Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New Coder
    Join Date
    Apr 2005
    Posts
    53
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Emailing forgotten password with JMail, MS SQL and ASP

    Hello,
    I'm trying to create a simple form that someone who has forgotten their password can enter their email address and, if the email matches the db, email them their password. I cannot find an example for doing this with JMail. I'm using ASP and a MS SQL database. The 'employers' db has the fields 'email' and 'pw'. I'm a newbie, so an example would be most helpful. Any assistance would be very much appreciated. Below is my trainwreck of code...

    Code:
    <!-- FORM PAGE -->
    <form method="POST" action="sendpassword.asp">
    E-mail Address:<input type="text" name="email" size="30"> 
    <p><input type="submit" value="Send it"></p> 
    </form>
    <!-- END FORM PAGE -->
    
    <!-- FORM ACTION PAGE -->
    <%@ LANGUAGE="VBSCRIPT" %>
    <!-- DATABASE CONNECTION INCLUDE -->
    <!-- #include file="db.inc" -->
    <html>
    <%
    If (Request.Form("email") = "") Then
    	"SELECT * FROM Employers WHERE email = '" & email & "'"
    %>
    
    <head>
    <title>Send Password</title>
    </head>
    <body>
    <%
    'checks if email address exists in the database before sending a message.
    If objrs.EOF then
    %>
    <table border="0" cellPadding="0" cellSpacing="1" width="540">
    <tr>
    <td bgcolor="#FF0000"><font color="#FFFFFF"><b>Invalid Email Address</b></font></td>
    </tr>
    </table>
    <p><span>We could not find</span><span> <%=email%></span> 
    <span> in our database.</span></p>
    <% Else %>
    
    <%
    'sets variables
    email = request.form("email")
    'chooses email/username and password from database that correspond to submitted email address.
    pass = objrs.Fields("pw")
    
    Set JMail = Server.CreateObject("JMail.SMTPMail") 
    JMail.ServerAddress = "SERVER ADDRESS REMOVED FOR FORUM POST"
    JMail.Sender = "SENDER ADDRESS REMOVED FOR FORUM POST" 
    JMail.Subject = "Your Password"
    JMail.AddRecipient = email
    JMail.Body = "Your user name and password are below as requested:" & vbCrLf
    JMail.Body = JMail.Body & "Per your request your account login information is: " & vbCrlf & vbCrlf _
    & "Password=" & pw & vbCrlf
    JMail.Body = JMail.Body & "You may now use these to log on"
    JMail.Priority = 3
    JMail.Execute
    %>
    
    <p>We just sent your login information to <%=email%>.<br>
    You should receive it shortly.</p>
    <%
    ' Close Data Access Objects and free connection variables
    objDC.Close
    Set objRS = Nothing
    Set objDC = Nothing
    %>
    <%end if%>
    </html>

  • #2
    New Coder
    Join Date
    Jul 2002
    Location
    UK
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Looks like you're heading in the right direction.

    This is the password retreival script I use on one of my sites. It actually generates a new password rather than emailing them their old one.

    There are several functions I'm using such as sendMail and randomPassword which live in the functions include, as well as the database stuff which is a class. But if you ignore that you should be able to see what's going on.

    Hope this helps:

    Code:
    <% page = "Password Retrieval" %>
    <!-- #include file="includes/inc_database.asp" -->
    <!-- #include file="includes/inc_functions.asp" -->
    <!-- #include file="includes/inc_html_top.asp" -->
                 <h1>Retrieve Password</h1>
    <%	If len(Request.cookies("request")) > 0 Then %>
                 <h2>Retrieval Failed.</h2>
                 <p>You have already had one successful retrieval request in the last 24 hours.</p>
                 <p>You cannot use the retrival system again until <%=Request.cookies("request")%>.</p>
    <%
    	ElseIf Request.ServerVariables("REQUEST_METHOD") = "POST" Then
    
    		Dim db, username, newpass
    
    		username = Request.form("username")
    		email = Request.form("email")
    
    		Set db = new Database
    		db.query ("SELECT nick, email, password FROM members WHERE nick = '" & fixSql(username) & "'"), true
    
    		If db.gotResult Then
    			If lcase(email) = lcase(db.rs("email")) Then
    				newpass = randomPassword  ' Generate a new password.
    				db.rs("password") = SHA256(newpass)
    				db.rs.Update
    
    				Response.cookies("request") = dateAdd("d", 1, now)
    				Response.Cookies("request").Expires = dateAdd("d", 1, now)
    				sendMail lcase(email), "Guitar Channel - Password Request.", "" &_
    					"Hello " & db.rs("nick") & "," & vbCrlf & "A new password was requested from the guitar channel website" &_
    					" www.whatever.com" & vbCrlf & vbCrlf & "Your details are as follows:" & vbCrlf &_
    					"Username: " & db.rs("nick") & vbCrlf & "Password: " & newpass & vbCrlf & vbCrlf &_
    					"Remember you can change this password from your User Control Panel once you log in." & vbCrlf & vbCrlf &_
    					"Thank You."
    %>
                 <h2>Your password request has been sent.</h2>
                 <p>You should recieve an email shortly with your details.</p>
                 <p>When you recieve your email you can then <a href="login.asp">login</a>.</p>
    <%
    			Else
    %>
                 <h2>Retrieval Failed.</h2>
                 <p>Sorry, your email address was not found in the database.</p>
                 <p>Ask an Operator in the <a href="irc.asp">IRC Channel</a> for further assistance.</p>
    <%
    			End If
    		Else
    %>
                 <h2>Retrieval Failed.</h2>
                 <p>Sorry, your username was not found in the database.</p>
                 <p>Please <a href="retrieve.asp">try again</a>.</p>
    <%
    		Set db = Nothing
    		End If
    	Else
    
    %>
                 <p>
                   If you entered your e-mail address when registering to this site, then you can have a new password
                   sent to you via email.
                 </p>
                 <p>Simply just fill in the form below and press the submit button.</p>
                 <form action="retrieve.asp" method="post" id="retrieve">
                   <p>Username:<br /><input type="text" name="username" /></p>
                   <p>E-Mail:<br /><input type="text" name="email" /></p>
                   <p><input type="submit" value="  Submit  " /></p>
                 <p class="center">Please note, you can only make one retrieval request per day.</p>
                 </form>
    <%	End If %>
    <!-- #include file="includes/inc_html_bottom.asp" -->
    Last edited by MetalStorm; 02-22-2006 at 11:58 PM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •