ASP.NET - Forgot Password Template

and on one other way I have used stored procedures to retrieve my username and password through mailid .

Here my textbox name is emailid.text

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.Net.Mail;
//using System.Web.Mail;
using System.Net.Mime;
using System.Net.Configuration;

namespace Project
{
public partial class ForgotPassword : Form
{
public ForgotPassword()
{
InitializeComponent();
}
SqlConnection con;
string strbody;
private void button1_Click(object sender, EventArgs e)
{
con = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlcon"].ConnectionString);
//SqlConnection con = new SqlConnection (@"integrated security=yes;initial catalog=vinay;database=.\sqlexpress");
//MessageBox.Show("Database Connected");
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "FPassword";//Fpassword is my stored procedure
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter p1, p2, p3,p4,p5;

p1 = cmd.Parameters.Add("@emailid", SqlDbType.VarChar, 30);
p1.Direction = ParameterDirection.Input;
p1.Value = emailid.Text;

p2 = cmd.Parameters.Add("@uname", SqlDbType.Int);
p2.Direction = ParameterDirection.Output;

p3 = cmd.Parameters.Add("@pwd", SqlDbType.Int);
p3.Direction = ParameterDirection.Output;

p4 = cmd.Parameters.Add("@count", SqlDbType.VarChar, 30);
p4.Direction = ParameterDirection.Output;

p5 = cmd.Parameters.Add("@user", SqlDbType.VarChar, 30);
p5.Direction = ParameterDirection.Output;

SqlDataAdapter da = new SqlDataAdapter("select * from LoginCheck where EmailId= '" + emailid.Text + "'", con);
DataSet ds = new DataSet();
da.Fill(ds, "Pass");

con.Open();
cmd.ExecuteNonQuery();

int x = int.Parse(cmd.Parameters["@count"].Value.ToString());
//string user = cmd.Parameters["@user"].Value.ToString();

//string strusername = emailid.Text;

if (x == 1)
{

strbody = strbody + "Thanks," + Environment.NewLine;

strbody = strbody + "Username : "+ds.Tables[0].Rows[0]["username"].ToString()+Environment.NewLine;
strbody = strbody + "Password : "+ds.Tables[0].Rows[0]["pasword"].ToString() + Environment.NewLine;

strbody = strbody + Environment.NewLine;
strbody = strbody + "Administrator," + Environment.NewLine;
MailAddress fromaddress = new MailAddress(emailid.Text);//Here my textbox name is emailid.text
System.Web.Mail.MailMessage mail = new System.Web.Mail.MailMessage();
//SmtpClient SmtpMail = new SmtpClient();
mail.To = emailid.Text;
mail.From = "https://hyd-outlook.wipro.com/owa/redir.aspx?C=677ddc88a6c848bfb44988814b4aed36&URL=mailto%3axxx%40gmail.com";
mail.Subject = "Reg:Password";
mail.Body = strbody;
System.Web.Mail.SmtpMail.SmtpServer = "0.0.0.0";//use ur SmtpServer Number.
// System.Net.Mail.SmtpClient=
System.Web.Mail.SmtpMail.Send(mail);

MessageBox.Show("Username and Password has been sent to ur Mail ID");

}
else
{

//label4.Visible = true;// error message (invalid userid or password)
MessageBox.Show("Invalid EmailID");
con.Close();
}
}
}
}

 

Stored Procedure for Fpassword

//Here LoginCheck is my tablename.

alter procedure FPassword(@uname varchar(20) output,@pwd varchar(20) output,@emailid varchar(50) ,@count varchar(20) output,@user varchar(20)output)
as
begin
select username,pasword from logincheck where https://hyd-outlook.wipro.com/owa/redir.aspx?C=677ddc88a6c848bfb44988814b4aed36&URL=mailto%3aEmailId%3d%40emailid
select @count= count(*) from LoginCheck where https://hyd-outlook.wipro.com/owa/redir.aspx?C=677ddc88a6c848bfb44988814b4aed36&URL=mailto%3aEmailId%3d%40emailid
select @user= username from LoginCheck where https://hyd-outlook.wipro.com/owa/redir.aspx?C=677ddc88a6c848bfb44988814b4aed36&URL=mailto%3ausername%3d%40uname and https://hyd-outlook.wipro.com/owa/redir.aspx?C=677ddc88a6c848bfb44988814b4aed36&URL=mailto%3apasword%3d%40pwd

end