edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen

Browse Source
This commit is contained in:
ja
2021-12-02 14:02:28 +01:00
parent 5929dbf53c
commit f597d6af74
1 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
login/Change_PW.aspx.vb
View File

@@ -233,10 +233,10 @@ Partial Class login_Change_PW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
Dim istokenDBhash As String = gensaltToken(UsernameDB, pwDB, EmailDB, Session.IsNewSession)
Dim isPasswhash As String = gensaltPassw(usrname, tempstr, Email, Session.IsNewSession)
Dim isPasswDBhash As String = gensaltPassw(UsernameDB, pwDB, EmailDB, Session.IsNewSession)
If regexval_txt_Pw.IsValid = True Then
If String.Equals(istokenhash, istokenDBhash) = False Then
If String.Equals(isPasswhash, isPasswDBhash) = False Then
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
' cmd.CommandType = CommandType.StoredProcedure
@@ -453,10 +453,10 @@ Partial Class login_Change_PW
End If
Using con As New SqlConnection(ConnectionString)
Dim istokenhash As String = gensaltToken(usrname, tempstr, Email, Session.IsNewSession)
Dim istokenDBhash As String = gensaltToken(usrnmDB, pwDB, EmailDB, Session.IsNewSession)
Dim isPasswhash As String = gensaltPassw(usrname, tempstr, Email, Session.IsNewSession)
Dim isPasswDBhash As String = gensaltPassw(usrnmDB, pwDB, EmailDB, Session.IsNewSession)
If regexval_txt_Pw.IsValid = True Then
If String.Equals(istokenhash, istokenDBhash, StringComparison.CurrentCulture) = False Then
If String.Equals(isPasswhash, isPasswDBhash, StringComparison.CurrentCulture) = False Then
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", usrname)
@@ -521,12 +521,11 @@ Partial Class login_Change_PW
End If
End If
End Sub
Function gensaltToken(username As String, password As String, email As String, isnewSession As Boolean) As String
Function gensaltPassw(username As String, password As String, email As String, isnewSession As Boolean) As String
If isnewSession = False Then
Dim token As String
If String.IsNullOrEmpty(username) = False AndAlso String.IsNullOrEmpty(email) = False Then
Dim intzahl = RandomInteger(Math.Pow(2, 6), Math.Pow(2, 8))
Dim intzahl2 = RandomInteger(Math.Pow(2, 6), Math.Pow(2, 8))
Dim Rand As Random = New Random
If String.IsNullOrEmpty(password) = False Then
Try
@@ -535,6 +534,7 @@ Partial Class login_Change_PW
token = VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(VERAG_VARIABLES.HashPassword(tok, salt, 1991, intzahl))
Return token
Catch Ex As Exception
Dim intzahl2 = RandomInteger(Math.Pow(2, 6), Math.Pow(2, 8))
'Dim Msg, Style, Title As String
'Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given."
'Style = vbRetry + vbExclamation + vbDefaultButton1
@@ -552,6 +552,7 @@ Partial Class login_Change_PW
Return String.Empty
End If
End If
Return String.Empty
Else
Return "Error in Session ID. It has changed. Please check admin!"
End If
@@ -563,5 +564,4 @@ Partial Class login_Change_PW
rand.GetBytes(one_byte)
Return min + (max - min) * (one_byte(0) / 255)
End Function
End Class