edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixen des Ablaufs. Alle true false werte werden nun richtig gesetzt bzw genauer überprüft.

Browse Source
This commit is contained in:
ja
2021-10-20 16:54:37 +02:00
parent 9321d027d5
commit ce25d42522
1 changed files with 126 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

246
login/ForgotPW.aspx.vb
View File

@@ -49,64 +49,47 @@ Partial Class ForgotPW
CustomerIDrequired.Enabled = True CustomerIDrequired.Enabled = True
valid_getNumberInput.Enabled = True valid_getNumberInput.Enabled = True
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ForeColor = Drawing.Color.Red
check_UserName_regex.ErrorMessage = "The Username is too long."
Else
username = txt_Username.Text
check_UserName_regex.ForeColor = Drawing.Color.Lime
check_UserName_regex.ErrorMessage = "Valid Username has been entered."
End If
Else
check_UserName_regex.ForeColor = Drawing.Color.Lime
check_UserName_regex.ErrorMessage = "A too long Username has been entered."
End If
valreqtxtEmail.Validate() valreqtxtEmail.Validate()
If valreqtxtEmail.IsValid = True Then
If valreqtxtEmail.IsValid = True Then
Boolemail_desktop_notempty = True
Boolemail_mobile_notempty = False
If Boolemail_desktop_notempty = True Then
regexval_txt_Email.Validate() regexval_txt_Email.Validate()
If regexval_txt_Email.IsValid = True Then If regexval_txt_Email.IsValid = False Then
Boolemail_desktop_regexdomain = True regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed
Boolemail_mobile_regexdomain = False regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match."
End If regexval_txt_Email_2.Validate()
regexval_txt_Email_2.Validate() If regexval_txt_Email_2.IsValid = True Then
If regexval_txt_Email_2.IsValid = True Then email = txtEmail.Text
Boolemail_desktop_regex = True regexval_txt_Email.ForeColor = Drawing.Color.Lime
Boolemail_mobile_regex = False regexval_txt_Email.ErrorMessage = "E-mail Address valid."
End If End If
If Boolemail_desktop_notempty = True AndAlso Boolemail_desktop_regexdomain = True AndAlso Boolemail_desktop_regex = True Then
email = txtEmail.Text
Else Else
regexval_txt_Email.IsValid = True regexval_txt_Email.Validate()
Boolemail_desktop_regex = True If valreqtxtEmail.IsValid = True Then
Boolemail_mobile_regex = False valreqtxtEmail.ForeColor = Drawing.Color.Lime
If Boolemail_desktop_regexdomain = True Then valreqtxtEmail.ErrorMessage = "E-mail Address valid."
email = txtEmail.Text email = txtEmail.Text
End If End If
End If End If
ElseIf valreqtxtEmail.IsValid = False Then
Boolemail_desktop_regexdomain = False
valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email.Validate()
Boolemail_desktop_regex = True
If Boolemail_desktop_regex = True AndAlso Boolemail_desktop_regexdomain = False Then
regexval_txt_Email_2.IsValid = True
email = txtEmail.Text
End If
End If End If
End If
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
Booluser_desktop_notempty = True
Booluser_mobile_notempty = False
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
Booluser_desktop_regex = True
Booluser_mobile_regex = False
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = True AndAlso Boolemail_desktop_notempty = True AndAlso Booluser_desktop_regex = True And Booluser_desktop_notempty = True AndAlso Booluser_mobile_regex = False Then
username = txt_Username.Text
End If
End If
End If
CustomerIDrequired.Validate() CustomerIDrequired.Validate()
If CustomerIDrequired.IsValid = True Then If CustomerIDrequired.IsValid = True Then
valid_getNumberInput.Validate() valid_getNumber_M_Input.Validate()
If valid_getNumberInput.IsValid = True Then If valid_getNumberInput.IsValid = True Then
customerID = txt_CustomerID.Text customerID = txt_CustomerID.Text
Else Else
@@ -117,10 +100,10 @@ Partial Class ForgotPW
valid_getNumberInput.ForeColor = Drawing.Color.Red valid_getNumberInput.ForeColor = Drawing.Color.Red
valid_getNumberInput.ErrorMessage = "Customer-ID is not given." valid_getNumberInput.ErrorMessage = "Customer-ID is not given."
End If End If
' MsgBox("3" + email + " " + username) ' MsgBox("3" + email + " " + username)
End If End If
'Mobil 'Mobil
If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then
valreqtxtusername.Enabled = False valreqtxtusername.Enabled = False
valreqtxtEmail.Enabled = False valreqtxtEmail.Enabled = False
regexval_txt_Email_2.Enabled = False regexval_txt_Email_2.Enabled = False
@@ -138,38 +121,59 @@ Partial Class ForgotPW
valreqtxtEmail_M.Validate() valreqtxtEmail_M.Validate()
If valreqtxtEmail_M.IsValid = True Then If valreqtxtEmail_M.IsValid = True Then
regexval_txt_Email_M.Validate() regexval_txt_Email.Validate()
If regexval_txt_Email_M.IsValid = False Then If regexval_txt_Email.IsValid = False Then
regexval_txt_Email_M.ErrorMessage = "Annotation: The Domain does not match." regexval_txt_Email.ForeColor = Drawing.Color.OrangeRed
regexval_txt_Email.ErrorMessage = "Annotation: The Domain does not match."
regexval_txt_Email.Validate() regexval_txt_Email.Validate()
If regexval_2_txt_Email_M.IsValid = True Then If regexval_2_txt_Email_M.IsValid = True Then
email = txtEmail_M.Text email = txtEmail_M.Text
regexval_txt_Email.ForeColor = Drawing.Color.Lime
regexval_txt_Email.ErrorMessage = "E-mail Address valid."
End If End If
Else Else
regexval_txt_Email.Validate() regexval_txt_Email.Validate()
If regexval_2_txt_Email_M.IsValid = True Then If regexval_2_txt_Email_M.IsValid = True Then
regexval_txt_Email.ForeColor = Drawing.Color.Lime
regexval_txt_Email.ErrorMessage = "E-mail Address valid."
email = txtEmail_M.Text email = txtEmail_M.Text
End If End If
End If End If
End If End If
CustomerID_M_required.Validate() CustomerID_M_required.Validate()
If CustomerID_M_required.IsValid = True Then If CustomerID_M_required.IsValid = True Then
valid_getNumber_M_Input.Validate() valid_getNumber_M_Input.Validate()
If valid_getNumber_M_Input.IsValid = True Then If valid_getNumber_M_Input.IsValid = True Then
customerID = txt_CustomerID.Text customerID = txt_CustomerID_M.Text
Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long."
End If
Else Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given." valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not numeric or too long."
End If End If
Else Else
valid_getNumber_M_Input.ForeColor = Drawing.Color.Red
valid_getNumber_M_Input.ErrorMessage = "Customer-ID is not given."
End If
valreqtxtusername_M.Validate()
If valreqtxtusername_M.IsValid = True Then
check_UserName_regex_M.Validate()
If check_UserName_regex_M.IsValid = False Then
check_UserName_regex_M.ForeColor = Drawing.Color.Red
check_UserName_regex_M.ErrorMessage = "The Username is too long."
Else
username = txt_Username_M.Text
check_UserName_regex_M.ForeColor = Drawing.Color.Lime
check_UserName_regex_M.ErrorMessage = "Valid Username has been entered."
End If
Else
check_UserName_regex_M.ForeColor = Drawing.Color.Lime
check_UserName_regex_M.ErrorMessage = "A too long Username has been entered."
End If
Else
'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08") 'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08")
lblMessage.ForeColor = Color.Red lblMessage.ForeColor = Color.Red
lblMessage.Text = "The form has not been filled completeley." lblMessage.Text = "Error 08. The form has not been filled completeley."
End If End If
'Erweiterte Degub Msg-Box 'Erweiterte Degub Msg-Box
@@ -186,66 +190,68 @@ Partial Class ForgotPW
End If End If
End If End If
Using con As New SqlConnection(ConnectionString) Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User") ' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email") Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
' cmd.CommandType = CommandType.StoredProcedure ' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username) cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con cmd.Parameters.AddWithValue("@Email", email)
con.Open() cmd.Parameters.AddWithValue("@CUSTOMERId", customerID)
'userId = Convert.ToInt32(cmd.ExecuteScalar()) cmd.Connection = con
Dim dr As SqlDataReader = cmd.ExecuteReader() con.Open()
If dr.Read() Then 'userId = Convert.ToInt32(cmd.ExecuteScalar())
username = dr("Username").ToString() Dim dr As SqlDataReader = cmd.ExecuteReader()
password = dr("Password").ToString() If dr.Read() Then
email = dr("Email").ToString() username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("UserId").ToString() customerID = dr("UserId").ToString()
Try Try
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
username = txt_Username.Text username = txt_Username.Text
ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
username = txt_Username_M.Text username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
check_UserName_regex_M.MatchTimeout = 3000 check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False check_UserName_regex_M.IsValid = False
ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then
check_UserName_regex.MatchTimeout = 3000 check_UserName_regex.MatchTimeout = 3000
check_UserName_regex.ErrorMessage = "No valid Username found in out database!" check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False check_UserName_regex.IsValid = False
End If End If
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail.Text email = txtEmail.Text
lblMessage.ForeColor = Color.Green lblMessage.ForeColor = Color.Green
lblMessage.Text = "The given e-mail exists in our database." lblMessage.Text = "The given e-mail exists in our database."
ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then ElseIf (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = False Then
email = txtEmail_M.Text email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database." lblMessage_M.Text = "The given e-mail exists in our database."
ElseIf String.IsNullOrEmpty(customerID) = True Then ElseIf String.IsNullOrEmpty(customerID) = True Then
lblMessage_M.ForeColor = Color.Red lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given User does not exist in our database." lblMessage_M.Text = "The given User does not exist in our database."
Else Else
lblMessage_M.ForeColor = Color.Red lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database." lblMessage_M.Text = "The given e-mail does not exist in our database."
End If End If
Catch ex As Exception Catch ex As Exception
Dim Msg, Style, Title As String Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!" Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1 Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!" Title = "Authentication error!"
'MsgBox(Msg, Style, Title) 'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then 'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty 'txtEmail.Text = String.Empty
'txtEmail.Focus() 'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then 'ElseIf MsgBox(Msg, Style, Title).No Then
'End If 'End If
End Try End Try
End If End If
End Using End Using
con.Close() con.Close()
End Using End Using
If Session.Item("TokenforEmail") = Nothing Then If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID) tokenname = genToken(username, password, email, customerID)