473,324 Members | 2,248 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

email help

currently i am doing a personal website and keep on changing the aspect...
finally the finall decision is to have a login page (requirement in asp.net,
vb.net) and the login with security part of capturing user computer user name
i have done...
my problem is ....

i need the unregistered user to log in to my site and from there there will
be a link for them to key in their short information in a textbox and a html
email will be sent to me (as an admin) whether to accept the request or not..
~ so when i receive the html type email.. there will be extra 2 buttons (for
me to accept or reject the request right?) so is it possible to make it done?
sending using smtp server? tat is fine for me as i can use the server being
provided by our school in which i had already been given permission to do so..
..

so when the button accept being pressed.... it will automatically being saved
to my database (i am using MS access) and the user can gain access to the
site..

sending a html email? is it really can be done with ease? as i am new in .net
.... coz i am still stick to vb6.0 and find it .net quite troublesome... can
you please help me?

on every situation.. an email will be replied to the user stating his or her
status on the request..

as far as i know.. in every commersial website this can be done says for
example.. when i go to their site, and click permission to get access.. an
email will be sent to them right? then maybe it will go through a system
(server ) and then redirect the mail to admin and admin just response to the
mail.. after that the replying thing will be done solely by the system
(server)... is this how the system goes? is i am wrong....
that is the thing i wish to do but to no avail.. so really hope that you
could help in this.. thanks...

thank you...

regards... jason
--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1
Nov 19 '05 #1
6 2753
Typically the way it would be done is to have it send you a notification
email...you then log into the application where you accept/decline the new
account.

The problem with doing it straight from the email is that it won't at all be
secure...there'll be no way for the application to verify that you are
indeed the one clicking the ok...

Karl

--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)
""jason via DotNetMonster.com"" <fo***@DotNetMonster.com> wrote in message
news:50***********@DotNetMonster.com...
currently i am doing a personal website and keep on changing the aspect...
finally the finall decision is to have a login page (requirement in
asp.net,
vb.net) and the login with security part of capturing user computer user
name
i have done...
my problem is ....

i need the unregistered user to log in to my site and from there there
will
be a link for them to key in their short information in a textbox and a
html
email will be sent to me (as an admin) whether to accept the request or
not..
~ so when i receive the html type email.. there will be extra 2 buttons
(for
me to accept or reject the request right?) so is it possible to make it
done?
sending using smtp server? tat is fine for me as i can use the server
being
provided by our school in which i had already been given permission to do
so..
.

so when the button accept being pressed.... it will automatically being
saved
to my database (i am using MS access) and the user can gain access to the
site..

sending a html email? is it really can be done with ease? as i am new in
.net
... coz i am still stick to vb6.0 and find it .net quite troublesome...
can
you please help me?

on every situation.. an email will be replied to the user stating his or
her
status on the request..

as far as i know.. in every commersial website this can be done says for
example.. when i go to their site, and click permission to get access.. an
email will be sent to them right? then maybe it will go through a system
(server ) and then redirect the mail to admin and admin just response to
the
mail.. after that the replying thing will be done solely by the system
(server)... is this how the system goes? is i am wrong....
that is the thing i wish to do but to no avail.. so really hope that you
could help in this.. thanks...

thank you...

regards... jason
--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1

Nov 19 '05 #2
Hi Jason, Following up on Karl's post, it would be unusual to activate
accounts directly from an email, as this would imply that all you had to do
would be to create a POST or GET to the server to activate the new account.

In response to the Html Email part of the question: Creating one is very
simple
look at the System.Web.Mail namespace

e.g

'typically you only need to set the mail server once
Web.Mail.SmtpMail.SmtpServer = "My SMTP Server"

Dim m As New System.Web.Mail.MailMessage
With m
.To = myRecipientEmailAddress
.From = myEmailAddress
.Subject = myMessageSubject
.BodyFormat = Mail.MailFormat.Html
.Body = myHtmlEmailString
End With

Web.Mail.SmtpMail.Send(m)

If you want to send images embedded into the email it gets slightly more
complicated but can be done with MailAttachment objects and UrlContent* params

Note that the native .Net mail components do not allow for authentication
with an smtp server which in some cases may make it unworkable and you may
need to look at 3rd party components. If it's your own smtp server (e.g IIS)
you can allow anonymous users but make sure you lock down the IP addresses
that the smtp server will send/relay messages for otherwise you're inviting
every spammer to do their "work" through your equipment.

HTH jd

"Karl Seguin" wrote:
Typically the way it would be done is to have it send you a notification
email...you then log into the application where you accept/decline the new
account.

The problem with doing it straight from the email is that it won't at all be
secure...there'll be no way for the application to verify that you are
indeed the one clicking the ok...

Karl

--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)
""jason via DotNetMonster.com"" <fo***@DotNetMonster.com> wrote in message
news:50***********@DotNetMonster.com...
currently i am doing a personal website and keep on changing the aspect...
finally the finall decision is to have a login page (requirement in
asp.net,
vb.net) and the login with security part of capturing user computer user
name
i have done...
my problem is ....

i need the unregistered user to log in to my site and from there there
will
be a link for them to key in their short information in a textbox and a
html
email will be sent to me (as an admin) whether to accept the request or
not..
~ so when i receive the html type email.. there will be extra 2 buttons
(for
me to accept or reject the request right?) so is it possible to make it
done?
sending using smtp server? tat is fine for me as i can use the server
being
provided by our school in which i had already been given permission to do
so..
.

so when the button accept being pressed.... it will automatically being
saved
to my database (i am using MS access) and the user can gain access to the
site..

sending a html email? is it really can be done with ease? as i am new in
.net
... coz i am still stick to vb6.0 and find it .net quite troublesome...
can
you please help me?

on every situation.. an email will be replied to the user stating his or
her
status on the request..

as far as i know.. in every commersial website this can be done says for
example.. when i go to their site, and click permission to get access.. an
email will be sent to them right? then maybe it will go through a system
(server ) and then redirect the mail to admin and admin just response to
the
mail.. after that the replying thing will be done solely by the system
(server)... is this how the system goes? is i am wrong....
that is the thing i wish to do but to no avail.. so really hope that you
could help in this.. thanks...

thank you...

regards... jason
--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1


Nov 19 '05 #3
Karl Seguin -
yupe i also did figure about this security matter~
so now i thought of something...`
when user fill in 2 textbox from a page then then click a button.... then
function of the button is to send me email..~ so when i receive that email,
there will display back wat they have written (how can i do this.. ? sorri
coz i am new in .net ) and then there will be a link... the link will
redirect me to another page where onli admin can get acces to it.. (will
require password - this one i know how to do it)
then onli admin will accept or reject... but how would the admin accept or
reject? it means.. wat the user key in earlier will be displayed in the email
AND then display it in the new form right? so how can we do this?can we get
the text from the email and then put it back to the text in the admin page?
ai...~ totally have no idea on how to do?:S

so will have to please teach me step by step to do it..~ so that i can learn
more...~

so this matter will be much more secure right? if the user suddenly get the
link but for sure without password he or she kenot get in to the admin page ?
then in the admin page, when admin accept the user... and save to database
(access) just a button to be click right? the process will be ... ? and then
email will be sent back to the user...~
so how can i get the user email AUTOMATICALLY from the earliest page or the
email?

huh.. quite troublesome? thanks for answering..~ but really in need your help
/. thanbks..~

Karl Seguin wrote:
Typically the way it would be done is to have it send you a notification
email...you then log into the application where you accept/decline the new
account.

The problem with doing it straight from the email is that it won't at all be
secure...there'll be no way for the application to verify that you are
indeed the one clicking the ok...

Karl
currently i am doing a personal website and keep on changing the aspect...
finally the finall decision is to have a login page (requirement in

[quoted text clipped - 48 lines]

regards... jason

--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1
Nov 19 '05 #4
london

yupe i also did figure about this security matter~
so now i thought of something...`
when user fill in 2 textbox from a page then then click a button.... then
function of the button is to send me email..~ so when i receive that email,
there will display back wat they have written (how can i do this.. ? sorri
coz i am new in .net ) and then there will be a link... the link will
redirect me to another page where onli admin can get acces to it.. (will
require password - this one i know how to do it)
then onli admin will accept or reject... but how would the admin accept or
reject? it means.. wat the user key in earlier will be displayed in the email
AND then display it in the new form right? so how can we do this?can we get
the text from the email and then put it back to the text in the admin page?
ai...~ totally have no idea on how to do?:S

so will have to please teach me step by step to do it..~ so that i can learn
more...~

so this matter will be much more secure right? if the user suddenly get the
link but for sure without password he or she kenot get in to the admin page ?
then in the admin page, when admin accept the user... and save to database
(access) just a button to be click right? the process will be ... ? and then
email will be sent back to the user...~
so how can i get the user email AUTOMATICALLY from the earliest page or the
email?

huh.. quite troublesome? thanks for answering..~ but really in need your help
/. thanbks..~




london calling wrote:
Hi Jason, Following up on Karl's post, it would be unusual to activate
accounts directly from an email, as this would imply that all you had to do
would be to create a POST or GET to the server to activate the new account.

In response to the Html Email part of the question: Creating one is very
simple
look at the System.Web.Mail namespace

e.g

'typically you only need to set the mail server once
Web.Mail.SmtpMail.SmtpServer = "My SMTP Server"

Dim m As New System.Web.Mail.MailMessage
With m
.To = myRecipientEmailAddress
.From = myEmailAddress
.Subject = myMessageSubject
.BodyFormat = Mail.MailFormat.Html
.Body = myHtmlEmailString
End With

Web.Mail.SmtpMail.Send(m)

If you want to send images embedded into the email it gets slightly more
complicated but can be done with MailAttachment objects and UrlContent* params

Note that the native .Net mail components do not allow for authentication
with an smtp server which in some cases may make it unworkable and you may
need to look at 3rd party components. If it's your own smtp server (e.g IIS)
you can allow anonymous users but make sure you lock down the IP addresses
that the smtp server will send/relay messages for otherwise you're inviting
every spammer to do their "work" through your equipment.

HTH jd
Typically the way it would be done is to have it send you a notification
email...you then log into the application where you accept/decline the new

[quoted text clipped - 58 lines]
>
> regards... jason

--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1
Nov 19 '05 #5
Hi Jason, You may need to think about your architecture...
Usually you would have a table in a database for users. In this table could
be a field to say whether they are allowed to login (active, suspended,
banned etc) and another one to say what roles (or permissions) they have on
the site (you would use this information to determine whether the user can
contribute / edit content or have access to some or all of the administration
screens for instance) .

In fact the permissions would often be in a seperate table joined on by
PrimaryKey - ForeignKey relationship. This allows one user to be a member of
many roles, which means the roles can be finer tuned (e.g to allow access to
one admin panel instead of all admin panels).

I would suggest you start with...

when the user registers (asks for an account) let them choose a password at
this point. Store their details in the database but set the AllowedToLogin
field to false.
Your application then sends you an email saying somebody has requested an
account.

You then receive the email and go to a page in your application that lists
new user requests and from here you set the user to allowed to login (And
update the database) or ignore their request.

If you accept their request, the application sends them an email confirming
that they have been accepted and can log in - and they already know their
password.

Alternatively your app could autogenerate a password for them and this could
be included in the email you send them. Though it would make sense to then
allow them to login and change their password to something they can remember.

Look at FormsAuthentication in the MSDN Library to find out how ASP.Net
authenticates users (checks that they are logged in). Its very simple to set
up and can be extended if required.

Another thing worth noting: It is more secure if you do not store the raw
password in the database. If you hash it first (which you can do with the
formsauthentication object or with the cryptography objects) and store the
hash in the database. then when the user types their password you hash that
and then compare the hashes. This means if somebody gets access to the
database table they cannot work out what the raw password is... though it
could be argued that the horse is well out of view by then...

HTH jd

""jason via DotNetMonster.com"" wrote:
london

yupe i also did figure about this security matter~
so now i thought of something...`
when user fill in 2 textbox from a page then then click a button.... then
function of the button is to send me email..~ so when i receive that email,
there will display back wat they have written (how can i do this.. ? sorri
coz i am new in .net ) and then there will be a link... the link will
redirect me to another page where onli admin can get acces to it.. (will
require password - this one i know how to do it)
then onli admin will accept or reject... but how would the admin accept or
reject? it means.. wat the user key in earlier will be displayed in the email
AND then display it in the new form right? so how can we do this?can we get
the text from the email and then put it back to the text in the admin page?
ai...~ totally have no idea on how to do?:S

so will have to please teach me step by step to do it..~ so that i can learn
more...~

so this matter will be much more secure right? if the user suddenly get the
link but for sure without password he or she kenot get in to the admin page ?
then in the admin page, when admin accept the user... and save to database
(access) just a button to be click right? the process will be ... ? and then
email will be sent back to the user...~
so how can i get the user email AUTOMATICALLY from the earliest page or the
email?

huh.. quite troublesome? thanks for answering..~ but really in need your help
/. thanbks..~




london calling wrote:
Hi Jason, Following up on Karl's post, it would be unusual to activate
accounts directly from an email, as this would imply that all you had to do
would be to create a POST or GET to the server to activate the new account.

In response to the Html Email part of the question: Creating one is very
simple
look at the System.Web.Mail namespace

e.g

'typically you only need to set the mail server once
Web.Mail.SmtpMail.SmtpServer = "My SMTP Server"

Dim m As New System.Web.Mail.MailMessage
With m
.To = myRecipientEmailAddress
.From = myEmailAddress
.Subject = myMessageSubject
.BodyFormat = Mail.MailFormat.Html
.Body = myHtmlEmailString
End With

Web.Mail.SmtpMail.Send(m)

If you want to send images embedded into the email it gets slightly more
complicated but can be done with MailAttachment objects and UrlContent* params

Note that the native .Net mail components do not allow for authentication
with an smtp server which in some cases may make it unworkable and you may
need to look at 3rd party components. If it's your own smtp server (e.g IIS)
you can allow anonymous users but make sure you lock down the IP addresses
that the smtp server will send/relay messages for otherwise you're inviting
every spammer to do their "work" through your equipment.

HTH jd
Typically the way it would be done is to have it send you a notification
email...you then log into the application where you accept/decline the new

[quoted text clipped - 58 lines]
>
> regards... jason

--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/For...p-net/200507/1

Nov 19 '05 #6
hehe...

actually my main password would be something like.. capturing the user's
windows user name
since the application will be used here in a company so all the windows user
name are already being set up and couldnt be changed...~ the security part i
will put it aside as i can alwiz redesign it later on but the most important
thing for me is the email thing... totally blur about it.. +_+"
by the way... the email form i did already.. (er.. do you wan to have a look
on it? if yes.. maybe i can send you an email so that u will have a better
look on my structure? or you can alwiz email me at ja********@gmail.com)

i manage to send the email to admin (myself) and all the text user input in
(lets say FORM 1)
in form1 user key in text and click the send button..
email being sent to me witrh the text he wrote in form1
then in the email there will be a link to form2 (the hyperlink is hidden and
secure with password * it doesnt matter for the time being) when admin (me)
go to form 2 is it possible for me to recapture all the text in the email?
or anyway for me to get back the wat the user typed earlier?

from there i think i will be able to finish my important part of this
assignment...

er.... u clear? hmm... soo sorry for all the troublesome..

* btw.. your idea quite great ;) maybe it is based on experience ?
(especially on the security thing..)

thanks sir...

london calling wrote:
Hi Jason, You may need to think about your architecture...
Usually you would have a table in a database for users. In this table could
be a field to say whether they are allowed to login (active, suspended,
banned etc) and another one to say what roles (or permissions) they have on
the site (you would use this information to determine whether the user can
contribute / edit content or have access to some or all of the administration
screens for instance) .

In fact the permissions would often be in a seperate table joined on by
PrimaryKey - ForeignKey relationship. This allows one user to be a member of
many roles, which means the roles can be finer tuned (e.g to allow access to
one admin panel instead of all admin panels).

I would suggest you start with...

when the user registers (asks for an account) let them choose a password at
this point. Store their details in the database but set the AllowedToLogin
field to false.
Your application then sends you an email saying somebody has requested an
account.

You then receive the email and go to a page in your application that lists
new user requests and from here you set the user to allowed to login (And
update the database) or ignore their request.

If you accept their request, the application sends them an email confirming
that they have been accepted and can log in - and they already know their
password.

Alternatively your app could autogenerate a password for them and this could
be included in the email you send them. Though it would make sense to then
allow them to login and change their password to something they can remember.

Look at FormsAuthentication in the MSDN Library to find out how ASP.Net
authenticates users (checks that they are logged in). Its very simple to set
up and can be extended if required.

Another thing worth noting: It is more secure if you do not store the raw
password in the database. If you hash it first (which you can do with the
formsauthentication object or with the cryptography objects) and store the
hash in the database. then when the user types their password you hash that
and then compare the hashes. This means if somebody gets access to the
database table they cannot work out what the raw password is... though it
could be argued that the horse is well out of view by then...

HTH jd
london

[quoted text clipped - 67 lines]
>> >
>> > regards... jason

--
Message posted via http://www.dotnetmonster.com
Nov 19 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

13
by: ~ Le Naja ~ | last post by:
Hello evrybody, First, I hope you will understand my English because I come from Belgium ! :-) Here is what I want to know if you have the kindess to help me ! :-) I use the code above to mail...
5
by: jason | last post by:
I could sure use some conceptualization and query help with a Page Watch System I am building in Access 2000 and Asp. I need to cycle through databae and generate a compiliation query email that...
9
by: NickH | last post by:
Hi, Thanks in advance for any help you can provide. I have a frameset and one of the frames contains a page that is created on the fly, an actual word document. I want to have a button in one of...
5
by: BaWork | last post by:
I have a web form where a client can select which site members to send an email to. This form is populated from the contents of the member table, so the form can have 0-x names listed on it...
9
by: Bob Jones | last post by:
We have developed a commercial ASP.net application (personal nutrition management and tracking); we want to send smtp email from within it. For our development box, we use WinXP Pro, IIS 5.5,...
58
by: PC Datasheet | last post by:
ENOUGH IS ENOUGH!!!!!!!! Today I received over 1000 bounced emails. Arno R and his goons are sending mass emails with my email address to fictitious addresses and they are bouncing back to my...
36
by: Liam.M | last post by:
hey guys, I have one last problem to fix, and then my database is essentially done...I would therefore very much appreciate any assistance anyone would be able to provide me with. Currently I...
8
by: needhelp | last post by:
Hi there, I really need some help, everything I've tried, all I've found, doesn't seem to work. I have lost an email address which is very important to me. I really need to contact that person...
3
by: jambonjamasb | last post by:
Hi I have two tables: email_tbl Data_table Data table is is used to create a Form Data_form
0
by: Ahmed, Shakir | last post by:
Thanks everyone who tried to help me to parse incoming email from an exchange server: Now, I am getting following error; I am not sure where I am doing wrong. I appreciate any help how to resolve...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.