Creating a Members Area in ASP

16 Oct 2001 | by | Filed in
Page 4 of 7
  1. Introduction
  2. Preparation
  3. Registration Form
  4. Registration Form (2)
  5. The register.asp Code
  6. The login form
  7. The members area

Registration Form (2)

We can use the following code to check if these are correct. If an error does occur, we add the error message to strError.

Dim strError
'validate the form
'check if a username has been entered
If Request.Form("username") = "" Then strError = strError & "- Please enter a username<br>" & vbNewLine
'check if a password has been entered
If Request.Form("password") = "" Then strError = strError & "- Please enter a password<br>" & vbNewLine
'check if the passwords are the same... but don't display it if the password field is blank.
If Request.Form("password") <> Request.Form("password_confirm") _
    And Request.Form("password") <> "" Then _
        strError = strError & "- Your passwords do not match<br>" & vbNewLine

Once we have performed the validation, we check to see if strError contains any text. If it does, an error has occured, and we display a message. Otherwise, we can continue:

If strError = "" Then
    'continue
End If
If strError <> "" Then
    'output the error message
    'add extra HTML...
    strError = "<p><font color=""#FF0000"">The following errors occured:</font><br>" & vbNewLine & strError
End If

You may wonder why we haven't condensed this code into an If... Then... Else statement. This is because strError may well be filled inside the continue block, so we want to check to see if it isn't empty again.

Now, we need to add some extra ASP code in order to display the validation error that occured, and also remember any text the user has inputted. For example,

<input type="text" maxlength=20 name="username">

becomes

<input type="text" maxlength=20 name="username" value="<%=Server.HTMLEncode(Request.Form("username"))%>">

Note
Although in most instances,
<input type="text" maxlength=20 name="username" value="<%=Request.Form("username")%>">
would be perfectly sufficient, we add the Server.HTMLEncode command to ensure that any 'funny' characters the user has entered (such as < and ") are still displayed correctly.

You can see the rest of the code we add in the final version of register.asp. For now, we'll move on to creating the user's entry into the database (and checking if the username has been taken or not). At this stage, we need to include the database connection code:

<!--#include file="inc-dbconnection.asp"-->

and now we can execute an SQL statement to create the new record:

On Error Resume Next
sSQL = "INSERT INTO members (username,password) VALUES " & _
   "('" & fixQuotes(Request.Form("username")) & "','" & _
   fixQuotes(Request.Form("password")) & "')"
cConn.Execute sSQL

Note
You will notice that within the SQL statement, we call a fixQuotes procedure. This procedure replaces all occurrances of ' with '' in the username and password fields. If we didn't do this, an error would occur when a user entered a ' within the username or password field.

Once this statement has been executed, we need to check if an error has occured; if it has, there is probably a conflict with an existing entry in the database (ie the username is already in use)

If Err.Number = -2147217900 Then 'ATTENTION: this error number needs to be changed depending on the database format you are using
    strError = "- That username is already in use. Please choose another<br>" & vbNewLine
ElseIf Err.Number <> 0 Then
    strError = "- An error occured. " & Err.Number & " : " & Err.Description & "<br>" & vbNewLine
Else
    'restore standard error handling
    On Error Goto 0
    'record created... redirect
    Response.Redirect "login.asp?msg=" & _
         Server.URLEncode("Thank you for registering. Please log in using your new username and password")
    Response.End
End If
'restore standard error handling
On Error Goto 0

And that's it! Our registration form is complete. Now we can move on to create our login form.

You might also like...

Comments

About the author

James Crowley

James Crowley United Kingdom

James first started this website when learning Visual Basic back in 1999 whilst studying his GCSEs. The site grew steadily over the years while being run as a hobby - to a regular monthly audien...

Interested in writing for us? Find out more.

ASP (3.0) tutorials

ASP (3.0) books

  • Programming with Microsoft Visual Basic 2008

    Programming with Microsoft Visual Basic 2008

    Programming with Microsoft Visual Basic 2008, Fourth Edition by the best-selling author, Diane Zak, is designed for a first course in programming. Using the most recent version of the software, Visual Basic 2008, this book teaches individuals how to ...

ASP (3.0) forum discussion

ASP (3.0) podcasts

  • Stack Overflow Podcast: Podcast #45 – Keeping it Sharp

    Published 7 years ago, running time 0h54m

    Our guest this week is Eric Lippert – language architect extraordinaire and famous for all his work at Microsoft in developing their languages Eric joined Microsoft right out of college and was originally working on VB It’s time for everyone’s favorite game: Name the Worst Feature of that Microso.

Contribute

Why not write for us? Or you could submit an event or a user group in your area. Alternatively just tell us what you think!

Web Development

Developer Jobs

Our tools

We've got automatic conversion tools to convert C# to VB.NET, VB.NET to C#. Also you can compress javascript and compress css and generate sql connection strings.

Cancel
“Theory is when you know something, but it doesn't work. Practice is when something works, but you don't know why. Programmers combine theory and practice: Nothing works and they don't know why.”