diff --git a/login/Change_PW.aspx.vb b/login/Change_PW.aspx.vb
index a5fccdf..8a572e3 100644
--- a/login/Change_PW.aspx.vb
+++ b/login/Change_PW.aspx.vb
@@ -21,12 +21,12 @@ Partial Class login_Change_PW
 
         Using con As New SqlConnection(ConnectionString)
             ' Using cmd As New SqlCommand("Validate_User")
-            Using cmd As New SqlCommand("SELECT KundenNr,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
+            Using cmd As New SqlCommand("SELECT UserId,Username FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
                 ' cmd.CommandType = CommandType.StoredProcedure
                 Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
                 Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
                 cmd.Parameters.AddWithValue("@Username", usrname)
-                cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                cmd.Parameters.AddWithValue("@UserId", UsrID)
                 cmd.Connection = con
                 con.Open()
                 ' userId = Convert.ToInt32(cmd.ExecuteScalar())
@@ -34,7 +34,7 @@ Partial Class login_Change_PW
                 If dr.HasRows Then
                     dr.Read()
                     If String.IsNullOrEmpty(usrname) = False Then
-                        If getDateoftoken(Request.QueryString("Par1")) = True AndAlso usrname = dr("Username") AndAlso UsrID = dr("KundenNr") Then
+                        If getDateoftoken(Request.QueryString("Par1")) = True AndAlso usrname = dr("Username") AndAlso UsrID = dr("UserId") Then
                             Try
 
                                 If IsPostBack Then
@@ -160,19 +160,19 @@ Partial Class login_Change_PW
             If reqPassw1txt.IsValid = True Then
                 Using con As New SqlConnection(ConnectionString)
                     ' Using cmd As New SqlCommand("Validate_User")
-                    Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
+                    Using cmd As New SqlCommand("SELECT UserId,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
                         ' cmd.CommandType = CommandType.StoredProcedure
                         Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2"))
                         Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3"))
                         cmd.Parameters.AddWithValue("@Username", usrname)
-                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                        cmd.Parameters.AddWithValue("@UserId", UsrID)
                         cmd.Connection = con
                         con.Open()
                         ' userId = Convert.ToInt32(cmd.ExecuteScalar())
                         Dim dr As SqlDataReader = cmd.ExecuteReader()
                         If dr.HasRows Then
                             dr.Read()
-                            If String.Compare(txt_Pw.Text, dr("Password").ToString) = -1 Or String.Compare(txt_Pw_WH.Text, dr("Password").ToString) = -1 Then
+                            If String.Equals(txt_Pw.Text, dr("Password").ToString) = False Or String.Equals(txt_Pw_WH.Text, dr("Password").ToString) = False Then
                                 tempstr = txt_Pw.Text
                             Else
                                 lbl_messagetext.Text = "Die gewählten Passwörter dürfen nicht dem alten entsprechen!"
@@ -191,7 +191,7 @@ Partial Class login_Change_PW
             tempstr = "Error01"
         End If
 
-        If String.Compare(txt_Pw.Text, tempstr) = 1 AndAlso String.Compare(txt_Pw_WH.Text, tempstr) = 1 AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And String.Compare(tempstr, "Error01") = -1 Then
+        If String.Equals(txt_Pw.Text, tempstr, StringComparison.CurrentCulture) = True AndAlso String.Equals(txt_Pw_WH.Text, tempstr, StringComparison.CurrentCulture) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And String.Equals(tempstr, "Error01", StringComparison.CurrentCulture) = False Then
 
 
             txt_Pw_WH_M.Enabled = False
@@ -219,15 +219,20 @@ Partial Class login_Change_PW
                 If reqPassw1txt_M.IsValid = True Then
                     If String.Equals(txt_Pw_WH.Text, tempstr) = True AndAlso String.Equals(txt_Pw.Text, tempstr) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = True And String.IsNullOrEmpty(txt_Pw_WH_M.Text) = True And String.Equals(tempstr, "Error01") = False Then
                         Using con As New SqlConnection(ConnectionString)
-                            con.Open()
-                            Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [KundenNr]=@KundenNr")
+
+                            Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
                                 ' cmd.CommandType = CommandType.StoredProcedure
                                 cmd.Parameters.AddWithValue("@Username", usrname)
                                 cmd.Parameters.AddWithValue("@Password", txt_Pw_WH.Text)
-                                cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                                cmd.Parameters.AddWithValue("@UserId", UsrID)
                                 cmd.Connection = con
-                                If String.Equals(usrname, VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")), CompareMethod.Text) = True Then
+                                con.Open()
+                                If String.IsNullOrEmpty(usrname) = False Then
                                     cmd.ExecuteNonQuery()
+                                    btn_submitpw.Visible = True
+                                Else
+                                    VERAG_VARIABLES.seterrorcount(25)
+                                    lbl_messagetext.Text = VERAG_VARIABLES.geterrornumb() + "Fehler bei der Behebung des Passwortwechsels."
                                 End If
                             End Using
                             con.Close()
@@ -337,19 +342,19 @@ Partial Class login_Change_PW
                 End If
                 Using con As New SqlConnection(ConnectionString)
                     ' Using cmd As New SqlCommand("Validate_User")
-                    Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND KundenNr=@KundenNr")
+                    Using cmd As New SqlCommand("SELECT UserId,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND UserId=@UserId")
                         ' cmd.CommandType = CommandType.StoredProcedure
                         Dim usrname As String = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")).ToString
                         Dim UsrID As String = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")).ToString
                         cmd.Parameters.AddWithValue("@Username", usrname)
-                        cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                        cmd.Parameters.AddWithValue("@UserId", UsrID)
                         cmd.Connection = con
                         con.Open()
                         ' userId = Convert.ToInt32(cmd.ExecuteScalar())
                         Dim dr As SqlDataReader = cmd.ExecuteReader()
                         If dr.HasRows Then
                             dr.Read()
-                            If String.Equals(txt_Pw_M.Text, dr("Password").ToString) = False Or String.Equals(txt_Pw_WH_M.Text, dr("Password").ToString) = False Then
+                            If String.Equals(txt_Pw_M.Text, dr("Password").ToString, StringComparison.CurrentCulture) = False Or String.Equals(txt_Pw_WH_M.Text, dr("Password").ToString, StringComparison.CurrentCulture) = False Then
                                 tempstr = txt_Pw_M.Text
                             Else
                                 lbl_messagetext_M.ForeColor = Drawing.Color.Red
@@ -377,11 +382,11 @@ Partial Class login_Change_PW
                     End If
                     Using con As New SqlConnection(ConnectionString)
 
-                        Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND KundenNr=@KundenNr")
+                        Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
                             ' cmd.CommandType = CommandType.StoredProcedure
                             cmd.Parameters.AddWithValue("@Username", usrname)
                             cmd.Parameters.AddWithValue("@Password", txt_Pw_WH_M.Text)
-                            cmd.Parameters.AddWithValue("@KundenNr", UsrID)
+                            cmd.Parameters.AddWithValue("@UserId", UsrID)
                             cmd.Connection = con
                             con.Open()
                             If String.Equals(usrname, VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt("Par2"), CompareMethod.Text) = True Then
diff --git a/login/ForgotPW.aspx b/login/ForgotPW.aspx
index e214e0c..8f7d45d 100644
--- a/login/ForgotPW.aspx
+++ b/login/ForgotPW.aspx
@@ -316,11 +316,16 @@
                 <tr style="color:#003680; height:38px;">
                 <td align="right" colspan="2">                    
                 <asp:Label ID="lblMessage" runat="server"/>
-                    <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="val-desk" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{4,10}"></asp:RegularExpressionValidator>
+                    <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="val-desk" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{1,10}"></asp:RegularExpressionValidator>
                     <asp:RegularExpressionValidator ID="check_UserName_regex" ErrorMessage="The Username don't meet the requirements. Try again." ControlToValidate="txt_Username" ValidationGroup="val-desk" runat="server" Display="Dynamic" SetFocusOnError="false" ForeColor="Red" ValidationExpression="([a-zA-Z1-9]{4,30})"></asp:RegularExpressionValidator>
                     <asp:RegularExpressionValidator ControlToValidate="txtEmail" runat="server" ID="regexval_txt_Email_2" ValidationGroup="val-desk" ValidationExpression="[\w\.]{0,2}\@[\w]+(?:\.[\w]{3}|\.[\w]{2}\.[\w]{2}|\.[\w]{2})\b" Display="Dynamic" ForeColor="Red" ErrorMessage="Die Zeichenfolge stimmt nicht mit den Kriterien einer E-Mail überein" SetFocusOnError="true"></asp:RegularExpressionValidator>    
                     <asp:RegularExpressionValidator ControlToValidate="txtEmail" runat="server" ID="regexval_txt_Email" ValidationGroup="val-desk" ValidationExpression="[\w\.]{0,2}\@(\bverag.ag\b)" Display="Dynamic" SetFocusOnError="true" style="font-size:1em" ErrorMessage="Die Zeichenfolge stimmt nicht mit den Kriterien der Domäne überein" ForeColor="Red"></asp:RegularExpressionValidator>
                 </td></tr>  
+                <tr>
+                    <td>
+                        <asp:Button Text="back" ID="btn_BACKafterlogin" style="background-color:#003680;color:#fff;visibility:hidden" runat="server" /> 
+                    </td>
+                </tr>
                                 </table>
                 </div>
                  <!--Smartphone-Bildschirme-->   
@@ -358,7 +363,7 @@
                 <tr style="color:#003680; height:50px;">
                 <td align="right" colspan="2">                    
                 <asp:Label ID="lblMessage_M" Font-Size="24px" runat="server" />
-                    <asp:RegularExpressionValidator ID="valid_getNumber_M_Input" ControlToValidate="txt_CustomerID_M" ValidationGroup="val-mobil" ForeColor="Red" Font-Size="24px" runat="server" style="margin-left:22px;" Display="Dynamic" SetFocusOnError="false" ValidationExpression="[0-9]{4,10}" ErrorMessage="The Customer-ID is not valid."></asp:RegularExpressionValidator>
+                    <asp:RegularExpressionValidator ID="valid_getNumber_M_Input" ControlToValidate="txt_CustomerID_M" ValidationGroup="val-mobil" ForeColor="Red" Font-Size="24px" runat="server" style="margin-left:22px;" Display="Dynamic" SetFocusOnError="false" ValidationExpression="[0-9]{1,10}" ErrorMessage="The Customer-ID is not valid."></asp:RegularExpressionValidator>
                     <asp:RegularExpressionValidator ControlToValidate="txtEmail_M" ForeColor="Red" Font-Size="24px"  runat="server" ID="regexval_2_txt_Email_M" ValidationGroup="val-mobil" ValidationExpression="[\w\.]+\@[\w]+(?:\.[\w]{3}|\.[\w]{2}\.[\w]{2}|\.[\w]{2})\b" Display="Dynamic" ErrorMessage="Die Zeichenfolge stimmt nicht mit den Kriterien einer E-Mail überein" SetFocusOnError="true"></asp:RegularExpressionValidator>
                     <asp:RegularExpressionValidator ControlToValidate="txtEmail_M" ForeColor="Red" Font-Size="24px" runat="server" ID="regexval_txt_Email_M" ValidationGroup="val-mobil" ValidationExpression="[a-zA-Z]{2}\@(\bverag.ag\b)" Display="Dynamic" ErrorMessage="" SetFocusOnError="true"></asp:RegularExpressionValidator>
                     <asp:RegularExpressionValidator ID="check_UserName_regex_M" ForeColor="Red" Font-Size="24px" ErrorMessage="Try again. The Username don't meet the rquirements." ControlToValidate="txt_Username_M" ValidationGroup="val-mobil" runat="server" Display="Dynamic" SetFocusOnError="true" ValidationExpression="([a-zA-Z1-9]{4,30})"></asp:RegularExpressionValidator>
diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb
index db21e27..9789865 100644
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -113,7 +113,7 @@ Partial Class ForgotPW
 
                 Using con As New SqlConnection(ConnectionString)
                     ' Using cmd As New SqlCommand("Validate_User")
-                    Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND KundenNr=@CUSTOMERId")
+                    Using cmd As New SqlCommand("SELECT Username,Password,Email,UserId FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Email=@Email AND UserId=@CUSTOMERId")
                         ' cmd.CommandType = CommandType.StoredProcedure
                         cmd.Parameters.AddWithValue("@Username", username)
                         cmd.Parameters.AddWithValue("@Email", email)
@@ -126,7 +126,7 @@ Partial Class ForgotPW
                             username = dr("Username").ToString()
                             password = dr("Password").ToString()
                             email = dr("Email").ToString()
-                            customerID = dr("KundenNr").ToString()
+                            customerID = dr("UserId").ToString()
 
                             Try
                                 If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = False Then
@@ -150,25 +150,25 @@ Partial Class ForgotPW
                                 ElseIf String.IsNullOrEmpty(email) = True Then
                                     lblMessage_M.ForeColor = Color.Red
                                     isemailright = False
-                                    lblMessage_M.Text = "The given User does not exist in our database."
+                                    lblMessage_M.Text = "The given Email does not exist in our database."
                                 Else
                                     lblMessage_M.ForeColor = Color.Red
                                     isemailright = False
                                     lblMessage_M.Text = "The given e-mail does not exist in our database."
                                 End If
-                                If (txt_CustomerID.Text = dr("KundenNr").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID_M.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
+                                If (txt_CustomerID.Text = dr("UserId").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID_M.Text) = True) And String.IsNullOrEmpty(customerID) = False Then
                                     email = txtEmail.Text
                                     lblMessage.ForeColor = Color.Green
                                     isCustomeridright = True
-                                    lblMessage.Text = "The given Customer-ID exists in our database."
+                                    lblMessage.Text = "The given UserId exists in our database."
                                 ElseIf String.IsNullOrEmpty(customerID) = True Then
                                     lblMessage_M.ForeColor = Color.Red
                                     isCustomeridright = False
-                                    lblMessage_M.Text = "The given Customer-ID does not exist in our database."
+                                    lblMessage_M.Text = "The given User-ID does not exist in our database."
                                 Else
                                     lblMessage_M.ForeColor = Color.Red
                                     isCustomeridright = False
-                                    lblMessage_M.Text = "The given Customer-ID does not exist in our database."
+                                    lblMessage_M.Text = "The given User-ID does not exist in our database."
                                 End If
                             Catch ex As Exception
                                 Dim Msg, Style, Title As String
diff --git a/login/login_FLEX.aspx b/login/login_FLEX.aspx
index ac65030..45c6916 100644
--- a/login/login_FLEX.aspx
+++ b/login/login_FLEX.aspx
@@ -312,7 +312,7 @@
                                       <td align="center" style="color:Red;" colspan="2">
                                            <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
                                            <asp:RegularExpressionValidator ID="check_UserName_regex" ControlToValidate="UserName" Font-Size="17px" ForeColor="Red" ValidationGroup="Login" runat="server" Display="Dynamic" SetFocusOnError="true" ErrorMessage="Username does not meet the requirements." ValidationExpression="^([a-zA-Z1-9]{4,30})$"></asp:RegularExpressionValidator>
-                                           <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="Login" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{4,10}"></asp:RegularExpressionValidator>
+                                           <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" style="font-size:17px" ForeColor="Red" ValidationGroup="Login" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{1,10}"></asp:RegularExpressionValidator>
                                       </td>
                                  </tr>                                          
                                 </table>
diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb
index 3001a2b..2e4eb24 100644
--- a/login/login_FLEX.aspx.vb
+++ b/login/login_FLEX.aspx.vb
@@ -187,6 +187,16 @@ Partial Class login_FLEX
                 dr.Close()
                 con.Close()
             End Using
+            Using cmd2 As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [LastLoginDate]=@Date WHERE [Username]=@Username AND [UserId]=@UserId AND Password=@Password")
+                cmd2.Parameters.AddWithValue("Date", Date.Now.ToString)
+                cmd2.Parameters.AddWithValue("Username", UserNaMe)
+                cmd2.Parameters.AddWithValue("UserID", Customer_ID)
+                cmd2.Parameters.AddWithValue("Password", passw)
+                cmd2.Connection = con
+                con.Open()
+                cmd2.ExecuteNonQuery()
+                con.Close()
+            End Using
         End Using
         If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then
             FormsAuthentication.SetAuthCookie(Login1.UserName, cb_M.Checked)