edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Weitere Absicherung gegen ScriptExploits

Browse Source
This commit is contained in:
ja
2021-09-22 11:22:06 +02:00
parent 71c8d5b798
commit efd26451ae
1 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
Customers/CustomsAviso.aspx.vb
View File

@@ -187,7 +187,7 @@ Partial Class Kundenbereich_Default
If rbt_Alle.Selected = True Or rbt_Alle_M.Selected = True Then
pickdate1.ValidateRequestMode = UI.ValidateRequestMode.Enabled
pickdate2.ValidateRequestMode = UI.ValidateRequestMode.Enabled
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {0, 1, 2, 3, 4, 5}, datevon, datebis, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {0, 1, 2, 3, 4, 5}, datevon, datebis, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
If pickdate1.Text = Nothing Or pickdate2.Text = Nothing Then
Dim erster = New Date(Now().Year, Now().Month, 1)
Dim ersterdat = erster.Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString
@@ -198,14 +198,14 @@ Partial Class Kundenbereich_Default
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
Else
Try
datevon = Date.Parse(pickdate1.Text)
datebis = Date.Parse(pickdate2.Text)
datevon = Date.Parse(Server.HtmlEncode(pickdate1.Text))
datebis = Date.Parse(Server.HtmlEncode(pickdate2.Text))
Catch ex As Exception
MsgBox(ex.StackTrace, MsgBoxStyle.Exclamation)
End Try
End If
ElseIf rbt_Erf.Selected = True Or rbt_Erf_M.Selected = True Then
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {0}, Nothing, Nothing, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {0}, Nothing, Nothing, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
ElseIf rbt_Freig.Selected = True Or rbt_Freig_M.Selected = True Then
pickdate1.ValidateRequestMode = UI.ValidateRequestMode.Enabled
pickdate2.ValidateRequestMode = UI.ValidateRequestMode.Enabled
@@ -219,21 +219,21 @@ Partial Class Kundenbereich_Default
pickdate2.Text = Date.Parse(Now().Day.ToString + "." + Now().Month.ToString + "." + Now().Year.ToString).ToString
Else
Try
datevon = Date.Parse(pickdate1.Text)
datevon = Date.Parse(Server.HtmlEncode(pickdate1.Text))
'MsgBox(pickdate1.Text)
datebis = Date.Parse(pickdate2.Text)
datebis = Date.Parse(Server.HtmlEncode(pickdate2.Text))
' MsgBox(pickdate2.Text)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {1}, datevon, datebis, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {1}, datevon, datebis, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
Catch ex As Exception
MsgBox(ex.StackTrace, MsgBoxStyle.Exclamation)
End Try
End If
ElseIf rbt_Ankunft.Selected = True Or rbt_Ankunft_M.Selected = True Then
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {3}, Nothing, Nothing, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {3}, Nothing, Nothing, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
ElseIf rbt_Vorb.Selected = True Or rbt_Vorb_M.Selected = True Then
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {4}, Nothing, Nothing, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {4}, Nothing, Nothing, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
ElseIf rbt_Vorg.Selected = True Or rbt_Vorg_M.Selected = True Then
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Art, Kdnrtext, {5}, Nothing, Nothing, Absender, Empfaenger, LKWNR, KDNAFNR)
dt = VERAG_PROG_ALLGEMEIN.cAviso.GET_KDLIST_WEB(Server.HtmlEncode(Art), Server.HtmlEncode(Kdnrtext), {5}, Nothing, Nothing, Server.HtmlEncode(Absender), Server.HtmlEncode(Empfaenger), Server.HtmlEncode(LKWNR), Server.HtmlEncode(KDNAFNR))
End If
If dt IsNot Nothing AndAlso Not dt.Rows.Count = 0 Then