Solved

Check if user or email exist on database in a POST page

Posted on 2008-10-22
10
512 Views
Last Modified: 2008-10-23
Hi, I have a form which is using POST to another page to check for a captcha code for verification.  
I want to move a java script which works 'fine' to the posted page so It checks through a recordset if a username , password records already exists.  As I said It works fine if I take off the POST ACTION to the second page , but I cannot make it work whit the action.


page that gets the values from the form (post action to this page )
 

<% response.buffer=true

 level="../"%>

 

<!--include file="../include/connection.asp"-->

<!--#include file="../../Connections/sqlConn1.asp" -->

<!--#include file="../../Connections/sqlConn2.asp" -->

<!--#include file="../../Connections/sqlConn3.asp" -->

<!--#include file="rc4.inc"-->

 

<!-- Include file for CAPTCHA form processing -->

<!-- #include file="CAPTCHA/CAPTCHA_process_form.asp" -->    

<!-- Include file for CAPTCHA configuration -->

<!-- #include file="CAPTCHA/CAPTCHA_configuration.asp" -->

      

<%
 

' If "" & Request("txtemailid") <> "" Then

    'If Trim(Request("txtemailid")) <> "" Then 

    If blnCAPTCHAcodeCorrect <> True then

       'Place code here that is to run if CAPTCHA is NOT entered correctly

	   

	   Response.Write("CAPTCHA code is NOT correct")

	   Response.Redirect "index.asp?err=captcha"

	End If

	

	

	' checking email and user existence on database 
 

txtemailid = Request.Form("txtemailid") ' this is where i get the email from the form 

sql7 = " Select Email from Players Where Email = '"&txtemailid&"'"
 
 

set rs7 = Server.Createobject("ADODB.Recordset")

set rs7=conSQL.execute(sql7)

if not rs7.EOF then %>
 

<script language='Javascript'>

	alert('The Enter E-Mail already exist on our database , please enter a different e-mail ....'); 

						history.go(-1);

						</script>	

<% End If %>

<%
 

		

					

		txtuname=request.form("txtuname")

		txtemailid=request.form("txtemailid")

		set rs = Server.Createobject("ADODB.Recordset")

		sql = "select * from Players where SSN='"&txtuname&"'"

		rs.open sql,conSQL

		if rs.BOF then 

		set rs2 = Server.Createobject("ADODB.Recordset")

		sql1 = "select count(*) as memcon from Players where courseID="&txtcourseid&" and memberid='"&txtmemberid&"'"

		sql11 = "select count(*) as memcon from Players where courseID="&txtcourseid&" and Email='"&txtemailid&"'"

		set rs2=conSQL.execute(sql1)

		set rs2=conSQL.execute(sql11)

		if rs2("memcon") <> 0 then	%>

			

			

	<script language='Javascript'>

	alert('The Member Id in the selected course is Already Exists, Try Again....'); 

						history.go(-1);

						

					</script>

		<%	else	

		  	response.write("what")

			end if		

		else 

		%>

        

			<script language='Javascript'>

		  		alert('Username Already Exists, Try Again....') 

				history.go(-1)	

			</script>

			<%		

		end if

		'rs2.close

		'set rs2=nothing

Open in new window

0
Comment
Question by:RickyGtz
  • 6
  • 4
10 Comments
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 22781104
RickyGtz,

By Javascript you mean running on the clientside (i..e the browser side), right?  It can't check a database on the server.  You will need to use ASP script to do it.

Let me know if you have any questions or need more information.  If I have misunderstood then let me know.

b0lsc0tt
0
 

Author Comment

by:RickyGtz
ID: 22787607
Did you see the code above, I mean with a querie to Database, and In VB - Asp classic.
<script language='Javascript'>
      alert('The Member Id in the selected course is Already Exists, Try Again....');
                                    history.go(-1);
                                    
                              </script>
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 22787915
I did see the code but it didn't completely make sense with how I read the question so I mainly responded on that.
I really recommend you set this up to not use javascript to show the error.  Also have your server script do the redirect if there is an error.
Response.Redirect "formPageName.asp"
You can use the URL (i.e. the query string) to send the error message or use a session variable.  The form page will need code to look for it and print it but this is a better way to do this.  Don't depend on Javascript or flash a quick message and redirect.  Instead this will cause the form page to appear again with the error message (i.e. maybe above the form or next to the field).  If there is a lot of other info that was entered that is valid then you could even use the same method to prefill the form page.
Sorry if I didn't completely understand this earlier.  I hope this is better but feel free to clarify if something is still off in how I seem to read this.  I can provide details on the asp code for either page to show the message if you need it.  Just decide how you want it sent (i.e. url, session variable, etc).  Let me know if you have a question about this or need more info.
bol
0
 

Author Comment

by:RickyGtz
ID: 22788182
Hi here i put the code, if you look at the line 27  you will see how I am trying to get this script to work quering the database and displaying and error pop up message.  Hope you can see what i am doing wrong.
<% response.buffer=true

 level="../"%>
 

<!--include file="../include/connection.asp"-->

<!--#include file="../../Connections/sqlConn1.asp" -->

<!--#include file="../../Connections/sqlConn2.asp" -->

<!--#include file="../../Connections/sqlConn3.asp" -->

<!--#include file="rc4.inc"-->
 

<!-- Include file for CAPTCHA form processing -->

<!-- #include file="CAPTCHA/CAPTCHA_process_form.asp" -->

<!-- Include file for CAPTCHA configuration -->

<!-- #include file="CAPTCHA/CAPTCHA_configuration.asp" -->
 

<%
 

' If "" & Request("txtemailid") <> "" Then

    'If Trim(Request("txtemailid")) <> "" Then

    If blnCAPTCHAcodeCorrect <> True then

       'Place code here that is to run if CAPTCHA is NOT entered correctly
 

	   Response.Write("CAPTCHA code is NOT correct")

	   Response.Redirect "index.asp?err=captcha"

	End If
 
 

	' checking email and user existence on database
 

txtemailid = Request.Form("txtemailid") ' this is where i get the email from the form

sql7 = " Select Email from Players Where Email = '"&txtemailid&"'"
 
 

set rs7 = Server.Createobject("ADODB.Recordset")

set rs7=conSQL.execute(sql7)

if not rs7.EOF then %>
 

<script language='Javascript'>

	alert('The Enter E-Mail already exist on our database , please enter a different e-mail ....');

						history.go(-1);

						</script>

<% End If %>

<%
 
 
 

		txtuname=request.form("txtuname")

		txtemailid=request.form("txtemailid")

		txtcourseid=request.form("txtcourseid")

		txtmemberid=request.form("txtmemberid")

		set rs = Server.Createobject("ADODB.Recordset")

		sql = "select * from Players where SSN='"&txtuname&"'"

		rs.open sql,conSQL

		if rs.BOF then

		set rs2 = Server.Createobject("ADODB.Recordset")

		sql1 = "select count(*) as memcon from Players where courseID="&txtcourseid&" and memberid='"&txtmemberid&"'"

		sql11 = "select count(*) as memcon from Players where courseID="&txtcourseid&" and Email='"&txtemailid&"'"

		set rs2=conSQL.execute(sql1)

		set rs2=conSQL.execute(sql11)

		if rs2("memcon") <> 0 then	%>
 
 

	<script language='Javascript'>

	alert('The Member Id in the selected course is Already Exists, Try Again....');

						history.go(-1);
 

					</script>

		<%	else

		  	response.write("what")

			end if

		else

		%>
 

			<script language='Javascript'>

		  		alert('Username Already Exists, Try Again....')

				history.go(-1)

			</script>

			<%

		end if

		'rs2.close

		'set rs2=nothing

	rs.close

	set rs = nothing

	' end if
 

			' Generating Random Number

		set RecsetRef= conSQL.execute("select max(referenceno) from Players")
 

		If isnull(RecsetRef(0)) Then

			ReferenceNumber=1001

		else

			S_ReferenceNumber =  RecsetRef(0)

			ReferenceNumber=S_ReferenceNumber+1

		End If

		RecsetRef.close

		Set RecsetRef = Nothing

		Response.Write(ReferenceNumber)
 

'		psw="playerscores"

'		stime = timer

'		strTemp = EnDeCrypt(ReferenceNumber, psw)
 
 
 

		' Retrieving from the Sigup form

		session("S_txtfname")= request.form("txtfname")

		session("S_txtlname") = request.form("txtlname")

		session("S_txtaddr1")= request.form("txtaddr1")

		session("S_txtaddr2")=request.form("txtaddr2")

		session("S_txtcity") = request.form("txtcity")

		session("S_txtstate")=request.form("txtstate")

		'session("S_optcountry")

		session("S_txtpcode") =request.form("txtpcode")

		session("S_txtcourseid")=request.form("txtcourseid")

		session("S_txtmemberid")=request.form("txtmemberid")

		session("S_txtcontactno")=request.form("txtcontactno")

		session("S_txtemailid")=request.form("txtemailid")

		session("S_txtuname") =request.form("txtuname")

		session("S_txtpwd")=request.form("txtpwd")
 
 

		txtfname=session("S_txtfname")

		txtlname=session("S_txtlname")

		txtaddr1=session("S_txtaddr1")

		txtaddr2=session("S_txtaddr2")

		txtcity=session("S_txtcity")

		txtstate=session("S_txtstate")

		optcountry=session("S_optcountry")

		txtpcode=session("S_txtpcode")

		txtcourseid=session("S_txtcourseid")

		txtmemberid=session("S_txtmemberid")

		txtcontactno=session("S_txtcontactno")

		txtemailid=session("S_txtemailid")

		txtuname=session("S_txtuname")

		txtpwd=session("S_txtpwd")
 

		regdate=date()

		regtime=time()
 

	'

      'con.close

    '  end if
 
 

		on error resume next
 

conSQL.execute("Insert into Players(SSN,[password],firstname,lastname,addy1,addy2,city,state,Zip,phone,email,regdate,regtime,referenceno,courseid,memberid) values('"&txtuname&"','"&txtpwd&"','"&txtfname&"','"&txtlname&"','"&txtaddr1&"','"&txtaddr2&"','"&txtcity&"','"&txtstate&"',"&txtpcode&","&txtcontactno&",'"&txtemailid&"','"&regdate&"','"&regtime&"',"&ReferenceNumber&","&txtcourseid&",'"&txtmemberid&"')")
 

'response.write("Insert into Players(SSN,[password],firstname,lastname,addy1,addy2,city,state,Zip,phone,email,regdate,regtime,referenceno,courseid,memberid) values('"&txtuname&"','"&txtpwd&"','"&txtfname&"','"&txtlname&"','"&txtaddr1&"','"&txtaddr2&"','"&txtcity&"','"&txtstate&"','"&txtpcode&"',"&txtcontactno&",'"&txtemailid&"','"&regdate&"','"&regtime&"',"&ReferenceNumber&","&txtcourseid&",'"&txtmemberid&"')")
 
 
 

		If Err.Number <> 0 Then

		Response.Write "Error: " & Err.Description

			    response.end

			Response.Write "Unable to Store your Information "

		response.end

		else

		    session("username")=txtuname

			session("txtemailid") = txtemailid
 

'Send Mail with CDOSYS
 

sql="<html><body><b>Dear Member,</b><br><br>  Your account information has Been verified by playerscores.com staff.<br>Your account has been activated. <br><br>Your Username - "&txtuname&"<br>Your Password - "&txtpwd&" <br><br> Important information - Please write down this reference # to edit your <br> account with www.playerscores.com/ <br>  Your Reference Number is :"&ReferenceNumber&" <br> <br>  To Confirm your membership click on the link below,<br><a href='http://www.playerscores.com/members/verify.asp?refno="&ReferenceNumber&"'>http://www.playerscores.com/members/verify.asp?refno="&ReferenceNumber&"</a><br><br> <BR>  Please don't hesitate to email us if any questions should arise. <br><BR>  Thanks,<BR>  Playerscores staff<BR>  info@playerscores.com</body></html>"
 
 

Set myMail=CreateObject("CDO.Message")

myMail.Subject="Thanks For your Registration with Playerscores.com "

myMail.From="info@playerscores.com"

myMail.To= txtemailid

myMail.HTMLBody= sql

myMail.Configuration.Fields.Item _

("http://schemas.microsoft.com/cdo/configuration/sendusing")=2

'Name or IP of remote SMTP server

myMail.Configuration.Fields.Item _

("http://schemas.microsoft.com/cdo/configuration/smtpserver") _

="192.168.5.235"

'Server port

myMail.Configuration.Fields.Item _

("http://schemas.microsoft.com/cdo/configuration/smtpserverport") _

=25

myMail.Configuration.Fields.Update

myMail.Send

If Err.Number <> 0 Then

				Response.Write "Error: " & Err.Description

			    response.end

			    end if
 

				' clean up

				set myMail=nothing
 
 
 

	' Insert newly registered member into Mailing list

		Randomize Timer

		'Calculate a code for the user

		strUserCode = Left(txtemailid,2) & (9876989856 * CInt((RND * 32000) + 100))
 

con3SQL.Execute("insert into tblMailingList (Email,ID_Code) values('"&txtemailid&"','"&strUserCode&"')")

'remove comment to add registered users to forum too

con2SQL.execute("update tblauthor set Active = 1 where username='"&request("SSN")&"'")
 

	response.redirect "../Forum/register.asp?mode=new"
 

		response.redirect "thank.asp"
 
 

		end if

%>

Open in new window

0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 22788627
Is line 27 ("if you look at the line 27") a typo?  That doesn't seem to fit.
You can't do a redirect after headers are sent.  Using Response.Write or sending HTML before the Redirect line causes those headers to be sent.  You did not say what your error was (that is really important) but looking at how you tried to use Redirect I can say there will be problems.
Please let me know if you have a preference to using the URL or not for sending the message.  If you don't want to use the URL or will have lots to send can you use session variables?
Since you used the URL in some code you added I will respond to on that part and assume the URL is OK and will work.  The line to Response.Write needs to be deleted.  Just use the Redirect.
    Response.Redirect "index.asp?err=captcha"
The index.asp page would then have a code that is like ...
    If Request.Querystring("err") = "captcha" then Response.Write "CAPTCHA code is NOT correct"
This will cause your message to appear on the form page.  I did assume some things to make the code but hopefully it gives you the idea.  Let me know if you have a question or need more info.
bol
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:RickyGtz
ID: 22788666
Ok, I think I am saying what the error is, the error is that is not checking for email uniqueness, in ohter words is allowing duplicates, I want ideally display a message and send them back to the form page if this condition happens.   Alternatively I would like to send them to submissionerror.asp .

Thanks

0
 
LVL 54

Accepted Solution

by:
b0lsc0tt earned 280 total points
ID: 22789088
My suggestion will send them back to the page and show the error on the page.  Did you try making the changes to the ASP above and adding the code I suggested to index.asp where you want the error to show?  What was the result?
Please make sure you respond COMPLETELY to what has been posted or suggested.  It seems like the important stuff keeps getting overlooked and ignored.  If something I have said isn't clear then let me know.  Don't just ignore it because that will just make this take longer.  I am really too busy to repeat myself because an important part didn't get a response.
bol
0
 

Author Comment

by:RickyGtz
ID: 22789520
Hello Scott. Yes I tried the solution above on index.asp. but is always redirecting and not catching the duplicates usernames and password. I'll try to figure out what is going on. Thanks
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 22790242
I will be glad to keep helping you with this if you need it and provide info.
What did you actually put on index.asp?  What about on the file that has the code in the snippet you last posted?  By the way what is that file name?
Keep in mind the redirect was only in the step to check the CAPTCHA.  At least that was how the code was.  If you want to test what I suggested then you would provide a bad CAPTCHA value.  It should redirect and show the error on index.asp that I described.  If that works as I mentioned then you need to make a similar change to  the other sections where you have the Javascript for the email, member id and user name errors.  I didn't look close enough to make sure there wasn't a problem with that part of the code but it seemed OK.  Basically you wouldn't have Javascript there anymore in that part of the page.
Does that help?  Let me know if you have a question.  I suggest trying one at a time in order as you go through the script.  The method I suggested and you are going to use is good so any issues are a problem with the code or something like it. :)
bol
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 22790539
Thanks!  I hope you closing this means you got your answer for this question.  Let me know if that isn't the case.  Thanks for the grade, the points and the fun question.
bol
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
cleaning xml string 2 47
ASP VB... 7 93
Visual Project Bridge error 5 56
classic asp checkbox uncheck and check 2 49
I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now