edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f93d6605583af664cc7008877a53a92c6703d484
VERAG_Homepage/login/login_FLEX.aspx.vb
ja f93d660558 Login GUI Änderungen
2022-02-17 08:25:35 +01:00

518 lines
32 KiB
VB.net
Raw Blame History

Imports System.Data.SqlClient
Imports System.Data
Imports System.Security.Cryptography
Partial Class login_FLEX
Inherits System.Web.UI.Page
Private Customer_ID As String = String.Empty
Private UserNaMe As String = String.Empty
Private passw As String = String.Empty
Private salt As Byte()
Private intzahl As Integer
Public intzahliterats As Integer = -1
Protected Sub Page_Init(sender As Object, e As EventArgs) Handles Me.Init
VERAG_VARIABLES.initerrorcount()
End Sub
Protected Async Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
intzahliterats = VERAG_VARIABLES.getiterationnumber
If Page.User.Identity.Name = "Userwithlongername" Then
Response.Redirect("../Customers/Welcome.aspx")
ElseIf Page.User.Identity.Name = "test2" Then
Response.Redirect("../AvisoTV_FLEX.aspx")
End If
Else
Try
Dim teststr = String.Empty
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 8), Math.Pow(2, 15))
teststr = Await TestPerformance.TestHashrateServerAsync(0.052 * VERAG_VARIABLES.GetCpuSpeed())
Else
intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 8), Math.Pow(2, 15))
teststr = Await TestPerformance.TestHashrateServerAsync(0.053 * VERAG_VARIABLES.GetCpuSpeed())
End If
If String.Equals(teststr, String.Empty) = False Then
intzahliterats = VERAG_VARIABLES.getiterationnumber
End If
Catch Ex As SettingsPropertyNotFoundException
VERAG_VARIABLES.seterrorcount(4534)
intzahliterats = 0
Response.Write(VERAG_VARIABLES.geterrornumb() + "Error on Tests for login! Try again!")
VERAG_VARIABLES.seterrorcount(4232)
sendmail("ja@verag.ag", Session.IsNewSession, VERAG_VARIABLES.geterrornumb)
End Try
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
Public Shared Sub sendmail(emailTo As String, sessionright As Boolean, errornumb As String)
Dim getdomianenvironment As String = String.Empty
Dim pagename As String = String.Empty
Dim ServPort As String = String.Empty
Dim mailto As String = String.Empty
Dim Betreff As String = String.Empty
Dim htmlbody As String = String.Empty
Dim emailnr = VERAG_PROG_ALLGEMEIN.cAllgemein.FIRMA_ID.ToString
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
'MsgBox(getdomianenvironment)
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
ServPort = ":" + HttpContext.Current.Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = emailTo
Betreff = "Passwort reset"
Dim mailpic As String = "<image src=" + "../images/VERAG_AEO_MailSig.jpg" + ">"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Auf der Seite <a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Customers/login_FLEX.aspx> http: //" + getdomianenvironment + "/login/Customers/login_FLEX.aspx </a> trat der Fehler " + errornumb + "auf. Bitte Logs anschauen." + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / >To resend the E-Mail: <a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ForgotPW.aspx>Follow this Link</a><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />")
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
'MsgBox(getdomianenvironment)
ServPort = ":" + HttpContext.Current.Request.ServerVariables("SERVER_PORT")
'pagename = Request.ServerVariables("SCRIPT_NAME")
mailto = emailTo
Betreff = "Passwort reset"
Dim mailpic As String = "<image src=" + "../images/VERAG_AEO_MailSig.jpg" + ">"
Dim Ausschusstext As String = "Wir arbeiten ausschließlich auf Grund der Allgemeinen Spediteurbedingungen in der jeweils geltenden Fassung. Zahlungen werden zunächst auf Frachten, Spesen"
Dim Ausschusstext2 As String = "und Zinsen zuletzt auf Zölle angerechnet. Zahlbar und klagbar in Schärding oder Ried. Steuer-Zoll-und Tarifauskünfte sind unverbindlich."
Dim Ausschusstext3 As String = "We operate exclusively on the basis of the General Freight Forwarding Terms and Conditions in the respectively applicable version. Payments are initially"
Dim Ausschusstext4 As String = "charged on freight, fees and interests and at last on customs duties. The place of jurisdiction: Schärding / Ried. Tax, customs and tariff information are not binding."
htmlbody = String.Format("Auf der Seite <a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/Customers/login_FLEX.aspx> http: //" + getdomianenvironment + "/login/Customers/login_FLEX.aspx </a> trat der Fehler " + errornumb + "auf. Bitte Logs anschauen." + Environment.NewLine + "<br /><br />Notice:<br /><span style='color: #043381;font-size:14px'><i>The Link is valid for 30 minutes until" + Space(1) + Date.Now.AddMinutes(30).ToString() + Space(1) + "only!</i></span><br / >To resend the E-Mail: <a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ForgotPW.aspx>Follow this Link</a><br />Kind regards, <br /><span style='color: #043381'><b>VERAG | EDV Support</b></span><br /><span>" + mailpic + "</span><br /><span style='color: #043381'>VERAG Spedition AG | A 4975 Suben, Nr. 100</span><br /><span style='color: #043381'>T.<a href='tel:+43 7711 2777-xx'>+43 7711 2777-xx</a> |<a href='mailto:@support@verag.ag'>support@verag.ag</a> | " + emailnr + "FN xxxxxxx</span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext2 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext3 + "</i></span><br /><span style='color: #043381;font-size:12px'><i>" + Ausschusstext4 + "</i></span><br />")
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
End If
'Dim pg As String = Request.ServerVariables("URL")
'MsgBox("/" + ServPort + Request.ServerVariables("URL"))
Try
'Dim Strtemp = Session.Keys.Item("urltochangepw")
' Msg.Attachments.Add(attachment)
If String.IsNullOrEmpty(mailto) = False AndAlso String.IsNullOrEmpty(Betreff) = False AndAlso String.IsNullOrEmpty(htmlbody) = False Then
VERAG_PROG_ALLGEMEIN.cProgramFunctions.sendMail(mailto, Betreff, htmlbody)
Else
VERAG_VARIABLES.seterrorcount(7)
'lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "The form has not been filled out completely."
End If
' lblMessage_M.ForeColor = Color.Green
'lblMessage_M.Text = "Success" + Environment.NewLine + "The Password-Reset-Link has been mailed to the valid Address given."
'MsgBox("SENT")
Catch ex As Exception
'MsgBox(Err.Number & ex.Message & ex.StackTrace.ToString) 'Falls ein Fehler auftritt wird eine MsgBox angezeigt
End Try
End Sub
Protected Async Sub ValidateUser(sender As Object, e As EventArgs) Handles Login1.Authenticate
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Dim tb As TextBox = Login1.FindControl("txt_CustomerID")
Dim tb_M As TextBox = Login2.FindControl("txt_CustomerID_M")
Dim tb2 As TextBox = Login1.FindControl("Username")
Dim tb2_M As TextBox = Login2.FindControl("Username")
Dim tb3 As TextBox = Login1.FindControl("Password")
Dim tb3_M As TextBox = Login2.FindControl("Password")
Dim reqfieldvaluserID As RequiredFieldValidator = Login1.FindControl("CustomerIDrequired")
Dim reqfieldvaluserID_M As RequiredFieldValidator = Login2.FindControl("CustomerID_M_required")
Dim reqfieldvaluserName As RequiredFieldValidator = Login1.FindControl("UserNamerequired")
Dim reqfieldvaluserName_M As RequiredFieldValidator = Login2.FindControl("UserName_M_required")
Dim reqfieldvalpassw As RequiredFieldValidator = Login1.FindControl("Passwordrequired")
Dim reqfieldvalpassw_M As RequiredFieldValidator = Login2.FindControl("Passwordrequired_M")
Dim regexuserID As RegularExpressionValidator = Login1.FindControl("valid_getNumberInput")
Dim regexuserID_M As RegularExpressionValidator = Login2.FindControl("valid_getNumber_M_Input")
Dim regexusername As RegularExpressionValidator = Login1.FindControl("check_UserName_regex")
Dim regexusername_M As RegularExpressionValidator = Login2.FindControl("check_UserName_M_regex")
Dim cb As CheckBox = Login1.FindControl("RememberMe")
Dim cb_M As CheckBox = Login2.FindControl("RememberMe_M")
If String.IsNullOrEmpty(tb.Text) = False AndAlso String.IsNullOrEmpty(tb_M.Text) = True Then
reqfieldvaluserID.Enabled = True
reqfieldvaluserID_M.Enabled = False
reqfieldvaluserID.Validate()
If reqfieldvaluserID.IsValid = True Then
regexuserID.Validate()
If regexuserID.IsValid Then
Customer_ID = tb.Text
Else
VERAG_VARIABLES.seterrorcount(1)
regexuserID.ErrorMessage = VERAG_VARIABLES.geterrornumb + ": Customer-ID has to be a number."
End If
End If
End If
If String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True Then
reqfieldvaluserName.Enabled = True
reqfieldvaluserName_M.Enabled = False
regexusername.Validate()
If reqfieldvaluserName.IsValid = True Then
If regexusername.IsValid Then
UserNaMe = tb2.Text
Else
VERAG_VARIABLES.seterrorcount(2)
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Username does not have any special characters in it."
End If
Else
reqfieldvaluserName.ErrorMessage = String.Empty
End If
End If
If String.IsNullOrEmpty(tb3.Text) = False AndAlso String.IsNullOrEmpty(tb3_M.Text) = True Then
reqfieldvalpassw.Enabled = True
reqfieldvalpassw_M.Enabled = False
reqfieldvalpassw.Validate()
If reqfieldvalpassw.IsValid = True Then
intzahl = VERAG_VARIABLES.RandomInteger(107, Math.Pow(2, 10))
Dim hashpw1 As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3.Text, salt, intzahliterats, intzahl)
passw = tb3.Text
End If
End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", UserNaMe)
cmd.Parameters.AddWithValue("@KundenNr", Customer_ID)
cmd.Parameters.AddWithValue("@Password", passw)
cmd.Connection = con
con.Open()
cmd.ExecuteScalar()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows = True Then
dr.Read()
'MsgBox(dr.Item(0).ToString())
Select Case dr.Item(0)
Case 0
VERAG_VARIABLES.seterrorcount(5)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username and/or Password do not match."
Exit Select
Case -2
VERAG_VARIABLES.seterrorcount(6)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Account is not activated."
Exit Select
Case Else
If tb.Text = dr("KundenNr").ToString Then
Customer_ID = dr("KundenNr").ToString
Else
VERAG_VARIABLES.seterrorcount(7)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "ID cannot be found in the database!"
End If
If tb2.Text = dr("Username") Then
UserNaMe = dr("Username").ToString
Else
VERAG_VARIABLES.seterrorcount(8)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
End If
If String.Equals(tb3.Text, dr("Password").ToString) = True Then
intzahl = VERAG_VARIABLES.RandomInteger(VERAG_VARIABLES.RandomInteger(95, 200), Math.Pow(2, 10))
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3.Text, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
passw = tb3.Text
Else
passw = String.Empty
End If
Else
VERAG_VARIABLES.seterrorcount(9)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the Database!"
End If
If String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True And String.Equals(tb.Text, dr("KundenNr").ToString) = True AndAlso String.Equals(tb2.Text, dr("Username").ToString) = True AndAlso String.Equals(tb3.Text, dr("Password").ToString) = True Then
FormsAuthentication.SetAuthCookie(Login1.UserName, cb.Checked)
'If (String.IsNullOrEmpty(passw) = False And String.IsNullOrEmpty(UserNaMe) = False And String.IsNullOrEmpty(Customer_ID) = False) Then
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
'MsgBox(str)
'End If
FormsAuthentication.RedirectFromLoginPage(UserNaMe, cb.Checked)
End If
'MsgBox("Erfolgreich validiert.")
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
Exit Select
'setDBLastLoggedIn(tb2.Text)
End Select
End If
dr.Close()
con.Close()
End Using
End Using
End Sub
Protected Async Sub ValidateUser_M(sender As Object, e As EventArgs) Handles Login2.Authenticate
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Dim tb As TextBox = Login1.FindControl("txt_CustomerID")
Dim tb_M As TextBox = Login2.FindControl("txt_CustomerID_M")
Dim tb2 As TextBox = Login1.FindControl("Username")
Dim tb2_M As TextBox = Login2.FindControl("Username")
Dim tb3 As TextBox = Login1.FindControl("Password")
Dim tb3_M As TextBox = Login2.FindControl("Password")
Dim reqfieldvaluserID As RequiredFieldValidator = Login1.FindControl("CustomerIDrequired")
Dim reqfieldvaluserID_M As RequiredFieldValidator = Login2.FindControl("CustomerID_M_required")
Dim reqfieldvaluserName As RequiredFieldValidator = Login1.FindControl("UserNamerequired")
Dim reqfieldvaluserName_M As RequiredFieldValidator = Login2.FindControl("UserName_M_required")
Dim reqfieldvalpassw As RequiredFieldValidator = Login1.FindControl("Passwordrequired")
Dim reqfieldvalpassw_M As RequiredFieldValidator = Login2.FindControl("Passwordrequired_M")
Dim regexuserID As RegularExpressionValidator = Login1.FindControl("valid_getNumberInput")
Dim regexuserID_M As RegularExpressionValidator = Login2.FindControl("valid_getNumber_M_Input")
Dim regexusername As RegularExpressionValidator = Login1.FindControl("check_UserName_regex")
Dim regexusername_M As RegularExpressionValidator = Login2.FindControl("check_UserName_M_regex")
Dim cb As CheckBox = Login1.FindControl("RememberMe")
Dim cb_M As CheckBox = Login2.FindControl("RememberMe_M")
If String.IsNullOrEmpty(tb_M.Text) = False AndAlso String.IsNullOrEmpty(tb.Text) = True Then
reqfieldvaluserID.Enabled = False
reqfieldvaluserID_M.Enabled = True
If reqfieldvaluserID_M.IsValid = True Then
regexusername_M.Validate()
If regexusername_M.IsValid Then
Customer_ID = tb_M.Text
Else
VERAG_VARIABLES.seterrorcount(2)
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Customer-ID does not have any special characters in it."
End If
End If
End If
If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then
reqfieldvaluserName.Enabled = False
reqfieldvaluserName_M.Enabled = True
reqfieldvaluserName_M.Validate()
If reqfieldvaluserName_M.IsValid = True Then
regexusername_M.Validate()
If regexusername.IsValid Then
UserNaMe = tb2_M.Text
Else
VERAG_VARIABLES.seterrorcount(3)
regexusername.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Password has to match the criterias of tge info button."
End If
End If
End If
If String.IsNullOrEmpty(tb3_M.Text) = False AndAlso String.IsNullOrEmpty(tb3.Text) = True Then
reqfieldvalpassw.Enabled = False
reqfieldvalpassw_M.Enabled = True
reqfieldvalpassw_M.Validate()
intzahl = VERAG_VARIABLES.RandomInteger(147, Math.Pow(2, 10))
If reqfieldvalpassw_M.IsValid = True Then
Dim hashpw_M As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
passw = tb3_M.Text
tb3_M.Attributes.Add("style", "border: solid 2px lime")
Else
VERAG_VARIABLES.seterrorcount(4)
reqfieldvalpassw_M.ErrorMessage = "Password does Not meet the requirements!"
End If
End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", UserNaMe)
cmd.Parameters.AddWithValue("@KundenNr", Customer_ID)
cmd.Parameters.AddWithValue("@Password", passw)
cmd.Connection = con
con.Open()
cmd.ExecuteScalar()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows = True Then
dr.Read()
'MsgBox(dr.Item(0).ToString())
Select Case dr.Item(0)
Case 0
VERAG_VARIABLES.seterrorcount(5)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Username and/or Password do not match."
Exit Select
Case -2
VERAG_VARIABLES.seterrorcount(6)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Account is not activated."
Exit Select
Case Else
If tb_M.Text = dr("KundenNr").ToString Then
Customer_ID = dr("KundenNr").ToString
Else
VERAG_VARIABLES.seterrorcount(7)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "ID cannot be found in the database!"
End If
If tb2_M.Text = dr("Username").ToString Then
UserNaMe = dr("Username").ToString
Else
VERAG_VARIABLES.seterrorcount(8)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
End If
If String.Equals(tb3_M.Text, dr("Password").ToString) = True Then
intzahl = VERAG_VARIABLES.RandomInteger(147, Math.Pow(2, 10))
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
passw = tb3_M.Text
Else
passw = String.Empty
End If
Else
VERAG_VARIABLES.seterrorcount(9)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the Database!"
End If
If String.IsNullOrEmpty(tb2.Text) = True AndAlso String.IsNullOrEmpty(tb2_M.Text) = False And String.Equals(tb_M.Text, dr("KundenNr").ToString) = True AndAlso String.Equals(tb2_M.Text, dr("Username").ToString) = True AndAlso String.Equals(tb3_M.Text, dr("Password").ToString) = True Then
FormsAuthentication.SetAuthCookie(Login2.UserName, cb_M.Checked)
'If (String.IsNullOrEmpty(passw) = False And String.IsNullOrEmpty(UserNaMe) = False And String.IsNullOrEmpty(Customer_ID) = False) Then
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
'MsgBox(str)
'End If
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
FormsAuthentication.RedirectFromLoginPage(UserNaMe, cb_M.Checked)
Else
Login2.FailureText = "Password could not be validated by our server."
End If
'setDBLastLoggedIn_M(UserNaMe)
'MsgBox("Erfolgreich validiert.")
Exit Select
End Select
End If
dr.Close()
con.Close()
End Using
End Using
End Sub
Protected Sub LoginButton_Click(sender As Object, e As EventArgs)
Validate("Login")
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
End Sub
Protected Sub LoginButton_M_Click(sender As Object, e As EventArgs)
Validate("Login_M")
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
End Sub
Function gensaltToken(username As String, password As String, CustomerID As String, intzahliterats As Integer, intzahl As Integer, isnewSession As Boolean) As String
If isnewSession = False Then
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As Byte()
token = VERAG_VARIABLES.HashPassword(Convert.ToBase64String(time.Concat(Key).ToArray()), salt, intzahliterats, intzahl)
Return VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(token))
'Dim Msg, Style, Title As String
'Msg = "Token Generation failed" & vbCrLf & "A new E-mail has been sent to the intern e-mail given."
'Style = vbRetry + vbExclamation + vbDefaultButton1
'Title = "Error05: Token-Generierung"
'MsgBox(Msg, Style, Title)
'If MsgBox(Msg, Style, Title).Retry Then
'genToken(username, password, email)
token = VERAG_VARIABLES.HashPassword(Convert.ToBase64String(time.Concat(Key).ToArray()), salt, intzahliterats, intzahl)
Return VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(token))
'Else
'MsgBox("Token-Generation has not been successful." & vbCrLf & "Please try again in five seconds!")
Dim jetzt As DateTime = DateTime.UtcNow
Dim wenn As DateTime = DateTime.UtcNow.AddSeconds(-5)
If jetzt < wenn Then
Return "NotYet"
Else
token = VERAG_VARIABLES.HashPassword(Convert.ToBase64String(time.Concat(Key).ToArray()), salt, intzahliterats, intzahl)
Return VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(token))
'End If
End If
End If
End Function
Protected Sub CreateTestusers_Click(sender As Object, e As EventArgs)
Dim str As String = String.Empty
Dim textbox As TextBox = Page.FindControl("txt_numbuserstes")
str = textbox.Text
TestPerformance.createnUsers(Integer.Parse(str))
End Sub
Protected Sub setDBLastLoggedIn(UserName As String)
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
End If
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("Update VERAG_HOMEPAGE.dbo.Users SET [LastLoginDate]='@VALUE' WHERE Username='@Username'")
cmd.Parameters.AddWithValue("@Username", UserName)
cmd.Parameters.AddWithValue("@VALUE", Date.Now.ToString)
cmd.Connection = con
con.Open()
Try
con.Open()
cmd.Connection = con
cmd.ExecuteNonQuery()
Catch ex As Exception
Finally
con.Close()
End Try
End Using
End Using
End Sub
Protected Sub setDBLastLoggedIn_M(UserName As String)
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
End If
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("Update VERAG_HOMEPAGE.dbo.Users SET [LastLoginDate]='@VALUE' WHERE Username='@Username'")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", UserName)
cmd.Parameters.AddWithValue("@VALUE", Date.Now.ToString)
cmd.Connection = con
con.Open()
Try
cmd.Connection = con
cmd.ExecuteNonQuery()
Catch ex As Exception
Finally
con.Close()
End Try
End Using
End Using
End Sub
End Class
Reference in New Issue View Git Blame Copy Permalink