I can't figure out how to email the password from a sql database I have a formview on my webpage can I pull it from there? or can I pull it directly on my backend code? Using C# I tried + passwordlabel + I tried using findcontrol.formview I can seem to get it right

The part where I have label2.text = findcontrol... I get this in the email System.Web.UI.WebControls.Label

my email.aspx code

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Net.Mail;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Configuration;
using System.Net;
using System.Text;
using System.IO;
using System.Data.SqlClient;


    public partial class Forgot : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }
        protected void bc_fpwd_submit_button_Click(object sender, EventArgs e)
        {
            {
                SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString.ToString());
                con.Open();
                SqlCommand sqlCMD = con.CreateCommand();
                sqlCMD.CommandText = "SELECT * FROM users WHERE email = @email"; // (this should really be a stored procedure, shown here for simplicity)

                // Fill our parameters

                sqlCMD.Parameters.Add("@email", SqlDbType.VarChar, 50).Value = bc_fpwd_uid_textbox.Text;
               
                SqlDataAdapter sqlAD = new SqlDataAdapter(sqlCMD);
                DataSet dsDataSet = new DataSet();
                sqlAD.Fill(dsDataSet);
                if (dsDataSet.Tables[0].Rows.Count > 0)
                {
                    Form.Visible = false;
                    FoundPW.Visible = true;
                    Label1.Text = bc_fpwd_uid_textbox.Text;
                    bc_fuid_validator.Visible = true;
                    
                    Label2.Text = this.FormView1.FindControl("passwordLabel").ToString();
                    string MyValue = Label2.Text;


                    // Do this if username not found in database
                }
                else
                {
                    Form.Visible = true;
                    FoundPW.Visible = false;
                    bc_no_uid_label.Visible = true;
                }
                con.Close();
                sqlAD.Dispose();
            }

        }



        protected void bc_fpwd_cancel_button_Click(object sender, EventArgs e)
        {

        }
        protected void Button1_Click(object sender, EventArgs e)
        {
            if (Page.IsValid)
            {
                System.Configuration.Configuration config
                    = WebConfigurationManager.OpenWebConfiguration(base.Request.ApplicationPath);
                AppSettingsSection appSettings = (AppSettingsSection)config.GetSection("appSettings");

                //appSettings.Settings["EmailHost"].Value
                string emailHost = appSettings.Settings["EmailHost"].Value;
                string fromAddress = appSettings.Settings["FromEmailAddr"].Value;
                string toAddress = "me@vortexamerica.com";
                
      

                SmtpClient smtpClient = new SmtpClient(emailHost);

                // Default in IIS will be localhost 
                //smtpClient.Host = "localhost";

                //Default port will be 25
                 smtpClient.Port = 25;


                MailMessage message = new MailMessage();
                message.IsBodyHtml = false;
                message.Priority = MailPriority.High;
                message.DeliveryNotificationOptions = DeliveryNotificationOptions.OnFailure;

                try
                {
                    message.Subject = "Paal Camera Forgot Password";
                    message.Body += "Sender: " + bc_fpwd_uid_textbox.Text + "\n";
                    message.Body += "Password: " + FormView1.FindControl("passwordlabel").ToString()+ "\n";
                    
                    

                    smtpClient.Send(fromAddress, toAddress, message.Subject, message.Body);

                    
                }
                catch (Exception ex)
                {
                    // Display error panel
                    

                    // Log error
                    
                }
                
            }

        }

    }

I ended up getting it I had to use this

using web = System.Web.UI.WebControls;

web.Label password = (web.Label)FormView1.FindControl("passwordlabel");
string mypassword = password.Text;

//Label2.Text = this.FormView1.FindControl("passwordLabel").ToString();
Label2.Text = password.Text;

The fact that passwords are recoverable in clear text from your database should be regarded as a serious (or fatal) security flaw.

Ideally, you should only be storing a cryptographically secure hash of the password.

This article has been dead for over six months. Start a new discussion instead.