This is my first time making a project about which I am a beginner
I have created a process by which I think I can validate user if user type is guest who is a half registered user.
This is my code for front end
here the user will submit the random code given tp him by mail after registration :
<table style="width: 500px;" id="verify">
<tr>
<th>Enter Your Verification Code : </th>
<td>
<asp:TextBox ID="txtRandomCode" runat="server" Width="170px"></asp:TextBox>
<asp:RequiredFieldValidator ID="rfvRandomCode" runat="server"
ErrorMessage="This field must not be blank" ControlToValidate="txtRandomCode">
</asp:RequiredFieldValidator></td>
</tr>
<tr>
<td colspan="2" id="tdc">
<asp:Button ID="btnSubmit" runat="server" Text="Submit"
CssClass="button_example" onclick="btnSubmit_Click"></asp:Button>
</td>
</tr>
</table>
This is the code for Submit button :
protected void btnSubmit_Click(object sender, EventArgs e)
{
int randomCode=Convert.ToInt32(txtRandomCode.Text);
Response.Redirect("~/BuyAlbum.aspx");
}
The following code is for validating user :
public static User ValidateUser(string login, int rndCode)
{
string query;
try
{
conn.Open();
query = string.Format("SELECT Random_Code FROM Users where Name='{0}'", login);
command.CommandText = query;
string code = command.ExecuteScalar().ToString();
int randomCode = Convert.ToInt32(code);
if (randomCode == rndCode)
{
query = string.Format("UPDATE Users SET UserType='user' where Name='{0}'", login);
command.CommandText = query;
User user = null;
user = new User(login, rndCode);
return user;
}
else
{
//code do not match
return null;
}
}
finally
{
conn.Close();
}
}
I have tried to copy the code for user login & tried to modified it so it can work to validate user identity.
But do no know how to implement this mechanism in the Verification page.
The actual code for user login is as follows :
public static User LoginUser(string login, string password)
{//To check if user exists
string query = string.Format("SELECT COUNT(*) FROM Users where Name='{0}'", login);
command.CommandText = query;
try
{
conn.Open();
int amountoFUsers = (int) command.ExecuteScalar();
if (amountoFUsers == 1)
{
query = string.Format("SELECT Password FROM Users where Name='{0}'", login);
command.CommandText = query;
string dbPassword = command.ExecuteScalar().ToString();
if (dbPassword == password)
{
query = string.Format("SELECT Email,UserType from Users where Name='{0}'", login);
command.CommandText = query;
SqlDataReader reader = command.ExecuteReader();
User user = null;
while (reader.Read())
{
string email = reader.GetString(0);
string type = reader.GetString(1);
user =new User(login,password,email,type);
}
return user;
}
else
{ //Passwords do not match
return null;
}
}
else
{
//User Exists
return null;
}
}
finally
{
conn.Close();
}
}
What should do to validate the user using the code