protected void submitButton_Click(object sender, EventArgs e) { string email = emailText.Text.Trim(); if (!String.IsNullOrEmpty(email) || !FooStringHelper.IsValidEmailAddress(email)) { if (FooSessionHelper.IsValidRequest(HttpContext.Current, RequestToken.Value)) { if (FooEmailHelper.CheckIfEmailExists(email, null)) { UserObject user = GetUserObjByEmail(email); if (user != null) { string resetToken = FooStringHelper.RandomString(24); string resetId = MakeResetRequest(user.UserId, resetToken); string resetUrl = FooStringHelper.MakeResetUrl(resetId, resetToken); string emailBody = String.Format( "Hi {0},<br/><br/>Your FooBlog password for account '{1}' can be reset by visiting the following link:<br/><br/><a href=\"{2}\">{3}</a><br/><br/>The link is valid for 24 hours. If you did not request this reset, simply do not visit the link - your current password will remain unchanged.<br/><br/>Cheers,<br/>The FooBlog Team.", user.UserAlias, user.Username, resetUrl, resetUrl); const string emailSubject = "FooBlog Password Reset"; var mailObj = new EmailObject { Body = emailBody, Subject = emailSubject, ToAddress = email }; bool sendMail = FooEmailHelper.SendEmail(mailObj); if (sendMail) { errorPanel.Visible = false; formPanel.Visible = false; successPanel.Visible = true; successLabel.Text = "A reset link has been sent to your registered email account."; } } else { errorPanel.Visible = true; errorLabel.Text = "Invalid details."; } } else { errorPanel.Visible = true; errorLabel.Text = "Invalid request."; } } else { errorPanel.Visible = true; errorLabel.Text = "Invalid details."; } } else { errorPanel.Visible = true; errorLabel.Text = "Incomplete or invalid details."; } RequestToken.Value = FooSessionHelper.SetToken(HttpContext.Current); }