edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixen des Ablaufs. Alle true false werte werden nun richtig gesetzt bzw genauer überprüft.

Browse Source
This commit is contained in:
ja
2021-10-20 16:54:37 +02:00
parent 9321d027d5
commit ce25d42522
1 changed files with 126 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

246
login/ForgotPW.aspx.vb
View File

@@ -49,64 +49,47 @@ Partial Class ForgotPW
CustomerIDrequired.Enabled = True
valid_getNumberInput.Enabled = True
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ForeColor = Drawing.Color.Red
check_UserName_regex.ErrorMessage = "The Username is too long."
Else
username = txt_Username.Text
check_UserName_regex.ForeColor = Drawing.Color.Lime
check_UserName_regex.ErrorMessage = "Valid Username has been entered."
End If
Else
check_UserName_regex.ForeColor = Drawing.Color.Lime
check_UserName_regex.ErrorMessage = "A too long Username has been entered."
End If
valreqtxtEmail.Validate()
If valreqtxtEmail.IsValid = True Then
Boolemail_desktop_notempty = True
Boolemail_mobile_notempty = False
If Boolemail_desktop_notempty = True Then
If valreqtxtEmail.IsValid = True Then
regexval_txt_Email.Validate()
If regexval_txt_Email.IsValid = True Then
Boolemail_desktop_regexdomain = True
Boolemail_mobile_regexdomain = False
End If
regexval_txt_Email_2.Validate()
If regexval_txt_Email_2.IsValid = True Then
Boolemail_desktop_regex = True
Boolemail_mobile_regex = False
End If
If Boolemail_desktop_notempty = True AndAlso Boolemail_desktop_regexdomain = True AndAlso Boolemail_desktop_regex = True Then
email = txtEmail.Text
If regexval_txt_Email.IsValid = False Then
regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed
regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match."
regexval_txt_Email_2.Validate()
If regexval_txt_Email_2.IsValid = True Then
email = txtEmail.Text
regexval_txt_Email.ForeColor = Drawing.Color.Lime
regexval_txt_Email.ErrorMessage = "E-mail Address valid."
End If
Else
regexval_txt_Email.IsValid = True
Boolemail_desktop_regex = True
Boolemail_mobile_regex = False
If Boolemail_desktop_regexdomain = True Then
regexval_txt_Email.Validate()
If valreqtxtEmail.IsValid = True Then
valreqtxtEmail.ForeColor = Drawing.Color.Lime
valreqtxtEmail.ErrorMessage = "E-mail Address valid."
email = txtEmail.Text
End If
End If
ElseIf valreqtxtEmail.IsValid = False Then
Boolemail_desktop_regexdomain = False
valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email.Validate()
Boolemail_desktop_regex = True
If Boolemail_desktop_regex = True AndAlso Boolemail_desktop_regexdomain = False Then
regexval_txt_Email_2.IsValid = True
email = txtEmail.Text
End If
End If
End If
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
Booluser_desktop_notempty = True
Booluser_mobile_notempty = False
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
Booluser_desktop_regex = True
Booluser_mobile_regex = False
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = True AndAlso Boolemail_desktop_notempty = True AndAlso Booluser_desktop_regex = True And Booluser_desktop_notempty = True AndAlso Booluser_mobile_regex = False Then
username = txt_Username.Text
End If
End If
End If
CustomerIDrequired.Validate()
If CustomerIDrequired.IsValid = True Then
valid_getNumberInput.Validate()
valid_getNumber_M_Input.Validate()
If valid_getNumberInput.IsValid = True Then
customerID = txt_CustomerID.Text
Else
@@ -117,10 +100,10 @@ Partial Class ForgotPW
valid_getNumberInput.ForeColor = Drawing.Color.Red
valid_getNumberInput.ErrorMessage = "Customer-ID is not given."
End If
' MsgBox("3" + email + " " + username)
End If
'Mobil
If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then
' MsgBox("3" + email + " " + username)
End If
'Mobil
If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then
valreqtxtusername.Enabled = False
valreqtxtEmail.Enabled = False
regexval_txt_Email_2.Enabled = False
@@ -138,38 +121,59 @@ Partial Class ForgotPW
valreqtxtEmail_M.Validate()
If valreqtxtEmail_M.IsValid = True Then
regexval_txt_Email_M.Validate()
If regexval_txt_Email_M.IsValid = False Then
regexval_txt_Email_M.ErrorMessage = "Annotation: The Domain does not match."
regexval_txt_Email.Validate()
If regexval_txt_Email.IsValid = False Then
regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed
regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match."
regexval_txt_Email.Validate()
If regexval_2_txt_Email_M.IsValid = True Then
email = txtEmail_M.Text
regexval_txt_Email.ForeColor = Drawing.Color.Lime
regexval_txt_Email.ErrorMessage = "E-mail Address valid."
End If
Else
regexval_txt_Email.Validate()
If regexval_2_txt_Email_M.IsValid = True Then
regexval_txt_Email.ForeColor = Drawing.Color.Lime
regexval_txt_Email.ErrorMessage = "E-mail Address valid."
email = txtEmail_M.Text
End If
End If
End If
CustomerID_M_required.Validate()
If CustomerID_M_required.IsValid = True Then
valid_getNumber_M_Input.Validate()
If valid_getNumber_M_Input.IsValid = True Then
customerID = txt_CustomerID.Text
Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long."
End If
If CustomerID_M_required.IsValid = True Then
valid_getNumber_M_Input.Validate()
If valid_getNumber_M_Input.IsValid = True Then
customerID = txt_CustomerID_M.Text
Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given."
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long."
End If
Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given."
End If
valreqtxtusername_M.Validate()
If valreqtxtusername_M.IsValid = True Then
check_UserName_regex_M.Validate()
If check_UserName_regex_M.IsValid = False Then
check_UserName_regex_M.ForeColor = Drawing.Color.Red
check_UserName_regex_M.ErrorMessage = "The Username is too long."
Else
username = txt_Username_M.Text
check_UserName_regex_M.ForeColor = Drawing.Color.Lime
check_UserName_regex_M.ErrorMessage = "Valid Username has been entered."
End If
Else
check_UserName_regex_M.ForeColor = Drawing.Color.Lime
check_UserName_regex_M.ErrorMessage = "A too long Username has been entered."
End If
Else
'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "The form has not been filled completeley."
lblMessage.Text = "Error 08. The form has not been filled completeley."
End If
'Erweiterte Degub Msg-Box
@@ -186,66 +190,68 @@ Partial Class ForgotPW
End If
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Parameters.AddWithValue("@Email", email)
cmd.Parameters.AddWithValue("@CUSTOMERId", customerID)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("UserId").ToString()
Try
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
username = txt_Username.Text
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
username = txt_Username.Text
ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then
check_UserName_regex.MatchTimeout = 3000
check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False
End If
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail.Text
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The given e-mail exists in our database."
ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
ElseIf String.IsNullOrEmpty(customerID) = True Then
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given User does not exist in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
End If
ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then
check_UserName_regex.MatchTimeout = 3000
check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False
End If
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail.Text
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The given e-mail exists in our database."
ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
ElseIf String.IsNullOrEmpty(customerID) = True Then
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given User does not exist in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty
'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then
'End If
End Try
End If
End Using
con.Close()
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty
'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then
'End If
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID)