ASP / MS ACCESS check to see if username exists_问答_开发者

ASP / MS ACCESS check to see if username exists

开发者 https://www.devze.com 2023-03-09 12:04 出处：网络

I\'m creating my first project with ASP. This project is just making a basic login/logout with registration system. I was wondering how would I fix the below code so that when a user is registering to

I'm creating my first project with ASP. This project is just making a basic login/logout with registration system. I was wondering how would I fix the below code so that when a user is registering to my website and enters a duplicate username that already exists in my database, it would redirect to the form with all fields still filled out but with the username field empty giving a message that the user already exists.

Below is my code:

<%
Dim objShop
set objShop=Server.CreateObject("ADODB.Recordset")

objShop.ActiveConnection=shop_STRING

objShop.Source = "SELECT * FROM Users WHERE UserName=" & Request.Form("regUsername")
objShop.CursorType=0
objShop.CursorLocation=2
objShop.LockType=3
objShop.Open

if not (objShop.EOF) then
    objShop.Source="Users"
    objShop.CursorType=0
    objShop.CursorLocation=2
    objShop.LockType=3
    objShop.Open

        objShop.Addnew
        objShop("FirstName")= Request.Form("regFirst")
        objShop("LastName")= Request.Form("regLast")
        objShop("Student开发者_如何学CID")= Request.Form("regID")
        objShop("EmailAddress")= Request.Form("regEmail")
        objShop("UserName")= Request.Form("regUsername")
        objShop("Password")= Request.Form("regPassword")
        objShop("Address")= Request.Form("regAddress")
        objShop("Suburb")= Request.Form("regSuburb")
        objShop("Postcode")= Request.Form("regPostcode")
        objShop("ContactNumber")= Request.Form("regContact")
        objShop("CCCompany")= Request.Form("regCCCompany")
        objShop("CCNumber")= Request.Form("regCCNumber")
        objShop("CCExpiryMonth")= Request.Form("regCCExpMonth")
        objShop("CCExpiryYear")= Request.Form("regExpYear")
        objShop("CCCVCNumber")= Request.Form("regCVCNumber")
        objShop.Update

    objShop.Close
    set objShop= nothing
else
    response.write("Username already exists")
end if
%>

The error i recieved with the code was:

Microsoft JET Database Engine error '80040e10'

No value given for one or more required parameters.

/home/registration.asp, line 17

so I decided to put response.write("Username already exists") again in the if statement just before adding the values and then this error appeared:

Microsoft JET Database Engine error '80040e14'

Syntax error (missing operator) in query expression 'UserName='.

/home/registration.asp, line 17

I have no idea how I would correct this problem. Any help would be appreciated!

You need single quotes around your input in your SQL expression

objShop.Source = "SELECT * FROM Users WHERE UserName='" & _
                    Request.Form("regUsername") & "'"

Consider this pseudo code version of your current logic.

if not (objShop.EOF) then
    AddNew
Else
    display notice that user account already exists

not (objShop.EOF) will be True if you have one or more records in the Users table where UserName matches regUsername.

So what you're saying is this:

If we have previously stored one or more records for this UserName 
    add another record for this UserName 
Else (no matching record exists)
    display notice that user account already exists

Clearly you should not be collecting and storing credit card information.