edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
541c2894d7654710a835c8efc33d8dd333946e76
VERAG_Homepage/login/ForgotPW.aspx.vb

208 lines
9.6 KiB
VB.net
Raw Blame History

Imports System.Net
Imports System.Net.Mail
Imports System.Drawing
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Data
Partial Class login_ForgotPW
Inherits System.Web.UI.Page
Protected Sub Page_Load(sender As Object, e As EventArgs)
If txt_Username.Text = "" Then
Try
txt_Username.Text = Request.QueryString.Item("urlofchangepwpage")
Catch ex As Exception
MsgBox(ex.Message)
End Try
End If
End Sub
Protected Sub btn_Back_Click(sender As Object, e As EventArgs)
Response.Redirect("login/login_FLEX.aspx")
End Sub
Protected Sub SendEmail(sender As Object, e As EventArgs)
Dim username As String = txt_Username.Text
Dim password As String = String.Empty
Dim email As String = txtEmail.Text
Dim tokenname As String = ""
' cDBFunctions.GetNewOpenConnection()
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
Try
email = txtEmail.Text
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-mail Prüfung fehlgeschlagen!" & vbCrLf + "Bitte erneut versuchen!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Fehler bei E-mail Authentifizierung!"
MsgBox(Msg, Style, Title)
If MsgBox(Msg, Style, Title).Yes Then
txtEmail.Text = ""
txtEmail.Focus()
ElseIf MsgBox(Msg, Style, Title).No Then
End If
End Try
End If
End Using
con.Close()
End Using
tokenname = genToken(username, password, email)
If SendEmail(username, password, email, tokenname) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
Dim msgboxstyle = vbDefaultButton1 + vbOK
MsgBox(tokenname, msgboxstyle)
Else
MsgBox("token nicht mehr Gültig! Neuer wird generiert!")
tokenname = genToken(username, password, email)
End If
'SendEmail(username, password, email)
MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Passwort wurde erfolgreich an die angegebene E-Mail Adresse gesendet."
ElseIf SendEmail(username, password, email, tokenname) = False Then
MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Diese E-Mail ist nicht in unserer Datenbank vorhanden."
End If
End Sub
Function RandomString(r As Random, max As Integer) As String
Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
Dim sb As New StringBuilder
Dim cnt As Integer = r.Next(4, max)
For i As Integer = 1 To cnt
Dim idx As Integer = r.Next(0, s.Length)
sb.Append(s.Substring(idx, 1))
Next
Return sb.ToString()
End Function
Function SendEmail(username As String, password As String, email As String, tokenname As String) As Boolean
Dim getdomianenvironment As String = ""
Dim pagename As String = ""
Dim ServPort As String = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = Request.ServerVariables("SERVER_PORT")
pagename = Request.ServerVariables("SCRIPT_NAME")
ElseIf HttpContext.Current.Request.ServerVariables("SERVER_NAME") = Not "localhost" Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = Nothing
pagename = Request.ServerVariables("SCRIPT_NAME")
End If
'Dim pg As String = Request.ServerVariables("URL")
MsgBox("/" + ServPort + Request.ServerVariables("URL"))
Dim mailto As String = email
Dim Betreff As String = "Passwort reset"
Dim htmlbody = String.Format("Sehr geehrte/r {0},<br /><br /> Bitte dem Link zum Zurücksetzen des Passwortes folgen:<br /><br /><br />.<br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ":" + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Mit freundlichen Grüßen,", username, password)
Try
Dim tokennametemp = genToken(username, password, email)
'Dim Strtemp = Session.Keys.Item("urltochangepw")
If getDateoftoken(tokennametemp) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
MsgBox("SENT")
Return True
Else
MsgBox("Error02: Mail not delivered!")
tokennametemp = genToken(username, password, email)
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname)
Return False
End If
Catch ex As Exception
MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt
End Try
Return False
End Function
Function genToken(username As String, password As String, email As String) As String
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
Try
token = Convert.ToBase64String(time.Concat(Key).ToArray())
Return token
Catch Ex As Exception
Dim Msg, Style, Title As String
Msg = "Tokengenerierung fehlgeschlagen!" & vbCrLf & "Eine E-Mail wurde erneut an " + email + " zugesedet."
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Fehler bei Token-Generierung"
MsgBox(Msg, Style, Title)
If MsgBox(Msg, Style, Title).Retry Then
genToken(username, password, email)
If SendEmail(username, password, email, token) = False Then
MsgBox("Email konnte wegen eines internen Verschlüsselungsfehlers nicht gesendet werden.", vbOK + vbInformation + vbDefaultButton1, "TokengenerierungsFehler")
Else
MsgBox("Email wurde erfolgreich gesendet." & vbCr & "Bitte Postfach überprüfen!", vbOK + vbInformation + vbDefaultButton1, "Tokengenerierungs erfolgreich!")
End If
Else
MsgBox("Tokengenerierung nicht erfolgreich." & vbCrLf & "In 5 Sekunden nochmal versuchen!")
Dim jetzt As DateTime = DateTime.UtcNow
Dim wenn As DateTime = DateTime.UtcNow.AddMinutes(-3)
If jetzt < DateTime.UtcNow.AddSeconds(-5) Then
Return "NotYet"
Else
token = Convert.ToBase64String(time.Concat(Key).ToArray())
Return token
End If
End If
End Try
End Function
Function getDateoftoken(tokenname As String) As Boolean
Dim data() As Byte = Convert.FromBase64String(tokenname)
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
tokenname = ""
MsgBox("Token nicht gefunden oder zu alt!" + Environment.NewLine + "Bitte erneut Mail senden!")
Return False
ElseIf tokenname = "NotYet" Then
Return False
Else
Return True
End If
End Function
Protected Sub txtEmail_TextChanged(sender As Object, e As EventArgs)
regexval_txt_Email.Validate()
End Sub
Protected Sub Token_tmr_Tick(sender As Object, e As EventArgs)
btn_Send.Enabled = False
End Sub
End Class
Reference in New Issue View Git Blame Copy Permalink