User Registration - Part 2
The basics of developing a user registration system using ASP
We now have a problem. We need to to send the user back to the registration page and ask for a new login. However, we want to preload the form with all the information already loaded so that the user does not have to enter all the other details over again. How do we accomplish this? One solution is to close the scripting tag (%> ) and incorporate a html page with a form identical to the one on the registration page. Only, all the fields on this form are hidden fields and are preloaded with the values the user submitted the last time around. The form gets submitted on the load event of the body; the action of the form is the registration page. So, the submission of this form is once again processed by the registration page. The "loginduplicate" session variable will tell us if the registration form has been loaded a second time because it contained a duplicate login. If so, we can preload the values we submit below into the form fields; the user will not have to enter them a second time.
<html> <head> </head> <body onload="document.forms.register.submit();"> <form name=register action="register.asp" method=POST> <input type=hidden name=lname value="<%= lname%>" /> <input type=hidden name=fname value="<%= fname%>" /> <input type=hidden name=phone value="<%= phone%>" /> <input type=hidden name=gender value="<%= gender%>" /> <input type=hidden name=likes value="<%= favflowers%>" /> <input type=hidden name=day value="<%= bday%>" /> <input type=hidden name=month value="<%= bmonth%>" /> <div name=messagediv style="position:relative; visibility:hidden"></div> <textarea name=message><%= message%></textarea> </div> </form> </body>
Note that we use the '= StringName' short hand for 'response.write StringName' to write ASP variables into the value attribute of the form fields. The next snippet is fairly straightforward. If the login selected is not a duplicate, we add a new row to the database. Afterwards, we set the "login" session variable to reflect the login ID of the user and send the user to the florist.html page. The "?alert=yes" string that follows the URL is called a querystring. We will use this query string to print a success message using Javascript in florist.html. Although we simply redirect all newly registered users to the home page, many applications store the area they were browsing at the time of redirection to the registration page into a session variable and load the same area after successful registration. Adding this functionality to our application on your own may be an interesting exercise.
Note that we have typed informative text about the else - end if structures right after the else and end if statements. The single quote denotes a comment in VB and ASP; all text following the single quote is ignored by the compiler. Also, VB processes commands line by line. However, database statements make for really long strings. The underscore "_" character may be used as a line continuation character. A single long command may be broken up to occupy many lines by adding an underscore character at the end of every line; the VB compiler will put the lines together and process the entire command. However, strings should be terminated on each line. A long string may be broken into many short strings, one on each line and the "&" operator may be used to concatenate the strings. We have used the _ operator for the INSERT statement.
<%else 'If not a duplicate, add a new row
rs.Close
conn.Execute "insert into users _
(login, password, lname, fname, phone, gender, likes, message, bday) _
values _
('" & login & "','" & password & "','" & lname & "','" & fname & "','" _
& phone & "','" & gender & "','" & favflowers & "','" & message _
& "','" & birthday & "')"
session("login") = login
response.Redirect("florist.html?alert=yes")
end if 'End of check for duplicate or insert if %>
The final set of statements are executed if the 'operation' field in the registration form contained "update"; that is, if this is an existing user's request to update his or her information. In this case, we use an UPDATE command to modify the existing values in the row pointed to by the user's login ID. Note that the password field is not updated; our application does not allow users to modify their passwords. We then direct the user to the home page and use the querystring to print a success message. Finally, we close the database connection.
<%else ' top level else - if this is an update request for existing user
conn.execute("update users set lname= '" & lname & "'," & _
"fname = '" & fname & "'," & _
"phone= '" & phone & "', & _
"gender= '"& gender & "', & _
"likes = '" & favflowers & "', & _
"message = '" & message & "', & _
"bday = '" & birthday & "' & _
"where login = '" & Session("login") & "'")
response.Redirect("florist.html?alert=yes")
end if
conn.Close
set conn = nothing %>
