how to send email in asp.net just for confirmation for the user registration?
Thanks
Printable View
how to send email in asp.net just for confirmation for the user registration?
Thanks
I think you have some forums in mind.I'm afraid it doesn't work that way.You will have to do some significant coding work.
Hello,
Have a look here:
http://www.4guysfromrolla.com/articles/062508-1.aspx
This is part of a 18 part series that details pretty much everything you can do with the ASP.Net Providers:
http://www.4guysfromrolla.com/articles/120705-1.aspx
Gary
I have 2 problems with this article.
1st)If you create an account and use wizard sendmail then if the mail server doesn't send the mail due to some issue then the user is blocked for life.
2nd)No matter what the article says about the userid you should never give away the userid stored in the SQL server.I'd use a random guid and then after it has served it's purpose, deleted it.
Hello,
For the first one, most sites deal with this by allowing the authentication email to be sent again, so you could use a similar approach here.
I don't really see the concern here. The UserId doesn't help anyone in terms of accessing the account information, it is only useful in server side code.
Gary
For the email i had a personal experience with the sending and i can definitely say there could be a problem.
For the user id.Yes ok if someone believes that no one will never bypass any security and that a hacker will never run a simple select on a user id then it's fine.
I can see what you are getting at, but there are lots of things that would have to fail before this would be a problem, and at that point, it wouldn't just be the user database that would be at risk.
For instance, the UserId is being sent to a single email address, so any hacker would need access to that email address. They would then need to identify a SQL Injection vulnerability on the site, which no one here would have as everyone uses parameters (see the link in my signature). Or they would need to have hacked into your ISP and gained access to your database, which again wouldn't happen as everyone here uses very strong passwords, right? :)
Gary
Yes,well,riiight.As a package delivery company i am doing business with that used sa, admin :)
There are other way to hack to sql and bypass the parameters (one is ports) but this is not for conversation here.
Edit:Also show it does " e.Message.Body = e.Message.Body.Replace" on wizard.Is this rendered on viewstate?If so it's troublesome.Never used the user wizard,so.