Shining Star Services LLC

Creating a Custom Membership Provider and Membership User utilizing a Data Set Table Adapter - Step 13

by Nannette Thacker

Our Register Page

On our Registration page, we'll look at a few Regular Expressions. We'll use client side validation using the RequiredFieldValidator and also the RegularExpressionValidator. On server side, we'll again check our validations using our FormUtility class and some Regex regular expressions defined there.



Register page code in front

<%@ Page Language="VB" MasterPageFile="~/SSS.Master" AutoEventWireup="false"
    CodeFile="Register.aspx.vb" Inherits="Register" Title="Registration - ShiningStar.net and Nannette Thacker" %>
<%@ MasterType VirtualPath="~/SSS.Master" %> 
<asp:Content ID="Content1" ContentPlaceHolderID="ContentPlaceHolder1"
    runat="Server">
    <div>
        <asp:Panel runat="server" ID="RegisterContainer" DefaultButton="RegisterButton">
            <table border="0" cellpadding="0">
                <tr>
                    <td align="center" colspan="2">
                        Shining Star Registration</td>
                </tr>
                <%-- 
                                    http://msdn2.microsoft.com/en-us/library/ms998267.aspx
                                    Regular Expressions 
                                    Enclosing the expression in the caret (^) and dollar sign ($)markers 
                                    ensures that the expression consists of the desired content and nothing 
                                    else. A ^ matches the position at the beginning of the input string 
                                    and a $ matches the position at the end of the input string. 
                                    If you omit these markers, an attacker could affix malicious input 
                                    to the beginning or end of valid content and bypass your filter.                                
                                   ^            # anchor at the start
                                   [a-zA-Z]   # may contain upper and lowercase chars
                                   {1,20}      # From 1 to 20 characters in length
                                   \s           # allows a space 
                                   $            # anchor at the end                                    
                                   
                                   ' http://www.regular-expressions.info/charclass.html
                                   ' see shorthand characters
                                   ' \w stands for "word character", usually [A-Za-z0-9_].
                                   ' \s stands for "whitespace character". Again, which 
                                   ' characters this actually includes, depends on the regex flavor. In all 
                                   ' flavors discussed in this tutorial, it includes [ \t\r\n]. That is: \s will match a space, a tab or a line break.
                                   
                                --%>
                <tr>
                    <td align="center" colspan="2">
                        <asp:Label ID="ResponseMsgTop" runat="server" Text=""></asp:Label>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">Log In User Name:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="UserName" runat="server" MaxLength="20"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="UserNameRequired" runat="server"
                            Display="Dynamic" ControlToValidate="UserName" ForeColor="DarkRed"
                            ErrorMessage="*User Name is required."
                            ToolTip="User Name is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                </tr>
                <tr>
                    <td align="center" colspan="2">
                        <asp:RegularExpressionValidator ID="RegularExpressionValidator4"
                            Display="Dynamic" runat="server" ControlToValidate="UserName"
                            ErrorMessage="Your Log In User Name may contain up to 20 characters, numbers, /_- and spaces.<br>"
                            ValidationExpression="^[\w/\-\s]{1,20}$" ForeColor="DarkRed"
                            ValidationGroup="RegisterGroup1"></asp:RegularExpressionValidator>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="Password" runat="server" MaxLength="10" TextMode="Password"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="PasswordRequired" runat="server"
                            Display="Dynamic" ControlToValidate="Password" ForeColor="DarkRed"
                            ErrorMessage="*Password is required."
                            ToolTip="Password is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="ConfirmPasswordLabel" runat="server" AssociatedControlID="ConfirmPassword">Confirm Password:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="ConfirmPassword" runat="server" MaxLength="10"
                            TextMode="Password"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="ConfirmPasswordRequired" runat="server"
                            Display="Dynamic" ControlToValidate="ConfirmPassword" ForeColor="DarkRed"
                            ErrorMessage="*Confirm Password is required."
                            ToolTip="Confirm Password is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                    </td>
                </tr>
                <tr>
                    <td align="center" colspan="2">
                        <asp:CompareValidator ID="PasswordCompare" runat="server" ControlToCompare="Password"
                            Display="Dynamic" ControlToValidate="ConfirmPassword" ErrorMessage="The Password and Confirmation Password do not match."
                            ForeColor="DarkRed" ValidationGroup="RegisterGroup1"></asp:CompareValidator>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="EmailLabel" runat="server" AssociatedControlID="UserEmail">E-mail:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="UserEmail" runat="server" MaxLength="50"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="EmailRequired" runat="server"
                            Display="Dynamic" ControlToValidate="UserEmail" ForeColor="DarkRed"
                            ErrorMessage="*E-mail is required."
                            ToolTip="E-mail is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                    </td>
                </tr>
                <tr>
                    <td align="center" colspan="2">
                        <asp:RegularExpressionValidator ID="RegularExpressionValidator1"
                          runat="server" ControlToValidate="UserEmail"
                            ErrorMessage="Please enter a valid Email address.<br>" ValidationExpression="^\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"
                            Display="Dynamic" ForeColor="DarkRed" ValidationGroup="RegisterGroup1"></asp:RegularExpressionValidator>
                        <asp:Label ID="FailureEmail" runat="server" Text=""></asp:Label>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="FirstNameLabel" runat="server" AssociatedControlID="FirstName">First Name:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="FirstName" runat="server" MaxLength="20"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="FirstNameRequired" runat="server"
                            Display="Dynamic" ControlToValidate="FirstName" ForeColor="DarkRed"
                            ErrorMessage="*First Name is required."
                            ToolTip="First Name is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                    </td>
                </tr>
                <tr>
                    <td align="right" valign="baseline">
                        <asp:Label ID="LastNameLabel" runat="server" AssociatedControlID="LastName">Last Name:</asp:Label></td>
                    <td align="left">
                        <asp:TextBox ID="LastName" runat="server" MaxLength="20"></asp:TextBox>
                        <asp:RequiredFieldValidator ID="LastNameRequired" runat="server"
                            Display="Dynamic" ControlToValidate="LastName" ForeColor="DarkRed"
                            ErrorMessage="*Last Name is required."
                            ToolTip="Last Name is required." ValidationGroup="RegisterGroup1"></asp:RequiredFieldValidator>
                    </td>
                </tr>
                <tr>
                    <td align="center" colspan="2">
                        <asp:Button ID="RegisterButton" runat="server" Text="Register"
                            ValidationGroup="RegisterGroup1" /><br />
                        <asp:Label ID="ResponseMsgBottom" runat="server" Text="" ></asp:Label>
                        <br />
                        <asp:ValidationSummary ID="ValidationSummary1" ValidationGroup="RegisterGroup1"
                            runat="server" ForeColor="DarkRed"
                            DisplayMode="SingleParagraph" />
                    </td>
                </tr>
            </table>
        </asp:Panel>
        <asp:Panel runat="server" ID="SuccessContainer" Visible="False">
            <table border="0" cellpadding="0">
                <tr>
                    <td align="center">
                        Thank you!</td>
                </tr>
                <tr>
                    <td align="left">
                        <ul>
                            <li>Your account has been registered.</li>
                        </ul>
                    </td>
                </tr>
            </table>
        </asp:Panel>
    </div>
</asp:Content>


Registration page Code Behind

Imports System.Data
Imports System.Data.SqlClient
Imports System.Web.HttpContext


Partial Class Register
    Inherits System.Web.UI.Page


    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Me.UserName.Focus()    ' set focus....

    End Sub


    Protected Sub RegisterButton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles RegisterButton.Click

        Try
            Me.ResponseMsgBottom.Text = ""
            Me.FailureEmail.Text = ""
            Me.ResponseMsgTop.Text = ""

            Dim username As String = Me.UserName.Text
            Dim password As String = Me.Password.Text
            Dim confirmpassword As String = Me.ConfirmPassword.Text
            Dim useremail As String = Me.UserEmail.Text
            Dim firstname As String = Me.FirstName.Text
            Dim lastname As String = Me.LastName.Text

            ' server side validation...
            If String.IsNullOrEmpty(username) Or String.IsNullOrEmpty(password) _
                 Or String.IsNullOrEmpty(confirmpassword) Or String.IsNullOrEmpty(useremail) _
                 Or String.IsNullOrEmpty(firstname) Or String.IsNullOrEmpty(lastname) Then
                Me.ResponseMsgBottom.Text = "You must enter a User Name, Password, Email Address, First and Last Name."
            ElseIf Not FormUtility.IsValidName(username) Then
                Me.ResponseMsgBottom.Text = "Your Log In User Name may contain up to 20 characters, numbers, /_- and spaces."
            ElseIf CStr(password) <> CStr(confirmpassword) Then
                Me.ResponseMsgBottom.Text = "The Password and Confirmation Password must match."
            ElseIf Len(username) > 20 Then
                Me.ResponseMsgBottom.Text = "Your Log In User Name may contain up to 20 characters."
            ElseIf Len(password) > 10 Then
                Me.ResponseMsgBottom.Text = "Your Password may contain up to 10 characters."
            ElseIf Not FormUtility.IsValidEmail(useremail) Then
                Me.ResponseMsgBottom.Text = "You must enter a valid Email Address in username@domain.com format. You will not be able to post until your e-mail is verified."
            ElseIf Len(firstname) > 20 Then
                Me.ResponseMsgBottom.Text = "Your First Name may contain up to 20 characters."
            ElseIf Len(lastname) > 20 Then
                Me.ResponseMsgBottom.Text = "Your Last Name may contain up to 20 characters."
            Else

                Dim logintext As String = "Please enter another, or " & _
                    "<a href=""" & ResolveClientUrl("~/login/login.aspx") & """>Log In</a> to your existing account or " & _
                    "<a href=""" & ResolveClientUrl("~/login/PasswordRecover.aspx") & """>Recover</a> your Log In Name and Password."

                ' check for duplicates
                Dim dupeCheck As String = ""

                dupeCheck = Membership.GetUserNameByEmail(useremail)
                If Not String.IsNullOrEmpty(dupeCheck) Then
                    Me.ResponseMsgBottom.Text = "The Email entered is already in use. " & logintext
                    Me.FailureEmail.Text = Me.ResponseMsgBottom.Text
                    Me.ResponseMsgTop.Text = Me.ResponseMsgBottom.Text
                    Return
                End If

                Dim myMemberW As New ShiningStar.SSSMembershipProviderWrapper
                dupeCheck = myMemberW.GetUserNameByUserName(username)
                If Not String.IsNullOrEmpty(dupeCheck) Then
                    Me.ResponseMsgBottom.Text = "The User Name entered is already in use. " & logintext
                    Me.ResponseMsgTop.Text = Me.ResponseMsgBottom.Text
                    Return
                End If


                Dim createdate, lastactivitydate As Date
                createdate = Now()
                lastactivitydate = Now()

                Dim IPaddress As String = Current.Request.ServerVariables("Remote_Addr")
                Dim myUser As New ShiningStar.SSSMembershipUser("")
                myUser = myMemberW.CreateUser(username, password, useremail, firstname, _
                    lastname, createdate, lastactivitydate, IPaddress)


                Me.RegisterContainer.Visible = False
                Me.SuccessContainer.Visible = True
                Return
            End If
            Me.ResponseMsgTop.Text = Me.ResponseMsgBottom.Text ' copy to top message as well
            Return
        Catch ex As Exception
            Me.ResponseMsgBottom.Text = ex.ToString
        End Try

    End Sub

End Class


FormUtility Class and RegEx

Imports Microsoft.VisualBasic

Public Class FormUtility

    ' put Functions that handle forms in here and Import on only pages that use these functions...

#Region "Javascript Built Functions"

#Region "SetFocus"

    ' http://ryanfarley.com/blog/archive/2004/12/21/1325.aspx
    ' setfocus in C#

    ' nkt: used on form pages in the Page_Load function to set the focus 
    ' of a form field when using masterpages and contentplaceholders
    ' it writes a javascript function

    Public Shared Sub SetFocusControl(ByVal control As Control)
        Dim sb As StringBuilder = New StringBuilder
        With sb
            .Append("" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "<script language='JavaScript'>" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("<!--" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("function SetFocus()" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("{" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("" & Microsoft.VisualBasic.Chr(9) & "document.")
            Dim p As Control = control.Parent
            While Not (TypeOf p Is System.Web.UI.HtmlControls.HtmlForm)
                p = p.Parent
            End While
            .Append(p.ClientID)
            .Append("['")
            .Append(control.UniqueID)
            .Append("'].focus();" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("}" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("window.onload = SetFocus;" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("// -->" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("<" & "/script>")
        End With
        control.Page.ClientScript.RegisterClientScriptBlock(control.GetType, "SetFocus", sb.ToString)
    End Sub

#End Region

#Region "WindowOpen for Popups"

    ' nkt: used to pop open windows...

    Public Shared Function WindowOpen() As String
        Dim sb As StringBuilder = New StringBuilder
        With sb
            .Append("" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "<script language='JavaScript'>" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("<!--" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("function winopen(url,stuff,morestuff)" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("{" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("   " & Microsoft.VisualBasic.Chr(9) & "window.open(url,stuff,morestuff);")
            .Append("" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("}" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("// -->" & Microsoft.VisualBasic.Chr(13) & "" & Microsoft.VisualBasic.Chr(10) & "")
            .Append("<" & "/script>")
        End With
        WindowOpen = sb.ToString
    End Function

#End Region

#End Region


    Public Shared Function IsValidEmail(ByVal strIn As String) As Boolean
        ' Return true if strIn is in valid e-mail format.
        Return Regex.IsMatch(strIn, ("^\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"))
    End Function

    Public Shared Function IsValidName(ByVal strIn As String) As Boolean
        Return Regex.IsMatch(strIn, ("^[\w/\-\s]{1,20}$"))
    End Function

End Class

We are now ready to begin Step 14.

Steps for Creating a Custom Membership Provider and Membership User utilizing a DataSet Table Adapter:

Introduction: Creating a Custom Membership Provider and Membership User utilizing a DataSet Table Adapter.
Step 1: Creating the Project and Folders.
Step 2: Table Data Structure and Web.config for this Tutorial.
Step 3: Creating The DataSet.
Step 4: Creating the Table Adapter Methods for GetUserByLogin, GetUserByUserName, and InsertUser.
Step 5: Creating our Custom MembershipProvider Class.
Step 6: Adding Properties to Our Custom MembershipProvider Class.
Step 7: Creating Our Custom MembershipUser Class.
Step 8: Customizing our MembershipProvider Class.
Step 9: Our Custom RoleProvider Class.
Step 10: Our Master page.
Step 11: Our Cookie Handler class.
Step 12: Our Log In page.
Step 13: Our Register page.
Step 14: Our Log Out page.
Step 15: Our Change Password page.
Step 16: Our Administration page.
Step 17: Loading a Menu Programmatically based on Roles.
Step 18: Our Default page.
Download the ZIP files:
VB: ShiningStarCustomMemberProviderTutorial.zip
© Copyright 1997-2017 Shining Star Services LLC, Nannette Thacker. All Rights Reserved.