From ce25d4252270d55dc460807d9ffcecccf867899c Mon Sep 17 00:00:00 2001 From: ja Date: Wed, 20 Oct 2021 16:54:37 +0200 Subject: [PATCH] =?UTF-8?q?Fixen=20des=20Ablaufs.=20Alle=20true=20false=20?= =?UTF-8?q?werte=20werden=20nun=20richtig=20gesetzt=20bzw=20genauer=20?= =?UTF-8?q?=C3=BCberpr=C3=BCft.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- login/ForgotPW.aspx.vb | 246 +++++++++++++++++++++-------------------- 1 file changed, 126 insertions(+), 120 deletions(-) diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index 98bf563..45bec8a 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -49,64 +49,47 @@ Partial Class ForgotPW CustomerIDrequired.Enabled = True valid_getNumberInput.Enabled = True + valreqtxtusername.Validate() + If valreqtxtusername.IsValid = True Then + check_UserName_regex.Validate() + If check_UserName_regex.IsValid = False Then + check_UserName_regex.ForeColor = Drawing.Color.Red + check_UserName_regex.ErrorMessage = "The Username is too long." + Else + username = txt_Username.Text + check_UserName_regex.ForeColor = Drawing.Color.Lime + check_UserName_regex.ErrorMessage = "Valid Username has been entered." + End If + Else + check_UserName_regex.ForeColor = Drawing.Color.Lime + check_UserName_regex.ErrorMessage = "A too long Username has been entered." + End If valreqtxtEmail.Validate() - - If valreqtxtEmail.IsValid = True Then - Boolemail_desktop_notempty = True - Boolemail_mobile_notempty = False - - If Boolemail_desktop_notempty = True Then + If valreqtxtEmail.IsValid = True Then regexval_txt_Email.Validate() - If regexval_txt_Email.IsValid = True Then - Boolemail_desktop_regexdomain = True - Boolemail_mobile_regexdomain = False - End If - regexval_txt_Email_2.Validate() - If regexval_txt_Email_2.IsValid = True Then - Boolemail_desktop_regex = True - Boolemail_mobile_regex = False - End If - If Boolemail_desktop_notempty = True AndAlso Boolemail_desktop_regexdomain = True AndAlso Boolemail_desktop_regex = True Then - email = txtEmail.Text + If regexval_txt_Email.IsValid = False Then + regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed + regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match." + regexval_txt_Email_2.Validate() + If regexval_txt_Email_2.IsValid = True Then + email = txtEmail.Text + regexval_txt_Email.ForeColor = Drawing.Color.Lime + regexval_txt_Email.ErrorMessage = "E-mail Address valid." + End If Else - regexval_txt_Email.IsValid = True - Boolemail_desktop_regex = True - Boolemail_mobile_regex = False - If Boolemail_desktop_regexdomain = True Then + regexval_txt_Email.Validate() + If valreqtxtEmail.IsValid = True Then + valreqtxtEmail.ForeColor = Drawing.Color.Lime + valreqtxtEmail.ErrorMessage = "E-mail Address valid." email = txtEmail.Text End If End If - ElseIf valreqtxtEmail.IsValid = False Then - Boolemail_desktop_regexdomain = False - valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain." - regexval_txt_Email.Validate() - Boolemail_desktop_regex = True - If Boolemail_desktop_regex = True AndAlso Boolemail_desktop_regexdomain = False Then - regexval_txt_Email_2.IsValid = True - email = txtEmail.Text - End If End If - End If - valreqtxtusername.Validate() - If valreqtxtusername.IsValid = True Then - Booluser_desktop_notempty = True - Booluser_mobile_notempty = False - check_UserName_regex.Validate() - If check_UserName_regex.IsValid = False Then - check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements." - Else - Booluser_desktop_regex = True - Booluser_mobile_regex = False - check_UserName_regex.Validate() - If check_UserName_regex.IsValid = True AndAlso Boolemail_desktop_notempty = True AndAlso Booluser_desktop_regex = True And Booluser_desktop_notempty = True AndAlso Booluser_mobile_regex = False Then - username = txt_Username.Text - End If - End If - End If + CustomerIDrequired.Validate() If CustomerIDrequired.IsValid = True Then - valid_getNumberInput.Validate() + valid_getNumber_M_Input.Validate() If valid_getNumberInput.IsValid = True Then customerID = txt_CustomerID.Text Else @@ -117,10 +100,10 @@ Partial Class ForgotPW valid_getNumberInput.ForeColor = Drawing.Color.Red valid_getNumberInput.ErrorMessage = "Customer-ID is not given." End If - ' MsgBox("3" + email + " " + username) - End If - 'Mobil - If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then + ' MsgBox("3" + email + " " + username) + End If + 'Mobil + If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then valreqtxtusername.Enabled = False valreqtxtEmail.Enabled = False regexval_txt_Email_2.Enabled = False @@ -138,38 +121,59 @@ Partial Class ForgotPW valreqtxtEmail_M.Validate() If valreqtxtEmail_M.IsValid = True Then - regexval_txt_Email_M.Validate() - If regexval_txt_Email_M.IsValid = False Then - regexval_txt_Email_M.ErrorMessage = "Annotation: The Domain does not match." + regexval_txt_Email.Validate() + If regexval_txt_Email.IsValid = False Then + regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed + regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match." regexval_txt_Email.Validate() If regexval_2_txt_Email_M.IsValid = True Then email = txtEmail_M.Text + regexval_txt_Email.ForeColor = Drawing.Color.Lime + regexval_txt_Email.ErrorMessage = "E-mail Address valid." End If Else regexval_txt_Email.Validate() If regexval_2_txt_Email_M.IsValid = True Then + regexval_txt_Email.ForeColor = Drawing.Color.Lime + regexval_txt_Email.ErrorMessage = "E-mail Address valid." email = txtEmail_M.Text End If End If End If CustomerID_M_required.Validate() - If CustomerID_M_required.IsValid = True Then - valid_getNumber_M_Input.Validate() - If valid_getNumber_M_Input.IsValid = True Then - customerID = txt_CustomerID.Text - Else - valid_getNumber_M_Input.ForeColor = Drawing.Color.Red - valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long." - End If + If CustomerID_M_required.IsValid = True Then + valid_getNumber_M_Input.Validate() + If valid_getNumber_M_Input.IsValid = True Then + customerID = txt_CustomerID_M.Text Else valid_getNumber_M_Input.ForeColor = Drawing.Color.Red - valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given." + valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long." End If Else + valid_getNumber_M_Input.ForeColor = Drawing.Color.Red + valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given." + End If + + valreqtxtusername_M.Validate() + If valreqtxtusername_M.IsValid = True Then + check_UserName_regex_M.Validate() + If check_UserName_regex_M.IsValid = False Then + check_UserName_regex_M.ForeColor = Drawing.Color.Red + check_UserName_regex_M.ErrorMessage = "The Username is too long." + Else + username = txt_Username_M.Text + check_UserName_regex_M.ForeColor = Drawing.Color.Lime + check_UserName_regex_M.ErrorMessage = "Valid Username has been entered." + End If + Else + check_UserName_regex_M.ForeColor = Drawing.Color.Lime + check_UserName_regex_M.ErrorMessage = "A too long Username has been entered." + End If + Else 'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08") lblMessage.ForeColor = Color.Red - lblMessage.Text = "The form has not been filled completeley." + lblMessage.Text = "Error 08. The form has not been filled completeley." End If 'Erweiterte Degub Msg-Box @@ -186,66 +190,68 @@ Partial Class ForgotPW End If End If Using con As New SqlConnection(ConnectionString) - ' Using cmd As New SqlCommand("Validate_User") - Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email") - ' cmd.CommandType = CommandType.StoredProcedure - cmd.Parameters.AddWithValue("@Username", username) - cmd.Connection = con - con.Open() - 'userId = Convert.ToInt32(cmd.ExecuteScalar()) - Dim dr As SqlDataReader = cmd.ExecuteReader() - If dr.Read() Then - username = dr("Username").ToString() - password = dr("Password").ToString() - email = dr("Email").ToString() + ' Using cmd As New SqlCommand("Validate_User") + Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId") + ' cmd.CommandType = CommandType.StoredProcedure + cmd.Parameters.AddWithValue("@Username", username) + cmd.Parameters.AddWithValue("@Email", email) + cmd.Parameters.AddWithValue("@CUSTOMERId", customerID) + cmd.Connection = con + con.Open() + 'userId = Convert.ToInt32(cmd.ExecuteScalar()) + Dim dr As SqlDataReader = cmd.ExecuteReader() + If dr.Read() Then + username = dr("Username").ToString() + password = dr("Password").ToString() + email = dr("Email").ToString() customerID = dr("UserId").ToString() Try - If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then - username = txt_Username.Text + If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then + username = txt_Username.Text - ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then - username = txt_Username_M.Text - ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then - check_UserName_regex_M.MatchTimeout = 3000 - check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" - check_UserName_regex_M.IsValid = False - ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then - check_UserName_regex.MatchTimeout = 3000 - check_UserName_regex.ErrorMessage = "No valid Username found in out database!" - check_UserName_regex.IsValid = False - End If - If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then - email = txtEmail.Text - lblMessage.ForeColor = Color.Green - lblMessage.Text = "The given e-mail exists in our database." - ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then - email = txtEmail_M.Text - lblMessage_M.ForeColor = Color.Green - lblMessage_M.Text = "The given e-mail exists in our database." - ElseIf String.IsNullOrEmpty(customerID) = True Then - lblMessage_M.ForeColor = Color.Red - lblMessage_M.Text = "The given User does not exist in our database." - Else - lblMessage_M.ForeColor = Color.Red - lblMessage_M.Text = "The given e-mail does not exist in our database." - End If + ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then + username = txt_Username_M.Text + ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then + check_UserName_regex_M.MatchTimeout = 3000 + check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" + check_UserName_regex_M.IsValid = False + ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then + check_UserName_regex.MatchTimeout = 3000 + check_UserName_regex.ErrorMessage = "No valid Username found in out database!" + check_UserName_regex.IsValid = False + End If + If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then + email = txtEmail.Text + lblMessage.ForeColor = Color.Green + lblMessage.Text = "The given e-mail exists in our database." + ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then + email = txtEmail_M.Text + lblMessage_M.ForeColor = Color.Green + lblMessage_M.Text = "The given e-mail exists in our database." + ElseIf String.IsNullOrEmpty(customerID) = True Then + lblMessage_M.ForeColor = Color.Red + lblMessage_M.Text = "The given User does not exist in our database." + Else + lblMessage_M.ForeColor = Color.Red + lblMessage_M.Text = "The given e-mail does not exist in our database." + End If - Catch ex As Exception - Dim Msg, Style, Title As String - Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!" - Style = vbRetry + vbExclamation + vbDefaultButton1 - Title = "Authentication error!" - 'MsgBox(Msg, Style, Title) - 'If MsgBox(Msg, Style, Title).Yes Then - 'txtEmail.Text = String.Empty - 'txtEmail.Focus() - 'ElseIf MsgBox(Msg, Style, Title).No Then - 'End If - End Try - End If - End Using - con.Close() + Catch ex As Exception + Dim Msg, Style, Title As String + Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!" + Style = vbRetry + vbExclamation + vbDefaultButton1 + Title = "Authentication error!" + 'MsgBox(Msg, Style, Title) + 'If MsgBox(Msg, Style, Title).Yes Then + 'txtEmail.Text = String.Empty + 'txtEmail.Focus() + 'ElseIf MsgBox(Msg, Style, Title).No Then + 'End If + End Try + End If + End Using + con.Close() End Using If Session.Item("TokenforEmail") = Nothing Then tokenname = genToken(username, password, email, customerID)