edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e176651b614644c894a912e3c302a5351d3433d2
VERAG_Homepage/login/ForgotPW.aspx.vb
ja e176651b61 Ändeurngen gemäß E-Mail
2021-10-18 11:14:24 +02:00

364 lines
23 KiB
VB.net
Raw Blame History

Imports System.Net
Imports System.Net.Mail
Imports System.Drawing
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Data
Partial Class login_ForgotPW
Inherits System.Web.UI.Page
Dim ConnectionString As String = String.Empty
Protected Sub btn_Back_Click(sender As Object, e As EventArgs)
Response.Redirect("login/login_FLEX.aspx")
End Sub
Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
Dim username As String = String.Empty
Dim password As String = String.Empty
Dim email As String = String.Empty
Dim tokenname As String = String.Empty
If txtEmail_M.Text = "E-Mail" And txt_Username_M.Text = "Username" And Not txtEmail.Attributes.Item("Placeholer") = "E-Mail" And Not txt_Username.Attributes.Item("Placeholer") = "Username" And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then
regexval_2_txt_Email_M.Enabled = False
valreqtxtEmail_M.Enabled = False
valreqtxtusername_M.Enabled = False
valreqtxtusername.Enabled = True
valreqtxtEmail.Enabled = True
regexval_txt_Email_2.Enabled = True
regexval_txt_Email.Enabled = True
valreqtxtEmail.Validate()
If valreqtxtEmail.IsValid = True Then
email = txtEmail.Text
ElseIf valreqtxtEmail.IsValid = False Then
valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email.Validate()
regexval_txt_Email_2.IsValid = True
End If
valreqtxtusername.Validate()
If valreqtxtusername.IsValid = True Then
check_UserName_regex.Validate()
If check_UserName_regex.IsValid = False Then
check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
If check_UserName_regex.IsValid = True Then
username = txt_Username.Text
End If
End If
End If
' MsgBox("3" + email + " " + username)
'Mobil
ElseIf txtEmail.Text = "E-Mail" And txt_Username.Attributes.Item("Username") And Not txtEmail_M.Text = "E-Mail" And Not txt_Username_M.Attributes.Item("Placeholder") = "Username" And String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False Then
valreqtxtEmail_M.Enabled = True
regexval_2_txt_Email_M.Enabled = True
regexval_txt_Email.Enabled = False
regexval_txt_Email_2.Enabled = False
valreqtxtusername.Enabled = False
valreqtxtusername_M.Enabled = True
valreqtxtEmail_M.Validate()
If valreqtxtEmail_M.IsValid = True Then
email = txtEmail_M.Text
ElseIf valreqtxtEmail_M.IsValid = False Then
valreqtxtEmail_M.ErrorMessage = "Annotation: The given Domain is not the company domain."
regexval_txt_Email_M.Validate()
regexval_txt_Email_2.IsValid = True
End If
valreqtxtusername_M.Validate()
If valreqtxtusername_M.IsValid = True Then
check_UserName_regex_M.Validate()
If check_UserName_regex_M.IsValid = False Then
check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements."
Else
check_UserName_regex_M.IsValid = True
End If
If check_UserName_regex_M.IsValid = True Then
username = txt_Username_M.Text
End If
End If
End If
'Erweiterte Degub Msg-Box
'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text)
If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False Then
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT Username,Password,Email FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", username)
cmd.Connection = con
con.Open()
'userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.Read() Then
username = dr("Username").ToString()
password = dr("Password").ToString()
email = dr("Email").ToString()
Try
If txt_Username.Text = dr("Username").ToString() AndAlso txt_Username_M.Attributes.Item("Placeholder") = "Username" Then
check_UserName_regex_M.Enabled = False
check_UserName_regex.Enabled = True
check_UserName_regex.IsValid = True
username = txt_Username.Text
ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Attributes.Item("Placeholder") = "Username" Then
check_UserName_regex.Enabled = False
check_UserName_regex_M.Enabled = True
check_UserName_regex_M.IsValid = True
username = txt_Username_M.Text
ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True Then
check_UserName_regex_M.MatchTimeout = 3000
check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex_M.IsValid = False
ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then
check_UserName_regex.MatchTimeout = 3000
check_UserName_regex.ErrorMessage = "No valid Username found in out database!"
check_UserName_regex.IsValid = False
End If
If (txtEmail.Text = dr("Email").ToString() AndAlso txtEmail_M.Attributes.Item("Placeholder") = "E-mail") Then
regexval_txt_Email_M.Enabled = False
regexval_txt_Email.Enabled = True
regexval_txt_Email.Validate()
email = txtEmail.Text
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The given e-mail exists in our database."
ElseIf (txtEmail_M.Text = dr("Email").ToString() And txtEmail.Attributes.Item("Placeholder") = "E-mail") Then
regexval_txt_Email_M.Validate()
email = txtEmail_M.Text
lblMessage_M.ForeColor = Color.Green
lblMessage_M.Text = "The given e-mail exists in our database."
Else
lblMessage_M.ForeColor = Color.Red
lblMessage_M.Text = "The given e-mail does not exist in our database."
End If
Catch ex As Exception
Dim Msg, Style, Title As String
Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!"
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Authentication error!"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Yes Then
'txtEmail.Text = String.Empty
'txtEmail.Focus()
'ElseIf MsgBox(Msg, Style, Title).No Then
'End If
End Try
End If
End Using
con.Close()
End Using
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
Else
tokenname = Session.Item("TokenforEmail")
End If
If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then
'Dim msgboxstyle = vbDefaultButton1 + vbOK
'MsgBox(tokenname, msgboxstyle)
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Token generated successfully."
'MsgBox("Token generated successfully.")
Else
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Token is not valid anymore. Please generate a new one by sending a new e-mail!"
'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail")
End If
End If
'SendEmail(username, password, email)
'MsgBox("Mail would be sent successfully!")
lblMessage.ForeColor = Color.Green
lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address."
ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = False Then
'MsgBox("Mail would not be sent successfully!")
lblMessage.ForeColor = Color.Red
If String.IsNullOrWhiteSpace(username) = True Then
lblMessage.Text = "Error10: Username not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(email) = True Then
lblMessage.Text = "Error11: Email not recognized Error!"
ElseIf String.IsNullOrWhiteSpace(password) = True Then
lblMessage.Text = "An internal password searching error occured in our systems ."
End If
End If
Else
'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08")
lblMessage.ForeColor = Color.Red
lblMessage.Text = "The form has not been filled completeley."
End If
End Sub
'Function RandomString(r As Random, max As Integer) As String
'Dim s As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!§$%&/?="
'Dim sb As New StringBuilder
'Dim cnt As Integer = r.Next(4, max)
'For i As Integer = 1 To cnt
'Dim idx As Integer = r.Next(0, s.Length)
' sb.Append(s.Substring(idx, 1))
'Next
'Return sb.ToString()
'End Function
Function SendEmail(username As String, password As String, email As String, tokenname As String) As Boolean
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
Dim mailto As String = String.Empty
Dim Betreff As String = String.Empty
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = ":" + Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email
Betreff = "Passwort reset"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "</a>" + Environment.NewLine + "<br /><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> |" + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = String.Empty
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = email
Betreff = "Passwort reset"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + "</a>" + Environment.NewLine + "<br /><br /><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />", username, password)
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
lblMessage.ForeColor = Color.OrangeRed
lblMessage.Text = "Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check the Link please or contact the Administrator of the program."
End If
'Dim pg As String = Request.ServerVariables("URL")
'MsgBox("/" + ServPort + Request.ServerVariables("URL"))
Try
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
'Dim Strtemp = Session.Keys.Item("urltochangepw")
If getDateoftoken(tokenname) = True Then
' Dim attachment As Attachment = New Attachment(File.OpenRead(excel), "Kundenliste.xlsx")
' Msg.Attachments.Add(attachment)
If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
'MsgBox("Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen.", vbAbort, "Error07")
lblMessage.ForeColor = Color.OrangeRed
lblMessage.Text = "Error07: Die Paramter wurden nicht alle gesetzt. Bitte Felder überprüfen!"
End If
lblMessage.ForeColor = Color.Green
lblMessage.Text = "Success" + Environment.NewLine + " Mail sent. Please check your inbox."
'MsgBox("SENT")
Return True
Else
lblMessage.ForeColor = Color.Red
lblMessage.Text = "Error02: Mail not delivered!"
'MsgBox("Error02: Mail not delivered!" & vbCrLf & "New Token has been generated.")
If Session.Item("TokenforEmail") = Nothing Then
tokenname = genToken(username, password, email)
Session.Add("TokenforEmail", tokenname)
Else
tokenname = Session.Item("TokenforEmail").ToString()
End If
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody, tokenname)
Return False
End If
Catch ex As Exception
'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt
End Try
Return False
End Function
Function genToken(username As String, password As String, email As String) As String
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As String
Try
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
Return token
Catch Ex As Exception
Dim Msg, Style, Title As String
Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given."
Style = vbRetry + vbExclamation + vbDefaultButton1
Title = "Error05: Token-Generierung"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Convert.ToBase64String(time.Concat(Key).ToArray()))
If SendEmail(username, password, email, token) = False Then
'MsgBox("Email could not been sent because of an internal encryption error.", vbOK + vbInformation + vbDefaultButton1, "Token-Generation Error")
Else
'MsgBox("Email has been sent successful." & vbCr & "Please check your E-Mails!", vbOK + vbInformation + vbDefaultButton1, "Token-Generation successful!")
End If
'Else
'MsgBox("Token-Generation has not been successful." & vbCrLf & "Please try again in five seconds!")
Dim jetzt As DateTime = DateTime.UtcNow
Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5)
If jetzt < wenn Then
Return "NotYet"
Else
token = genToken(username, password, email)
Return token
'End If
End If
End Try
End Function
Function getDateoftoken(tokenname As String) As Boolean
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname))
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
nameoftoken = String.Empty
tokenname = nameoftoken
'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
Session.Remove("TokenforEmail")
Return False
ElseIf nameoftoken = "Error04" Then
nameoftoken = String.Empty
tokenname = nameoftoken
Session.Remove("TokenforEmail")
Return False
ElseIf nameoftoken = "NotYet" Then
Return True
Else
Return True
End If
End Function
End Class
Reference in New Issue View Git Blame Copy Permalink