lundi 13 juin 2016

ASP.NET Login and registration controls

So I want to implement a Login control and a Registration page in my ASP.NET website. This is what I have so far:

Login page:

<asp:Login ID="wcAanmelden" runat="server" 
    OnAuthenticate="wcAanmelden_Authenticate" 
    DestinationPageUrl="~/Default.aspx" 
    PasswordLabelText="Wachtwoord: " 
    RememberMeText="Ingelogd blijven" 
    TitleText="Aanmelden" 
    UserNameLabelText="Gebruikersnaam: "></asp:Login>

Code-behind:

Protected Sub wcAanmelden_Authenticate(sender As Object, e As AuthenticateEventArgs) Handles wcAanmelden.Authenticate
    Dim strUser As String = wcAanmelden.UserName
    Dim strPaswoord As String = wcAanmelden.Password
    Dim strSQL As String = "SELECT niveau FROM tblLeden WHERE (login= '" &
                    strUser & "' AND paswoord = '" & strPaswoord & "')"
    Dim strNiveau As String

    Dim con As MySqlConnection = New MySqlConnection()
    con.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings("SportclubConnectionString").ToString()

    Dim cmd As MySqlCommand = New MySqlCommand(strSQL, con)

    con.Open()

    If cmd.ExecuteScalar() = Nothing Then
        strNiveau = ""
    Else
        strNiveau = cmd.ExecuteScalar().ToString()
    End If

    con.Close()

    If strNiveau = "B" Or strNiveau = "G" Then

        Session("Niveau") = strNiveau

        FormsAuthentication.RedirectFromLoginPage(strUser, False)
    Else

        wcAanmelden.FailureText = "Foutieve aanmelding. Probeer opnieuw!"
    End If

End Sub

Registration:

<fieldset>
    <legend>Voer je gegevens in:</legend>
    <label for="gebruikersnaam">Gebruikersnaam:</label>
    <input type="text" required="required" 
        placeholder="gebruikersnaam" id="gebruikersnaam"
        runat="server" />
    <br />
    <label for="paswoord">Paswoord:</label>
    <input type="password" required="required" 
        id="paswoord" runat="server" />
    <br />
    <label for="bevestigPaswoord">Bevestig paswoord:</label>
    <input type="password" required="required" 
        id="bevestigPaswoord" runat="server" />
    <br />
    <label for="mailAdres">E-mail:</label>
    <input type="email" required="required" 
        placeholder="email" id="mailAdres"
        runat="server" />
    <br />
    <asp:Label ID="foutboodschap" runat="server" ForeColor="Red"></asp:Label>
    <br />
    <asp:Button ID="btnNieuweGebruiker" runat="server" 
        Text="Registreren" PostBackUrl="Registreren.aspx" />
</fieldset>

Code behind:

Protected Sub btnNieuweGebruiker_Click(sender As Object, e As EventArgs) Handles btnNieuweGebruiker.Click
    'invoer
    Dim naam As String = gebruikersnaam.Value
    Dim pw As String = paswoord.Value
    Dim confirmPW As String = bevestigPaswoord.Value
    Dim email As String = mailAdres.Value
    Dim isOK As Boolean = True
    Dim ng As User
    'geen foutboodschap
    foutboodschap.Text = ""

    Try
        If pw <> confirmPW Then
            Throw New Exception("De paswoorden komen niet overeen.")
        End If
        ng = New User(naam, pw, email, "G")
    Catch exc As Exception
        foutboodschap.Text = exc.Message
        isOK = False
    End Try
    If isOK = True Then
        'connectie maken
        Dim con As MySqlConnection = New MySqlConnection()
        con.ConnectionString =
            System.Configuration.ConfigurationManager.ConnectionStrings(
            "SportclubConnectionString").ConnectionString
        'command
        Dim cmd As New MySqlCommand()
        Dim strSql As String
        strSql = "INSERT INTO tblLeden (naam, login, paswoord, email) " &
                 " VALUES (""" & ng.Naam & """,""" & ng.Naam & """,""" &
                 ng.Paswoord &
                 """,""" & ng.Email & """)"
        cmd.Connection = con
        cmd.CommandText = strSql
        'uitvoeren van de sql-statement
        Try
            con.Open()
            cmd.ExecuteNonQuery()
            'Bewaar de rol van deze nieuwe gebruiker in zijn session
            Session("Niveau") = "G"
            'Naar de homepagina als aangemelde gebruiker
            FormsAuthentication.RedirectFromLoginPage(ng.Naam, False)
        Catch exc As Exception
            foutboodschap.Text = exc.Message
        End Try
        con.Close()
    End If
End Sub

User class:

Public Class User
Private m_Naam As String
Private m_paswoord As String
Private m_Email As String
Private m_Niveau As Char
Public Sub New(naam As String,
               paswoord As String,
               email As String,
               niveau As String)

    Me.Naam = naam
    Me.paswoord = paswoord
    Me.Email = email
    Me.Niveau = niveau
End Sub
Public Property Naam As String
    Get
        Return m_Naam
    End Get
    Set(value As String)
        If value = "" Then Throw New Exception("De naam mag niet leeg zijn")
        m_Naam = value
    End Set
End Property
Public Property Paswoord As String
    Get
        Return m_paswoord
    End Get
    Set(value As String)
        If Len(value) < 8 Then
            Throw New Exception("Het paswoord moet 8 tekens lang zijn")
        End If
        m_paswoord = value
    End Set
End Property
Public Property Email As String
    Get
        Return m_Email
    End Get
    Set(value As String)
        If value = "" Then Throw New Exception("Het emailadres mag niet leeg zijn")
        m_Email = value
    End Set
End Property
Public Property Niveau As Char
    Get
        Return m_Niveau
    End Get
    Set(value As Char)
        m_Niveau = value
    End Set
End Property
End Class

Am I doing everything right? Do you have any suggestions on how to make this code simpler? Thanks!

Publié par à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)