 |
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0  | This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640 |
|
Welcome to the p2p.wrox.com Forums.
You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
|
|

February 14th, 2009, 11:10 PM
|
|
Authorized User
|
|
Join Date: Oct 2008
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
|
|
Question about authorization of new users.
After a user registers, i send an email to make them "validate" essentially. Pretty standard for most sites now-a-days. Anyway, when a user clicks on the link, i validate against userid and guid then auto-log them in. (I hate when i have to login after verifying myself on other sites). Anyway, back to the question...The auo-login is working, but what I would like to do is add a special "welcome, thanks, etc." message at this time. But not sure how to tell it is first time login. The way I get back to default.aspx from the verification link is by calling this function:
"FormsAuthentication.RedirectFromLoginPage(userInf o.UserName, False)" after authorization of userid. THis is the only time i would display this message. Hope this was clear enough. Thanks.
|
|

February 15th, 2009, 01:01 AM
|
 |
Wrox Author
|
|
Join Date: Jan 2008
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
|
|
Instead of using the RedirectFromLoginPage method, use the SetAuthCookie method instead.
The SetAuthCookie method creates an authentication ticket for the supplied user name and adds it to the cookies collection of the response, but doesn't do an automatic redirect.
That gives you a chance to show them whatever message you want. Then, you can do the redirect manually using Response.Redirect.
|
|

February 15th, 2009, 04:07 PM
|
|
Authorized User
|
|
Join Date: Oct 2008
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
|
|
Lee, i am calling SetAuthCookie then callling RedirectFromLoginPage. I was calling my own redirect, but the LoginControl was not recognizing i was logged in. It still said "Login | Register" If you know how to alert the LoginControl, please let me know. I couldn't figure it out. THis is the code i am using:
userInfo.IsApproved = True
Membership.UpdateUser(userInfo) FormsAuthentication.SetAuthCookie(userInfo.UserNam e, False)
FormsAuthentication.RedirectFromLoginPage(userInfo .UserName, False)
-s
Last edited by scottlucas58; February 15th, 2009 at 05:32 PM..
|
|

February 15th, 2009, 06:02 PM
|
 |
Wrox Author
|
|
Join Date: Jan 2008
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
|
|
If you are using SetAuthCookie, there there is no reason to also use RedirectFromLoginPage.
RedirectFromLoginPage basically combines the functions of SetAuthCookie and Response.Redirect into one method. All you are doing is setting the cookie twice.
What I am suggesting is to NOT use RedirectFromLoginPage at all, but to separate these functions: - SetAuthCookie
- Show your message, with perhaps a "Continue" button or hyperlink
- On button click, use Response.Redirect to direct them where you want (back to the login page, their account page, wherever), or just let the hyperlink take care of sending them to the right place.
They will be authenticated when #3 happens, because the authentication ticket will be included in a cookie that is sent with the response.
Does that make sense?
|
|

February 15th, 2009, 06:42 PM
|
|
Authorized User
|
|
Join Date: Oct 2008
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
|
|
That is essentially what i did at first. After SetAuthCookie i redirected to default.aspx and tried to use the WelcomeBox as a legitimate welcome box with the additional one-time text to let them know they were logged in. The problem is this "asp:LoginView" control i put at the top of the master page.
The "LoggedinTemplate" still indicates the need for the user to "Sign-in/Register". I appreciate your help.
P.S. Just read your new blog post in ListView. Nice work.
|
|

February 17th, 2009, 06:10 PM
|
 |
Wrox Author
|
|
Join Date: Jan 2008
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
|
|
Okay, I wasn't ware you were using the Welcome box. I thought maybe you were showing a popup or something like that.
Have you considered handling this in the actual page that verifies the userid guid? That's what I always do.
You have a Page_Load event on this page that reads the querystring and does the actual verification.
Then, if the verification passes, you have do one of the following: - show a message on that page that says "Welcome to the site, blah blah blah" with a link that brings them to the default page, OR ...
- Redirect to the Default page with a querystring value, maybe like Default.aspx?firstTime=true and then customize the Welcome box message based on that querystring value.
|
|
The Following User Says Thank You to Lee Dumond For This Useful Post:
|
|
|

February 18th, 2009, 08:43 PM
|
|
Authorized User
|
|
Join Date: Oct 2008
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
|
|
Thanks
Quote:
Originally Posted by Lee Dumond
Okay, I wasn't ware you were using the Welcome box. I thought maybe you were showing a popup or something like that.
Have you considered handling this in the actual page that verifies the userid guid? That's what I always do.
You have a Page_Load event on this page that reads the querystring and does the actual verification.
Then, if the verification passes, you have do one of the following: - show a message on that page that says "Welcome to the site, blah blah blah" with a link that brings them to the default page, OR ...
- Redirect to the Default page with a querystring value, maybe like Default.aspx?firstTime=true and then customize the Welcome box message based on that querystring value.
|
Just wanted to let you know I appreciate all of your help. I figure something out. I still have a million other quirks to solve.
|
|

February 18th, 2009, 08:55 PM
|
 |
Wrox Author
|
|
Join Date: Jan 2008
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
|
|
Please do let me know what you come up with. Maybe your solution will be better than the one I usually use.
If so, I will feel no compunction about um, "borrowing" it from you for future use. 
|
|

February 25th, 2009, 07:26 PM
|
|
Friend of Wrox
|
|
Join Date: Feb 2009
Posts: 105
Thanks: 3
Thanked 20 Times in 19 Posts
|
|
This is something I would like to add to my version of TBH. Could you post more details (maybe some code) as to how you are handling/processing this validation, both from the user creation form and the resulting validation form.
Thanks
|
|

February 26th, 2009, 12:37 AM
|
|
Authorized User
|
|
Join Date: Oct 2008
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
|
|
my validation
I went back to my original method (like what Lee suggested..Thanks Lee) using a querystring variable in the call to default.aspx.
I put the request.querystring("firstime") in my WelcomeBox code behind.
Originally i didn't like having anything in the querystring (i.e, default.aspx?firstime=1"). It worked but seemed kinda 1995ish. So what i did was create a url map in my web.config
<urlMappings>
<add url="~/welcome.aspx" mappedUrl="~/default.aspx?firstime=1"/>
</urlMappings>
I created a page call verify.aspx
Inside the aspx page is:
<asp:ContentID="Content1"ContentPlaceHolderID="MainContent"Runat="Server">
<h2>Account Verification</h2>
<p><asp:LabelID="InformationLabel"runat="server"></asp:Label></p>
</asp:Content>
Nothing is really seen unless there is an error.
Verify.aspx. vb:
Code:
Partial Class Verify
Inherits BasePage
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load'Make sure that a valid querystring value was passed through Dim rq AsString = Request.QueryString("ID") If String.IsNullOrEmpty(rq) OrElse Not _ Regex.IsMatch(rq, "[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}") Then InformationLabel.Text = "An invalid ID value was passed in through the querystring." Else
'ID exists and is kosher, see if this user is already approved Dim userId As Guid = New Guid(rq) 'Get information about the user Dim userInfo As MembershipUser = Membership.GetUser(userId) If userInfo IsNothingThen 'Could not find user! InformationLabel.Text = "The user account could not be found in the membership database." Else
userInfo.IsApproved = True 'User is valid, approve them Membership.UpdateUser(userInfo) 'save info 'autologin and redirect FormsAuthentication.SetAuthCookie(userInfo.UserName, False) Response.Redirect("~/welcome.aspx") End If End If
End Sub End Class
The CreateWizard Marco designed from register.aspx is what i started with. I added another required field and made user name and email the same, so email is user name.
But you don't have to. Hope this helps.
|
|
 |