Imports System.Net
Imports System.Net.Mail
Imports System.Drawing
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Data

Partial Class login_ForgotPW
    Inherits System.Web.UI.Page

    Protected Sub btn_Back_Click(sender As Object, e As EventArgs)
        Response.Redirect("login/login_FLEX.aspx")
    End Sub

    Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
        Dim username As String = String.Empty
        Dim password As String = String.Empty
        Dim email As String = String.Empty
        Dim tokenname As String = String.Empty
        valreqtxtEmail.Validate()
        check_UserName_regex.Validate()
        If valreqtxtEmail.IsValid = True Then
            email = txtEmail.Text
        ElseIf valreqtxtEmail.IsValid = False Then
            valreqtxtEmail.ErrorMessage = "ANnotation: The given Daomain is not the company domain."
            regexval_txt_Email.Validate()
            valreqtxtEmail.IsValid = True
        End If
        If check_UserName_regex.IsValid = True Then
            username = txt_Username.Text
        Else
            check_UserName_regex.ErrorMessage = "No valid Username found!"
        End If
        If String.IsNullOrEmpty(email) = False AndAlso String.IsNullOrEmpty(tokenname) = True AndAlso String.IsNullOrEmpty(password) = True AndAlso String.IsNullOrEmpty(username) = False Then
            'cDBFunctions.GetNewOpenConnection()
            Dim ConnectionString = String.Empty
            If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
                'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
                ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
            Else
                ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
                'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
            End If
            ' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
            Using con As New SqlConnection(ConnectionString)
                ' Using cmd As New SqlCommand("Validate_User")
                Using cmd As New SqlCommand("SELECT Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
                    ' cmd.CommandType = CommandType.StoredProcedure
                    cmd.Parameters.AddWithValue("@Username", username)
                    cmd.Connection = con
                    con.Open()
                    'userId = Convert.ToInt32(cmd.ExecuteScalar())
                    Dim dr As SqlDataReader = cmd.ExecuteReader()
                    If dr.Read() Then
                        username = dr("Username").ToString()
                        password = dr("Password").ToString()
                        Try
                            regexval_txt_Email.Validate()
                        Catch ex As Exception
                            Dim Msg, Style, Title As String
                            Msg = "E-Mail Prüfung fehlgeschlagen!" & vbCrLf + "Bitte erneut versuchen!"
                            Style = vbRetry + vbExclamation + vbDefaultButton1
                            Title = "Fehler bei E-Mail Authentifizierung!"
                            MsgBox(Msg, Style, Title)
                            If MsgBox(Msg, Style, Title).Yes Then
                                txtEmail.Text = String.Empty
                                txtEmail.Focus()
                            ElseIf MsgBox(Msg, Style, Title).No Then
                            End If
                        End Try
                    End If
                End Using
                con.Close()
            End Using

            tokenname = genToken(username, password, email)
            Session.Add("TokenforEmail", tokenname)
            If SendEmail(username, password, email, tokenname) = True Then
                'password = RandomString(New Random, 10)
                If (getDateoftoken(tokenname) = True) Then
                    Dim msgboxstyle = vbDefaultButton1 + vbOK
                    'MsgBox(tokenname, msgboxstyle)
                    MsgBox("Token erfolgreich generiert.")
                Else
                    MsgBox("Token ist nicht mehr gültig! Es wird ein neuer generiert!")
                    tokenname = genToken(username, password, email)
                End If
                'SendEmail(username, password, email)
                'MsgBox("Mail would be sent successfully!")
                lblMessage.ForeColor = Color.Green
                lblMessage.Text = "Passwort wurde erfolgreich an die angegebene E-Mail Adresse gesendet."
            ElseIf SendEmail(username, password, email, tokenname) = False Then
                'MsgBox("Mail would not be sent successfully!")
                lblMessage.ForeColor = Color.Red
                lblMessage.Text = "Diese E-Mail ist nicht in unserer Datenbank vorhanden."
            End If
        Else
            MsgBox("Die Felder sind nicht alle befüllt worden.", MsgBoxStyle.Critical, "Error08")
        End If
    End Sub

    'Function RandomString(r As Random, max As Integer) As String
    'Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
    'Dim sb As New StringBuilder
    'Dim cnt As Integer = r.Next(4, max)
    'For i As Integer = 1 To cnt
    'Dim idx As Integer = r.Next(0, s.Length)
    '       sb.Append(s.Substring(idx, 1))
    'Next
    'Return sb.ToString()
    'End Function

    Function SendEmail(username As String, password As String, email As String, tokenname As String) As Boolean
        Dim getdomianenvironment As String = String.Empty
        Dim pagename As String = String.Empty
        Dim ServPort As String = String.Empty

        Dim mailto As String = String.Empty
        Dim Betreff As String = String.Empty
        Dim htmlbody As String = String.Empty
        If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
            getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
            ServPort = ":" + Request.ServerVariables("SERVER_PORT")
            'pagename = Request.ServerVariables("SCRIPT_NAME")
            mailto = email
            Betreff = "Passwort reset"
            htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Bitte dem Link zum Zurücksetzen des Passwortes folgen:<br /><br /><br />.<br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Mit freundlichen Grüßen <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
        ElseIf HttpContext.Current.Request.ServerVariables("SERVER_NAME") = Not "localhost" Then
            getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
            ServPort = String.Empty
            'pagename = Request.ServerVariables("SCRIPT_NAME")
            mailto = email
            Betreff = "Passwort reset"
            htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Bitte dem Link zum Zurücksetzen des Passwortes folgen:<br /><br /><br />.<br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Mit freundlichen Grüßen <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
        End If
        'Dim pg As String = Request.ServerVariables("URL")
        'MsgBox("/" + ServPort + Request.ServerVariables("URL"))

        Try
            Dim tokennametemp = genToken(username, password, email)
            'Dim Strtemp = Session.Keys.Item("urltochangepw")
            If getDateoftoken(tokennametemp) = True Then
                '  Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
                '  Msg.Attachments.Add(attachment)
                If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
                    VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
                Else
                    MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")
                End If
                MsgBox("SENT")
                    Return True
                Else
                    MsgBox("Error02: Mail not delivered!" & vbCrLf & "Neuer Token wird generiert.")
                tokennametemp = genToken(username, password, email)
                VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname)
                Return False
            End If
        Catch ex As Exception
            MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt
        End Try
        Return False
    End Function

    Function genToken(username As String, password As String, email As String) As String
        Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
        Dim Key() As Byte = Guid.NewGuid().ToByteArray()
        Dim token As String
        Try
            token = Convert.ToBase64String(time.Concat(Key).ToArray())
            Return token
        Catch Ex As Exception
            Dim Msg, Style, Title As String
            Msg = "Tokengenerierung fehlgeschlagen!" & vbCrLf & "Eine E-Mail wurde erneut an " + email + " zugesendet."
            Style = vbRetry + vbExclamation + vbDefaultButton1
            Title = "Fehler bei Token-Generierung"
            MsgBox(Msg, Style, Title)

            If MsgBox(Msg, Style, Title).Retry Then
                genToken(username, password, email)
                If SendEmail(username, password, email, token) = False Then
                    MsgBox("Email konnte wegen eines internen Verschlüsselungsfehlers nicht gesendet werden.", vbOK + vbInformation + vbDefaultButton1, "Tokengenerierung-Fehler")
                Else
                    MsgBox("Email wurde erfolgreich gesendet." & vbCr & "Bitte Postfach überprüfen!", vbOK + vbInformation + vbDefaultButton1, "Tokengenerierung erfolgreich!")
                End If
            Else
                MsgBox("Tokengenerierung nicht erfolgreich." & vbCrLf & "In 5 Sekunden nochmal versuchen!")
                Dim jetzt As DateTime = DateTime.UtcNow
                Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5)

                If jetzt < wenn Then
                    Return "NotYet"
                Else
                    token = Convert.ToBase64String(time.Concat(Key).ToArray())
                    Return token
                End If
            End If
        End Try
    End Function

    Function getDateoftoken(tokenname As String) As Boolean
        Dim data() As Byte = Convert.FromBase64String(tokenname)
        Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
        If wenn < DateTime.UtcNow.AddMinutes(-30) Then
            tokenname = String.Empty
            MsgBox("Token nicht gefunden oder zu alt!" + Environment.NewLine + "Bitte erneut Mail senden!")
            Return False
        ElseIf tokenname = "NotYet" Then
            Return False
        ElseIf tokenname = "Error04" Then
            Return False
        Else
            Return True
        End If
    End Function
End Class