Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
02-22-2006, 09:32 PM #1
- Join Date
- Apr 2005
- Thanked 0 Times in 0 Posts
Emailing forgotten password with JMail, MS SQL and ASP
I'm trying to create a simple form that someone who has forgotten their password can enter their email address and, if the email matches the db, email them their password. I cannot find an example for doing this with JMail. I'm using ASP and a MS SQL database. The 'employers' db has the fields 'email' and 'pw'. I'm a newbie, so an example would be most helpful. Any assistance would be very much appreciated. Below is my trainwreck of code...
<!-- FORM PAGE --> <form method="POST" action="sendpassword.asp"> E-mail Address:<input type="text" name="email" size="30"> <p><input type="submit" value="Send it"></p> </form> <!-- END FORM PAGE --> <!-- FORM ACTION PAGE --> <%@ LANGUAGE="VBSCRIPT" %> <!-- DATABASE CONNECTION INCLUDE --> <!-- #include file="db.inc" --> <html> <% If (Request.Form("email") = "") Then "SELECT * FROM Employers WHERE email = '" & email & "'" %> <head> <title>Send Password</title> </head> <body> <% 'checks if email address exists in the database before sending a message. If objrs.EOF then %> <table border="0" cellPadding="0" cellSpacing="1" width="540"> <tr> <td bgcolor="#FF0000"><font color="#FFFFFF"><b>Invalid Email Address</b></font></td> </tr> </table> <p><span>We could not find</span><span> <%=email%></span> <span> in our database.</span></p> <% Else %> <% 'sets variables email = request.form("email") 'chooses email/username and password from database that correspond to submitted email address. pass = objrs.Fields("pw") Set JMail = Server.CreateObject("JMail.SMTPMail") JMail.ServerAddress = "SERVER ADDRESS REMOVED FOR FORUM POST" JMail.Sender = "SENDER ADDRESS REMOVED FOR FORUM POST" JMail.Subject = "Your Password" JMail.AddRecipient = email JMail.Body = "Your user name and password are below as requested:" & vbCrLf JMail.Body = JMail.Body & "Per your request your account login information is: " & vbCrlf & vbCrlf _ & "Password=" & pw & vbCrlf JMail.Body = JMail.Body & "You may now use these to log on" JMail.Priority = 3 JMail.Execute %> <p>We just sent your login information to <%=email%>.<br> You should receive it shortly.</p> <% ' Close Data Access Objects and free connection variables objDC.Close Set objRS = Nothing Set objDC = Nothing %> <%end if%> </html>
02-22-2006, 11:55 PM #2
- Join Date
- Jul 2002
- Thanked 0 Times in 0 Posts
Looks like you're heading in the right direction.
This is the password retreival script I use on one of my sites. It actually generates a new password rather than emailing them their old one.
There are several functions I'm using such as sendMail and randomPassword which live in the functions include, as well as the database stuff which is a class. But if you ignore that you should be able to see what's going on.
Hope this helps:
<% page = "Password Retrieval" %> <!-- #include file="includes/inc_database.asp" --> <!-- #include file="includes/inc_functions.asp" --> <!-- #include file="includes/inc_html_top.asp" --> <h1>Retrieve Password</h1> <% If len(Request.cookies("request")) > 0 Then %> <h2>Retrieval Failed.</h2> <p>You have already had one successful retrieval request in the last 24 hours.</p> <p>You cannot use the retrival system again until <%=Request.cookies("request")%>.</p> <% ElseIf Request.ServerVariables("REQUEST_METHOD") = "POST" Then Dim db, username, newpass username = Request.form("username") email = Request.form("email") Set db = new Database db.query ("SELECT nick, email, password FROM members WHERE nick = '" & fixSql(username) & "'"), true If db.gotResult Then If lcase(email) = lcase(db.rs("email")) Then newpass = randomPassword ' Generate a new password. db.rs("password") = SHA256(newpass) db.rs.Update Response.cookies("request") = dateAdd("d", 1, now) Response.Cookies("request").Expires = dateAdd("d", 1, now) sendMail lcase(email), "Guitar Channel - Password Request.", "" &_ "Hello " & db.rs("nick") & "," & vbCrlf & "A new password was requested from the guitar channel website" &_ " www.whatever.com" & vbCrlf & vbCrlf & "Your details are as follows:" & vbCrlf &_ "Username: " & db.rs("nick") & vbCrlf & "Password: " & newpass & vbCrlf & vbCrlf &_ "Remember you can change this password from your User Control Panel once you log in." & vbCrlf & vbCrlf &_ "Thank You." %> <h2>Your password request has been sent.</h2> <p>You should recieve an email shortly with your details.</p> <p>When you recieve your email you can then <a href="login.asp">login</a>.</p> <% Else %> <h2>Retrieval Failed.</h2> <p>Sorry, your email address was not found in the database.</p> <p>Ask an Operator in the <a href="irc.asp">IRC Channel</a> for further assistance.</p> <% End If Else %> <h2>Retrieval Failed.</h2> <p>Sorry, your username was not found in the database.</p> <p>Please <a href="retrieve.asp">try again</a>.</p> <% Set db = Nothing End If Else %> <p> If you entered your e-mail address when registering to this site, then you can have a new password sent to you via email. </p> <p>Simply just fill in the form below and press the submit button.</p> <form action="retrieve.asp" method="post" id="retrieve"> <p>Username:<br /><input type="text" name="username" /></p> <p>E-Mail:<br /><input type="text" name="email" /></p> <p><input type="submit" value=" Submit " /></p> <p class="center">Please note, you can only make one retrieval request per day.</p> </form> <% End If %> <!-- #include file="includes/inc_html_bottom.asp" -->
Last edited by MetalStorm; 02-22-2006 at 11:58 PM.