忘记密码发送电子邮件两次。为什么 [英] Forgot Password send email twice. Why
本文介绍了忘记密码发送电子邮件两次。为什么的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个表单,忘记密码的用户可以输入他们的电子邮件地址并将其发送到他们的电子邮箱。它有效,但用户收到两次电子邮件。为什么会这样?我的代码中有什么东西吗?
protected void btnPass_Click( object sender,EventArgs e)
{
// 创建连接字符串和SQL语句
string strConnection = ConfigurationManager .ConnectionStrings [ HOTConnectionString]。ConnectionString;
string strSelect = 选择INST_ID,EmailAddress ,来自Tablepass的密码,其中EmailAddress =' + TextBoxEA.Text.Trim()+ '< /跨度>;
SqlConnection connection = new SqlConnection(strConnection);
SqlCommand command = new SqlCommand();
command.Connection = connection;
command.CommandType = CommandType.Text;
command.CommandText = strSelect;
SqlParameter email = new SqlParameter( @ EmailAddress,TextBoxEA.Text.Trim());
email.Value = TextBoxEA.Text.Trim()。ToString();
command.Parameters.Add(email);
// 创建数据集以存储结果,使用DataAdapter填充数据集
DataSet dsPwd = new DataSet();
connection.Open();
SqlDataAdapter dAdapter = new SqlDataAdapter(command);
dAdapter.Fill(dsPwd);
connection.Close();
if (dsPwd.Tables [ 0 ]。Rows.Count > 0 )
{
MailMessage loginInfo = new MailMessage();
loginInfo.To.Add(TextBoxEA.Text.ToString());
loginInfo.From = new MailAddress( Administrator@sacscoc.org, 南方学院和学校委员会 );
loginInfo.Subject = 忘记密码信息;
loginInfo.Body = EmailAddress: + dsPwd.Tables [< span class =code-digit> 0 ]。行[ 0 ] [ EmailAddress] + < br />< ; br />密码: + dsPwd.Tables [ 0 ]。行[ 0 ] [ 密码] + < br />< br />;
loginInfo.IsBodyHtml = true ;
SmtpClient smtp = new SmtpClient( mail .fastfix.com);
smtp.Host = mail.fastfix.com;
smtp.Port = 25 ;
smtp.EnableSsl = true ;
smtp.Credentials = new System.Net.NetworkCredential( @ EamilAddress, YourEmailPassword);
smtp.Send(loginInfo);
lblMessage.Text = 密码将发送到您的电子邮箱;
尝试
{
smtp.Send(loginInfo);
}
catch (例外情况)
{
lblMessage.Text = 哎呀,当我们尝试发送电子邮件时出现错误;
return ;
}
}
else
{
lblMessage.Text = 电子邮件地址未注册;
}
}
}
解决方案
你有这个行的2个实例:smtp.Send(loginInfo);
更新的代码:
loginInfo.Body = EmailAddress: + dsPwd.Tables [ 0 ]。行[ 0 ] [ EmailAddress] + < br />< br />密码: + dsPwd.Tables [ 0 ]。行[ 0 ] [ 密码] + < br />< br />;
loginInfo.IsBodyHtml = true ;
SmtpClient smtp = new SmtpClient( mail .fastfix.com);
smtp.Host = mail.fastfix.com;
smtp.Port = 25 ;
smtp.EnableSsl = true ;
smtp.Credentials = new System.Net.NetworkCredential( @ EamilAddress, YourEmailPassword);
尝试
{
smtp.Send(loginInfo);
lblMessage.Text = 密码将发送到您的电子邮箱;
}
catch (例外情况)
{
lblMessage.Text = 哎呀,当我们尝试发送电子邮件时出现错误;
return ;
}
}
else
{
lblMessage.Text = 电子邮件地址未注册;
}
}
}
joshrduncan2012发现你的代码问题很好。但是您的代码仍然存在潜在的Web Secutity问题。您正在将用户输入连接到内联SQL查询。这是 SQL注入的公开邀请。
有关 SQL注入的更多信息,请查看以下链接。
SQL注入和跨站点脚本
http://en.wikipedia.org/wiki/SQL_injection
I have a form the a user that has forgotten their password can enter in their email address and have it sent to their email. It works but the user gets the email twice. Why is this happening? Is it something in my code?
protected void btnPass_Click(object sender, EventArgs e)
{
//Create Connection String And SQL Statement
string strConnection = ConfigurationManager.ConnectionStrings["HOTConnectionString"].ConnectionString;
string strSelect = "select INST_ID, EmailAddress, Password from Tablepass where EmailAddress ='" + TextBoxEA.Text.Trim() + "'";
SqlConnection connection = new SqlConnection(strConnection);
SqlCommand command = new SqlCommand();
command.Connection = connection;
command.CommandType = CommandType.Text;
command.CommandText = strSelect;
SqlParameter email = new SqlParameter("@EmailAddress", TextBoxEA.Text.Trim());
email.Value = TextBoxEA.Text.Trim().ToString();
command.Parameters.Add(email);
//Create Dataset to store results and DataAdapter to fill Dataset
DataSet dsPwd = new DataSet();
connection.Open();
SqlDataAdapter dAdapter = new SqlDataAdapter(command);
dAdapter.Fill(dsPwd);
connection.Close();
if (dsPwd.Tables[0].Rows.Count > 0)
{
MailMessage loginInfo = new MailMessage();
loginInfo.To.Add(TextBoxEA.Text.ToString());
loginInfo.From = new MailAddress("Administrator@sacscoc.org", "Southern Association of Colleges and Schools Commission on Colleges");
loginInfo.Subject = "Forgot Password Information";
loginInfo.Body = "EmailAddress: " + dsPwd.Tables[0].Rows[0]["EmailAddress"] + "<br /><br />Password: " + dsPwd.Tables[0].Rows[0]["Password"] + "<br /><br />";
loginInfo.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient("mail.fastfix.com");
smtp.Host = "mail.fastfix.com";
smtp.Port = 25;
smtp.EnableSsl = true;
smtp.Credentials = new System.Net.NetworkCredential("@EamilAddress", "YourEmailPassword");
smtp.Send(loginInfo);
lblMessage.Text = "Password is sent to your email";
try
{
smtp.Send(loginInfo);
}
catch (Exception ex)
{
lblMessage.Text = "Oops, Something Went Wrong When We Tried to Send The Email";
return;
}
}
else
{
lblMessage.Text = "Email Address Not Registered";
}
}
} 解决方案
You have 2 instances of this line: smtp.Send(loginInfo);
The Updated code:
loginInfo.Body = "EmailAddress: " + dsPwd.Tables[0].Rows[0]["EmailAddress"] + "<br /><br />Password: " + dsPwd.Tables[0].Rows[0]["Password"] + "<br /><br />"; loginInfo.IsBodyHtml = true; SmtpClient smtp = new SmtpClient("mail.fastfix.com"); smtp.Host = "mail.fastfix.com"; smtp.Port = 25; smtp.EnableSsl = true; smtp.Credentials = new System.Net.NetworkCredential("@EamilAddress", "YourEmailPassword"); try { smtp.Send(loginInfo); lblMessage.Text = "Password is sent to your email"; } catch (Exception ex) { lblMessage.Text = "Oops, Something Went Wrong When We Tried to Send The Email"; return; } } else { lblMessage.Text = "Email Address Not Registered"; } } }
joshrduncan2012 spotted your code issue very well. But your code still has a potential Web Secutity issue. You are concatenating user input to your inline SQL query. This is an open invitation for SQL Injection.
Have a look at below links for more information on SQL Injection.
SQL Injection and Cross-Site Scripting
http://en.wikipedia.org/wiki/SQL_injection
这篇关于忘记密码发送电子邮件两次。为什么的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
