如何在C#asp,net中通过电子邮件发送忘记密码 [英] How to send forgot password via e-mial in C# asp,net
本文介绍了如何在C#asp,net中通过电子邮件发送忘记密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
protected void LinkButton1_Click(object sender, EventArgs e)
{
Random rnd = new Random();
int ram = rnd.Next(1111, 9999);
SqlConnection con = new SqlConnection("Data Source=(local);Integrated Security=true;Initial Catalog=ProPOSDB");
// Gmail Address from where you send the mail
var fromAddress = "checkingforasp@gmail.com";
// any address where the email will be sending
con.Open();
SqlDataAdapter ad = new SqlDataAdapter("SELECT UserName,Password FROM UserInfo Where Email ='" + TextBox1.Text + "'", con);
DataTable dt = new DataTable();
ad.Fill(dt);
con.Close();
var toAddress = dt.Rows[0][0].ToString();
//Password of your gmail address
//const string fromPassword = "yahoo123.com";
// Passing the values and make a email formate to display
string subject = "Password";
string body = ram.ToString();
SmtpClient client = new SmtpClient();
client.Port = 587;
client.Host = "smtp.gmail.com";
System.Net.NetworkCredential nc = new System.Net.NetworkCredential("noman.szic@gmail.com", "pass");
client.EnableSsl = true;
client.UseDefaultCredentials = false;
client.Credentials = nc;
// Passing values to smtp object
client.Send(fromAddress, toAddress, subject, body);
con.Open();
SqlDataAdapter ad1 = new SqlDataAdapter("update UserInfo set Password = '" + ram + "' where UserName = '" + TextBox1.Text + "'", con);
DataTable dt1 = new DataTable();
ad1.Fill(dt1);
con.Close();
}
面临错误
Facing error
Server Error in '/ForgotPass' Application.
The specified string is not in the form required for an e-mail address.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.FormatException: The specified string is not in the form required for an e-mail address.
Source Error:
Line 52: // Passing values to smtp object
Line 53:
Line 54: client.Send(fromAddress, toAddress, subject, body);
Line 55:
推荐答案
谢尔盖是绝对正确的。让我总结所有评论并提出我的想法。
您应该在数据库中存储密码的加密版本,而不是确切的密码。当有人忘记密码时,您将根据您的业务逻辑要求提供电子邮件ID或其他详细信息。然后你发送一个带有临时密码的重置链接(如果可以的话),用户可以通过该密码为该帐户提供一个新密码。
现在,你拿这个新密码并以加密格式再次存储在数据库中。不要以纯文本格式存储确切的密码。
来例外...
Sergey is absolutely correct. Let me summarize all comments and put my thoughts.
You should store the encrypted version of password, not the exact password, in your database. When somebody forget password, you will ask for the email id or other details according to your business logic. Then you send one reset link with a temporary password (if you can), by which the user can provide one new password for the account.
Now, you take this new password and store it again in database in encrypted format. Don't store the exact password in plain text format.
Coming to the exception...
Quote:
异常详细信息:System.FormatException:指定的字符串不是电子邮件地址所需的格式
Exception Details: System.FormatException: The specified string is not in the form required for an e-mail address
似乎问题是的toAddress 。调试并查看下面一行中的值是什么。
Seems like issue is with the toAddress. Debug and see what is the value in the below line.
var toAddress = dt.Rows[0][0].ToString();
这篇关于如何在C#asp,net中通过电子邮件发送忘记密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
