如何:实现自定义成员资格用户
更新:2007 年 11 月
提供一个示例,演示如何用自定义成员资格提供程序来扩展 MembershipUser 类。
尽管用户 System.Web.Profile 提供了一种用于将每个用户的信息存储在 Web 应用程序中的方便机制,但应用程序的设计可能还要求将用户身份验证信息及其他用户信息存储在 Membership 数据存储区中。在这种情况下,将需要生成一个自定义成员资格提供程序,以便在数据存储区中存储和检索用户身份验证信息和其他用户值(有关自定义成员资格提供程序的示例,请参见实现成员资格提供程序)。此外,还可以扩展 MembershipUser 类,使添加的用户值可用于应用程序代码。
创建自定义成员资格用户包括下列任务:
创建一个继承 MembershipUser 类的类。
创建一个数据源以存储身份验证信息和其他用户设置。
为数据存储区创建一个自定义成员资格提供程序。该自定义成员资格提供程序将包含其他代码,这些代码可以采用自定义成员资格用户类型的对象作为输入,并且返回自定义成员资格用户类型的对象。
本主题中的示例演示如何修改如何:演示成员资格提供程序实现中的自定义成员资格提供程序示例,以支持自定义成员资格用户实现。
创建自定义成员资格用户
可以创建一个自定义成员资格用户,方法是创建一个继承 MembershipUser 类的类,然后包括公开其他用户值的属性。此外,还可以向 MembershipUser 类添加方法和事件。
调用 Membership 类以创建自定义 MembershipUser 的实例时,将只调用由 MembershipUser 类定义的构造函数。如果 MembershipUser 实现包括其他构造函数重载,则这些构造函数只能由为调用自定义构造函数而专门编写的应用程序代码调用。
下面的代码示例演示一个继承 MembershipUser 类的简单自定义成员资格用户,并提供两个其他属性:IsSubscriber 和 CustomerID,前者是布尔属性,标识用户是否为 Web 应用程序订阅服务或新闻稿;后者包含单独客户数据库的唯一标识符。
Imports System
Imports System.Web.Security
Namespace Samples.AspNet.Membership.VB
Public Class OdbcMembershipUser
Inherits MembershipUser
Private _IsSubscriber As Boolean
Private _CustomerID As String
Public Property IsSubscriber() As Boolean
Get
Return _IsSubscriber
End Get
Set(ByVal value As Boolean)
_IsSubscriber = value
End Set
End Property
Public Property CustomerID() As String
Get
Return _CustomerID
End Get
Set(ByVal value As String)
_CustomerID = value
End Set
End Property
Public Sub New(ByVal providername As String, _
ByVal username As String, _
ByVal providerUserKey As Object, _
ByVal email As String, _
ByVal passwordQuestion As String, _
ByVal comment As String, _
ByVal isApproved As Boolean, _
ByVal isLockedOut As Boolean, _
ByVal creationDate As DateTime, _
ByVal lastLoginDate As DateTime, _
ByVal lastActivityDate As DateTime, _
ByVal lastPasswordChangedDate As DateTime, _
ByVal lastLockedOutDate As DateTime, _
ByVal isSubscriber As Boolean, _
ByVal customerID As String)
MyBase.New(providername, _
username, _
providerUserKey, _
email, _
passwordQuestion, _
comment, _
isApproved, _
isLockedOut, _
creationDate, _
lastLoginDate, _
lastActivityDate, _
lastPasswordChangedDate, _
lastLockedOutDate)
Me.IsSubscriber = isSubscriber
Me.CustomerID = customerID
End Sub
End Class
End Namespace
using System;
using System.Web.Security;
namespace Samples.AspNet.Membership.CS
{
public class OdbcMembershipUser : MembershipUser
{
private bool _IsSubscriber;
private string _CustomerID;
public bool IsSubscriber
{
get { return _IsSubscriber; }
set { _IsSubscriber = value; }
}
public string CustomerID
{
get { return _CustomerID; }
set { _CustomerID = value; }
}
public OdbcMembershipUser(string providername,
string username,
object providerUserKey,
string email,
string passwordQuestion,
string comment,
bool isApproved,
bool isLockedOut,
DateTime creationDate,
DateTime lastLoginDate,
DateTime lastActivityDate,
DateTime lastPasswordChangedDate,
DateTime lastLockedOutDate,
bool isSubscriber,
string customerID) :
base(providername,
username,
providerUserKey,
email,
passwordQuestion,
comment,
isApproved,
isLockedOut,
creationDate,
lastLoginDate,
lastActivityDate,
lastPasswordChangedDate,
lastLockedOutDate)
{
this.IsSubscriber = isSubscriber;
this.CustomerID = customerID;
}
}
}
有关修改 CreateUserWizard 控件以包括成员资格用户的其他用户信息的示例,请参见如何:自定义 ASP.NET CreateUserWizard 控件。
为成员资格用户数据创建数据存储区
您将需要为成员资格功能的用户身份验证信息以及自定义成员资格用户的其他用户信息提供一个数据存储区。
下面的代码示例演示一个查询,您可以在 Microsoft Access 数据库中运行该查询,以创建一个要存储自定义成员资格用户的身份验证信息和属性值的表。
CREATE TABLE Users
(
PKID Guid NOT NULL PRIMARY KEY,
Username Text (255) NOT NULL,
ApplicationName Text (255) NOT NULL,
Email Text (128) NOT NULL,
Comment Text (255),
Password Text (128) NOT NULL,
PasswordQuestion Text (255),
PasswordAnswer Text (255),
IsApproved YesNo,
LastActivityDate DateTime,
LastLoginDate DateTime,
LastPasswordChangedDate DateTime,
CreationDate DateTime,
IsOnLine YesNo,
IsLockedOut YesNo,
LastLockedOutDate DateTime,
FailedPasswordAttemptCount Integer,
FailedPasswordAttemptWindowStart DateTime,
FailedPasswordAnswerAttemptCount Integer,
FailedPasswordAnswerAttemptWindowStart DateTime,
IsSubscriber YesNo,
CustomerID Text (64)
)
创建自定义成员资格提供程序
您将需要创建一个自定义成员资格提供程序,该提供程序支持自定义成员资格用户类型和自定义成员资格数据存储区。可以编写自定义成员资格提供程序的 GetUser 和 CreateUser 方法,以返回自定义成员资格用户类型的对象。可以编写自定义成员资格提供程序的 UpdateUser 方法,以采用自定义成员资格用户类型的对象作为输入。
下面几节提供有关创建一个使用自定义成员资格用户类型的自定义成员资格提供程序的指南。示例以如何:演示成员资格提供程序实现中提供的代码为基础,并使用本主题前面为成员资格用户数据创建数据源部分提供的数据库架构。
修改 GetUser 方法
使用自定义成员资格用户类型时,成员资格提供程序的 MembershipProvider.GetUser 和 MembershipProvider.GetUser 方法必须仍然返回 MembershipUser 类型的对象。只要自定义成员资格用户类继承 MembershipUser 类,就会返回自定义成员资格用户类型的对象作为实现 GetUser 方法的返回值。然后应用程序代码可以强制转换返回的 MembershipUser 作为自定义成员资格用户类型,以访问自定义成员资格用户的其他成员,如下面的代码示例所示。
下面的代码示例演示如何:演示成员资格提供程序实现中示例成员资格提供程序的修改后的 GetUser 方法(及其支持私有方法),这些方法已进行了更新,以便返回本主题前面创建自定义成员资格用户部分中的自定义成员资格用户类型。
'
' MembershipProvider.GetUser(String, Boolean)
'
Public Overrides Function GetUser(ByVal username As String, _
ByVal userIsOnline As Boolean) As MembershipUser
Dim conn As OdbcConnection = New OdbcConnection(connectionString)
Dim cmd As OdbcCommand = New OdbcCommand("SELECT PKID, Username, Email, PasswordQuestion," & _
" Comment, IsApproved, IsLockedOut, CreationDate, LastLoginDate," & _
" LastActivityDate, LastPasswordChangedDate, LastLockedOutDate" & _
" FROM Users WHERE Username = ? AND ApplicationName = ?", conn)
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName
Dim u As OdbcMembershipUser = Nothing
Dim reader As OdbcDataReader = Nothing
Try
conn.Open()
reader = cmd.ExecuteReader()
If reader.HasRows Then
reader.Read()
u = GetUserFromReader(reader)
If userIsOnline Then
Dim updateCmd As OdbcCommand = New OdbcCommand("UPDATE Users " & _
"SET LastActivityDate = ? " & _
"WHERE Username = ? AND Applicationname = ?", conn)
updateCmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = DateTime.Now
updateCmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username
updateCmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName
updateCmd.ExecuteNonQuery()
End If
End If
Catch e As OdbcException
If WriteExceptionsToEventLog Then
WriteToEventLog(e, "GetUser(String, Boolean)")
Throw New ProviderException(exceptionMessage)
Else
Throw e
End If
Finally
If Not reader Is Nothing Then reader.Close()
conn.Close()
End Try
Return u
End Function
'
' MembershipProvider.GetUser(Object, Boolean)
'
Public Overrides Function GetUser(ByVal providerUserKey As Object, _
ByVal userIsOnline As Boolean) As MembershipUser
Dim conn As OdbcConnection = New OdbcConnection(connectionString)
Dim cmd As OdbcCommand = New OdbcCommand("SELECT PKID, Username, Email, PasswordQuestion," & _
" Comment, IsApproved, IsLockedOut, CreationDate, LastLoginDate," & _
" LastActivityDate, LastPasswordChangedDate, LastLockedOutDate" & _
" FROM Users WHERE PKID = ?", conn)
cmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey
Dim u As OdbcMembershipUser = Nothing
Dim reader As OdbcDataReader = Nothing
Try
conn.Open()
reader = cmd.ExecuteReader()
If reader.HasRows Then
reader.Read()
u = GetUserFromReader(reader)
If userIsOnline Then
Dim updateCmd As OdbcCommand = New OdbcCommand("UPDATE Users " & _
"SET LastActivityDate = ? " & _
"WHERE PKID = ?", conn)
updateCmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = DateTime.Now
updateCmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey
updateCmd.ExecuteNonQuery()
End If
End If
Catch e As OdbcException
If WriteExceptionsToEventLog Then
WriteToEventLog(e, "GetUser(Object, Boolean)")
Throw New ProviderException(exceptionMessage)
Else
Throw e
End If
Finally
If Not reader Is Nothing Then reader.Close()
conn.Close()
End Try
Return u
End Function
'
' GetUserFromReader
' A helper function that takes the current row from the OdbcDataReader
' and hydrates a MembershiUser from the values. Called by the
' MembershipUser.GetUser implementation.
'
Private Function GetUserFromReader(ByVal reader As OdbcDataReader) As OdbcMembershipUser
Dim providerUserKey As Object = reader.GetValue(0)
Dim username As String = reader.GetString(1)
Dim email As String = reader.GetString(2)
Dim passwordQuestion As String = ""
If Not reader.GetValue(3) Is DBNull.Value Then _
passwordQuestion = reader.GetString(3)
Dim comment As String = ""
If Not reader.GetValue(4) Is DBNull.Value Then _
comment = reader.GetString(4)
Dim isApproved As Boolean = reader.GetBoolean(5)
Dim isLockedOut As Boolean = reader.GetBoolean(6)
Dim creationDate As DateTime = reader.GetDateTime(7)
Dim lastLoginDate As DateTime = New DateTime()
If Not reader.GetValue(8) Is DBNull.Value Then _
lastLoginDate = reader.GetDateTime(8)
Dim lastActivityDate As DateTime = reader.GetDateTime(9)
Dim lastPasswordChangedDate As DateTime = reader.GetDateTime(10)
Dim lastLockedOutDate As DateTime = New DateTime()
If Not reader.GetValue(11) Is DBNull.Value Then _
lastLockedOutDate = reader.GetDateTime(11)
Dim isSubscriber As Boolean = False
If reader.GetValue(12) IsNot DBNull.Value Then _
isSubscriber = reader.GetBoolean(12)
Dim customerID As String = String.Empty
If reader.GetValue(13) IsNot DBNull.Value Then _
customerID = reader.GetString(13)
Dim u As OdbcMembershipUser = New OdbcMembershipUser(Me.Name, _
username, _
providerUserKey, _
email, _
passwordQuestion, _
comment, _
isApproved, _
isLockedOut, _
creationDate, _
lastLoginDate, _
lastActivityDate, _
lastPasswordChangedDate, _
lastLockedOutDate, _
isSubscriber, _
customerID)
Return u
End Function
//
// MembershipProvider.GetUser(string, bool)
//
public override MembershipUser GetUser(string username, bool userIsOnline)
{
OdbcConnection conn = new OdbcConnection(connectionString);
OdbcCommand cmd = new OdbcCommand("SELECT PKID, Username, Email, PasswordQuestion," +
" Comment, IsApproved, IsLockedOut, CreationDate, LastLoginDate," +
" LastActivityDate, LastPasswordChangedDate, LastLockedOutDate," +
" IsSubscriber, CustomerID" +
" FROM Users WHERE Username = ? AND ApplicationName = ?", conn);
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username;
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName;
OdbcMembershipUser u = null;
OdbcDataReader reader = null;
try
{
conn.Open();
reader = cmd.ExecuteReader();
if (reader.HasRows)
{
reader.Read();
u = GetUserFromReader(reader);
if (userIsOnline)
{
OdbcCommand updateCmd = new OdbcCommand("UPDATE Users " +
"SET LastActivityDate = ? " +
"WHERE Username = ? AND Applicationname = ?", conn);
updateCmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = DateTime.Now;
updateCmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username;
updateCmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName;
updateCmd.ExecuteNonQuery();
}
}
}
catch (OdbcException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "GetUser(String, Boolean)");
throw new ProviderException(exceptionMessage);
}
else
{
throw e;
}
}
finally
{
if (reader != null) { reader.Close(); }
conn.Close();
}
return u;
}
//
// MembershipProvider.GetUser(object, bool)
//
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
OdbcConnection conn = new OdbcConnection(connectionString);
OdbcCommand cmd = new OdbcCommand("SELECT PKID, Username, Email, PasswordQuestion," +
" Comment, IsApproved, IsLockedOut, CreationDate, LastLoginDate," +
" LastActivityDate, LastPasswordChangedDate, LastLockedOutDate," +
" IsSubscriber" +
" FROM Users WHERE PKID = ?", conn);
cmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey;
OdbcMembershipUser u = null;
OdbcDataReader reader = null;
try
{
conn.Open();
reader = cmd.ExecuteReader();
if (reader.HasRows)
{
reader.Read();
u = GetUserFromReader(reader);
if (userIsOnline)
{
OdbcCommand updateCmd = new OdbcCommand("UPDATE Users " +
"SET LastActivityDate = ? " +
"WHERE PKID = ?", conn);
updateCmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = DateTime.Now;
updateCmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey;
updateCmd.ExecuteNonQuery();
}
}
}
catch (OdbcException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "GetUser(Object, Boolean)");
throw new ProviderException(exceptionMessage);
}
else
{
throw e;
}
}
finally
{
if (reader != null) { reader.Close(); }
conn.Close();
}
return u;
}
//
// GetUserFromReader
// A helper function that takes the current row from the OdbcDataReader
// and hydrates a MembershipUser from the values. Called by the
// MembershipUser.GetUser implementation.
//
private OdbcMembershipUser GetUserFromReader(OdbcDataReader reader)
{
object providerUserKey = reader.GetValue(0);
string username = reader.GetString(1);
string email = reader.GetString(2);
string passwordQuestion = "";
if (reader.GetValue(3) != DBNull.Value)
passwordQuestion = reader.GetString(3);
string comment = "";
if (reader.GetValue(4) != DBNull.Value)
comment = reader.GetString(4);
bool isApproved = reader.GetBoolean(5);
bool isLockedOut = reader.GetBoolean(6);
DateTime creationDate = reader.GetDateTime(7);
DateTime lastLoginDate = new DateTime();
if (reader.GetValue(8) != DBNull.Value)
lastLoginDate = reader.GetDateTime(8);
DateTime lastActivityDate = reader.GetDateTime(9);
DateTime lastPasswordChangedDate = reader.GetDateTime(10);
DateTime lastLockedOutDate = new DateTime();
if (reader.GetValue(11) != DBNull.Value)
lastLockedOutDate = reader.GetDateTime(11);
bool isSubscriber = false;
if (reader.GetValue(12) != DBNull.Value)
isSubscriber = reader.GetBoolean(12);
string customerID = String.Empty;
if (reader.GetValue(13) != DBNull.Value)
customerID = reader.GetString(13);
OdbcMembershipUser u = new OdbcMembershipUser(this.Name,
username,
providerUserKey,
email,
passwordQuestion,
comment,
isApproved,
isLockedOut,
creationDate,
lastLoginDate,
lastActivityDate,
lastPasswordChangedDate,
lastLockedOutDate,
isSubscriber,
customerID);
return u;
}
修改 UpdateUser 方法
使用自定义成员资格用户类型和自定义成员资格提供程序时,实现一种 UpdateUser 方法,该方法采用 MembershipUser 类型的对象作为输入。在 UpdateUser 方法的实现中,将提供的 MembershipUser 对象强制转换为自定义成员资格用户类型,以访问其他属性的值并在数据存储区中进行更新。
下面的代码示例演示如何:演示成员资格提供程序实现中示例成员资格提供程序的修改后的 UpdateUser 方法,该方法已进行了更新,以便将提供的用户强制转换为本主题前面创建自定义成员资格用户部分中的自定义成员资格用户类型。
Public Overrides Sub UpdateUser(ByVal user As MembershipUser)
Dim conn As OdbcConnection = New OdbcConnection(connectionString)
Dim cmd As OdbcCommand = New OdbcCommand("UPDATE Users " & _
" SET Email = ?, Comment = ?," & _
" IsApproved = ?, IsSubscriber= ?, CustomerID = ?" & _
" WHERE Username = ? AND ApplicationName = ?", conn)
Dim u As OdbcMembershipUser = CType(user, OdbcMembershipUser)
cmd.Parameters.Add("@Email", OdbcType.VarChar, 128).Value = user.Email
cmd.Parameters.Add("@Comment", OdbcType.VarChar, 255).Value = user.Comment
cmd.Parameters.Add("@IsApproved", OdbcType.Bit).Value = user.IsApproved
cmd.Parameters.Add("@IsSubscriber", OdbcType.Bit).Value = u.IsSubscriber
cmd.Parameters.Add("@CustomerID", OdbcType.VarChar, 128).Value = u.CustomerID
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = user.UserName
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName
Try
conn.Open()
cmd.ExecuteNonQuery()
Catch e As OdbcException
If WriteExceptionsToEventLog Then
WriteToEventLog(e, "UpdateUser")
Throw New ProviderException(exceptionMessage)
Else
Throw e
End If
Finally
conn.Close()
End Try
End Sub
public override void UpdateUser(MembershipUser user)
{
OdbcConnection conn = new OdbcConnection(connectionString);
OdbcCommand cmd = new OdbcCommand("UPDATE Users " +
" SET Email = ?, Comment = ?," +
" IsApproved = ?, IsSubscriber = ?, CustomerID = ?" +
" WHERE Username = ? AND ApplicationName = ?", conn);
OdbcMembershipUser u = (OdbcMembershipUser)user;
cmd.Parameters.Add("@Email", OdbcType.VarChar, 128).Value = user.Email;
cmd.Parameters.Add("@Comment", OdbcType.VarChar, 255).Value = user.Comment;
cmd.Parameters.Add("@IsApproved", OdbcType.Bit).Value = user.IsApproved;
cmd.Parameters.Add("@IsSubscriber", OdbcType.Bit).Value = u.IsSubscriber;
cmd.Parameters.Add("@CustomerID", OdbcType.VarChar, 128).Value = u.CustomerID;
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = user.UserName;
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName;
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch (OdbcException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "UpdateUser");
throw new ProviderException(exceptionMessage);
}
else
{
throw e;
}
}
finally
{
conn.Close();
}
}
修改 CreateUser 方法
使用自定义成员资格用户类型和自定义成员资格提供程序时,该自定义成员资格提供程序必须实现 CreateUser 方法,该方法仅采用 MembershipUser 类支持的属性作为输入。可以创建采用其他属性值的 CreateUser 方法的重载,如下面的代码示例所示。
但是,Membership 类或依赖 Membership 类的控件(如 CreateUserWizard 控件)不会调用此重载。若要从应用程序调用此方法,请将 Membership 类引用的 MembershipProvider 实例强制转换为自定义成员资格提供程序类型,然后直接调用 CreateUser 重载。
如果您的应用程序使用 CreateUserWizard 控件向成员资格数据源中添加新用户,则可以自定义 CreateUserWizard 控件的向导步骤,以包括检索自定义成员资格用户的其他属性值的控件。然后可以处理 CreateUserWizard 控件的 CreatedUser 事件并添加执行下列操作的事件代码:
检索其他成员资格用户的属性值。
将 CreateUserWizard 控件创建的成员资格用户强制转换为自定义成员资格用户类型。
设置成员资格用户的其他属性。
将更新的用户传递给 Membership 类的 UpdateUser 方法。这将调用自定义提供程序的 UpdateUser 方法(该方法在本主题前面的修改 UpdateUser 方法部分中进行了介绍),以便向数据源中添加其他属性值。
.gif "说明") 说明: |
|---|
有关修改 CreateUserWizard 步骤的示例,请参见如何:自定义 ASP.NET CreateUserWizard 控件。 |
下面的代码示例演示如何:演示成员资格提供程序实现中示例成员资格提供程序的修改后的 CreateUser 方法,该方法已进行了更新,以便返回本主题前面创建自定义成员资格用户部分中的自定义成员资格用户类型。已创建了重载,以便采用自定义成员资格提供程序的其他属性的值作为输入。
'
' MembershipProvider.CreateUser
'
Public Overrides Function CreateUser(ByVal username As String, _
ByVal password As String, _
ByVal email As String, _
ByVal passwordQuestion As String, _
ByVal passwordAnswer As String, _
ByVal isApproved As Boolean, _
ByVal providerUserKey As Object, _
ByRef status As MembershipCreateStatus) _
As MembershipUser
Return Me.CreateUser(username, password, email, _
passwordQuestion, passwordAnswer, _
isApproved, providerUserKey, False, "", status)
End Function
'
' OdbcMembershipProvider.CreateUser -- returns OdbcMembershipUser
'
Public Overloads Function CreateUser(ByVal username As String, _
ByVal password As String, _
ByVal email As String, _
ByVal passwordQuestion As String, _
ByVal passwordAnswer As String, _
ByVal isApproved As Boolean, _
ByVal providerUserKey As Object, _
ByVal isSubscriber As Boolean, _
ByVal customerID As String, _
ByRef status As MembershipCreateStatus) _
As OdbcMembershipUser
Dim Args As ValidatePasswordEventArgs = _
New ValidatePasswordEventArgs(username, password, True)
OnValidatingPassword(Args)
If Args.Cancel Then
status = MembershipCreateStatus.InvalidPassword
Return Nothing
End If
If RequiresUniqueEmail AndAlso GetUserNameByEmail(email) <> "" Then
status = MembershipCreateStatus.DuplicateEmail
Return Nothing
End If
Dim u As MembershipUser = GetUser(username, False)
If u Is Nothing Then
Dim createDate As DateTime = DateTime.Now
If providerUserKey Is Nothing Then
providerUserKey = Guid.NewGuid()
Else
If Not TypeOf providerUserKey Is Guid Then
status = MembershipCreateStatus.InvalidProviderUserKey
Return Nothing
End If
End If
Dim conn As OdbcConnection = New OdbcConnection(connectionString)
Dim cmd As OdbcCommand = New OdbcCommand("INSERT INTO Users " & _
" (PKID, Username, Password, Email, PasswordQuestion, " & _
" PasswordAnswer, IsApproved," & _
" Comment, CreationDate, LastPasswordChangedDate, LastActivityDate," & _
" ApplicationName, IsLockedOut, LastLockedOutDate," & _
" FailedPasswordAttemptCount, FailedPasswordAttemptWindowStart, " & _
" FailedPasswordAnswerAttemptCount, FailedPasswordAnswerAttemptWindowStart, " & _
" IsSubscriber, CustomerID)" & _
" Values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", conn)
cmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username
cmd.Parameters.Add("@Password", OdbcType.VarChar, 255).Value = EncodePassword(password)
cmd.Parameters.Add("@Email", OdbcType.VarChar, 128).Value = email
cmd.Parameters.Add("@PasswordQuestion", OdbcType.VarChar, 255).Value = passwordQuestion
cmd.Parameters.Add("@PasswordAnswer", OdbcType.VarChar, 255).Value = EncodePassword(passwordAnswer)
cmd.Parameters.Add("@IsApproved", OdbcType.Bit).Value = isApproved
cmd.Parameters.Add("@Comment", OdbcType.VarChar, 255).Value = ""
cmd.Parameters.Add("@CreationDate", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@LastPasswordChangedDate", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName
cmd.Parameters.Add("@IsLockedOut", OdbcType.Bit).Value = False
cmd.Parameters.Add("@LastLockedOutDate", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@FailedPasswordAttemptCount", OdbcType.Int).Value = 0
cmd.Parameters.Add("@FailedPasswordAttemptWindowStart", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@FailedPasswordAnswerAttemptCount", OdbcType.Int).Value = 0
cmd.Parameters.Add("@FailedPasswordAnswerAttemptWindowStart", OdbcType.DateTime).Value = createDate
cmd.Parameters.Add("@IsSubscriber", OdbcType.Bit).Value = isSubscriber
cmd.Parameters.Add("@CustomerID", OdbcType.VarChar, 128).Value = customerID
Try
conn.Open()
Dim recAdded As Integer = cmd.ExecuteNonQuery()
If recAdded > 0 Then
status = MembershipCreateStatus.Success
Else
status = MembershipCreateStatus.UserRejected
End If
Catch e As OdbcException
If WriteExceptionsToEventLog Then
WriteToEventLog(e, "CreateUser")
End If
status = MembershipCreateStatus.ProviderError
Finally
conn.Close()
End Try
Return GetUser(username, False)
Else
status = MembershipCreateStatus.DuplicateUserName
End If
Return Nothing
End Function
//
// MembershipProvider.CreateUser
//
public override MembershipUser CreateUser(string username,
string password,
string email,
string passwordQuestion,
string passwordAnswer,
bool isApproved,
object providerUserKey,
out MembershipCreateStatus status)
{
return this.CreateUser(username, password, email,
passwordQuestion, passwordAnswer,
isApproved, providerUserKey, false, "",
out status);
}
//
// OdbcMembershipProvider.CreateUser -- returns OdbcMembershipUser
//
public OdbcMembershipUser CreateUser(
string username,
string password,
string email,
string passwordQuestion,
string passwordAnswer,
bool isApproved,
object providerUserKey,
bool isSubscriber,
string customerID,
out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args =
new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
if (RequiresUniqueEmail && GetUserNameByEmail(email) != "")
{
status = MembershipCreateStatus.DuplicateEmail;
return null;
}
MembershipUser u = GetUser(username, false);
if (u == null)
{
DateTime createDate = DateTime.Now;
if (providerUserKey == null)
{
providerUserKey = Guid.NewGuid();
}
else
{
if ( !(providerUserKey is Guid) )
{
status = MembershipCreateStatus.InvalidProviderUserKey;
return null;
}
}
OdbcConnection conn = new OdbcConnection(connectionString);
OdbcCommand cmd = new OdbcCommand("INSERT INTO Users " +
" (PKID, Username, Password, Email, PasswordQuestion, " +
" PasswordAnswer, IsApproved," +
" Comment, CreationDate, LastPasswordChangedDate, LastActivityDate," +
" ApplicationName, IsLockedOut, LastLockedOutDate," +
" FailedPasswordAttemptCount, FailedPasswordAttemptWindowStart, " +
" FailedPasswordAnswerAttemptCount, FailedPasswordAnswerAttemptWindowStart, " +
" IsSubscriber, CustomerID)" +
" Values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", conn);
cmd.Parameters.Add("@PKID", OdbcType.UniqueIdentifier).Value = providerUserKey;
cmd.Parameters.Add("@Username", OdbcType.VarChar, 255).Value = username;
cmd.Parameters.Add("@Password", OdbcType.VarChar, 255).Value = EncodePassword(password);
cmd.Parameters.Add("@Email", OdbcType.VarChar, 128).Value = email;
cmd.Parameters.Add("@PasswordQuestion", OdbcType.VarChar, 255).Value = passwordQuestion;
cmd.Parameters.Add("@PasswordAnswer", OdbcType.VarChar, 255).Value = EncodePassword(passwordAnswer);
cmd.Parameters.Add("@IsApproved", OdbcType.Bit).Value = isApproved;
cmd.Parameters.Add("@Comment", OdbcType.VarChar, 255).Value = "";
cmd.Parameters.Add("@CreationDate", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@LastPasswordChangedDate", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@LastActivityDate", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@ApplicationName", OdbcType.VarChar, 255).Value = pApplicationName;
cmd.Parameters.Add("@IsLockedOut", OdbcType.Bit).Value = false;
cmd.Parameters.Add("@LastLockedOutDate", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@FailedPasswordAttemptCount", OdbcType.Int).Value = 0;
cmd.Parameters.Add("@FailedPasswordAttemptWindowStart", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@FailedPasswordAnswerAttemptCount", OdbcType.Int).Value = 0;
cmd.Parameters.Add("@FailedPasswordAnswerAttemptWindowStart", OdbcType.DateTime).Value = createDate;
cmd.Parameters.Add("@IsSubscriber", OdbcType.Bit).Value = isSubscriber;
cmd.Parameters.Add("@CustomerID", OdbcType.VarChar, 128).Value = customerID;
try
{
conn.Open();
int recAdded = cmd.ExecuteNonQuery();
if (recAdded > 0)
{
status = MembershipCreateStatus.Success;
}
else
{
status = MembershipCreateStatus.UserRejected;
}
}
catch (OdbcException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "CreateUser");
}
status = MembershipCreateStatus.ProviderError;
}
finally
{
conn.Close();
}
return (OdbcMembershipUser)GetUser(username, false);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}