Adding Site Registration (Page 6)


		Home \| Community \| Developer's Paradise \| Jobs User Groups \| Site Tools \| Site Information \| Search

Main Menu

Adding Site Registration

-Adding Site Registration
-Defining the User Table
-The Stored Procedures
-Administration Procedures
-The ASP Scripts
-Joining a Site
-Logging into a Site
-User Management
-Conclusion and Download Files
-Discuss this Article

Categories
Language
VBScript
Product
IE3, IE4, IE5, IIS, NS3, NS4, SQL Server
Server User Group
Active Server Pages
Task
Database Interface, Form Enhancement
Technology
Server Scripting, SQL

Sponsored Links

Inside Technique : Adding Site Registration : Joining a Site

The page, join.asp, contains all the scripting logic to add user's to the community. This page interfaces with the sp_adduser stored procedure introduced earlier. We are going to walk you through the interesting portions of the join.asp page.

First, we track user information using ASP session objects. Therefore, the first test on the join.asp page is to make sure the user is not already logged on. If they are, we redirect them to the logon.asp screen (which will also detect the user is logged on and just display the user's information). Since we are doing a redirect, this test must be done before any HTML is sent to the client:

<% @Language=VBScript %>
<% Option Explicit %>
<% if session("u_name")<>"" then Response.Redirect("logon.asp") %>

Next we include the utility.asp file and output the page title. Notice that we are using the SITENAME constant defined in utility.asp. This allows us to rename the site without having to edit each page:

<HTML>
<HEAD>
<!-- #include virtual="/inc/utility.asp" -->
<TITLE>Join <%=SITENAME%></TITLE>
</HEAD>

Now we are ready to output the body of the page. Before joining, the user is presented with a form. The form submission is sent back to the same join.asp page for processing. If the user is added, they are presented with welcome information. If the action fails, the form is redisplayed with the appropriate error information.

We came up with a unique technique for managing form actions on the same page. We take advantage of the SUBMIT buttons name and value fields. When a submit button is pressed, it's name and value field are sent to the server. This makes it easy to distinguish between multiple actions on the same form or even the same page. For example, you can easily distinguish between an UPDATE and DELETE operation as follows:

<%
  select case Request.Form("action") 
    case "Update...": 
		' update
    case "Delete...":
        ' delete
  end select
%>
<FORM ACTION=post>
  <INPUT TYPE=submit NAME=action VALUE="Update...">
  <INPUT TYPE=submit NAME=action VALUE="Delete...">
</FORM>

One problem with the above approach is that you need to remember to update the script if the submit button's text ever changes. To avoid this, we store the value in a constant and use this constant throughout the page. With this approach, we can easily update the button's value without worrying about not updating the script.

Continuing with the join.asp page, you will see we declare a constant ACTIONJOIN. This constant represents the submit button text. Below we outline the remainder of the page's logic:

<BODY>
<%

Response.Write(outputHeader())
' The text for the submit button

const ACTIONJOIN = "Join..."


Dim sName,sFirstName,sLastName,sEmailName, sError, bJoin
	
' Initialize
bJoin = false
sName=""
sFirstName=""
sLastName=""
sEmailName=""
sError=""
	
if (Request.Form("action")=ACTIONJOIN) then
  ' Joining
  Dim sPassword
  sName = Request.Form("u_name")
  sFirstName = Request.Form("u_firstname")
  sLastName = Request.Form("u_lastname")
  sEmailName = Request.Form("u_emailname")		
  sPassword = Request.Form("u_password")
  ' In a production system, this validation may be better served inside
  ' the database itself. 
  
  ' Do simple validation
  if len(sPassword)<4 or len(sPassword)>12 or sPassword="" then
    sError = sError & "<BR>Your password must be between 4 and 12 characters"
  end if
  if trim(sFirstName)="" or trim(sLastName)="" or trim(sEmailName)="" or trim(sPassword)="" then
    sError = sError & "<BR>You must fill out all fields to join."
  end if
  if sPassword<>Request.Form("u_password2") then
    sError = sError & "<BR>Your passwords do not match"		
  end if
  if sError="" then
    ' No errors - try to add user
    Dim oCmd, oReturn, oConn
    set oConn = GetConnection()
    Set oCmd = GetStoredProcedure(oConn,"sp_adduser")
    oCmd.Parameters.append oCmd.CreateParameter("u_name", adVarChar, adParamInput,50,sName)
    oCmd.Parameters.append oCmd.CreateParameter("u_password", adVarChar, adParamInput,12,spassword)
    oCmd.Parameters.append oCmd.CreateParameter("u_firstName", adVarChar, adParamInput,50,sFirstName)
    oCmd.Parameters.append oCmd.CreateParameter("u_lastName", adVarChar, adParamInput,50,sLastName)
    oCmd.Parameters.append oCmd.CreateParameter("u_email", adVarChar, adParamInput,50,sEmailName)
    set oReturn = oCmd.CreateParameter("u_id", adInteger, adParamOutput)
    oCmd.Parameters.append oReturn
    oCmd.execute()
    if oReturn.value=-1 then
      ' Duplicate user name
      sError = sError & "<BR>Your user name already exists. Please select a new one."
    else
      ' Success - Login and store information in the session object
      bJoin = true
      session("u_id") = oReturn.value
      session("u_name") = sName
      session("u_lastdate") = ""
      session("u_logcount") = 1
    end if
  end if
end if

if not bJoin then 
  Response.Write("<P>Joining " & SITENAME & " allows you to personalize and improve your user experience.")
  if sError<>"" then
    ' Output error if failed join attempt
    Response.Write("<P><B>Your membership was not added because:</B><FONT COLOR=darkred>" & sError & "</FONT>")
  end if
  Response.Write(BuildForm("username","post"))
  Response.Write("<TABLE>")
  Response.Write("<TR><TD>User Name</TD>")
  Response.Write("<TD>" & BuildInput("text","u_name",escapeString(sName),20,50) & "</TD></TR>")
  Response.Write("<TR><TD>Password</TD>")
  Response.Write("<TD>" & BuildInput("password","u_password","",12,12) & "</TD></TR>")
  Response.Write("<TR><TD>Confirm Password</TD>")
  Response.Write("<TD>" & BuildInput("password","u_password2","",12,12) & "</TD></TR>")
  Response.Write("<TR><TD>First Name</TD>")
  Response.Write("<TD>" & BuildInput("text","u_firstname",escapeString(sFirstName),20,50) & "</TD></TR>")
  Response.Write("<TR><TD>Last Name</TD>")
  Response.Write("<TD>" & BuildInput("text","u_lastname",escapeString(sLastName),20,50) & "</TD></TR>")
  Response.Write("<TR><TD>Email Name</TD>")
  Response.Write("<TD>" & BuildInput("text","u_emailname",escapeString(sEmailName),20,50) & "</TD></TR>")
  Response.Write("<TR><TD COLSPAN=2>" & BuildInput("submit","action",ACTIONJOIN,"","") & "</TD></TR>")
  Response.Write("</TABLE>")
else
  ' Output welcome text
  Response.Write("<P>Welcome to the Community!")
end if
%>
</FORM>
</BODY>
</HTML>

The other pages in the system work in a very similar manner. Each page contains an input form and the necessary logic to process the form's input. For subsequent visits, we need a log-in page and a place where users can change their password. Next we explain how to create both these pages.

Page 1:Adding Site Registration
Page 2:Defining the User Table
Page 3:The Stored Procedures
Page 4:Administration Procedures
Page 5:The ASP Scripts
Page 6:Joining a Site
Page 7:Logging into a Site
Page 8:User Management
Page 9:Conclusion and Download Files