How validate for domain name of email address - asp.net

I have a form in which user enters email address.I am validating it through java script.I want to validate the Domain name of email address
What is the best way to validate domain name of email address in .net ?

best way for check domain name in Email address is use regular expression
this Expression use for validation email
\w+([-+.']\w+)#\w+([-.]\w+).\w+([-.]\w+)*
you can edit domain part in this expression \w+([-.]\w+)*\

this webservive is checking domain:
http://www.ecocoma.com/domain_webservice.aspx
you must substring domain name from email address and send to webservice
notice: for testing this webservive, you must online
sample code for working it:
protected void btnwhoIs_Click(object sender, EventArgs e)
{
try
{
Whois_Service service = new Whois_Service();
Whois whois = new Whois();
service.SoapVersion = SoapProtocolVersion.Soap12;
whois = service.GetWhois("DOM-T36309683M", "", txtWhoIs.Text);
divRes.InnerText = whois.Description;
}
catch (System.Net.WebException ex)
{
divRes.InnerText = ex.Message;
}
}

As #KingCronus said, there's no good method built in the framework for doing this. The most reliable method I know of is using this commercial component: http://cobisi.com/email-validation/.net-component
I've once done work using it for a client and it seemed reliable. You can use it to detect bogus email services (like http://mailinator.com/), but unfortunately, I don't know of any free component that performs this functionality.

Related

How to capture custom parameters in firebase deep link in Unity?

everyone!
I'm working for the first time ever in a Unity game project using Firebase.
We configure our deep link in Firebase console to open our game in a specific mode when te deep link was sent.
That part works well. But we have a big issue:
We need to get a value form a custom parameter in the URL, because our server generates a random username for our game to make a Leader Board sandbox everytime the deep link was sent.
So we configure our deep link in Firebase console like this:
https://exemple.page.link/gamemode?username=123
But, in this case, the username will always be 123. However, the server will always send the link with a random user, for example:
https://exemple.page.link/gamemode?username=8b9d-1c6b-c52a3-b0d7
If we leave the username parameter blank, even if the server sent the random username, we receive nothing in our link in Unity, just:
https://exemple.page.link/gamemode?username
If I manage to get the link in a browser in my Android device, I get the random username properly. But when the game opens, this value was lost!
To receive the dynamic link, we just use the void OnDynamicLink(object sender, EventArgs args) in our Firebase Manager script in Unity.
So, my question is:
There is a way to receive the username parameter with a dynamic value? If the answer is 'yes', there's a method to get that custom value? Or I just missed up something in the firebase configuration or even the deep link in Firebase console?
Thanks in advance!
From Receive Dynamic Links with Unity you need to cast to ReceivedDynamicLinkEventArgs
void OnDynamicLink(object sender, EventArgs args)
{
var dynamicLinkEventArgs = args as ReceivedDynamicLinkEventArgs;
Debug.Log($"Received dynamic link {dynamicLinkEventArgs.ReceivedDynamicLink.Url.OriginalString}");
}
and then if there is only this one parameter anyway you could probably simply do e.g.
var query = dynamicLinkEventArgs.ReceivedDynamicLink.Url.Query;
var username = query.Split('=')[1];
or if there can be more parameter
var query = dynamicLinkEventArgs.ReceivedDynamicLink.Url.Query;
// first Split into the individual patamters
var patamters = query.Split('&');
string username = null;
foreach(var parameter in parameters)
{
// Then split into key and value
var keyValue = parameter.Split('=');
if(keyValue[0] == "username")
{
username = keyValue[1];
break;
}
}
or if you happen to be a fan of Linq (not sure if this is the most elegant though)
var query = dynamicLinkEventArgs.ReceivedDynamicLink.Url.Query;
var username = query.Split('&').Select(parameter => parameter.Split('=').Where(keyValue => keyValue[0] == "username").Select(keyValue => keyValue[1]).FirstOrDefault();

CreateUserWizard Username and Email Enumeration

I've been doing a security review of our website and found an issue with CreateUserWizard.
We do not let people sign up with a duplicate email address or username. The CreateUserWizard will verify this for me but the problem is that I can write a script to hit our server and try username and pretty quickly get a list of username by enumerating through them.
I want to add recaptcha but I can't seem to get it to verify this before it verifies the username. Is there a way to do this?
<asp:CreateUserWizard ID="CreateUserWizard1" runat="server" OnCreatedUser="CreateUserWizard1_CreatedUser" ContinueDestinationPageUrl="~/PleaseVerify.aspx" CssClass="CreateUserWizard" StepNextButtonStyle-CssClass="NextButton" StartNextButtonStyle-CssClass="NextButton" FinishCompleteButtonStyle-CssClass="FinishButton" CreateUserButtonText="Create my ID"
CompleteSuccessText="Your account has been created, but before you can login you must first verify your email address. A message has been sent to the email address you specified. Please check your email inbox and follow the instructions in that email to verify your account."
DisableCreatedUser="True" OnSendingMail="CreateUserWizard1_SendingMail" DuplicateUserNameErrorMessage="That username is already in use, if you think this is you can LINK REMOVED Otherwise try a different username."
DuplicateEmailErrorMessage="That email is already in use, try to <a href='/ForgotPassword.aspx'>recover your password</a>." InvalidPasswordErrorMessage="Please supply at least five letters in your password.">
I don't believe that the username is validated on the client side, so you could override your CreateUserWizard's CreateUserError event handler, check your captcha and NOT pass back an error about the username being already in use. I use a custom control captcha that I pieced together from www.codinghorror.com (http://www.codinghorror.com/blog/2004/11/captcha-control-coda.html), and it triggers before the backend code attempts to create the user and determines that the username/email is in use.
I ended up not using the create user wizard and just doing the simple login in the button handler.
recaptcha.Validate();
if (!recaptcha.IsValid)
{
ErrorMessage.Text = "Invalid Code.";
return;
}
if (!IsValid)
{
return;
}
var duplicateEmail = Membership.FindUsersByEmail(Email.Text);
if (duplicateEmail.Count > 0)
{
ErrorMessage.Text = "That email is already in use, try to <a href='/ForgotPassword.aspx'>recover your password</a>.";
return;
}
var duplicateUsername = Membership.FindUsersByName(UserName.Text);
if (duplicateUsername.Count > 0)
{
ErrorMessage.Text = "That username is already in use, if you think this is you can <a href='http://www.nanaimo.ca/dashboard/'>login</a>, otherwise try a different username.";
return;
}
var newUser = Membership.CreateUser(UserName.Text, Password.Text, Email.Text);
newUser.IsApproved = false;
Membership.UpdateUser(newUser);

How to check email address exists or not using ASP.NET?

How to check the given email (any valid email) address exists or not using ASP.NET?
You can't check if an email exists without actually sending an mail.
The only thing you can check is if the address is in a correct shape with regexes:
string email = txtemail.Text;
Regex regex = new Regex(#"^([\w\.\-]+)#([\w\-]+)((\.(\w){2,3})+)$");
Match match = regex.Match(email);
if (match.Success)
Response.Write(email + " is corrct");
else
Response.Write(email + " is incorrct");
you send invitation mail to user with encrypted key..
If user is verified you have to verified key and you have only verified email..
Here's a code solution that may work for you. This sample sends a message from address different from From: address specified in the message. This is useful when bounced messages should be processed and the developer wants to redirect bounced messages to another address.
http://www.afterlogic.com/mailbee-net/docs/MailBee.SmtpMail.Smtp.Send_overload_3.html
The full process is not so simple.
Its required a full communication with the email server and ask him if this email exist or not.
I know a vendor that give a dll that make all this communication and check if the email exist or not on the server, the aspNetMX at http://www.advancedintellect.com/product.aspx?mx
First you need to import this namespace:
using System.Text.RegularExpressions;
private bool ValidateEmail(string email)
{
Regex regex = new Regex(#"^([\w\.\-]+)#([\w\-]+)((\.(\w){2,3})+)$");
Match match = regex.Match(email);
if (match.Success)
return true;
else
return false;
}
Visit Here to full source code.

How to pass data from Silverlight OOB application to asp.net website?

I created silver-light 4.0 application in that user can enter their username and password.
After submit this secret data(username, password ) from SL application,
it submitted to website with query string..
I want to pass as below URL string
for ex: -
http://testsite.com/mypage.aspx?<encrypted string>
I want to pass username and password in encrypted format from SL to Aspx page..
How I pass those information from SL application to asp.net website..
So you could just use the WebClient class and GET the page.
(I'm assuming your doing asp.net WebForms NOT MVC)
Your asp.net page should be a blank page, in your code behind you read your query string and do what you need with it, depending on success or failure you write the appropriate response with Response.Write();.
In your silverlight code, you will just need to request for your page, and you can then read the response from your asp.net page.
Asp.net:
var encyString = Request.QueryString["str"];
//some logic
Response.Write("Success");
Silverlight:
WebClient client = new WebClient();
client.DownloadStringCompleted +=
new DownloadStringCompletedEventHandler(
client_DownloadStringCompleted);
In Button1_Click, I call DownloadStringAsync, passing the complete URL that includes the number specified by the user.
private void Button1_Click(object sender, RoutedEventArgs e)
{
string encryptedString = "example";
client.DownloadStringAsync
(new Uri("http://testsite.com/mypage.aspx?"+encryptedString));
}
In the DownloadStringCompleted event-handler, I check that the Error property of the event args is null, and either output the response or the error message to the text block.
void client_DownloadStringCompleted(object sender,
DownloadStringCompletedEventArgs e)
{
if (e.Error == null)
resultBlock.Text = "Using WebClient: "+ e.Result;
//will be Response.Write();
else
resultBlock.Text = e.Error.Message;
}
Above code was plagiarized from this blog.
Remember, a sniffer can read your request. You may want to use SSL if you need better security. Possibly a more secure way to send this data would be to POST it to your asp.net page.
This article describes how to POST from silverlight to a page.
HTH
What I understood from the question is that you are authenticating user twice – First in SL app and then in ASP.Net app. Instead can you just authenticate user in SL and pass the result (True/False or token may be) to ASP.Net app? This is the safe way I feel.
You can use like HtmlPage.Window.Eval("window.location.href='"+ YOURURL +"'");

Facebook Connect and ASP.NET

I'm at step 8 of the authentication overview found here: http://wiki.developers.facebook.com/index.php/How_Connect_Authentication_Works
In particular, the user has logged into facebook via Facebook Connect and their web session has been created. How do I use the facebook developer toolkit v2.0 (from clarity) to retrieve information about the user. For example, I'd like to get the user's first name and last name.
Examples in the documentation are geared towards facebook applications, which this is not.
Update
Facebook recently released the Graph API. Unless you are maintaining an application that is using Facebook Connect, you should check out the latest API: http://developers.facebook.com/docs/
I had a lot of trouble figuring out how to make server side calls once a user logged in with Facebook Connect. The key is that the Facebook Connect javascript sets cookies on the client once there's a successful login. You use the values of these cookies to perform API calls on the server.
The confusing part was looking at the PHP sample they released. Their server side API automatically takes care of reading these cookie values and setting up an API object that's ready to make requests on behalf of the logged in user.
Here's an example using the Facebook Toolkit on the server after the user has logged in with Facebook Connect.
Server code:
API api = new API();
api.ApplicationKey = Utility.ApiKey();
api.SessionKey = Utility.SessionKey();
api.Secret = Utility.SecretKey();
api.uid = Utility.GetUserID();
facebook.Schema.user user = api.users.getInfo();
string fullName = user.first_name + " " + user.last_name;
foreach (facebook.Schema.user friend in api.friends.getUserObjects())
{
// do something with the friend
}
Utility.cs
public static class Utility
{
public static string ApiKey()
{
return ConfigurationManager.AppSettings["Facebook.API_Key"];
}
public static string SecretKey()
{
return ConfigurationManager.AppSettings["Facebook.Secret_Key"];
}
public static string SessionKey()
{
return GetFacebookCookie("session_key");
}
public static int GetUserID()
{
return int.Parse(GetFacebookCookie("user"));
}
private static string GetFacebookCookie(string name)
{
if (HttpContext.Current == null)
throw new ApplicationException("HttpContext cannot be null.");
string fullName = ApiKey() + "_" + name;
if (HttpContext.Current.Request.Cookies[fullName] == null)
throw new ApplicationException("Could not find facebook cookie named " + fullName);
return HttpContext.Current.Request.Cookies[fullName].Value;
}
}
I followed up on this concept and wrote a full fledged article that solves this problem in ASP.NET. Please see the following.
How to Retrieve User Data from Facebook Connect in ASP.NET - Devtacular
Thanks to Calebt for a good start on that helper class.
Enjoy.
Facebook Connect actually isn't too difficult, there's just a lack of documentation.
Put the necessary javascript from here: http://tinyurl.com/5527og
Validate the cookies match the signature provided by facebook to prevent hacking, see: http://tinyurl.com/57ry3s for an explanation on how to get started
Create an api object (Facebook.API.FacebookAPI)
On the api object, set the application key and secret Facebook provides you when you create your app.
Set api.SessionKey and api.UserId from the cookies created for you from facebook connect.
Once that is done, you can start making calls to facebook:
Facebook.Entity.User user = api.GetUserInfo(); //will get you started with the authenticated person
This is missing from the answers listed so far:
After login is successful, Facebook recommends that you validate the cookies are in fact legit and placed on the client machine by them.
Here is two methods that can be used together to solve this. You might want to add the IsValidFacebookSignature method to calebt's Utility class. Notice I have changed his GetFacebookCookie method slightly as well.
private bool IsValidFacebookSignature()
{
//keys must remain in alphabetical order
string[] keyArray = { "expires", "session_key", "ss", "user" };
string signature = "";
foreach (string key in keyArray)
signature += string.Format("{0}={1}", key, GetFacebookCookie(key));
signature += SecretKey; //your secret key issued by FB
MD5 md5 = MD5.Create();
byte[] hash = md5.ComputeHash(Encoding.UTF8.GetBytes(signature.Trim()));
StringBuilder sb = new StringBuilder();
foreach (byte hashByte in hash)
sb.Append(hashByte.ToString("x2", CultureInfo.InvariantCulture));
return (GetFacebookCookie("") == sb.ToString());
}
private string GetFacebookCookie(string cookieName)
{
//APIKey issued by FB
string fullCookie = string.IsNullOrEmpty(cookieName) ? ApiKey : ApiKey + "_" + cookieName;
return Request.Cookies[fullCookie].Value;
}
The SecretKey and ApiKey are values provided to you by Facebook. In this case these values need to be set, preferably coming from the .config file.
I followed up from Bill's great article, and made this little component. It takes care of identifying and validating the user from the Facebook Connect cookies.
Facebook Connect Authentication for ASP.NET
I hope that helps somebody!
Cheers,
Adam
You may also use SocialAuth.NET
It provides authentication, profiles and contacts with facebook, google, MSN and Yahoo with little development effort.
My two cents: a very simple project utilizing the "login with Facebook" feature - facebooklogin.codeplex.com
Not a library, but shows how it all works.

Resources