-mobil" ErrorMessage="Please enter the Customer-ID."></asp:RequiredFieldValidator>                                      
-                         <asp:RegularExpressionValidator ID="valid_getNumber_M_Input" ControlToValidate="CustomerID_M" ValidationGroup="val-mobil" ForeColor="Red" Font-Size="24px" runat="server" style="margin-left:22px;" Display="Dynamic" SetFocusOnError="false" ValidationExpression="[0-9]{4,10}" ErrorMessage="The Customer-ID is not valid."></asp:RegularExpressionValidator>
+                         <asp:TextBox ID="txt_CustomerID_M" CssClass="bg-UID-icon" runat="server" required="true" ValidationGroup="val-mobil" Width="325" Placeholder="Customer-ID" Font-Size="2.025em" style="margin:0 21px auto 22px"></asp:TextBox>                                             
+                         <asp:RequiredFieldValidator ID="CustomerID_M_required" runat="server" ControlToValidate="txt_CustomerID_M" SetFocusOnError="false" ForeColor="Red" Font-Size="24px" style="margin-left:22px;" ValidationGroup="val-mobil" ErrorMessage="Please enter the Customer-ID."></asp:RequiredFieldValidator>                                      
+                         <asp:RegularExpressionValidator ID="valid_getNumber_M_Input" ControlToValidate="txt_CustomerID_M" ValidationGroup="val-mobil" ForeColor="Red" Font-Size="24px" runat="server" style="margin-left:22px;" Display="Dynamic" SetFocusOnError="false" ValidationExpression="[0-9]{4,10}" ErrorMessage="The Customer-ID is not valid."></asp:RegularExpressionValidator>
                          </td></tr>
                 <tr style="color:#003680; height:40px;">                                 
                     <td align="left" colspan="2">  
diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb
index 6699e86..a29c669 100644
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -19,7 +19,7 @@ Partial Class ForgotPW
             Dim password As String = String.Empty
             Dim email As String = String.Empty
             Dim tokenname As String = String.Empty
-            Dim userID As String = String.Empty
+            Dim customerID As String = String.Empty
 
             Dim Booluser_desktop_notempty As Boolean = False
             Dim Booluser_desktop_regex As Boolean = False
@@ -33,7 +33,7 @@ Partial Class ForgotPW
             Dim Boolemail_mobile_regexdomain As Boolean = False
             Dim Boolemail_mobile_regex As Boolean = False
 
-            If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then
+            If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txt_CustomerID_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = False Then
                 regexval_2_txt_Email_M.Enabled = False
                 valreqtxtEmail_M.Enabled = False
                 valreqtxtusername_M.Enabled = False
@@ -41,6 +41,12 @@ Partial Class ForgotPW
                 valreqtxtEmail.Enabled = True
                 regexval_txt_Email_2.Enabled = True
                 regexval_txt_Email.Enabled = True
+                check_UserName_regex.Enabled = True
+                check_UserName_regex_M.Enabled = False
+                CustomerID_M_required.Enabled = False
+                CustomerIDrequired.Enabled = True
+                valid_getNumberInput.Enabled = True
+                valid_getNumber_M_Input.Enabled = False
 
                 valreqtxtEmail.Validate()
 
@@ -96,16 +102,31 @@ Partial Class ForgotPW
                         End If
                     End If
                 End If
+                CustomerIDrequired.Validate()
+                If CustomerIDrequired.IsValid = True Then
+                    valid_getNumberInput.Validate()
+                    If valid_getNumberInput.IsValid = True Then
+                        customerID = txt_CustomerID.Text
+                    Else
+                        valid_getNumberInput.ForeColor = Drawing.Color.Red
+                        valid_getNumberInput.ErrorMessage = "Customer-ID is not numeric or too long."
+                    End If
+                Else
+                    valid_getNumberInput.ForeColor = Drawing.Color.Red
+                    valid_getNumberInput.ErrorMessage = "Customer-ID is not given."
+                End If
                 ' MsgBox("3" + email + " " + username)
             End If
             'Mobil
-            If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True Then
+            If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then
                 valreqtxtEmail_M.Enabled = True
                 regexval_2_txt_Email_M.Enabled = True
                 valreqtxtusername_M.Enabled = True
                 regexval_txt_Email.Enabled = False
                 regexval_txt_Email_2.Enabled = False
                 valreqtxtusername.Enabled = False
+                valid_getNumberInput.Enabled = False
+                valid_getNumber_M_Input.Enabled = True
 
                 valreqtxtEmail_M.Validate()
 
@@ -144,38 +165,50 @@ Partial Class ForgotPW
                         End If
                     End If
                 End If
-                    valreqtxtusername_M.Validate()
-                    If valreqtxtusername_M.IsValid = True Then
-                        Booluser_mobile_notempty = True
-                        Booluser_desktop_notempty = False
+                valreqtxtusername_M.Validate()
+                If valreqtxtusername_M.IsValid = True Then
+                    Booluser_mobile_notempty = True
+                    Booluser_desktop_notempty = False
+                    check_UserName_regex_M.Validate()
+                    If check_UserName_regex_M.IsValid = False Then
+                        check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements."
+                    Else
+                        Booluser_desktop_regex = False
+                        Booluser_mobile_regex = True
                         check_UserName_regex_M.Validate()
-                        If check_UserName_regex_M.IsValid = False Then
-                            check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements."
-                        Else
-                            Booluser_desktop_regex = False
-                            Booluser_mobile_regex = True
-                            check_UserName_regex_M.Validate()
-                            If check_UserName_regex_M.IsValid = True AndAlso Booluser_mobile_regex = True AndAlso Booluser_desktop_regex = False Then
-                                username = txt_Username_M.Text
-                            End If
+                        If check_UserName_regex_M.IsValid = True AndAlso Booluser_mobile_regex = True AndAlso Booluser_desktop_regex = False Then
+                            username = txt_Username_M.Text
                         End If
                     End If
-
+                End If
+                CustomerID_M_required.Validate()
+                If CustomerID_M_required.IsValid = True Then
+                    valid_getNumber_M_Input.Validate()
+                    If valid_getNumber_M_Input.IsValid = True Then
+                        customerID = txt_CustomerID.Text
+                    Else
+                        valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
+                        valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long."
+                    End If
+                Else
+                    valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
+                    valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given."
+                End If
 
                 'Erweiterte Degub Msg-Box
                 'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
-                If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(userID) = True Then
-                        If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
-                            VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
-                            'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
-                            ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                        Else
-                            VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
-                            ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
-                            'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
-                        End If
+                If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(customerID) = False Then
+                    If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
+                        VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
+                        'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
+                        ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                    Else
+                        VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
+                        ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
+                        'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
                     End If
-                    Using con As New SqlConnection(ConnectionString)
+                End If
+                Using con As New SqlConnection(ConnectionString)
                     ' Using cmd As New SqlCommand("Validate_User")
                     Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email")
                         ' cmd.CommandType = CommandType.StoredProcedure
@@ -188,14 +221,14 @@ Partial Class ForgotPW
                             username = dr("Username").ToString()
                             password = dr("Password").ToString()
                             email = dr("Email").ToString()
-                            userID = VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(dr("KundenNr").ToString())
+                            customerID = VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(dr("KundenNr").ToString())
                             Try
-                                If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
+                                If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
                                     username = txt_Username.Text
 
-                                ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
+                                ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
                                     username = txt_Username_M.Text
-                                ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
+                                ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
                                     check_UserName_regex_M.MatchTimeout = 3000
                                     check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
                                     check_UserName_regex_M.IsValid = False
@@ -204,15 +237,15 @@ Partial Class ForgotPW
                                     check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
                                     check_UserName_regex.IsValid = False
                                 End If
-                                If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
+                                If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
                                     email = txtEmail.Text
                                     lblMessage.ForeColor = Color.Green
                                     lblMessage.Text = "The given e-mail exists in our database."
-                                ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
+                                ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
                                     email = txtEmail_M.Text
                                     lblMessage_M.ForeColor = Color.Green
                                     lblMessage_M.Text = "The given e-mail exists in our database."
-                                ElseIf String.IsNullOrEmpty(userID) = True Then
+                                ElseIf String.IsNullOrEmpty(customerID) = True Then
                                     lblMessage_M.ForeColor = Color.Red
                                     lblMessage_M.Text = "The given User does not exist in our database."
                                 Else
@@ -237,14 +270,14 @@ Partial Class ForgotPW
                     con.Close()
                 End Using
                 If Session.Item("TokenforEmail") = Nothing Then
-                    tokenname = genToken(username, password, email, userID)
+                    tokenname = genToken(username, password, email, customerID)
                     Session.Add("TokenforEmail", tokenname)
                     Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
                 Else
                     tokenname = Session.Item("TokenforEmail")
                 End If
 
-                If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = True Then
+                If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = True Then
                     'password = RandomString(New Random, 10)
                     If (getDateoftoken(tokenname) = True) Then
                         'Dim msgboxstyle = vbDefaultButton1 + vbOK
@@ -258,7 +291,7 @@ Partial Class ForgotPW
                         'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
 
                         If Session.Item("TokenforEmail") = Nothing Then
-                            tokenname = genToken(username, password, email, userID)
+                            tokenname = genToken(username, password, email, customerID)
                             Session.Add("TokenforEmail", tokenname)
                         Else
                             tokenname = Session.Item("TokenforEmail")
@@ -268,7 +301,7 @@ Partial Class ForgotPW
                     'MsgBox("Mail would be sent successfully!")
                     lblMessage.ForeColor = Color.Green
                     lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address."
-                ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = False Then
+                ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = False Then
                     'MsgBox("Mail would not be sent successfully!")
                     lblMessage.ForeColor = Color.Red
                     If String.IsNullOrWhiteSpace(username) = True Then