I want to send the email to the sharepoint adminsitrator when user clicks the form button. How I can achieve this ?
The simplest solution for this scenario is to create a workflow with SharePoint Designer 2007. Here is an article that describes how to create a workflow that sends an email. You can manually choose administrators you want to mail, but it is much better approach to create a SharePoint group for admins and send an email to this group.
Make sure you have properly configured SharePoint outgoing email settings.
Upvoted Toni's but since the OP tagged it as C#, the function to send emails using the Central Administration is called SPUtiliy.SendEmail. To grab the email of the user (if you dont know the email) you could go with something like SPContext.Current.Web.AllUsers["DOMAIN\login"].Email (not test environment here, syntax may be off)
Related
I have developed an application, which has got an approval flow. The application approval / reject is working fine and I have been tasked with developing a solution for approval through emails, instead of the users log in on to the application, which anyway uses domain credentials. The application is hosted locally, allowed locally only, and is not published onto any public IPs. This requirement of mail approvals are for Management approvals, who are on the move most of the time and will not be agreeing to go for a VPN Access of the said application.
So far I developed a solution which sends an eMail to the approval authority with 2 URLs (one for approve and other for reject). When the recipient of the mail clicks on the relevant link the action is updated in the database. Until here everything was tested and working fine.
Now in case the mail is forwarded by the authorized approver to a different email ID, they secondary recipient also will be able to click on the relevant links and get the database updated which is not the intended functionality since the secondary recipient is not an authorized approver.
Any suggestions on how to control this are desired.
Edit 1
To the 2 URLs I am sending in mail, I am adding a query string, which is a unique identifier associated with the approval authority ID.
However, if the same mail is forwarded to a secondary recipient, I am not sure on how to validate the eMail ID from which the click originated.
Edit 2
I have tried the suggestions (given in the comments below ). I have generated the mail with Request ID in the subject of the mail and requested the users to reply to that mail with only one word in body either Approve / Reject. I have ensured that the application shall process it in a case insensitive way. However, there were so many typos for one word that I could not imagine the number of combinations I had to cope up with.
I have also tried, having the Request ID in the subject of the mail, and requested the users to reply to that mail by appending either : A for approve or : R for reject (case insensitive). But this again resulted in numerous typos.
You have basically two options
have your users reply to the email with Accept or Reject like you said. In this case, you will have to validate whether the email account in the FROM field has the right to do so.
have your user click a link. In this case, you will HAVE to make the application validate the user based on his login credentials.
There is no other way to go about this. You either have to validate the email sender, or the person has to be logged in to the application. There is no other mechanism available in this scenario.
There might be different ways of implementing these two options, but those are the only options you have.
I have a web application which has a feature to register new user.a mail is sent to the entered email id.We have to take the verification code and enter in the web application.
My question is since we run tests multiple times , it is not possible to register the same user again and again. How to make it generalized since it is not possible to provide different new email ids and credentials everytime.
I have an option of ' mailinator ' which is a free public mailbox but it is not secure. Is there any other alternative to handle this ? I am using .NET
Some of the alternatives might be:
Use a dispostable email system like mailinator(or others) and you can generate emails on the fly, they also have the option to get a private account.
Check if the current email used can support alias(i knew google did, but you might have issues in the future if the server thinks you are attacking due lot of requests)
Delete your email each time after the register scenario is done, I do not recommend this since it may fail if you are using the same email in other tests
Create your own email server
Best option would be the 1'st one, you can also use their api and you can make email interaction faster, and use a private account.
If you have a project it should not be a big deal to convince the client to pay or your company to get an account and to use it for multiple projects.
Regarding context.io, i didn't try it, but it seems that is an api for email and it should work, you can give it a try and see if the setup is easy to do, also keep in mind to test it in CI also if you are using any CI server like Jenkins.
We have this requirement where we send an email to a user where he can click yes or no. Based on the click some action would take place. But if the user forwards it to someone, and if they click on the buttons nothing should happen.
One way to make this happen is to have the recipient of the email to sign in, before he can click. But ideally, we would like to avoid that.
How can this be done if we don't want the user to sign in?
This is a bona-fide e-mail that arrives in someone's gmail inbox or something, I'm assuming? If that's the case, you are going to have to authenticate them one way or another using your system.
Some kind of HTML-format email with image/links on it to direct to your site, the links including some kind of unique-key that you can use to look up the user who received the e-mail with said unique-key, prepopulating the user ID field, and them having to supply their password to authenticate.
That's about the only way I can imagine it working, unless you are relying on the user having some kind of third-party identity-verification service like uh... what's the Microsoft one called, Passport? I'm very unfamiliar with that.
I would like to add the ability for users to send an email to an address that automatically saves the attachments as documents and saves the email as html, etc.
I think I understand how I can write the functions, but I'm uncertain on how to ensure the security. My application is designed as single code, but each customer has their own database and subdomain. The app looks at the subdomain and determines the database to use for authentication, etc. (There is no master db.)
First, I thought sendgrid would give you a custom email address to use like a897a88s8#sendgrid.net that you could forward to for testing or real use but I don't see that anywhere. I would probably set up a separate domain
How do I ensure that emails sent from user from companyA gets saved in their db? I've thought of:
putting the company name in the email address that the user sends to "addpart-companyA#mysaasapp.com"
a custom email address with a company-wide unique key "addpart-3515645#mysaasapp.com"
The code can find the right db, look at the 'from' email address to see if it matches an existing user, then perform the desired functions. However, that doesn't seem too secure. I also am going to want several different email addresses that a user can use that performs different functions ('add to existing part, add to new part, don't add document, etc.)
I'm looking for a better setup that preferably allows for non-ugly email addresses. What do others do?
It sounds like you already have subdomains for each company. Are these used for email at all right now, or can you change the MX records for the subdomains? If you can programmatically alter your DNS, then it would be very easy to add a SendGrid parse MX record for each subdomain when it is created. Then you could use addpart#company.mysaasapp.com.
For security, I think you're on the right track with checking against a user in your database. Assuming your clients have their email properly configured, you could check SPF via the Authentication-Results header if you are concerned about spoofs.
I am building a C# application where users creat an account and type their email address,
I know how to validate it with Regular expression, what I am having truble with is how to check if that email actually exist?
i.e. lilush#gmail.com --> is there such email address?
Thanks!
The only way to check this is to send an email to that address and make sure that you send a link that needs to be clicked to activate the account. There is no other way to check if an email is correct
Have a look at EmailVerify.NET
EmailVerify.NET is a powerful Microsoft .NET software component that verifies e-mail addresses with various tools, including:
Advanced syntax verification, according to IETF standards (RFC 2821 and RFC 2822, among others)
DNS validations, including MX record(s) lookup
Disposable e-mail address (DEA) validation
SMTP connection and availability checking
Mailbox existence checking, with greylisting and temporary unavailability support
Catch-all testing
There's only one way to do that: Send an email containing a (unique, of course) link to the address, and ask the user to click the link.
If you wanted to be really fancy you could embed an image in the email as-well. When your server detects that the image was downloaded then you know they opened the email. This also removes the need for the clicking a link thing which many people either don't trust or it doesn't work. Just a thought.