Imports System.Net
Imports System.Net.Mail
Imports System.Drawing
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Data
Partial Class login_ForgotPW
Inherits System.Web.UI.Page
Dim ConnectionString As String = String.Empty
Protected Sub btn_Back_Click(sender As Object, e As EventArgs)
Response.Redirect("login/login_FLEX.aspx")
End Sub
Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
Try
Dim username As String = String.Empty
Dim password As String = String.Empty
Dim email As String = String.Empty
Dim tokenname As String = String.Empty
Dim userID As String = String.Empty
If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then
regexval_2_txt_Email_M.Enabled = False
valreqtxtEmail_M.Enabled = False
valreqtxtusername_M.Enabled = False
valreqtxtusername.Enabled = True
valreqtxtEmail.Enabled = True
regexval_txt_Email_2.Enabled = True
regexval_txt_Email.Enabled = True
valreqtxtEmail.Validate()
If valreqtxtEmail.IsValid = True Then
email = txtEmail.Text
ElseIf valreqtxtEmail.IsValid = False Then
valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email.Validate()
regexval_txt_Email_2.IsValid = True
End If
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
If check_UserName_regex.IsValid = True Then
username = txt_Username.Text
End If
End If
End If
' MsgBox("3" + email + " " + username)
End If
'Mobil
If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True Then
valreqtxtEmail_M.Enabled = True
regexval_2_txt_Email_M.Enabled = True
regexval_txt_Email.Enabled = False
regexval_txt_Email_2.Enabled = False
valreqtxtusername.Enabled = False
valreqtxtusername_M.Enabled = True
valreqtxtEmail_M.Validate()
If valreqtxtEmail_M.IsValid = True Then
email = txtEmail_M.Text
ElseIf valreqtxtEmail_M.IsValid = False Then
valreqtxtEmail_M.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email_M.Validate()
regexval_txt_Email_2.IsValid = True
End If
valreqtxtusername_M.Validate()
If valreqtxtusername_M.IsValid = True Then
check_UserName_regex_M.Validate()
If check_UserName_regex_M.IsValid = False Then
check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
check_UserName_regex_M.IsValid = True
End If
If check_UserName_regex_M.IsValid = True Then
username = txt_Username_M.Text
End If
End If
End If
'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False And String.IsNullOrEmpty(userID) = True Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email,KundenNr FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
userID = VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(dr("KundenNr").ToString())
Try
If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex_M.Enabled = False
check_UserName_regex.Enabled = True
check_UserName_regex.IsValid = True
username = txt_Username.Text
ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex.Enabled = False
check_UserName_regex_M.Enabled = True
check_UserName_regex_M.IsValid = True
username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then
check_UserName_regex.MatchTimeout = 3000
check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False
End If
If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) And String.IsNullOrEmpty(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(userID)) = False Then
regexval_txt_Email_M.Enabled = False
regexval_txt_Email.Enabled = True
regexval_txt_Email.Validate()
email = txtEmail.Text
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The given e-mail exists in our database."
ElseIf (txtEmail_M.Text = dr("Email").ToString() And txtEmail.Attributes.Item("Placeholder") = "E-mail") Then
regexval_txt_Email_M.Validate()
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
ElseIf String.IsNullOrEmpty(userID) = True Then
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given User does not exist in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty
'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then
'End If
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Token generated successfully."
'MsgBox("Token generated successfully.")
Else
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Token is not valid anymore. Please generate a new one by sending a new e-mail!"
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
End If
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address."
ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname), userID) = False Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
lblMessage.Text = "Error10: Username not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(email) = True Then
lblMessage.Text = "Error11: Email not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(password) = True Then
lblMessage.Text = "An internal password searching error occured in our systems ."
End If
End If
Else
'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "The form has not been filled completeley."
End If
Catch Exc As Exception
lblMessage.Text = "Error08: No iput found."
End Try
End Sub
'Function RandomString(r As Random, max As Integer) As String
'Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
'Dim sb As New StringBuilder
'Dim cnt As Integer = r.Next(4, max)
'For i As Integer = 1 To cnt
'Dim idx As Integer = r.Next(0, s.Length)
' sb.Append(s.Substring(idx, 1))
'Next
'Return sb.ToString()
'End Function
Function SendEmail(username As String, password As String, email As String, tokenname As String, userID As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
Dim mailto As String = String.Empty
Dim Betreff As String = String.Empty
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email
Betreff = "Passwort reset"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag |" + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = String.Empty
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email
Betreff = "Passwort reset"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear, {0},
Please follow the Link to reset your password:
" + Environment.NewLine + "http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + "&Par2=" + VERAG_PROG_ALLGEMEIN.cCryptography2.Encrypt(username) + "&Par3=" + userID + "" + Environment.NewLine + "
Kind regards,
VERAG | EDV Support
VERAG Spedition AG | A 4975 Suben, Nr. 100
T.+43 7711 2777-xx |support@verag.ag | " + emailnr + "FN xxxxxxx
" + Ausschusstext + "
" + Ausschusstext2 + "
" + Ausschusstext3 + "
" + Ausschusstext4 + "
", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage.ForeColor = Color.OrangeRed
lblMessage.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program."
End If
'Dim pg As String = Request.ServerVariables("URL")
'MsgBox("/" + ServPort + Request.ServerVariables("URL"))
Try
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
'Dim Strtemp = Session.Keys.Item("urltochangepw")
If getDateoftoken(tokenname) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")
lblMessage.ForeColor = Color.OrangeRed
lblMessage.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!"
End If
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox."
'MsgBox("SENT")
Return True
Else
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Error02: Mail not delivered!"
'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email, userID)
Session.Add("TokenforEmail", tokenname)
Session.Add("USerID", userID)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname)
Return False
End If
Catch ex As Exception
'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt
End Try
Return False
End Function
Function genToken(username As String, password As String, email As String, UserID As String) As String
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
Try
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
Return token
Catch Ex As Exception
Dim Msg, Style, Title As String
Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given."
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Error05: Token-Generierung"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
If SendEmail(username, password, email, token, UserID) = False Then
'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
Else
'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!")
End If
'Else
'MsgBox("Token-Generation has not been successful." & vbCrLf & "Please try again in five seconds!")
Dim jetzt As DateTime = DateTime.UtcNow
Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5)
If jetzt < wenn Then
Return "NotYet"
Else
token = genToken(username, password, email, UserID)
Return token
'End If
End If
End Try
End Function
Function getDateoftoken(tokenname As String) As Boolean
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname))
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
nameoftoken = String.Empty
tokenname = nameoftoken
'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
Session.Remove("TokenforEmail")
Return False
ElseIf nameoftoken = "Error04" Then
nameoftoken = String.Empty
tokenname = nameoftoken
Session.Remove("TokenforEmail")
Return False
ElseIf nameoftoken = "NotYet" Then
Return True
Else
Return True
End If
End Function
End Class