edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mobil funktioniert wieder.

Browse Source
This commit is contained in:
ja
2021-10-21 15:11:20 +02:00
parent 495fec5870
commit d336d2d3c6
2 changed files with 228 additions and 208 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
login/ForgotPW.aspx.vb
View File

@@ -91,7 +91,7 @@ Partial Class ForgotPW
'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
If String.IsNullOrEmpty(email) = True And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = True And String.IsNullOrEmpty(customerID) = True Then
If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(customerID) = False Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
@@ -101,7 +101,7 @@ Partial Class ForgotPW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
@@ -155,6 +155,7 @@ Partial Class ForgotPW
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID)
Session.Add("TokenforEmail", tokenname)
@@ -200,6 +201,10 @@ Partial Class ForgotPW
lblMessage.Text = "An internal password searching error occured in our systems ."
End If
End If
Else
lblMessage.ForeColor = Drawing.Color.Red
lblMessage.Text = "ErrorCode10: Error with Database or the connection." + Environment.NewLine + "Please contact the admin."
End If
Catch Exc As Exception
lblMessage.ForeColor = Drawing.Color.Red
lblMessage.Text = "Error08: No input found." + Environment.NewLine + Exc.Message
@@ -285,7 +290,7 @@ Partial Class ForgotPW
'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
If String.IsNullOrEmpty(email) = True And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = True And String.IsNullOrEmpty(customerID) = True Then
If String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
@@ -295,7 +300,7 @@ Partial Class ForgotPW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
@@ -312,44 +317,56 @@ Partial Class ForgotPW
password = dr("Password").ToString()
email = dr("Email").ToString()
customerID = dr("UserId").ToString()
Try
If txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = Not True Then
username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then
check_UserName_regex_M.MatchTimeout = 3000
If (txt_CustomerID_M.Text = dr("userId").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then
customerID = txt_CustomerID_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given Customer-ID exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
lblMessage_M.Text = "The given Customer-ID does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Customer-ID validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
Try
If (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
ElseIf String.IsNullOrEmpty(customerID) = True Then
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given User does not exist in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
lblMessage_M.Text = "The given E-Mail does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty
'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then
'End If
End Try
Try
If (txt_Username_M.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then
username = txt_Username_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given Username exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given Username does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "Username validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, customerID)
Session.Add("TokenforEmail", tokenname)
@@ -396,23 +413,16 @@ Partial Class ForgotPW
lblMessage_M.Text = "An internal password searching error occured in our systems ."
End If
End If
Else
lblMessage_M.ForeColor = Drawing.Color.Red
lblMessage_M.Text = "ErrorCode10: Error with Database or the connection." + Environment.NewLine + "Please contact the admin."
End If
Catch Exc As Exception
lblMessage.ForeColor = Drawing.Color.Red
lblMessage_M.ForeColor = Drawing.Color.Red
lblMessage_M.Text = "Error08: No input found." + Environment.NewLine + Exc.Message
End Try
End Sub
'Function RandomString(r As Random, max As Integer) As String
'Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
'Dim sb As New StringBuilder
'Dim cnt As Integer = r.Next(4, max)
'For i As Integer = 1 To cnt
'Dim idx As Integer = r.Next(0, s.Length)
' sb.Append(s.Substring(idx, 1))
'Next
'Return sb.ToString()
'End Function
Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
@@ -423,7 +433,7 @@ Partial Class ForgotPW
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
MsgBox(getdomianenvironment)
'MsgBox(getdomianenvironment)
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
@@ -436,7 +446,7 @@ Partial Class ForgotPW
htmlbody = String.Format("Dear {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "</a>" + Environment.NewLine + "<br /><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
MsgBox(getdomianenvironment)
'MsgBox(getdomianenvironment)
ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email
@@ -465,7 +475,7 @@ Partial Class ForgotPW
If getDateoftoken(tokenname) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
If String.IsNullOrEmpty(mailto) = True AndAlso String.IsNullOrEmpty(Betreff) = True AndAlso String.IsNullOrEmpty(htmlbody) = True Then
If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")
@@ -487,7 +497,7 @@ Partial Class ForgotPW
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname)
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Return True
End If
Catch ex As Exception
@@ -495,6 +505,7 @@ Partial Class ForgotPW
End Try
Return True
End Function
Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
@@ -546,15 +557,15 @@ Partial Class ForgotPW
If getDateoftoken(tokenname) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
If String.IsNullOrEmpty(mailto) = True AndAlso String.IsNullOrEmpty(Betreff) = True AndAlso String.IsNullOrEmpty(htmlbody) = True Then
If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")
lblMessage_M.ForeColor = Color.OrangeRed
lblMessage_M.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!"
lblMessage.ForeColor = Color.OrangeRed
lblMessage.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!"
End If
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox."
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox."
'MsgBox("SENT")
Return True
Else
@@ -577,7 +588,7 @@ Partial Class ForgotPW
Return True
End Function
Function genToken(username As String, password As String, email As String, UserID As String) As String
Function genToken(username As String, password As String, email As String, CustomerID As String) As String
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
@@ -594,7 +605,7 @@ Partial Class ForgotPW
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
If SendEmail(username, password, email, token, UserID) = True Then
If SendEmail(username, password, email, token, CustomerID) = True Then
'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
Else
'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!")
@@ -607,7 +618,7 @@ Partial Class ForgotPW
If jetzt < wenn Then
Return "NotYet"
Else
token = genToken(username, password, email, UserID)
token = genToken(username, password, email, CustomerID)
Return token
'End If
End If
@@ -636,5 +647,14 @@ Partial Class ForgotPW
End If
End Function
'Function RandomString(r As Random, max As Integer) As String
'Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
'Dim sb As New StringBuilder
'Dim cnt As Integer = r.Next(4, max)
'For i As Integer = 1 To cnt
'Dim idx As Integer = r.Next(0, s.Length)
' sb.Append(s.Substring(idx, 1))
'Next
'Return sb.ToString()
'End Function
End Class