I'm creating my first project with ASP. This project is just making a basic login/logout with registration system. I was wondering how would I fix the below code so that when a user is registering to my website and enters a duplicate username that already exists in my database, it would redirect to the form with all fields still filled out but with the username field empty giving a message that the user already exists.
Below is my code:
<%
Dim objShop
set objShop=Server.CreateObject("ADODB.Recordset")
objShop.ActiveConnection=shop_STRING
objShop.Source = "SELECT * FROM Users WHERE UserName=" & Request.Form("regUsername")
objShop.CursorType=0
objShop.CursorLocation=2
objShop.LockType=3
objShop.Open
if not (objShop.EOF) then
objShop.Source="Users"
objShop.CursorType=0
objShop.CursorLocation=2
objShop.LockType=3
objShop.Open
objShop.Addnew
objShop("FirstName")= Request.Form("regFirst")
objShop("LastName")= Request.Form("regLast")
objShop("Student开发者_如何学CID")= Request.Form("regID")
objShop("EmailAddress")= Request.Form("regEmail")
objShop("UserName")= Request.Form("regUsername")
objShop("Password")= Request.Form("regPassword")
objShop("Address")= Request.Form("regAddress")
objShop("Suburb")= Request.Form("regSuburb")
objShop("Postcode")= Request.Form("regPostcode")
objShop("ContactNumber")= Request.Form("regContact")
objShop("CCCompany")= Request.Form("regCCCompany")
objShop("CCNumber")= Request.Form("regCCNumber")
objShop("CCExpiryMonth")= Request.Form("regCCExpMonth")
objShop("CCExpiryYear")= Request.Form("regExpYear")
objShop("CCCVCNumber")= Request.Form("regCVCNumber")
objShop.Update
objShop.Close
set objShop= nothing
else
response.write("Username already exists")
end if
%>
The error i recieved with the code was:
Microsoft JET Database Engine error '80040e10'
No value given for one or more required parameters.
/home/registration.asp, line 17
so I decided to put response.write("Username already exists") again in the if statement just before adding the values and then this error appeared:
Microsoft JET Database Engine error '80040e14'
Syntax error (missing operator) in query expression 'UserName='.
/home/registration.asp, line 17
I have no idea how I would correct this problem. Any help would be appreciated!
You need single quotes around your input in your SQL expression
objShop.Source = "SELECT * FROM Users WHERE UserName='" & _
Request.Form("regUsername") & "'"
Consider this pseudo code version of your current logic.
if not (objShop.EOF) then
AddNew
Else
display notice that user account already exists
not (objShop.EOF) will be True if you have one or more records in the Users table where UserName matches regUsername.
So what you're saying is this:
If we have previously stored one or more records for this UserName
add another record for this UserName
Else (no matching record exists)
display notice that user account already exists
Clearly you should not be collecting and storing credit card information.
精彩评论