Form allows multiple user to register same userid

shresthaal · April 22nd, 2004, 12:45 AM

I used this page to register user for my web page. But the form allows users to register same userid. Does not give any error message.

<%@ Page Language="VB" %>
<script runat="server">

 Function insertUser(ByVal userID As String, ByVal firstname As String, ByVal lastname As String, ByVal address As String, ByVal email As String, ByVal password As String) As Integer
 Dim connectionString As String = "server=servername; database=databasename; uid=userid; pwd=password;"
 Dim dbConnection As System.Data.IDbConnection = New System.Data.SqlClient.SqlConnection(connectionStri ng)

 Dim queryString As String = "INSERT INTO [userTable] ([userID], [firstname], [lastname], [address]"& _
 ", [email], [password]) VALUES (@userID, @firstname, @lastname, @address"& _
 ", @email, @password)"
 Dim dbCommand As System.Data.IDbCommand = New System.Data.SqlClient.SqlCommand
 dbCommand.CommandText = queryString
 dbCommand.Connection = dbConnection

 Dim dbParam_userID As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userID.ParameterName = "@userID"
 dbParam_userID.Value = userID
 dbParam_userID.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userID)
 Dim dbParam_userFirstName As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userFirstName.ParameterName = "@firstname"
 dbParam_userFirstName.Value = firstname
 dbParam_userFirstName.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userFirstName)
 Dim dbParam_userLastName As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userLastName.ParameterName = "@lastname"
 dbParam_userLastName.Value = lastname
 dbParam_userLastName.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userLastName)
 Dim dbParam_userAddress As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userAddress.ParameterName = "@address"
 dbParam_userAddress.Value = address
 dbParam_userAddress.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userAddress)
 Dim dbParam_userEmail As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userEmail.ParameterName = "@email"
 dbParam_userEmail.Value = email
 dbParam_userEmail.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userEmail)
 Dim dbParam_userPass As System.Data.IDataParameter = New System.Data.SqlClient.SqlParameter
 dbParam_userPass.ParameterName = "@password"
 dbParam_userPass.Value = password
 dbParam_userPass.DbType = System.Data.DbType.StringFixedLength
 dbCommand.Parameters.Add(dbParam_userPass)

 Dim rowsAffected As Integer = 0
 dbConnection.Open
 Try
 rowsAffected = dbCommand.ExecuteNonQuery
 Catch ex As Exception
 Message.Text = "The User ID already Exists!!!"
 Finally
 dbConnection.Close
 End Try

 Return rowsAffected
 End Function

 Sub submitButton_Click(sender As Object, e As EventArgs)
 If Page.IsValid Then
 If InsertUser(txtUserID.Text, txtUserFirstName.Text, txtUserLastName.Text, txtUserAddr.Text, txtUserEmail.Text, txtUserPass.Text) > 0
 FormsAuthentication.SetAuthCookie(txtUserFirstName .Text, false)
 Response.Redirect("Login.aspx")
 End If
 End If
 End Sub

 Sub resetButton_Click(sender As Object, e As EventArgs)
 txtUserID.Text = ""
 txtUserFirstName.Text =""
 txtUserLastName.Text =""
 txtUserAddr.Text =""
 txtUserEmail.Text = ""
 txtUserPass.Text = ""
 Message.Text = ""

 End Sub

 Sub Button1_Click(sender As Object, e As EventArgs)
 Response.Redirect("default.aspx")
 End Sub

</script>
<html>
<head>
 <title>studentBooks Registration Page</title>
</head>
<body >
 <form runat="server">
 
 New User Registration 
 
 
 Please fill in all the required information
 
 
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label1" runat="server" forecolor="DarkBlue">First
 Name</asp:Label>     <asp:TextBox id="txtUserFirstName" runat="server" MaxLength="20" Width="144px"></asp:TextBox>
 <asp:RequiredFieldValidator id="firstNameValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserFirstName"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label2" runat="server" forecolor="DarkBlue">Last
 Name</asp:Label>    
 <asp:TextBox id="txtUserLastName" runat="server" MaxLength="20" Width="144px"></asp:TextBox>
  <asp:RequiredFieldValidator id="lastNameValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserLastName"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label3" runat="server" forecolor="DarkBlue">Address</asp:Label>      
  
 <asp:TextBox id="txtUserAddr" runat="server" MaxLength="30" Width="241px"></asp:TextBox>
  <asp:RequiredFieldValidator id="addressValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserAddr"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label4" runat="server" forecolor="DarkBlue">Email</asp:Label>      &nbs p;     
 <asp:TextBox id="txtUserEmail" runat="server" MaxLength="20" Width="144px"></asp:TextBox>
  <asp:RequiredFieldValidator id="emailValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserEmail"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p; 
    <asp:Label id="Label5" runat="server" forecolor="DarkBlue">User ID</asp:Label>      &nbs p;  <asp:TextBox id="txtUserID" runat="server" MaxLength="10" Width="144px"></asp:TextBox>
  
 <asp:RequiredFieldValidator id="IDValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserID"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label6" runat="server" forecolor="DarkBlue">Password</asp:Label>      <asp :TextBox id="txtUserPass" runat="server" MaxLength="15" Width="144px" TextMode="Password"></asp:TextBox>
   <asp:RequiredFieldValidator id="passValidator" runat="server" ErrorMessage="* Field Required" ControlToValidate="txtUserPass"></asp:RequiredFieldValidator>
 
 
         &n bsp;       &nbs p;     <asp:Label id="Label7" runat="server" forecolor="DarkBlue">Re
 enter Password</asp:Label>    
 <asp:TextBox id="txtRePass" runat="server" MaxLength="15" Width="144px" TextMode="Password"></asp:TextBox>
  
 <asp:CompareValidator id="ComparePass" runat="server" ErrorMessage="* Passwords MUST match" ControlToValidate="txtRePass" ControlToCompare="txtUserPass"></asp:CompareValidator>
 
 
 
 
 <asp:Button id="submitButton" onclick="submitButton_Click" runat="server" Text="Submit"></asp:Button>
         &n bsp;    
 <asp:Button id="resetButton" onclick="resetButton_Click" runat="server" Text="Clear" CausesValidation="False"></asp:Button>
 
 
 <asp:Label id="Message" runat="server"></asp:Label>
 
 
 <asp:HyperLink id="HyperLink1" runat="server" Font-Names="Times New Roman" Font-Size="Large">
 <a href= 'default.htm'>Back to Home</a>
 </asp:HyperLink>
  
 
 </form>
</body>
</html>

mjadhav · May 12th, 2004, 10:14 AM

Is the column userID in table userTable defined as Unique Constraint? If not, the database will not check for any duplicates.

Manish Jadhav