New User Registration

This is a follow-up to my post on a Data Driven Login System.

If you haven’t read it yet, go do that now, I’ll wait…

Done? Good.

Just to add to my data driven login system post, your form (Default.aspx) isn’t just magically going to be able to read the code from the code file (Default.aspx.vb), you have to set it to do that in the @Page directive right at the top of your form as follows:

<%@ Page Language=”VB” CodeFile=”Default2.aspx.vb” Inherits=”Default2″ %>

And then right at the top of your code file, you need to have this:

Partial Class Default2

This Partial Class Default2 is the class where all your code is going to go. Your form is going to inherit this class from the code file which means that the form (Default.aspx) is going to read all the data from the class when the page loads.

“Default2″ is the name of the class I used on the page I copied this code from, but, as long as the value of your Inherits”” field on the form is the same as the name of the class in your code file, you should be OK. You can use any name you like. 

This example isn’t going to include account activation, all we’re going to do is create an entry in the database that users can sign in with.

Just as before, I’m going to start out by designing the web form that users are going to register on:

So, the form’s going to go in Default.aspx. The code file we’re inheriting from (see above) is going to be Default.aspx.vb.

<asp:Label runat=”server” id=”lblUsername” value=”Username:”></asp:Label><br />

<asp:Textbox runat=”server” id=”txtUsername”></asp:Textbox><br />

<asp:Label runat=”server” id=“lblUsername” value=”Password:”></asp:Label><br />

<asp:Textbox runat=”server” id=”txtPassword” Textmode=”Password”></asp:Textbox><br />

<asp:Button runat=”server” id=”btnRegister” text=”Register” />

We’re just going to add the record to the same table that we logged in with in the login system, but you can change the table name in the SQL Statement if you like.

These two lines of code have to go right at the top of your code file (lines 1, and 2)

Imports System.Data

Imports System.Data.SqlClient

The next bit of code goes inside your Class Statement:

Private Sub btnRegister_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnRegister.Click

Dim connection As New SqlConnection(“Data Source=.\SQLEXPRESS;” & _

“Initial Catalog=Users;” & _

“Integrated Security=True;”)

 Dim sql As String “INSERT INTOAdmins(AdminName, AdminPass) “ + _

“VALUES(@Name, @Pass)”

Dim command As New SqlCommand(sql, connection)

 command.Parameters.Add(“@Name”, SqlDBType.varChar, 10)

 command.Parameters.Add(“@Pass”, SqlDBType.varChar, 10) 

command.Parameters(“@Name”).value = txtUsername.Text

command.Parameters(“@Pass”).value = txtPassword.Text

 connection.Open() 

 command.ExecuteNonQuery()

 connection.Close()

End Sub

That’ll do it! So lets go through what’s happening here.

The first thing we’re doing is establishing our database connection. Data Source is the SQL Server the database is on, Initial Catalog is the database we’re connecting to, and Integrated Security is the method we use to log into the server with. When set to true, Integrated Security tells SQL Server to use Windows Authentication. We’re not going to go into that now, but all you need to know is that it’s simpler to use, and more secure than other authentication types.

The 2nd thing we’re doing is declaring our SQL Statement. This is where the magic happens. The format is:

INSERT INTO Admins(AdminName, AdminPass) VALUES (@Name, @Pass)

[insert command] [table]([field1], [field2]) VALUES (‘value1’, ‘value2’)

All this is saying is that we want to insert the values @Name, and @Pass into the AdminName and AdminPass fields of the Admins table respectively.

Next we’re creating a SQLCommand object that uses our SQL Statement and connection string (sql, connection) and adding creating SQL Parameters and giving them values based on the user’s input on our form. We do it this way to stop SQL injection which is a bad thing; I’ll go into it at a later stage.

The last 3 lines before the End Sub statement open the connection to the database, execute the SQL Statement (inserting the user’s input), and closes the connection to the database.

So that’s it. I’d like to thank you for your time; I hope you enjoyed this tutorial. If anything’s still unclear, post a comment and I’ll do my best to elaborate.

-L

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s