ChangePassword.SendingMail Event
Assembly: System.Web (in system.web.dll)
'Declaration Public Event SendingMail As MailMessageEventHandler 'Usage Dim instance As ChangePassword Dim handler As MailMessageEventHandler AddHandler instance.SendingMail, handler
/** @event */ public void add_SendingMail (MailMessageEventHandler value) /** @event */ public void remove_SendingMail (MailMessageEventHandler value)
JScript supports the use of events, but not the declaration of new ones.
The ChangePassword control will send an e-mail message confirming that the password has been changed when the MailDefinition property defines an e-mail message to send.
The e-mail message contains automatic replacement fields for the user name and password. You can use the SendingMail event to modify the e-mail message before it is sent to the user.
Security Note |
|---|
| Sending user account names or passwords in e-mail is a potential security threat. E-mail messages are typically sent in plain text and can be read by special network "sniffing" applications. To improve security, use the mitigations that are described in Securing Login Controls. |
For more information about handling events, see Handling and Raising Events.
The following code example demonstrates an ASP.NET page that uses a ChangePassword Web control, and includes an event handler for the SendingMail event named SendingMail.
The code example assumes that the ASP.NET Web site has been configured to use ASP.NET membership and Forms authentication, and that a user has been created whose name and password are known to you. For more information, see How to: Implement Simple Forms Authentication.
If the password change succeeds, the code attempts to use SMTP to send an e-mail message to the user to confirm the change. This is done in the SendingMail event handler. For information about how to configure an SMTP server, see How to: Install and Configure SMTP Virtual Servers in IIS. For the purposes of this example, it is not necessary to configure an SMTP server; the example is constructed to test for a failure to send an e-mail message.
If a mail server is not configured correctly or some other error occurs and the e-mail message cannot be sent, the SendMailError function is called. A message is displayed to the user. In addition, an event is logged to the Windows Application event log with the assumption that an event source named MySamplesSite already exists. See the code example below to create the specified event source. For more information about creating an event source, see Server Event Handling in ASP.NET Web Pages. The Handled property of the SendMailErrorEventArgs object is set to true to indicate that the error has been handled.
<%@ Page Language="VB" AutoEventWireup="True" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Public Sub MySendingMail(ByVal Sender As Object, ByVal e As MailMessageEventArgs) Message1.Text = "Sent mail to you to confirm the password change." End Sub Public Sub MySendMailError(ByVal Sender As Object, ByVal e As SendMailErrorEventArgs) Message1.Text = "Could not send mail to confirm the password change." ' The MySamplesSite event source has already been created by an administrator. Dim myLog As System.Diagnostics.EventLog myLog = new System.Diagnostics.EventLog myLog.Log = "Application" myLog.Source = "MySamplesSite" myLog.WriteEntry("Sending mail via SMTP failed with the following error: " & e.Exception.Message.ToString(), System.Diagnostics.EventLogEntryType.Error) e.Handled = True End Sub </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>ChangePassword including a SendMailError Event</title> </head> <body> <form id="form1" runat="server"> <div align="center"> <h1>ChangePassword</h1> <asp:LoginView ID="LoginView1" Runat="server" Visible="true"> <LoggedInTemplate> <asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." /> <BR /> </LoggedInTemplate> <AnonymousTemplate> You are not logged in </AnonymousTemplate> </asp:LoginView><br /> <asp:ChangePassword ID="ChangePassword1" Runat="server" BorderStyle="Solid" BorderWidth="1" CancelDestinationPageUrl="~/Default.aspx" DisplayUserName="true" OnSendingMail="MySendingMail" OnSendMailError="MySendMailError" ContinueDestinationPageUrl="~/Default.aspx" > <MailDefinition BodyFileName="~\MailFiles\ChangePasswordMail.htm" Subject="Activity information for you"> <EmbeddedObjects> <asp:EmbeddedMailObject Name="LoginGif" Path="~\MailFiles\Login.gif" /> <asp:EmbeddedMailObject Name="PrivacyNoticeTxt" Path="~\MailFiles\PrivacyNotice.txt" /> </EmbeddedObjects> </MailDefinition> </asp:ChangePassword><br /> <asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br /> <asp:HyperLink ID="HyperLink1" Runat="server" NavigateUrl="~/Default.aspx"> Home </asp:HyperLink> </div> </form> </body> </html>
Use the following code example if you need to programmatically add the event source named MySamplesSite to your Application log. This event source must exist in order for the first code example to work correctly. The following code example requires Administrator privileges.
Imports System Imports System.Collections.Generic Imports System.Text Imports System.Diagnostics Namespace CreateEventSource Class Program Sub Main() Try ' Create the source, if it does not already exist. If Not (EventLog.SourceExists("MySamplesSite")) Then EventLog.CreateEventSource("MySamplesSite", "Application") Console.WriteLine("Creating Event Source") End If ' Create an EventLog instance and assign its source. Dim myLog As New EventLog myLog.Source = "MySamplesSite" ' Write an informational entry to the event log. myLog.WriteEntry("Testing writing to event log.") Console.WriteLine("Message written to event log.") Catch e As Exception Console.WriteLine("Exception:") Console.WriteLine(e.ToString) End Try End Sub End Class End Namespace
The following example code can be used as the ChangePasswordMail.htm file for the previous example code.
Security Note |
|---|
| Sending user account names or passwords in e-mail is a potential security threat. E-mail messages are typically sent in plain text and can be read by special network "sniffing" applications. To improve security, use the mitigations that are described in Securing Login Controls. |
<html>
<head><title></title></head>
<body>
<form>
<h1>Your password for the account named "<%Username%>" has changed.</h1>
<p>
If you did not initiate this change, please call 1-206-555-0100.
</p>
<p>
<a href="http://www.contoso.com/login.aspx">
<img src="cid:LoginGif" alt="Log In" />
</a>
</p>
<p>
Please read our attached Privacy Notice.
</p>
</form>
</body>
</html>
Windows 98, Windows 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.
Reference
ChangePassword ClassChangePassword Members
System.Web.UI.WebControls Namespace
OnSendingMail
SendMailError
Other Resources
Server Event Handling in ASP.NET Web PagesASP.NET Login Controls Overview
Customizing the Appearance of ASP.NET Login Controls
ASP.NET Web Server Controls Templates
How to: Display Different Information to Anonymous and Logged-in Users
Web Site Administration Tool Security Tab
Securing Login Controls
Basic Security Practices for Web Applications
Securing Membership
Security Note