ChangePassword.SendingMail Event
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Occurs before the user is sent an email confirmation that the password has been changed.
public:
event System::Web::UI::WebControls::MailMessageEventHandler ^ SendingMail;public event System.Web.UI.WebControls.MailMessageEventHandler SendingMail;member this.SendingMail : System.Web.UI.WebControls.MailMessageEventHandler Public Custom Event SendingMail As MailMessageEventHandler Event Type
Examples
The following code example demonstrates an ASP.NET page that uses a ChangePassword Web control, and includes an event handler for the SendingMail event named SendingMail.
The code example assumes that the ASP.NET Web site has been configured to use ASP.NET membership and Forms authentication, and that a user has been created whose name and password are known to you. For more information, see How to: Implement Simple Forms Authentication.
If the password change succeeds, the code attempts to use SMTP to send an email message to the user to confirm the change. This is done in theSendingMail event handler. For information about how to configure an SMTP server, see How to: Install and Configure SMTP Virtual Servers in IIS 6.0. For the purposes of this example, it is not necessary to configure an SMTP server; the example is constructed to test for a failure to send an email message.
If a mail server is not configured correctly or some other error occurs and the email message cannot be sent, the SendMailError function is called. A message is displayed to the user. In addition, an event is logged to the Windows Application event log with the assumption that an event source named MySamplesSite already exists. See the code example below to create the specified event source. For more information about creating an event source, see Server Event Handling in ASP.NET Web Forms Pages. The Handled property of the SendMailErrorEventArgs object is set to true to indicate that the error has been handled.
<%@ Page Language="C#" AutoEventWireup="True" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
void MySendingMail(object sender, MailMessageEventArgs e)
{
Message1.Text = "Sent mail to you to confirm the password change.";
}
void MySendMailError(object sender, SendMailErrorEventArgs e)
{
Message1.Text = "Could not send email to confirm password change.";
// The MySamplesSite event source has already been created by an administrator.
System.Diagnostics.EventLog myLog = new System.Diagnostics.EventLog();
myLog.Log = "Application";
myLog.Source = "MySamplesSite";
myLog.WriteEntry(
"Sending mail via SMTP failed with the following error: " +
e.Exception.Message.ToString(),
System.Diagnostics.EventLogEntryType.Error);
e.Handled = true;
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ChangePassword including a SendMailError Event</title>
</head>
<body>
<form id="form1" runat="server">
<div style="text-align:center">
<h1>ChangePassword</h1>
<asp:LoginView ID="LoginView1" Runat="server"
Visible="true">
<LoggedInTemplate>
<asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
<br />
</LoggedInTemplate>
<AnonymousTemplate>
You are not logged in
</AnonymousTemplate>
</asp:LoginView><br />
<asp:ChangePassword ID="ChangePassword1" Runat="server"
BorderStyle="Solid"
BorderWidth="1"
CancelDestinationPageUrl="~/Default.aspx"
DisplayUserName="true"
OnSendingMail="MySendingMail"
OnSendMailError="MySendMailError"
ContinueDestinationPageUrl="~/Default.aspx" >
<MailDefinition
BodyFileName="~\MailFiles\ChangePasswordMail.htm"
Subject="Activity information for you">
<EmbeddedObjects>
<asp:EmbeddedMailObject Name="LoginGif" Path="~\MailFiles\Login.gif" />
<asp:EmbeddedMailObject Name="PrivacyNoticeTxt" Path="~\MailFiles\PrivacyNotice.txt" />
</EmbeddedObjects>
</MailDefinition>
</asp:ChangePassword><br />
<asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />
<asp:HyperLink ID="HyperLink1" Runat="server"
NavigateUrl="~/Default.aspx">
Home
</asp:HyperLink>
</div>
</form>
</body>
</html>
<%@ Page Language="VB" AutoEventWireup="True" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Public Sub MySendingMail(ByVal Sender As Object, ByVal e As MailMessageEventArgs)
Message1.Text = "Sent mail to you to confirm the password change."
End Sub
Public Sub MySendMailError(ByVal Sender As Object, ByVal e As SendMailErrorEventArgs)
Message1.Text = "Could not send mail to confirm the password change."
' The MySamplesSite event source has already been created by an administrator.
Dim myLog As System.Diagnostics.EventLog
myLog = new System.Diagnostics.EventLog
myLog.Log = "Application"
myLog.Source = "MySamplesSite"
myLog.WriteEntry("Sending mail via SMTP failed with the following error: " & e.Exception.Message.ToString(), System.Diagnostics.EventLogEntryType.Error)
e.Handled = True
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ChangePassword including a SendMailError Event</title>
</head>
<body>
<form id="form1" runat="server">
<div style="text-align:center">
<h1>ChangePassword</h1>
<asp:LoginView ID="LoginView1" Runat="server"
Visible="true">
<LoggedInTemplate>
<asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
<br />
</LoggedInTemplate>
<AnonymousTemplate>
You are not logged in
</AnonymousTemplate>
</asp:LoginView><br />
<asp:ChangePassword ID="ChangePassword1" Runat="server"
BorderStyle="Solid"
BorderWidth="1"
CancelDestinationPageUrl="~/Default.aspx"
DisplayUserName="true"
OnSendingMail="MySendingMail"
OnSendMailError="MySendMailError"
ContinueDestinationPageUrl="~/Default.aspx" >
<MailDefinition
BodyFileName="~\MailFiles\ChangePasswordMail.htm"
Subject="Activity information for you">
<EmbeddedObjects>
<asp:EmbeddedMailObject Name="LoginGif" Path="~\MailFiles\Login.gif" />
<asp:EmbeddedMailObject Name="PrivacyNoticeTxt" Path="~\MailFiles\PrivacyNotice.txt" />
</EmbeddedObjects>
</MailDefinition>
</asp:ChangePassword><br />
<asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />
<asp:HyperLink ID="HyperLink1" Runat="server"
NavigateUrl="~/Default.aspx">
Home
</asp:HyperLink>
</div>
</form>
</body>
</html>
Use the following code example if you need to programmatically add the event source named MySamplesSite to your Application log. This event source must exist in order for the first code example to work correctly. The following code example requires Administrator privileges.
#region Using directives
using System;
using System.Collections.Generic;
using System.Text;
using System.Diagnostics;
#endregion
namespace CreateEventSource
{
class Program
{
static void Main(string[] args)
{
try
{
// Create the source, if it does not already exist.
if (!EventLog.SourceExists("MySamplesSite"))
{
EventLog.CreateEventSource("MySamplesSite", "Application");
Console.WriteLine("Creating Event Source");
}
// Create an EventLog instance and assign its source.
EventLog myLog = new EventLog();
myLog.Source = "MySamplesSite";
// Write an informational entry to the event log.
myLog.WriteEntry("Testing writing to event log.");
Console.WriteLine("Message written to event log.");
}
catch (Exception e)
{
Console.WriteLine("Exception:");
Console.WriteLine("{0}", e.ToString());
}
}
}
}
Imports System.Collections.Generic
Imports System.Text
Imports System.Diagnostics
Namespace CreateEventSource
Class Program
Sub Main()
Try
' Create the source, if it does not already exist.
If Not (EventLog.SourceExists("MySamplesSite")) Then
EventLog.CreateEventSource("MySamplesSite", "Application")
Console.WriteLine("Creating Event Source")
End If
' Create an EventLog instance and assign its source.
Dim myLog As New EventLog
myLog.Source = "MySamplesSite"
' Write an informational entry to the event log.
myLog.WriteEntry("Testing writing to event log.")
Console.WriteLine("Message written to event log.")
Catch e As Exception
Console.WriteLine("Exception:")
Console.WriteLine(e.ToString)
End Try
End Sub
End Class
End Namespace
The following example code can be used as the ChangePasswordMail.htm file for the previous example code.
Important
Sending user account names or passwords in email is a potential security threat. Email messages are typically sent in plain text and can be read by special network "sniffing" applications. To improve security, use the mitigations that are described in Securing Login Controls.
<html>
<head><title></title></head>
<body>
<form>
<h1>Your password for the account named "<%Username%>" has changed.</h1>
<p>
If you did not initiate this change, please call 1-206-555-0100.
</p>
<p>
<a href="http://www.contoso.com/login.aspx">
<img src="cid:LoginGif" alt="Log In" />
</a>
</p>
<p>
Please read our attached Privacy Notice.
</p>
</form>
</body>
</html>
Remarks
The ChangePassword control will send an email message confirming that the password has been changed when the MailDefinition property defines an email message to send.
The email message contains automatic replacement fields for the user name and password. You can use the SendingMail event to modify the email message before it is sent to the user.
Important
Sending user account names or passwords in email is a potential security threat. Email messages are typically sent in plain text and can be read by special network "sniffing" applications. To improve security, use the mitigations that are described in Securing Login Controls.
For more information about handling events, see Handling and Raising Events.
Applies to
See also
- OnSendingMail(MailMessageEventArgs)
- SendMailError
- Server Event Handling in ASP.NET Web Pages
- ASP.NET Login Controls Overview
- Customizing Appearance and Behavior of the ASP.NET Login Controls
- ASP.NET Web Server Controls Templates
- How to: Display Different Information to Anonymous and Logged In Users
- Web Site Administration Tool Security Tab
- Securing Login Controls
- Basic Security Practices for Web Applications
- Securing Membership
