Click here to Skip to main content
15,359,217 members
Please Sign up or sign in to vote.
1.00/5 (3 votes)
See more:
Hi all, I'm interviewing for a new job and I will have to interact with C# in my job but only very limited capacity. They gave me this problem to solve and I think I found a way to solve it but I'd love you all's feedback if I said the right thing. I have to go in and explain it on Tues.

Did I do it correctly??

Thank you!!

This is what they asked:
//This method is used to send email within the organization. 
public static void SendEmail(string emailFrom, string emailTo, string subject, string msgBody) 

//Modify the below method in the form pages code behind file to send the Public Assistant  Manager copy to her new email address //pamanager@randomgov.org. 

protected void btnSubmit_Click(object sender, EventArgs e) 
{ 
string msgBody = string.Empty; 
string subject = string.Empty; 
//build the email 
msgBody = "<h1>Contact Public Assistance</h1><p>This email was received from a  user of the County Website.</p>" 
+ "<dl>" 
+ "<dt>Name:</dt>" 
+ "<dd>" + txtName.Text + "</dd>" 
+ "<dt>Email:</dt>" 
+ "<dd>" + txtEmail.Text + "</dd>" 
+ "<dt>Questions / Comments:</dt>" 
+ "<dd>" + txtQuestions.Text.Replace(Environment.NewLine, "<br />") +  "</dd>" 
+ "</dl>"; 
//email Public Assistance Manager 
subject = "Web Contact: Public Assistance Question"; 
SendEmail(ConfigurationManager.AppSettings["emailNoReply"], subject,  "<p>There are new comments from a https://www.county.org/publicassistance  user.</p>" + msgBody); 
//email the user 
subject = "Random County: Public Assistance Question"; 
SendEmail(ConfigurationManager.AppSettings["emailNoReply"], txtEmail.Text,  subject, "<p>Your question/comment has been received and we will reply as soon as  possible.</p>" + msgBody); 
}


What I have tried:

// I'm pretty sure that the SendMail() method at the bottom of script isn't getting the correct number of parameters. 

// Specifically the 'string emailTo' parameter in the '//email Public Asssitant Mannger' section is instead getting the 'subject' variable instead of and actual email address

// Here's my solution:

protected void btnSubmit_Click(object sender, EventArgs e) 
{ 
string msgBody = string.Empty; 
string subject = string.Empty; 
//build the email 
msgBody = "<h1>Contact Public Assistance</h1><p>This email was received from a  user of the County Website.</p>" 
+ "<dl>" 
+ "<dt>Name:</dt>" 
+ "<dd>" + txtName.Text + "</dd>" 
+ "<dt>Email:</dt>" 
+ "<dd>" + txtEmail.Text + "</dd>" 
+ "<dt>Questions / Comments:</dt>" 
+ "<dd>" + txtQuestions.Text.Replace(Environment.NewLine, "<br />") +  "</dd>" 
+ "</dl>"; 
//email Public Assistance Manager 
subject = "Web Contact: Public Assistance Question"; 
SendEmail(ConfigurationManager.AppSettings["emailNoReply"], "pamanager@randomgov.org", subject, "<p>There are new comments from a https://www.county.org/publicassistance user.</p>" + msgBody); 
//email the user 
subject = "Random County: Public Assistance Question"; 
SendEmail(ConfigurationManager.AppSettings["emailNoReply"], txtEmail.Text,  subject, "<p>Your question/comment has been received and we will reply as soon as  possible.</p>" + msgBody); 
}
Posted
Updated 14-Apr-22 20:13pm
v2
Comments
Graeme_Grant 15-Apr-22 1:09am
   
Good luck with the interview...

1 solution

If you aren't sure what's going on, simplify your code:

Move constant strings outside the method, and make them const

Create - and check - email address variables before you try to send messages

I'd strongly consider checking all the text provided by the user and encoding all HTML tags before "blindly" sending it as part of an email - while email readers generally remove JS code from an email body, there have been HTML only exploits that could get through. Blindly accepting text from a user and passing it to the Webmaster isn't the safest way to do things!

You don't check the Configuration manager to see if there is a valid item there at all.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900