Imports System.Data.SqlClient Imports System.Data Partial Class ChangePW Inherits System.Web.UI.Page Protected Sub Page_Load(sender As Object, e As EventArgs) Dim url = Request.ServerVariables("URL") Session.Add("urltochangepw", url) If VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("TokenforEmail").ToString()) = Not Nothing AndAlso VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1")) = Not Nothing And VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Session.Item("USerID").ToString()) = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par2")) Then If getDateoftoken(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(Request.QueryString("Par1"))) = True Then txt_Pw_WH.Enabled = True txt_Pw.Enabled = True regexval_txt_Pw_WH.Enabled = True If IsPostBack Then reqPasswtxt.Validate() reqPassw1txt.Validate() End If Else btn_submitpw.Enabled = False txt_Pw.BackColor = Drawing.Color.Gray txt_Pw.ForeColor = Drawing.Color.DarkGray txt_Pw_WH.Enabled = False txt_Pw_WH.BackColor = Drawing.Color.Gray txt_Pw_WH.ForeColor = Drawing.Color.DarkGray txt_Pw.Enabled = False regexval_txt_Pw_WH.Enabled = False End If Else MsgBox("Link ist abgelaufen. Bitte neue E-Mail senden.", MsgBoxStyle.Critical, "Error06") Response.Redirect("ForgotPW.aspx") End If End Sub Protected Sub txt_Pw_WH_TextChanged(sender As Object, e As EventArgs) regexval_txt_Pw_WH.Validate() confirmPasswordReq.Validate() If confirmPasswordReq.IsValid Then btn_submitpw.Enabled = True Else btn_submitpw.Enabled = False End If End Sub Public Function geturlofpage() As String Dim url = Request.Url.Authority + HttpContext.Current.Request.RawUrl.ToString() If Request.ServerVariables("HTTPS") = "on" Then url = "https://" + url Else url = "http://" + url End If Return url End Function Protected Sub btn_submitpw_Click(sender As Object, e As EventArgs) Dim tempstr As String = "" Dim Msg, Style, Title As String If String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then reqPasswtxt_M.Enabled = False reqPasswtxt_M.Enabled = False reqPasswtxt.Enabled = True reqPassw1txt.Enabled = True reqPasswtxt.Validate() reqPassw1txt.Validate() If reqPasswtxt.IsValid And reqPassw1txt.IsValid Then tempstr = txt_Pw.Text End If ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_M.Text) = Not True AndAlso String.IsNullOrEmpty(txt_Pw_WH_M.Text) = Not True Then reqPasswtxt.Enabled = False reqPassw1txt_M.Enabled = False reqPasswtxt_M.Enabled = True reqPassw1txt_M.Enabled = True reqPasswtxt_M.Validate() reqPassw1txt_M.Validate() If reqPasswtxt_M.IsValid And reqPassw1txt_M.IsValid Then tempstr = txt_Pw_M.Text End If Else tempstr = "Error01" End If If txt_Pw.Text = tempstr And txt_Pw_WH.Text = tempstr AndAlso txt_Pw_M.Text = String.Empty And txt_Pw_WH_M.Text = String.Empty Then Try Dim ConnectionString = "" Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" Else ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" End If Using con As New SqlConnection(ConnectionString) Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr") ' cmd.CommandType = CommandType.StoredProcedure cmd.Parameters.AddWithValue("@Username", usrname) cmd.Parameters.AddWithValue("@Password", tempstr) cmd.Parameters.AddWithValue("@KundenNr", UsrID) cmd.Connection = con cmd.ExecuteNonQuery() End Using End Using Catch ex As Exception lbl_messagetext.Text = ex.Message End Try Msg = "PW erfolgreich geändert!" Style = vbOKOnly + vbInformation + vbDefaultButton1 Title = "Information" regexval_txt_Pw.ForeColor = Drawing.Color.Green regexval_txt_Pw.Text = "Password has been changed successfully!" 'MsgBox(Msg, Style, Title) ' If MsgBox(Msg, Style, Title).Ok Then 'Response.Redirect("login_FLEX.aspx") 'End If ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso txt_Pw.Text = String.Empty And txt_Pw_M.Text = String.Empty Then Try Dim ConnectionString = "" Dim usrname = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par2")) Dim UsrID = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(Request.QueryString("Par3")) If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" Else ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" End If Using con As New SqlConnection(ConnectionString) Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr") ' cmd.CommandType = CommandType.StoredProcedure cmd.Parameters.AddWithValue("@Username", usrname) cmd.Parameters.AddWithValue("@Password", tempstr) cmd.Parameters.AddWithValue("@KundenNr", UsrID) cmd.Connection = con cmd.ExecuteNonQuery() End Using End Using Catch ex As Exception lbl_messagetext.Text = ex.Message End Try Msg = "PW erfolgreich geändert!" Style = vbOKOnly + vbInformation + vbDefaultButton1 Title = "Information" regexval_txt_Pw.ForeColor = Drawing.Color.Green regexval_txt_Pw.Text = "Password has been changed successfully!" 'MsgBox(Msg, Style, Title) ' If MsgBox(Msg, Style, Title).Ok Then 'Response.Redirect("login_FLEX.aspx") 'End If ElseIf tempstr = "Error01" Then regexval_txt_Pw.ForeColor = Drawing.Color.MediumVioletRed regexval_txt_Pw.Text = "Password has not been changed successfully!" ' Msg = "PW nicht erfolgreich geändert!" ' Style = vbAbortRetryIgnore + vbCritical + vbDefaultButton1 ' Title = "Error" 'MsgBox(Msg, Style, Title) 'If MsgBox(Msg, Style, Title).Retry Then 'Response.Redirect(Request.RawUrl) 'ElseIf MsgBox(Msg, Style, Title).Abort Then ' Response.Redirect("../newPageJulius_Sidebar.aspx") 'ElseIf MsgBox(Msg, Style, Title).Ignore Then ' Try ' Catch ex As Exception ' End Try End If End Sub Protected Sub txt_Pw_TextChanged(sender As Object, e As EventArgs) regexval_txt_Pw.Validate() If regexval_txt_Pw.IsValid Then txt_Pw_WH.ReadOnly = False regexval_txt_Pw_WH.Enabled = True Else txt_Pw_WH.ReadOnly = True regexval_txt_Pw_WH.Enabled = False End If End Sub Function getDateoftoken(tokenname As String) As Boolean Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname)) Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0)) Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname) If wenn < DateTime.UtcNow.AddMinutes(-30) Then nameoftoken = String.Empty 'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!") Session.Remove("TokenforEmail") Return False ElseIf nameoftoken = "Error04" Then nameoftoken = String.Empty Session.Remove("TokenforEmail") Return False ElseIf nameoftoken = "NotYet" Then Return True Else Return True End If End Function Protected Sub Image1_M_Click(sender As Object, e As ImageClickEventArgs) MsgBox("") End Sub End Class