Adding Security and Membership

Comment Posted by XSapien

Tue, 13 Nov 2012 00:07:03 GMT

"Note: By default, ASP.NET web pages send credentials to the server in clear text (as human-readable text) .... You can required email messages to be sent using SSL by setting WebMail.EnableSsl=true as in the previous example...."

I just installed WebMatrix today and it was set to "true" by default.

Comment Posted by frankeirPT

Sun, 09 Dec 2012 13:36:16 GMT

Hi.

I'm using webmatrix 2 to create a website and I do all the instructions in this tutorial, but in the step of registering a user, nothing appends and the website does not move to the confirmation page.

Can anyone help? Thanks.

Comment Posted by offthemap

Tue, 25 Dec 2012 22:55:26 GMT

Same problem as frankiePT. I created a new site and entered SMTP details as instructed but have got the following error:

'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond'.

I used a friends ISP details and got: 'Server does not support secure connections.'

Any help appreciated.

Comment Posted by offthemap

Wed, 26 Dec 2012 01:14:42 GMT

Okay, after a couple of hours and a nap, I solved my own problem using a hotmail account and these work instructions:

windows.microsoft.com/

and adding this: ' WebMail.SmtpPort = 587;' to my code.

My conclusion is that ISPs don't like me using port 25 for some reason.

Comment Posted by foblivio

Tue, 12 Mar 2013 16:30:20 GMT

There is at least one bug in PasswordReset.cshtml, causing it to error out.

Currently, the code reads:

// Setup validation

Validation.RequireField("newPassword", "The new password field is required.");

Validation.Add("confirmPassword",

Validator.EqualsTo("newPassword", "The new password and confirmation password do not match."));

Validation.RequireField("passwordResetToken", "The password reset token field is required.");

Validation.Add("newPassword",

Validator.StringLength(

maxLength: Int32.MaxValue,

minLength: 6,

errorMessage: "New password must be at least 6 characters"));

I put an if (IsPost()) { } around most of the above code because we don't need to validate empty fields upon arriving at the page from a get/re-direct:

// Setup validation

if (IsPost)

{

// Setup validation

Validation.RequireField("newPassword", "The new password field is required.");

Validation.Add("confirmPassword",

Validator.EqualsTo("newPassword", "The new password and confirmation password do not match."));

Validation.Add("newPassword",

Validator.StringLength(

maxLength: Int32.MaxValue,

minLength: 6,

errorMessage: "New password must be at least 6 characters"));

}

Validation.RequireField("resetToken", "The password reset token field is required.");

AND THERE IS A DEFINITE BUG: The original code uses a form element named "passwordResetToken" which really should be "resetToken". Thi is causing validation to fail.

Comment Posted by foblivio

Fri, 22 Mar 2013 13:28:16 GMT

In the section about the ReCatpcha helper, I had to go to the Package Manager to search for and then install the package:

ASP.NET Web Helpers Library

to eliminate an "The name 'ReCaptcha' does not exist in the current context" error. I searched using keyword "web". The package contains the required Microsoft.Web.Helpers.dll.