I added 3 new fields ( MW2 GUID, XAC GUID & Wegame GUID) to the registration page which requires users to enter additional information which the gets stored in the DB and it then gets displayed in their profiles
Registration page:
http://mplayerleague.com/mw2/Register.asp
Profile Page:
http://mplayerleague.com/mw2/ViewProfile.asp?ID=1
Since these are mandatory fields the user will have to enter this information in order to register, but there may be a reason this info will have to be edited so i have created a GUID edit form which can only be used by site admins.
When I enter the information and submit it the page returns "Account Updated Successfully", but when i check the user's profile (or the db itself) the data is not there.
Im pretty sure it has something to do with this section of code (see below) but am not sure exactly.
Code:
'/CHECK IF GUID's HAVE BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
If bMW2GUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET MW2GUID = '" & frmMW2GUID & "")
End If
If bXACGUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET XACGUID = '" & frmXACGUID & "")
End If
If bWGGUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET WGGUID = '" & frmWGGUID & "")
End If
Call AdminLog("Edit Account", "Updated account #" & iAccountID & ".")
bComplete = TRUE
oRs.Close
Set oRs=Nothing
dbcon.Close
Set dbcon=Nothing
Set rSQL=Nothing
Below is the code for the entire page.
Code:
<!-- #Include File='../includes/inc_includes.asp' -->
<!-- #Include File='includes/level3.asp'-->
<%
If Request.Form("UpdateAccount") <> "" Then
' VALIDATE FORM INPUTS
iAccountID = Request.QueryString("ID")
frmMW2GUID = Replace( Replace( Request.Form("MW2GUID"), "'", "''"), "%", "%")
frmXACGUID = Replace( Replace( Request.Form("XACGUID"), "'", "''"), "%", "%")
frmWGGUID = Replace( Replace( Request.Form("WGGUID"), "'", "''"), "%", "%")
ActivationCode = ActCode(10)
Set dbcon=DBConnect(DB_MAIN)
rSQL="SELECT * FROM Members WHERE AccountID = " & iAccountID
Set oRs=DBRecordSet(dbcon, rSQL)
If oRs("AccessLevel") => Session(CURRENT_ABBR & "_AccessLevel") AND Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then
Response.Redirect("UnAuthorized.asp")
End If
If Session(CURRENT_ABBR & "_AccessLevel") < 9 Then
frmMemberLevel = oRs("MemberLevel")
End If
If frmMW2GUID = "" THEN
Response.Redirect("Error.asp?error=MW2GUID")
ELSE
If Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then
bValidMW2GUID = RegExpTest(frmMW2GUID, "MW2GUID")
IF NOT bValidMW2GUID THEN
Response.Redirect("Error.asp?error=MW2GUID")
END IF
End If
END IF
If frmXACGUID = "" THEN
Response.Redirect("Error.asp?error=XACGUID")
ELSE
If Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then
bValidXACGUID = RegExpTest(frmXACGUID, "XACGUID")
IF NOT bValidXACGUID THEN
Response.Redirect("Error.asp?error=XACGUID")
END IF
End If
END IF
If frmWGGUID = "" THEN
Response.Redirect("Error.asp?error=WGGUID")
ELSE
If Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then
bValidWGGUID = RegExpTest(frmWGGUID, "WGGUID")
IF NOT bValidWGGUID THEN
Response.Redirect("Error.asp?error=WGGUID")
END IF
End If
END IF
'/VALIDATE FORM INPUTS
'CHECK IF MW2 GUID HAS BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
If frmUsername <> oRs("MW2GUID") THEN
rSQL = "SELECT AccountID FROM Members WHERE MW2GUID = '" & frmMW2GUID & "'"
Set rs = DBRecordSet(dbcon, rSQL)
If NOT rs.EOF OR NOT rs.BOF Then
rs.Close
Set rs=Nothing
dbcon.Close
Set dbcon=Nothing
Set rSQL=Nothing
Response.Redirect("error.asp?error=MW2GUIDtaken")
End If
rs.Close
Set rs=Nothing
Set rSQL=Nothing
End If
'/CHECK IF USERNAME HAS BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
'CHECK IF X-RAY AC GUID HAS BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
If frmUsername <> oRs("XACGUID") THEN
rSQL = "SELECT AccountID FROM Members WHERE XACGUID = '" & frmXACGUID & "'"
Set rs = DBRecordSet(dbcon, rSQL)
If NOT rs.EOF OR NOT rs.BOF Then
rs.Close
Set rs=Nothing
dbcon.Close
Set dbcon=Nothing
Set rSQL=Nothing
Response.Redirect("error.asp?error=XACGUIDtaken")
End If
rs.Close
Set rs=Nothing
Set rSQL=Nothing
End If
'/CHECK IF USERNAME HAS BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
'CHECK IF WeGame GUID HAS BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
If frmUsername <> oRs("WGGUID") THEN
rSQL = "SELECT AccountID FROM Members WHERE WGGUID = '" & frmWGGUID & "'"
Set rs = DBRecordSet(dbcon, rSQL)
If NOT rs.EOF OR NOT rs.BOF Then
rs.Close
Set rs=Nothing
dbcon.Close
Set dbcon=Nothing
Set rSQL=Nothing
Response.Redirect("error.asp?error=WGGUIDtaken")
End If
rs.Close
Set rs=Nothing
Set rSQL=Nothing
End If
'/CHECK IF GUID's HAVE BEEN CHANGED AND IF SO MAKE SURE IT ISNT ALREADY TAKEN
If bMW2GUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET MW2GUID = '" & frmMW2GUID & "")
End If
If bXACGUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET XACGUID = '" & frmXACGUID & "")
End If
If bWGGUIDChanged = TRUE Then
dbcon.execute("UPDATE Members SET WGGUID = '" & frmWGGUID & "")
End If
Call AdminLog("Edit Account", "Updated account #" & iAccountID & ".")
bComplete = TRUE
oRs.Close
Set oRs=Nothing
dbcon.Close
Set dbcon=Nothing
Set rSQL=Nothing
' SEND THE ACTIVATION CODE IF EMAIL ADDRESS HAS BEEN EDITTED
If bEmailChanged = TRUE Then
Set Mailer = Server.CreateObject("CDO.Message")
Set MailerCon = Server.CreateObject ("CDO.Configuration")
MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "relay-hosting.secureserver.net"
MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
' If your server requires outgoing authentication uncomment the lines bleow and use a valid email address and password.
'MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1 'basic (clear-text) authentication
'MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/sendusername") ="[email protected]"
'MailerCon.Fields("http://schemas.microsoft.com/cdo/configuration/sendpassword") ="[PASSWORD DELETED]"
MailerCon.Fields.Update
Set Mailer.Configuration = MailerCon
Mailer.From = "[email protected]"
Mailer.To = frmEmail
Mailer.Subject = "Your MPlayer " & GLOBAL_GAME_NAME & " League - Activation Code"
Mailer.TextBody = Mailer.TextBody & "----------------------------------------------------" & vbNewLine
Mailer.TextBody = Mailer.TextBody & " Automated @ The MPlayer League Network " & vbNewLine
Mailer.TextBody = Mailer.TextBody & "----------------------------------------------------" & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & frmUsername & "," & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Whilst your account was recently editted by " & Session(CURRENT_ABBR & "_Username") & ", a member of our adminsitration staff. Your Email address was changed, you are now required to re-activate your account using the code below. This is to ensure us that it is a valid email." & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Until this is done your account will not be useable." & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Activation Code: "&ActivationCode&"" & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Username: "&frmUsername&"" & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Password: "&Decrypt(frmPassword, "bleh")&"" & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Simply login to your account using the information above, once you have done this you will be prompted to enter your Activation Code. Once you have entered your correct Activation Code your account will be activated giving you the ability once again to compete on the MPlayer " & GLOBAL_GAME_NAME & " Gaming League." & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Once logged in you can experience many of the advanced features the MPlayer League has to offer -- for a full list of our network features go to http://www.mplayerleague.com" & vbNewLine & vbNewLine
Mailer.TextBody = Mailer.TextBody & "Regards," & vbNewLine
Mailer.TextBody = Mailer.TextBody & "MPlayer League."
Set Mailer = Nothing
Set MailerCon = Nothing
End If
' /SEND THE ACTIVATION CODE IF EMAIL ADDRESS HAS BEEN EDITTED
End If
%>
<!-- #Include File="includes/inc_header.asp" -->
<!-- #Include File="../includes/inc_top.asp" -->
<br><br>
<DIV ALIGN="Center">
<TABLE WIDTH="592" HEIGHT="65" BORDER="0" CELLPADDING="5" CELLSPACING="0" BACKGROUND="<%=GLOBAL_SITE_IMAGES_PATH%>/main_infobox.jpg">
<TD>
<TABLE WIDTH="92%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="center">
<TR>
<TD WIDTH="43" VALIGN="Center">
<DIV ALIGN="Center"><IMG SRC="<%=GLOBAL_SITE_IMAGES_PATH%>/GameIcon.gif" WIDTH="32" HEIGHT="32"></DIV>
</TD><TD>
<FONT STYLE="FONT-SIZE: 8pt" FACE="Verdana, Arial, Helvetica, sans-serif" COLOR="#FFFFFF">
<B>MPlayer League Administration</B><br>
All actions are logged abuse your access and be punished accordingly.
</FONT>
</TD>
</TR>
</TABLE>
</TD>
</TABLE>
</DIV>
<br>
<%
AccountID = Request.QueryString("ID")
Set dbcon=DBConnect(DB_MAIN)
rSQL = "SELECT * FROM MEMBERS WHERE AccountID = " & AccountID
Set rs=DBRecordSet(dbcon, rSQL)
Call AdminLog("Edit Account", "Accessed account #" & iAccountID & ", '" & rs("Username") & "'.")
If rs("AccessLevel") => Session(CURRENT_ABBR & "_AccessLevel") AND Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then
Response.Redirect("UnAuthorized.asp")
End If
%>
<!-- MAIN SITE CONTENT-->
<DIV ALIGN="Center">
<TABLE WIDTH="98%" CELLPADDING="0" CELLSPACING="0" BORDER="0">
<TD WIDTH="19" HEIGHT="58" VALIGN="Top"><IMG SRC="<%=GLOBAL_SITE_IMAGES_PATH%>/Titlebar_left.jpg" WIDTH="19" HEIGHT="58"></TD>
<TD HEIGHT="58" VALIGN="Center" BACKGROUND="<%=GLOBAL_SITE_IMAGES_PATH%>/Titlebar_Background.jpg" NOWRAP>
<Font color="white" face="verdana" size="2">
<B> Edit Account: <%=AccountID%> (<%=rs("Username")%>)</B>
</font>
</TD>
<TD WIDTH="100%" HEIGHT="58" VALIGN="Center" ALIGN="RIGHT" BACKGROUND="<%=GLOBAL_SITE_IMAGES_PATH%>/Titlebar_Background.jpg">
<Font color="white" face="verdana" size="2">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<a href="#">View Account</a> |
<b>Edit Account</b>
<% If Session(CURRENT_ABBR & "_AccessLevel") => 7 Then
If rs("AccessLevel") => Session(CURRENT_ABBR & "_AccessLevel") AND Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then %>
| <s>Set Access</s>
<% Else %>
| <a href="AccessControl.asp?ID=<%=rs("AccountID")%>">Set Access</a>
<% End If
End If
If Session(CURRENT_ABBR & "_AccessLevel") => 9 Then
If rs("AccessLevel") => Session(CURRENT_ABBR & "_AccessLevel") AND Session(CURRENT_ABBR & "_AccessLevel") <> 10 Then %>
| <s>Delete Account</s>
<% Else %>
| <a href="DeleteAccount.asp?ID=<%=rs("AccountID")%>">Delete Account</a>
<% End If
End If %>
</font>
</TD>
<TD WIDTH="116" HEIGHT="58" VALIGN="Top"><IMG SRC="<%=GLOBAL_SITE_IMAGES_PATH%>/Titlebar_right.jpg" WIDTH="116" HEIGHT="58"></TD>
</TABLE>
<br>
<TABLE WIDTH="96%" CELLPADDING="0" CELLSPACING="0" BORDER="0">
<TD WIDTH="100%" CLASS="mbody">
The form below will allow you to edit the settings and preferences for this account.<br><br>
<b>Note:</b> If the email address is changed the account will be <b><i>de-activated</i></b> until the user has recieved the activation email and followed the instructions enclosed. This is to ensure that you/they use a valid email address for the account, de-activation will take place immediately after submition. Once you have finished modifying the account, check it is correct before submitting as your changes will take effect immediately.
<br><br>
The asterisk <b>*</b> denotes a required field.
<br><br>
<% IF bComplete = TRUE THEN %>
<font color=red>
<b>Account Updated Successfully</b>
</font>
<br><br>
<% END IF %>
<DIV ALIGN="Center">
<FORM NAME="EditAccount" ACTION="<%=Request.ServerVariables("URL")%>?ID=<%=AccountID%>" METHOD="POST">
<IMG SRC="../Images/Header_playerinfo.jpg" WIDTH="500" HEIGHT="30"><BR>
<TABLE cellSpacing=0 cellPadding=0 width=480 border=0>
<TR>
<TD class=mbody width=125><b>Username*</b></TD>
<TD class=mbody width=245><%=rs("Username")%></TD>
</TR>
<TR>
<TD class=mbody width=125><b>Email Address*</b></TD>
<TD class=mbody width=245><%=rs("Email")%></TD>
</TR>
<TR>
<TD class=mbody width=125><b>MW2 GUID*</b></TD>
<TD class=mbody width=350><input name="MW2GUID" type="text" class="idtext" maxlength="150" value="<%=rs("MW2GUID")%>" style="width:300px;"></TD>
</TR>
<TR>
<TD class=mbody width=125><b>X-ray AC GUID*</b></TD>
<TD class=mbody width=350><input name="XACGUID" type="text" class="idtext" maxlength="150" value="<%=rs("XACGUID")%>" style="width:300px;"></TD>
</TR>
<TR>
<TD class=mbody width=125><b>WeGame GUID*</b></TD>
<TD class=mbody width=350><input name="WGGUID" type="text" class="idtext" maxlength="150" value="<%=rs("WGGUID")%>" style="width:300px;"></TD>
</TR></TABLE>
<TR>
<TD colspan="2" align="center" class=mbody width="100%"><br><INPUT name="UpdateAccount" type="submit" value=" Update Account " class="button"></TD>
</TR>
</TABLE>
<%
rs.Close
Set rs=Nothing
dbcon.Close
Set dbcon=Nothing
%>
</FORM>
</DIV>
<br><br>
<CENTER>
<table border="1" bordercolor="#666666" cellspacing="0" cellpadding="3">
<tr bordercolor="#333333">
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Pending Team Invitations</b>
</td>
</tr>
</table>
</CENTER>
<br>
Listed below are all of this accounts invitations to join teams on this league. You may accept or decline the invitations for this user aslong as it has been requested - however you may only accept one of the invitations. Once this account is associated with a team all pending invations will be void.
<br><br>
<DIV ALIGN="Center">
<FORM NAME="UpdateInvites" ACTION="Update_Invites.asp?u=player" METHOD="POST">
<table width="100%" cellspacing="1" cellpadding="2" border="0">
<tr>
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Team</b>
</td>
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Status</b>
</td>
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Date/Time</b>
</td>
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Accept</b>
</td>
<td align="center" valign="center" bgcolor="#4A4E66">
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<b>Decline</b>
</tr>
<%
Counter=1
Set dbcon=DBConnect(DB_MAIN)
rSQL = "SELECT * FROM TeamInvites WHERE AccountID = " & AccountID & " AND Status = 'Pending...' ORDER BY TimeDate DESC"
Set inv = DBRecordSet(dbcon, rSQL)
Do until inv.eof
rSQL = "SELECT * FROM Teams WHERE TeamID = " & inv("TeamID")
Set team = DBRecordSet(dbcon, rSQL)
%>
<tr>
<td valign="center" <% If Counter=1 Then Response.Write"bgcolor='#545860'" Else Response.Write"bgcolor='#4A4E55'" End If %>>
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<%=team("TeamName")%>
</td>
<td align="center" valign="center" <% If Counter=1 Then Response.Write"bgcolor='#545860'" Else Response.Write"bgcolor='#4A4E55'" End If %>>
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<%=inv("Status")%>
</td>
<td align="center" valign="center" <% If Counter=1 Then Response.Write"bgcolor='#545860'" Else Response.Write"bgcolor='#4A4E55'" End If %>>
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<%=fncFmtDate(inv("TimeDate"), "%b %d%O %Y @ %H:%N")%>
</td>
<td align="center" valign="center" <% If Counter=1 Then Response.Write"bgcolor='#545860'" Else Response.Write"bgcolor='#4A4E55'" End If %>>
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<input type="checkbox" name="<%=inv("RequestID")&"_Accept"%>" value="Yes">
</td>
<td align="center" valign="center" <% If Counter=1 Then Response.Write"bgcolor='#545860'" Else Response.Write"bgcolor='#4A4E55'" End If %>>
<font style="FONT-SIZE: 8pt" face="Arial, Helvetica, sans-serif" color="#ffffff">
<input type="checkbox" name="<%=inv("RequestID")&"_Decline"%>" value="Yes">
</td>
</tr>
<%
team.close
Set team=Nothing
If Counter = 2 Then
Counter = 1
Else
Counter=Counter+1
End If
inv.MoveNext
Loop
inv.Close
Set inv=Nothing
Set rSQL=Nothing
%>
</table>
<br>
<input type="submit" name="updateinvites" class="button" value=" Update Invitations ">
</FORM>
</TD>
</TABLE>
</DIV>
<!-- /MAIN SITE CONTENT-->
<!--#Include File="includes/inc_footer.asp"-->
Thank you for your help.
Data not posting to the DB
