When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Message Board
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
Commonly Asked Message Board Questions
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
ASP ASP.NET ASP FAQs Message Board Feedback
Print this page.
Published: Thursday, March 23, 2000

User Registration

By Corin Martens

The following is the registration part to the login script I wrote last month titled Creating a Database-Driven Login Page. If you have not read that article, I suggest you do so now. I made a few changes based on questions and recommendations by readers. First I am using an include file that contains the path to the database. Secondly rather than use sessions variable for the DatabasePath I am using a constant to save on server resources. Lastly I neglected to show the script that closes my connection. The last is important, as IIS doesn't do an adequate job of cleaning up recourses.

- continued -

I want to thank everyone for the e-mails, I tried to address everyone's concerns. If you have trouble with this or any script you can email me but for faster more thorough answers I recommend you post your questions at the ASP Messageboard. Onto the script...

I start with the include file. I use this because I move these files from my server to different web hosting companies. I comment out the file paths I'm not using and by placing <!-- #INCLUDE FILE="data.asp" --> in each page I make my database connection I only have to modify one comment tag when regardless of where I move my files.

To find out the complete path to your database at a web hosting company call/email tech support and ask for the path to your domain name, or create an ASP page with the code: <=Server.MapPath("/")%>. Here is the include file, data.asp:

'-- My server
Const DatabasePath = "c:/InetPub/wwwroot/mywebsite/fpdb/myAccessDatabase.mdb"

'-- My laptop
'-- Const DatabasePath = "c:/InetPub/wwwroot/mywebsite/fpdb/myAccessDatabase.mdb"			

'-- My Web hosting company
'-- Const DatabasePath = "d:/mydomainname/fpdb/myAccessDatabase.mdb"

You can also set-up a system DSN which allows you the opportunity to make no changes in coding, but I feel more secure using the direct connection.

After that you are left with the registration coding. You'll see it begins with a call to the include file. Rather than write pieces of code and explain them the code is complete has plenty of comment tags.

<!-- #INCLUDE FILE="../data.asp" -->
<% Response.Buffer = true %>
'-- Check if Submit button pushed, if not ignore the entire script
If Request.Form("btnAdd") = "Submit" Then

'-- Make sure all boxes have data entered into them
If Request.Form("name") <> "" OR Request.Form("password") <> "" OR _
        Request.Form("password2") <> "" OR _
        Request.Form("email") <> "" OR _
        Request.Form("userID") <> "" Then

	'-- Make sure the passwords match
	If Request.Form("password") = Request.Form("password2") Then

		'-- Declare your variables
		Dim DataConnection, cmdDC, RecordSet, SQL, strError
		Dim strUserName, strPassword, strEmail, strUserID

		'-- Get data from the form fields
		strUserName = Request.Form("name")
		strPassword = Request.Form("password")
		strEmail = Request.Form("email")
		strUserID = Request.Form("userID")

		'-- Create object and open database
		Set DataConnection = Server.CreateObject("ADODB.Connection")
		DataConnection.Open "DRIVER={Microsoft Access Driver (*.mdb)};" & _
		                    "DBQ=" & DatabasePath & ";"

		Set cmdDC = Server.CreateObject("ADODB.Command")
		cmdDC.ActiveConnection = DataConnection

		'-- default SQL
		SQL = "SELECT * FROM tblSecurity"

		If Request.Form("name") <> "" Then	
			SQL = "SELECT tblSecurity.* FROM tblSecurity WHERE " & _
			      "tblSecurity.userID='" & strUserID & "' AND " & _
			      "tblSecurity.password ='" & strPassword & _
			      "' OR tblSecurity.email ='" & strEmail & "'"
		End If

		cmdDC.CommandText = SQL
		Set RecordSet = Server.CreateObject("ADODB.Recordset")

		'-- Cursor Type, Lock Type

		'-- ForwardOnly 0 - ReadOnly 1
		'-- KeySet 1 - Pessimistic 2
		'-- Dynamic 2 - Optimistic 3
		'-- Static 3 - BatchOptimistic 4

		RecordSet.Open cmdDC, , 0, 2

		'-- check to see if the user and password or 
		'   e-mail address have registered before
		If Not RecordSet.EOF Then
			If RecordSet.fields("email")=strEmail Then
				strError = "<FONT FACE='ARIAL' SIZE='2'><B>" & _
				           "Sorry this email has already been " & _
				           "registred, please try again" & _
				'Redo page and say that this User name 
				'and Password are already taken
				strError = "<FONT FACE='ARIAL' SIZE='2'><B>" & _
 	                       "Sorry this user name and password are " & _
 	                       "already taken, please try again" & _
			End If
			'-- Add new record to the database
			Dim Dconn, sSQL
		   Set Dconn = Server.CreateObject("ADODB.Connection")
		   Dconn.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & _
		                  DatabasePath & ";"

			sSQL = "INSERT INTO tblSecurity(name, email, userID, " & _
			       "password, userLevel) VALUES ('" & strUserName & _
			       "','" & strEmail & "','" & strUserID & _
			       "','" & strPassword & "',1)"
			Dconn.Execute sSQL
			Set Dconn = Nothing

			'Forward the user to page to notify of authentication
			Response.Redirect "youokman.asp"
		End If
		strError = "Your passwords don't match"
	End If

		'-- Close all connections
		Set RecordSet = Nothing

		Set DataConnection = Nothing

		'Tell them what they entered wrong
		strError = "Please fill in all the boxes"
	End If
End If


<!-- HTML FORM -->

<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>New Page 1</title>

      LEFTMARGIN="0" TOPMARGIN="0" TEXT="#000000">

		'-- Error message if there is any					
		Response.write (strError & "<BR>")							

<form method="POST" action="default.asp">
    <div align="left">
      <table border="1" cellpadding="3" cellspacing="0" width="100%">
          <td width="50%"><font face="Arial" size="2">Full
          <td width="50%"><input type="text" name="name" size="20"></td>
          <td width="50%"><font face="Arial" size="2">Email:</font></td>
          <td width="50%"><input type="text" name="email" size="20"></td>
          <td width="50%"><font face="Arial" size="2">Choose
            a UserID:</font></td>
          <td width="50%"><input type="text" name="userID" size="20"></td>
          <td width="50%"><font face="Arial" size="2">Choose
            a Password:</font></td>
          <td width="50%"><input type="password" name="password" size="20"></td>
          <td width="50%"><font face="Arial" size="2">Confirm
          <td width="50%"><input type="password" name="password2" size="20"></td>
    <p><input type="submit" value="Submit" name="btnAdd">
    <input type="reset" value="Reset" name="B2"></p>

Other things you'll need are the database table to update and a place to send the user once they have registered. The Access database fields you'll need and there types at minimum are:

Column NameData Type

You can add others as needed for your application(s). One thing to remember is a user cannot register with the same e-mail more than once. You can take this feature out if you like. Also this allows users to enter their own password. You may want to email them a generated password to validate their email address. (To learn how to send emails using ASP, be sure to read: Sending Emails in ASP Using CDONTS.

There you go! If you have questions or comments you can e-mail me at cmartens@liska.com. I'll lend advice where I can but recommend heading to ASP Messageboard as you have a whole community of asp programmers ready to help.

The next article I'll write will be a short easy script on how to handle users who have forgotten their userID and password. If I get the opportunity I'll add a randomize function and emailing piece to this script to generate passwords and e-mail them to newly registered users.

Happy Programming!


  • Download data.asp in text format
  • Download default.asp in text format

  • ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article