Have something to say? Contribute New Article Reply to this Article
email password from sql database
I can't figure out how to email the password from a sql database I have a formview on my webpage can I pull it from there? or can I pull it directly on my backend code? Using C# I tried + passwordlabel + I tried using findcontrol.formview I can seem to get it right
The part where I have label2.text = findcontrol... I get this in the email System.Web.UI.WebControls.Label
my email.aspx code
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Net.Mail;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Configuration;
using System.Net;
using System.Text;
using System.IO;
using System.Data.SqlClient;
public partial class Forgot : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void bc_fpwd_submit_button_Click(object sender, EventArgs e)
{
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString.ToString());
con.Open();
SqlCommand sqlCMD = con.CreateCommand();
sqlCMD.CommandText = "SELECT * FROM users WHERE email = @email"; // (this should really be a stored procedure, shown here for simplicity)
// Fill our parameters
sqlCMD.Parameters.Add("@email", SqlDbType.VarChar, 50).Value = bc_fpwd_uid_textbox.Text;
SqlDataAdapter sqlAD = new SqlDataAdapter(sqlCMD);
DataSet dsDataSet = new DataSet();
sqlAD.Fill(dsDataSet);
if (dsDataSet.Tables[0].Rows.Count > 0)
{
Form.Visible = false;
FoundPW.Visible = true;
Label1.Text = bc_fpwd_uid_textbox.Text;
bc_fuid_validator.Visible = true;
Label2.Text = this.FormView1.FindControl("passwordLabel").ToString();
string MyValue = Label2.Text;
// Do this if username not found in database
}
else
{
Form.Visible = true;
FoundPW.Visible = false;
bc_no_uid_label.Visible = true;
}
con.Close();
sqlAD.Dispose();
}
}
protected void bc_fpwd_cancel_button_Click(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
System.Configuration.Configuration config
= WebConfigurationManager.OpenWebConfiguration(base.Request.ApplicationPath);
AppSettingsSection appSettings = (AppSettingsSection)config.GetSection("appSettings");
//appSettings.Settings["EmailHost"].Value
string emailHost = appSettings.Settings["EmailHost"].Value;
string fromAddress = appSettings.Settings["FromEmailAddr"].Value;
string toAddress = "me@vortexamerica.com";
SmtpClient smtpClient = new SmtpClient(emailHost);
// Default in IIS will be localhost
//smtpClient.Host = "localhost";
//Default port will be 25
smtpClient.Port = 25;
MailMessage message = new MailMessage();
message.IsBodyHtml = false;
message.Priority = MailPriority.High;
message.DeliveryNotificationOptions = DeliveryNotificationOptions.OnFailure;
try
{
message.Subject = "Paal Camera Forgot Password";
message.Body += "Sender: " + bc_fpwd_uid_textbox.Text + "\n";
message.Body += "Password: " + FormView1.FindControl("passwordlabel").ToString()+ "\n";
smtpClient.Send(fromAddress, toAddress, message.Subject, message.Body);
}
catch (Exception ex)
{
// Display error panel
// Log error
}
}
}
}I ended up getting it I had to use this
using web = System.Web.UI.WebControls;
web.Label password = (web.Label)FormView1.FindControl("passwordlabel");
string mypassword = password.Text;
//Label2.Text = this.FormView1.FindControl("passwordLabel").ToString();
Label2.Text = password.Text;
The fact that passwords are recoverable in clear text from your database should be regarded as a serious (or fatal) security flaw.
Ideally, you should only be storing a cryptographically secure hash of the password.
Salem
Posting Sage
Team Colleague
11,531 posts since Dec 2005
Reputation Points: 5,862
Solved Threads: 953
This article has been dead for over three months
You
© 2012 DaniWeb® LLC
