diff --git a/Global.asax b/Global.asax index a6f9f55..645eb6c 100644 --- a/Global.asax +++ b/Global.asax @@ -41,7 +41,7 @@ // Hinweis: Das Ereignis "Session_End" wird nur ausgelöst, wenn der Modus "sessionstate" // in der Datei "Web.config" auf "InProc" festgelegt ist. Wenn der Sitzungsmodus auf "StateServer" // oder "SQLServer" festgelegt ist, wird das Ereignis nicht ausgelöst. - FormsAuthentication.SignOut(); + Session.Remove("TokenforEmail"); diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index bb0f3c5..fbfa8ed 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -21,7 +21,9 @@ Partial Class ForgotPW Dim email As String = String.Empty Dim tokenname As String = String.Empty Dim customerID As String = String.Empty - + Dim isusrnmright As Boolean = False + Dim isCustomeridright As Boolean = False + Dim isemailright As Boolean = False If String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False And String.IsNullOrEmpty(txt_CustomerID.Text) = False And String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txt_CustomerID_M.Text) = True Then valreqtxtusername.Enabled = True valreqtxtEmail.Enabled = True @@ -78,8 +80,10 @@ Partial Class ForgotPW If check_UserName_regex.IsValid = False Then check_UserName_regex.ForeColor = Drawing.Color.Red check_UserName_regex.ErrorMessage = "The Username is too long." + isusrnmright = False Else username = txt_Username.Text + isusrnmright = True check_UserName_regex.ForeColor = Drawing.Color.Lime check_UserName_regex.ErrorMessage = "Valid Username has been entered." End If @@ -123,20 +127,29 @@ Partial Class ForgotPW Try If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(customerID) = True Then username = txt_Username.Text + isusrnmright = True ElseIf String.IsNullOrEmpty(txt_Username.Text) = True Then check_UserName_regex.MatchTimeout = 3000 check_UserName_regex.ErrorMessage = "No valid Username found in out database!" - check_UserName_regex.IsValid = True + isusrnmright = False + Try + check_UserName_regex.Validate() + Catch + isusrnmright = False + End Try End If If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then email = txtEmail.Text lblMessage.ForeColor = Color.Green + isemailright = True lblMessage.Text = "The given e-mail exists in our database." ElseIf String.IsNullOrEmpty(customerID) = True Then lblMessage_M.ForeColor = Color.Red + isemailright = False lblMessage_M.Text = "The given User does not exist in our database." Else lblMessage_M.ForeColor = Color.Red + isemailright = False lblMessage_M.Text = "The given e-mail does not exist in our database." End If @@ -158,14 +171,14 @@ Partial Class ForgotPW End Using If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, customerID) + tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright) Session.Add("TokenforEmail", tokenname) Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) Else tokenname = Session.Item("TokenforEmail") End If - If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = True Then + If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusrnmright, isCustomeridright, isemailright) = True Then 'password = RandomString(New Random, 10) If (getDateoftoken(tokenname) = True) Then 'Dim msgboxstyle = vbDefaultButton1 + vbOK @@ -179,7 +192,7 @@ Partial Class ForgotPW 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, customerID) + tokenname = genToken(username, password, email, customerID, isusrnmright, isCustomeridright, isemailright) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail") @@ -189,7 +202,7 @@ Partial Class ForgotPW 'MsgBox("Mail would be sent successfully!") lblMessage.ForeColor = Color.Green lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address." - ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = True Then + ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusrnmright, isCustomeridright, isemailright) = True Then 'MsgBox("Mail would not be sent successfully!") lblMessage.ForeColor = Color.Red If String.IsNullOrWhiteSpace(username) = True Then @@ -219,7 +232,9 @@ Partial Class ForgotPW Dim email As String = String.Empty Dim tokenname As String = String.Empty Dim customerID As String = String.Empty - + Dim isusernameright As Boolean = False + Dim isuserIDright As Boolean = False + Dim isuserEmailright As Boolean = False 'Mobil If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txt_CustomerID_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txt_CustomerID.Text) = True Then valreqtxtusername.Enabled = False @@ -322,10 +337,13 @@ Partial Class ForgotPW If (txt_CustomerID_M.Text = dr("userId").ToString() AndAlso String.IsNullOrEmpty(txt_CustomerID.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then customerID = txt_CustomerID_M.Text lblMessage_M.ForeColor = Color.Green + isuserIDright = True lblMessage_M.Text = "The given Customer-ID exists in our database." Else lblMessage_M.ForeColor = Color.Red + isuserIDright = False lblMessage_M.Text = "The given Customer-ID does not exist in our database." + Return End If Catch ex As Exception Dim Msg, Style, Title As String @@ -336,11 +354,14 @@ Partial Class ForgotPW Try If (txtEmail_M.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then email = txtEmail_M.Text + isuserEmailright = True lblMessage_M.ForeColor = Color.Green lblMessage_M.Text = "The given e-mail exists in our database." Else lblMessage_M.ForeColor = Color.Red + isuserEmailright = False lblMessage_M.Text = "The given E-Mail does not exist in our database." + Return End If Catch ex As Exception Dim Msg, Style, Title As String @@ -352,9 +373,11 @@ Partial Class ForgotPW If (txt_Username_M.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(customerID)) = True Then username = txt_Username_M.Text lblMessage_M.ForeColor = Color.Green + isusernameright = True lblMessage_M.Text = "The given Username exists in our database." Else lblMessage_M.ForeColor = Color.Red + isusernameright = False lblMessage_M.Text = "The given Username does not exist in our database." End If Catch ex As Exception @@ -369,14 +392,14 @@ Partial Class ForgotPW End Using If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, customerID) + tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright) Session.Add("TokenforEmail", tokenname) Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) Else tokenname = Session.Item("TokenforEmail") End If - If SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = True Then + If SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright) = True Then 'password = RandomString(New Random, 10) If (getDateoftoken(tokenname) = True) Then 'Dim msgboxstyle = vbDefaultButton1 + vbOK @@ -390,7 +413,7 @@ Partial Class ForgotPW 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, customerID) + tokenname = genToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright) Session.Add("TokenforEmail", tokenname) Else tokenname = Session.Item("TokenforEmail") @@ -400,7 +423,7 @@ Partial Class ForgotPW 'MsgBox("Mail would be sent successfully!") lblMessage_M.ForeColor = Color.Green lblMessage_M.Text = "The password has been sent sucessfully on the given valid e-mail address." - ElseIf SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID) = True Then + ElseIf SendEmail_M(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), customerID, isusernameright, isuserIDright, isuserEmailright) = True Then 'MsgBox("Mail would not be sent successfully!") lblMessage_M.ForeColor = Color.Red If String.IsNullOrWhiteSpace(username) = True Then @@ -425,7 +448,7 @@ Partial Class ForgotPW End Try End Sub - Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean + Function SendEmail_M(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean) As Boolean Dim getdomianenvironment As String = String.Empty Dim pagename As String = String.Empty Dim ServPort As String = String.Empty @@ -433,83 +456,87 @@ Partial Class ForgotPW Dim Betreff As String = String.Empty Dim htmlbody As String = String.Empty Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString - If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then - 'MsgBox(getdomianenvironment) - getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") - ServPort = ":" + Request.ServerVariables("SERVER_PORT") - 'pagename = Request.ServerVariables("SCRIPT_NAME") - mailto = email - Betreff = "Passwort reset" - Dim mailpic As String = "" - Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" - Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." - Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" - Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,

VERAG | EDV Support
" + mailpic + "

VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) - ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then - getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") - 'MsgBox(getdomianenvironment) - ServPort = String.Empty - 'pagename = Request.ServerVariables("SCRIPT_NAME") - mailto = email - Betreff = "Passwort reset" - Dim mailpic As String = "" - Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" - Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." - Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" - Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "" + Environment.NewLine + "
Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,

VERAG | EDV Support
" + mailpic + "

VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) - ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then - 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") - lblMessage_M.ForeColor = Color.OrangeRed - lblMessage_M.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program." - End If - 'Dim pg As String = Request.ServerVariables("URL") - 'MsgBox("/" + ServPort + Request.ServerVariables("URL")) - - Try - If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, userID) - Session.Add("TokenforEmail", tokenname) - Else - tokenname = Session.Item("TokenforEmail").ToString() + If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True Then + If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then + 'MsgBox(getdomianenvironment) + getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") + ServPort = ":" + Request.ServerVariables("SERVER_PORT") + 'pagename = Request.ServerVariables("SCRIPT_NAME") + mailto = email + Betreff = "Passwort reset" + Dim mailpic As String = "" + Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" + Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." + Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" + Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." + htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,

VERAG | EDV Support
" + mailpic + "

VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then + getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") + 'MsgBox(getdomianenvironment) + ServPort = String.Empty + 'pagename = Request.ServerVariables("SCRIPT_NAME") + mailto = email + Betreff = "Passwort reset" + Dim mailpic As String = "" + Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" + Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." + Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" + Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." + htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/Change_PW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("True") + "" + Environment.NewLine + "
Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,

VERAG | EDV Support
" + mailpic + "

VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then + 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") + lblMessage_M.ForeColor = Color.OrangeRed + lblMessage_M.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program." End If - 'Dim Strtemp = Session.Keys.Item("urltochangepw") - If getDateoftoken(tokenname) = True Then - ' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx") - ' Msg.Attachments.Add(attachment) - If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then - VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) - Else - 'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07") - lblMessage_M.ForeColor = Color.OrangeRed - lblMessage_M.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!" - End If - lblMessage_M.ForeColor = Color.Green - lblMessage_M.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox." - 'MsgBox("SENT") - Return True - Else - lblMessage_M.ForeColor = Color.Red - lblMessage_M.Text = "Error02: Mail not delivered!" - 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") + 'Dim pg As String = Request.ServerVariables("URL") + 'MsgBox("/" + ServPort + Request.ServerVariables("URL")) + + Try If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, userID) + tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright) Session.Add("TokenforEmail", tokenname) - Session.Add("USerID", userID) Else tokenname = Session.Item("TokenforEmail").ToString() End If - VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) - Return True - End If - Catch ex As Exception - 'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt - End Try - Return True + 'Dim Strtemp = Session.Keys.Item("urltochangepw") + If getDateoftoken(tokenname) = True Then + ' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx") + ' Msg.Attachments.Add(attachment) + If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then + VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) + Else + 'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07") + lblMessage_M.ForeColor = Color.OrangeRed + lblMessage_M.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!" + End If + lblMessage_M.ForeColor = Color.Green + lblMessage_M.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox." + 'MsgBox("SENT") + Return True + Else + lblMessage_M.ForeColor = Color.Red + lblMessage_M.Text = "Error02: Mail not delivered!" + 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") + If Session.Item("TokenforEmail") = Nothing Then + tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright) + Session.Add("TokenforEmail", tokenname) + Session.Add("USerID", userID) + Else + tokenname = Session.Item("TokenforEmail").ToString() + End If + VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) + Return True + End If + Catch ex As Exception + 'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt + End Try + Return True + Else + Return False + End If End Function - Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean + Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean) As Boolean Dim getdomianenvironment As String = String.Empty Dim pagename As String = String.Empty Dim ServPort As String = String.Empty @@ -517,118 +544,126 @@ Partial Class ForgotPW Dim Betreff As String = String.Empty Dim htmlbody As String = String.Empty Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString - If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then - MsgBox(getdomianenvironment) - getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") - ServPort = ":" + Request.ServerVariables("SERVER_PORT") - 'pagename = Request.ServerVariables("SCRIPT_NAME") - mailto = email - Betreff = "Passwort reset" - Dim mailpic As String = "" - Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" - Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." - Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" - Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!


Kind regards,
VERAG | EDV Support
" + mailpic + "
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) - ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then - getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") - MsgBox(getdomianenvironment) - ServPort = ":" + Request.ServerVariables("SERVER_PORT") - 'pagename = Request.ServerVariables("SCRIPT_NAME") - mailto = email - Betreff = "Passwort reset" - Dim mailpic As String = "" - Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" - Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." - Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" - Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." - htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,
VERAG | EDV Support
" + mailpic + "
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) - ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then - 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") - lblMessage.ForeColor = Color.OrangeRed - lblMessage.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program." - End If - 'Dim pg As String = Request.ServerVariables("URL") - 'MsgBox("/" + ServPort + Request.ServerVariables("URL")) - - Try - If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, userID) - Session.Add("TokenforEmail", tokenname) - Else - tokenname = Session.Item("TokenforEmail").ToString() + If isusrnmright = True And iscstmIDright = True AndAlso isemailright = True Then + If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then + MsgBox(getdomianenvironment) + getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") + ServPort = ":" + Request.ServerVariables("SERVER_PORT") + 'pagename = Request.ServerVariables("SCRIPT_NAME") + mailto = email + Betreff = "Passwort reset" + Dim mailpic As String = "" + Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" + Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." + Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" + Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." + htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!


Kind regards,
VERAG | EDV Support
" + mailpic + "
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then + getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME") + MsgBox(getdomianenvironment) + ServPort = ":" + Request.ServerVariables("SERVER_PORT") + 'pagename = Request.ServerVariables("SCRIPT_NAME") + mailto = email + Betreff = "Passwort reset" + Dim mailpic As String = "" + Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen" + Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich." + Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially" + Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding." + htmlbody = String.Format("Dear {0},

Please follow the Link to reset your password:

" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(userID) + "&Mob=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt("False") + "" + Environment.NewLine + "

Notice:
The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!

Kind regards,
VERAG | EDV Support
" + mailpic + "
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password) + ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then + 'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.") + lblMessage.ForeColor = Color.OrangeRed + lblMessage.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program." End If - 'Dim Strtemp = Session.Keys.Item("urltochangepw") - If getDateoftoken(tokenname) = True Then - ' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx") - ' Msg.Attachments.Add(attachment) - If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then - VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) - Else - 'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07") - lblMessage.ForeColor = Color.OrangeRed - lblMessage.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!" - End If - lblMessage.ForeColor = Color.Green - lblMessage.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox." - 'MsgBox("SENT") - Return True - Else - lblMessage.ForeColor = Color.Red - lblMessage.Text = "Error02: Mail not delivered!" - 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") + 'Dim pg As String = Request.ServerVariables("URL") + 'MsgBox("/" + ServPort + Request.ServerVariables("URL")) + + Try If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email, userID) + tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright) Session.Add("TokenforEmail", tokenname) - Session.Add("USerID", userID) Else tokenname = Session.Item("TokenforEmail").ToString() End If - VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname) - Return True - End If - Catch ex As Exception - 'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt - lblMessage.Text = "Error12: No Token could be generated! Try to contact the admin." - End Try - Return True + 'Dim Strtemp = Session.Keys.Item("urltochangepw") + If getDateoftoken(tokenname) = True Then + ' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx") + ' Msg.Attachments.Add(attachment) + If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then + VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody) + Else + 'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07") + lblMessage.ForeColor = Color.OrangeRed + lblMessage.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!" + End If + lblMessage.ForeColor = Color.Green + lblMessage.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox." + 'MsgBox("SENT") + Return True + Else + lblMessage.ForeColor = Color.Red + lblMessage.Text = "Error02: Mail not delivered!" + 'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.") + If Session.Item("TokenforEmail") = Nothing Then + tokenname = genToken(username, password, email, userID, isusrnmright, iscstmIDright, isemailright) + Session.Add("TokenforEmail", tokenname) + Session.Add("USerID", userID) + Else + tokenname = Session.Item("TokenforEmail").ToString() + End If + VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname) + Return True + End If + Catch ex As Exception + 'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt + lblMessage.Text = "Error12: No Token could be generated! Try to contact the admin." + End Try + Return True + Else + Return False + End If End Function - Function genToken(username As String, password As String, email As String, CustomerID As String) As String + Function genToken(username As String, password As String, email As String, CustomerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean) As String Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()) Dim Key() As Byte = Guid.NewGuid().ToByteArray() Dim token As String - Try - token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) - Return token - Catch Ex As Exception - Dim Msg, Style, Title As String - Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given." - Style = vbRetry + vbExclamation + vbDefaultButton1 - Title = "Error05: Token-Generierung" - 'MsgBox(Msg, Style, Title) - - 'If MsgBox(Msg, Style, Title).Retry Then - 'genToken(username, password, email) - token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) - If SendEmail(username, password, email, token, CustomerID) = True Then - 'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error") - Else - 'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!") - End If - 'Else - 'MsgBox("Token-Generation has not been successful." & vbCrLf & "Please try again in five seconds!") - Dim jetzt As DateTime = DateTime.UtcNow - Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5) - - If jetzt < wenn Then - Return "NotYet" - Else - token = genToken(username, password, email, CustomerID) + If isusrnmright = True And iscstmIDright = True And isemailright = True Then + Try + token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) Return token - 'End If - End If - End Try + Catch Ex As Exception + Dim Msg, Style, Title As String + Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given." + Style = vbRetry + vbExclamation + vbDefaultButton1 + Title = "Error05: Token-Generierung" + 'MsgBox(Msg, Style, Title) + + 'If MsgBox(Msg, Style, Title).Retry Then + 'genToken(username, password, email) + token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray())) + If SendEmail(username, password, email, token, CustomerID, isusrnmright, iscstmIDright, isemailright) = True Then + 'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error") + Else + 'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!") + End If + 'Else + 'MsgBox("Token-Generation has not been successful." & vbCrLf & "Please try again in five seconds!") + Dim jetzt As DateTime = DateTime.UtcNow + Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5) + + If jetzt < wenn Then + Return "NotYet" + Else + token = genToken(username, password, email, CustomerID, isusrnmright, iscstmIDright, isemailright) + Return token + 'End If + End If + End Try + Else + Return String.Empty + End If End Function Function getDateoftoken(tokenname As String) As Boolean