I'm building a website for a client on which they want site visitors to be able to fill out a form with the relevant information along with their credit card details, and when they submit the form, the information will be sent to the client in an email. This is an experimental services that they're offering so they're not interested in real time credit card processing yet. If I just zip the collected data up into a password protected zip file, and send that in an email to the client, would it be secure? Or do I have to go further than that to secure the data?
I have created a customer website which has a contact us form on which on submit populates a database. I would also like to send to myself the contents of the form in an email when the form is submit.All the examples I have seen seem to require the customer to have an email client and know their email settings to send from, since this can not be known how do I send an email. The website is hosted externally.
I have created a page for filling information, when anyone fills out the form, the information gets e-mailed to all the recipient's e-mail addresses that are mentioned in the code of the page.
I have written the code which is working fine but when i fill out the information in the form, the information is sent to all the 3 e-mail addresses i mentioned in the code, but all 3 recipients of this information can see other recipient's name and address in the "TO " field of their mailbox.
Is it possible to hide other recipients and only show the e-mail address which will be specific to that recipient ?
Having spent considerable amount of time in ASP.NET security community I would like to share this.
There are three ways of resetting and changing passwords explained at
Microsoft ASP.NET site[URL]
Step 1: Helping Users Recover Lost Passwords Step 2: Changing Passwords Step 3: Allowing Administrators to Change Users' Passwords
In step 1 and step 2 end user passwords are sent by an email.
In Step 3: functionality is explained where administror changing the password and sending through email msg. refer "I encourage those readers interested in this functionality to become more familiar with the code and try extending the functionality to include sending an email to the user whose password was changed. Query
Is Sending passwords by emial secure enough or best security password at all? I have implemented functionality where Admin sending passwords to end users by changing once in 3 months. End users expressed their views that sending passwords by email is not secure. When there is security threat in sending passwords by email, Microsoft security experts should not emailing passwords in above mentioned article, which is still up to date.
I have a PasswordRecovery control set up on an ascx control as shown below. In some cases users have gotten two emails with different passwords sent at the same time. They're insistent that they haven't hit the button twice. I am using the CSSFriendly adapters, so I can take that off and see if it corrects the problem. Otherwise I suppose I could put this on the aspx page rather than a control.
I'm building a forgot password feature for my first secure backend.
I want to email a url containing an encrypted parameter to the user which will lead them to a password reset form that can only be accessed via the url with the encrypted parameter.
But what if the email gets intercepted?? then anyone who intercepts it will have the link to the reset page.
Is there a way I can send a secure email? I know nothing about email really. Is it even possible to send a secure email? Can I encrypt the email, will that help? But if it is encrypted then how does the recipient read it?
I was curious how some of you are sending out an email to a new user, are you sending more then one email with username and link in one and then the password in another, are you sending everything in one email, are you sending an email to the new user at all?I'm curious because my web site is not a self registering web site, Only a supervisor can create a new user and then that user gets an email. I'm trying to figure out the best way to send the new user an email with their credentials to the site.the users are outside users (vendors) though their username is created by an internal employee
When i run my page on https it giving me error Do you want to view only the web page content that was delivered securely?
This web page contains content that will not be delivered using a secure https connection. Which could compromise the security of the entire web page. This error i am getting when running it in IE8 In Morzilla i am having warning...Contains Unauthenticated Content. i have checked my page source code but not find any http content all are having relative path etc.
I was wondering if someone can direct me to a good quality tutorial on the process of registering and sending an activation link to the user's email address. I can't seem to find any useful tutorials online!
I want get code for how to stop sending mail when email format is wrong in password recovery control and getting error message and also how to getting error message, means how to stop that.
I have a CMS page that allows the user to paste in or type HTML code into a TextBox in a FormView, then do an INSERT or UPDATE operation to an nvarchar(MAX) column in an SQL table. This is using an ObjectDataSource that refers to an insert or update method in a TableAdapter in my dataset.
When testing, the server initially warned me when I tried to input or update text containing HTML code; so I set the validateRequest="false" in my page header.
I gather this can be a serious security risk. What's the proper way to "validate" the string being input? Am I opening the database to SQL injection?
Only the site administrator has access to the CMS, but malicious could theoretically bust their way in...
I have to make a login form using vb.net. The login form should either accept
Username ID or
Email ID or
Phone number
---- either of one ,and match it with the password of the corresponding record in the user table.
The user table has following column:- U_ID(varchar),mail(varchar),Phone(Number),Password(Varchar)
The form has two textfields - 1. Username
2.Password
And a submit button. If combination is correct I should be redirected to the Index page.
But I don't have to scan through all the columns of the user table to match the password.
(a)If the user enters user_id say- ID 10012 then we should be able to search only the record in the user_id column as it has alphanumeric or varchar data type and match with corresponding password.
(b)If the user enters Email id we should be able to search through the email id column as email id contains "@ and ." sign.
(c)If the user enters phone number then we should search only the phone column as it has numeric datatype.
I have set a job in sql server 2008 to send reminder emails for product expiration. Now I want a report which will specify the list of the emails sent with the email status details like queued ,sent,delivered, failed.
I can fetch the emails that are sent by querying the like following
select * from sysmail_mailitems SM inner join sysmail_profile SP on SM.Profile_Id = SP.Profile_Id and SP.Name ='ReminderProfile'
The problem is only getting a perfect status of email whether it is delived or failed. How I can get those status ?
i have an aspx page, that takes in user data (name, number & email) after that information gets submitted to me, I need to send an email to their input email, with a message of confirmation.
I am sending an email for forgot password to the user. i have formatted the body text of Email but when i have checked that email, it is coming without any formatting.
here is the formatting code which i am sending as a string.....
have code on a web form -- when you hit the button "send emails", it executes this sub which reads an SQL database table and sends emails one by one -- however I get this error above -- anyway to check it and skip to the next email? Some emails in my table have name@test.co.il for example, so it seems this causes this error.
When you click on a button my program have to send a email where a report must be generated from table adapters from dataset. Now this report is not going to be displayed when the button is clicked, so it will be sent automatically by code which I have some part(see below). My questions are:
1. how can you generate or build a report without displaying it. 2.embeed this report or data collection from the table adapters as part of the body of the email
my email code so far is this: mail.From = New MailAddress("qwerty@[URL]") mail.To.Add(New MailAddress("qwerty@[URL]")) mail.Subject = "test" mail.Priority = MailPriority.Normal Dim smpt As New SmtpClient smpt.Host = [URL] smpt.Port = 25 smpt.Credentials = New System.Net.NetworkCredential("qwerty@[URL]","****")) 'hehe not telling :P smpt.EnableSsl = True................
I have a data entry and editing form and in every data entry or update event, I have to send an email to a dynamic list of recipients. I have been sending the email as soon as the user clicks the save or edit buttons but am thinking of first saving the data to the database, and then sending the email later. I want to do this partly to improve the response time of the application as the email sending tends to take a long time than desired.
I am creating a SSIS package, where I am getting all the data into the excelsheet1, which is not formatted.
So i created a formated excelsheet2, where i am giving reference to excelsheet1 cells reference.
And I am sending email by attaching excelsheet2.
I am having issue when the data is updated, but my email attachment excel is showing old data. When i open the excelsheet1 it is being updated. I don't know why excelsheet2 is not updated automatically. I am using BIDS 2005 .
