Click here to Skip to main content
14,427,400 members
Rate this:
Please Sign up or sign in to vote.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System;
using System.Data;
using System.Data.SqlClient;
using System.Net.Mail;
using System.Configuration;

public partial class ForgotPassword : System.Web.UI.Page
    protected void Page_Load(object sender, EventArgs e)

    protected void btnSubmit_Click(object sender, EventArgs e)
        try {
            DataSet ds = new DataSet();
            string connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
            using (SqlConnection con = new SqlConnection(connectionString))
                SqlCommand cmd = new SqlCommand("SELECT UserName, Password FROM Users Where Email='" + txtEmail.Text.Trim() + "'", con);
                SqlDataAdapter da = new SqlDataAdapter(cmd);
            if (ds.Tables[0].Rows.Count>0)
                MailMessage msg = new MailMessage();
                msg.From = new MailAddress(txtEmail.Text);
                msg.Subject="Share It: Password Recovery";
                msg.Body="Hi, " + ds.Tables[0].Rows[0]["FirstName"] +" " + ds.Tables[0].Rows[0]["LastName"] +"<br />As requested, here is your login details<br /><br />Your Username: " + ds.Tables[0].Rows[0]["UserName"] + "<br /><br />Your Password: " + ds.Tables[0].Rows[0]["Password"] + "<br /><br />Thank you for trusting us! Hope to hear from you soon!<br /><br />";
                msg.IsBodyHtml = true;

                SmtpClient smtp = new SmtpClient("", 587);
                smtp.UseDefaultCredentials = false;
                //smtp.Host = "";
                //smtp.Port = 587;
                smtp.Credentials = new System.Net.NetworkCredential("", "passwordremoved");
                smtp.EnableSsl = true;
                lbltxt.Text = "Your Password Details Sent to your mail.";
                lbltxt.Text = "The Email you entered does not exists.";
        catch (Exception ex) {
                Console.WriteLine("{0} Exception caught.", ex);
                lbltxt.Text = "Unable to send";
Updated 8-Jan-20 23:05pm
Ron Beyer 9-Jan-14 23:36pm
"Thank you for trusting us", I like that, even though you store passwords in clear text in your database, are susceptible to SQL injection attacks making it easy to steal all your users passwords and emails, and posted the password to your email account...
TheresaKang93 9-Jan-14 23:45pm
I understand. But I am just a student trying to do a sample coding for my homework.
Ron Beyer 9-Jan-14 23:47pm
I'm pretty sure your "from" address has to be the same as your account username for gmail, otherwise its called relaying and I'm pretty sure GMail doesn't allow it.
Well, it only makes it even more important to avoid doing bad things when you are just learning. I'll post some links to help you...
But then it's only more important to avoid doing bad things when you are just learning. I added an answer with some references to help you. Please feel free to comment on it and ask some follow-up questions if you have any.
Correct. This is a big no-no way. Passwords should never be stored. Usually, a cryptographic hash value is stored and hash is compared with hash, the original password is never needed for authentication (could be a surprise for OP :-) and is never restored; instead, if someone forgets one's password, a brand new password should be created.
TheresaKang93 10-Jan-14 0:01am
I know password should not be store. But im still a beginner, and my teacher asked us to save it to database and then make a forgot password
In other words, your teacher asked you to do a wrong thing. Very nice. Are you sure attending your school makes any sense? :-)
Yvan Rodrigues 10-Jan-14 21:12pm
Ask your teacher to contact any of us, and we would be happy to give some guidance. As you probably figured out, those of us who chose this as our career take it very seriously. Sadly it is "professionals" who are responsible for disasters like Adobe, Target, etc. -- huge, completely avoidable disasters caused by people who probably listened to their teachers.
Rate this:
Please Sign up or sign in to vote.

Solution 1

Having seen this code, I would never use your website, due to all the security holes.

But, if the email is not sent, then your mail server is not set up correctly, not a big leap from how bad this code is.

Nowadays, passwords get stored encrypted, and it is impossible to send someone their password, all you can do, generally, is send a reset link that uses a GUID to associate with a user, or a temp password they need to change the next time they log in.
Rate this:
Please Sign up or sign in to vote.

Solution 2

Refer my answer - sending email to gmail from[^].
This works pretty good. Tested.

If you are getting any Exception, please reply me with that. I will, help.
Ron Beyer 9-Jan-14 23:56pm
Got my 5, pretty sure the problem here is the "from" address.
Thanks a lot Ron Beyer... :)
TheresaKang93 10-Jan-14 0:24am
Thank you so much! :)
Most welcome buddy. :)
Rate this:
Please Sign up or sign in to vote.

Solution 3

Please see the comments to the questions, Ron's and mine.

Please see my past answers for some further detail:
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^],
Decryption of Encrypted Password[^],
storing password value int sql server with secure way[^].

Ron Beyer 9-Jan-14 23:57pm
Thank you, Ron. I hope you saw another OP's response, same thing again, "but im still a beginner, and my teacher asked us to..." This is so pathological...
Ron Beyer 10-Jan-14 8:56am
Some people aim to pass, others aim to excel.
Sergey Alexandrovich Kryukov 10-Jan-14 10:26am
...and some aim to fail :-)

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
OriginalGriff 5,128
Richard MacCutchan 1,804
phil.o 1,270
Patrice T 1,217
MadMyche 1,110

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100