Answered by:
Password recovery Issue

Question
-
User-1994446809 posted
I am trying to create password recovery link to be sent to user email. I created a table that will store password reset requests, the table has 3 columns:
1. Id with datatype as uniqueidentifier
2. email (with datatype as nvarchar)
3. RequestDateTime (with datatype as datetime)
The email column in the table is a foreign key linked to primary key email column in another table (Signup Table)
This is the server-side code I used
using System; using System.Collections.Generic; using System.Data; using System.Web.Security; using System.Xml.Linq; using System.Web; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Data.SqlClient; using System.Configuration; using System.Drawing; using System.Net.Mail; using System.Net; public partial class PasswordRecovery : System.Web.UI.Page { SqlCommand cmd = new SqlCommand(); SqlDataAdapter sda = new SqlDataAdapter(); DataSet ds = new DataSet(); SqlConnection con = new SqlConnection("Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\\Dataregister.mdf;Integrated Security=True"); protected void Page_Load(object sender, EventArgs e) { } protected void btnPassRec_Click(object sender, EventArgs e) { SqlCommand cmd = new SqlCommand("SELECT * from Signup where email='"+tbEmailId.Text+"'", con); con.Open(); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { String myGUID = Guid.NewGuid().ToString(); var email = Convert.ToString(dt.Rows[0][0]); SqlCommand cmd1 = new SqlCommand("insert into ForgotPassRequests values ('"+myGUID+"','"+email+"', getdate())", con); cmd1.ExecuteNonQuery(); string ToEmailAddress = dt.Rows[0][0].ToString(); //string Username = dt.Rows[0][1].ToString(); String EmailBody = "HI " + email + " <br/><br/> Click the link below to reset your password <br/><br/> http://localhost:55752/ResetPassword.aspx?email="+myGUID; MailMessage PassRecMail = new MailMessage("youremail@gmail.com", ToEmailAddress); PassRecMail.Body = EmailBody; PassRecMail.IsBodyHtml = true; PassRecMail.Subject = "Reset Password"; SmtpClient SMTP = new SmtpClient("smtp.gmail.com", 587); SMTP.Credentials = new NetworkCredential() { UserName = "youremail@gmail.com", Password = "youGmailPassword" }; SMTP.EnableSsl = true; SMTP.Send(PassRecMail); LblPassRec.Text = "Password Reset Link has been sent to Email"; LblPassRec.ForeColor = Color.Green; } else { LblPassRec.Text = "User Email DOES NOT exist !"; LblPassRec.ForeColor = Color.Red; } } }
When I tested this, I got an error on the browser, as shown below:
If I change the string from "ToEmailAddress = dt.Rows[0][0].ToString();" to "ToEmailAddress = dt.Rows[0][2].ToString();" highlighted in yellow area in the code-behind:
using System; using System.Collections.Generic; using System.Data; using System.Web.Security; using System.Xml.Linq; using System.Web; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Data.SqlClient; using System.Configuration; using System.Drawing; using System.Net.Mail; using System.Net; public partial class PasswordRecovery : System.Web.UI.Page { SqlCommand cmd = new SqlCommand(); SqlDataAdapter sda = new SqlDataAdapter(); DataSet ds = new DataSet(); SqlConnection con = new SqlConnection("Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\\Dataregister.mdf;Integrated Security=True"); protected void Page_Load(object sender, EventArgs e) { } protected void btnPassRec_Click(object sender, EventArgs e) { SqlCommand cmd = new SqlCommand("SELECT * from Signup where email='"+tbEmailId.Text+"'", con); con.Open(); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { String myGUID = Guid.NewGuid().ToString(); var email = Convert.ToString(dt.Rows[0][0]); SqlCommand cmd1 = new SqlCommand("insert into ForgotPassRequests values ('"+myGUID+"','"+email+"', getdate())", con); cmd1.ExecuteNonQuery(); string ToEmailAddress = dt.Rows[0][2].ToString(); //string Username = dt.Rows[0][1].ToString(); String EmailBody = "HI " + email + " <br/><br/> Click the link below to reset your password <br/><br/> http://localhost:55752/ResetPassword.aspx?email="+myGUID; MailMessage PassRecMail = new MailMessage("youremail@gmail.com", ToEmailAddress); PassRecMail.Body = EmailBody; PassRecMail.IsBodyHtml = true; PassRecMail.Subject = "Reset Password"; SmtpClient SMTP = new SmtpClient("smtp.gmail.com", 587); SMTP.Credentials = new NetworkCredential() { UserName = "youremail@gmail.com", Password = "youGmailPassword" }; SMTP.EnableSsl = true; SMTP.Send(PassRecMail); LblPassRec.Text = "Password Reset Link has been sent to Email"; LblPassRec.ForeColor = Color.Green; } else { LblPassRec.Text = "User Email DOES NOT exist !"; LblPassRec.ForeColor = Color.Red; } } }
I get this error:
What do I have to do please ?
Tuesday, June 16, 2020 9:21 PM
Answers
-
User-939850651 posted
Hi, georgeakpan233
I used the sample code you provided and reproduced your problem.
Regarding the issue of "The specified string ... an e-mail address", you could break the point at the corresponding position, and then check whether the correct email address is obtained instead of other information.
Another question, I referred to this case and successfully sent an email. Because I don’t know the structure of your other data tables, you need to make sure you get the correct email address.Please refer to the following code:
using System; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Net; using System.Net.Mail; namespace Demo { public partial class PasswordRecovery : System.Web.UI.Page { SqlCommand cmd = new SqlCommand(); SqlDataAdapter sda = new SqlDataAdapter(); DataSet ds = new DataSet(); SqlConnection con = new SqlConnection("data source=.; database=TestDB; integrated security=SSPI"); protected void Page_Load(object sender, EventArgs e) { } protected void btnPassRec_Click(object sender, EventArgs e) { SqlCommand cmd = new SqlCommand("SELECT * from Signup where email='" + tbEmailId.Text + "'", con); con.Open(); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { String myGUID = Guid.NewGuid().ToString();
//Get valid email address var email = Convert.ToString(dt.Rows[0][1]); SqlCommand cmd1 = new SqlCommand("insert into ForgotPassRequests values ('" + myGUID + "','" + email + "', getdate())", con); cmd1.ExecuteNonQuery(); //Get valid email address string ToEmailAddress = dt.Rows[0][1].ToString(); //string Username = dt.Rows[0][1].ToString(); String EmailBody = "HI " + email + " <br/><br/> Click the link below to reset your password <br/><br/> https://www.baidu.com/"; MailMessage PassRecMail = new MailMessage("youremail@gmail.com", ToEmailAddress); PassRecMail.Body = EmailBody; PassRecMail.IsBodyHtml = true; PassRecMail.Subject = "Reset Password"; SmtpClient SMTP = new SmtpClient("smtp.gmail.com", 587); SMTP.UseDefaultCredentials = false; SMTP.Credentials = new NetworkCredential() { UserName = "youremail@gmail.com", Password = "yourGmailPassword" }; SMTP.EnableSsl = true; SMTP.Send(PassRecMail); LblPassRec.Text = "Password Reset Link has been sent to Email"; LblPassRec.ForeColor = Color.Green; } else { LblPassRec.Text = "User Email DOES NOT exist !"; LblPassRec.ForeColor = Color.Red; } } } }Hope this can help you.
Best regards,
Xudong Peng
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Wednesday, June 17, 2020 3:03 AM -
User-939850651 posted
Hi georgeakpan233,
I mean this has little to do with other data tables, you just need to make sure you got the correct email address as a parameter, and
please click link--> Less secure app access setting to change the status to "turn on", so that you can use gmail to send mail in third-party applications.
For more information, you will see in "learn more".
Best regards,
Xudong Peng
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, June 18, 2020 1:58 AM -
User-943250815 posted
If you made changes (already recommended) and mail address are correct, mail should be sent.
Does not matter if your website is hosted or not- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, June 18, 2020 4:05 PM
All replies
-
User-939850651 posted
Hi, georgeakpan233
I used the sample code you provided and reproduced your problem.
Regarding the issue of "The specified string ... an e-mail address", you could break the point at the corresponding position, and then check whether the correct email address is obtained instead of other information.
Another question, I referred to this case and successfully sent an email. Because I don’t know the structure of your other data tables, you need to make sure you get the correct email address.Please refer to the following code:
using System; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Net; using System.Net.Mail; namespace Demo { public partial class PasswordRecovery : System.Web.UI.Page { SqlCommand cmd = new SqlCommand(); SqlDataAdapter sda = new SqlDataAdapter(); DataSet ds = new DataSet(); SqlConnection con = new SqlConnection("data source=.; database=TestDB; integrated security=SSPI"); protected void Page_Load(object sender, EventArgs e) { } protected void btnPassRec_Click(object sender, EventArgs e) { SqlCommand cmd = new SqlCommand("SELECT * from Signup where email='" + tbEmailId.Text + "'", con); con.Open(); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { String myGUID = Guid.NewGuid().ToString();
//Get valid email address var email = Convert.ToString(dt.Rows[0][1]); SqlCommand cmd1 = new SqlCommand("insert into ForgotPassRequests values ('" + myGUID + "','" + email + "', getdate())", con); cmd1.ExecuteNonQuery(); //Get valid email address string ToEmailAddress = dt.Rows[0][1].ToString(); //string Username = dt.Rows[0][1].ToString(); String EmailBody = "HI " + email + " <br/><br/> Click the link below to reset your password <br/><br/> https://www.baidu.com/"; MailMessage PassRecMail = new MailMessage("youremail@gmail.com", ToEmailAddress); PassRecMail.Body = EmailBody; PassRecMail.IsBodyHtml = true; PassRecMail.Subject = "Reset Password"; SmtpClient SMTP = new SmtpClient("smtp.gmail.com", 587); SMTP.UseDefaultCredentials = false; SMTP.Credentials = new NetworkCredential() { UserName = "youremail@gmail.com", Password = "yourGmailPassword" }; SMTP.EnableSsl = true; SMTP.Send(PassRecMail); LblPassRec.Text = "Password Reset Link has been sent to Email"; LblPassRec.ForeColor = Color.Green; } else { LblPassRec.Text = "User Email DOES NOT exist !"; LblPassRec.ForeColor = Color.Red; } } } }Hope this can help you.
Best regards,
Xudong Peng
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Wednesday, June 17, 2020 3:03 AM -
User-1994446809 posted
Hi XuDong Peng,
Because I don’t know the structure of your other data tablesThe other data table I have, which is the Sign up table has 3 columns:
email (datatype as nvarchar(50)) - username is stored
pass (datatype as nvarchar(50)) - where password is stored
con_pass (datatype as nvarchar(50)) - confirm password is stored
Email is used as the username and as the ID of a user. The email column is the primary key of the table.
Wednesday, June 17, 2020 9:58 AM -
User-943250815 posted
@georgeakpan233 for your first error, see coments of mgbheard and PatriceSC at this thread https://forums.asp.net/t/2151326.aspx
Wednesday, June 17, 2020 2:47 PM -
User-939850651 posted
Hi georgeakpan233,
I mean this has little to do with other data tables, you just need to make sure you got the correct email address as a parameter, and
please click link--> Less secure app access setting to change the status to "turn on", so that you can use gmail to send mail in third-party applications.
For more information, you will see in "learn more".
Best regards,
Xudong Peng
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, June 18, 2020 1:58 AM -
User-1994446809 posted
Does this have to do with the fact that my website is not hosted, as I am still building it ?
Although I switch on my data whenever i am viewing in a browser, to test.
Thursday, June 18, 2020 10:08 AM -
User-943250815 posted
If you made changes (already recommended) and mail address are correct, mail should be sent.
Does not matter if your website is hosted or not- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, June 18, 2020 4:05 PM