Sign up form using ASP.NET C#

Question

0.00/5 (No votes)

See more:

i have created register form . but i have some problem with it. so i want that if entered 'user name' by user is similar or same with existing database it show the error 'user name is already exist please choose other thing'.
please tell me how to do it with this code?

in simple words if new username is already existing in database. it give the error username is already exist.(thanks)

What I have tried:

C#

public partial class Registration : System.Web.UI.Page
{
    SqlConnection con = new SqlConnection();
    protected void Page_Load(object sender, EventArgs e)
    {
        con.ConnectionString = ConfigurationManager.ConnectionStrings["conn"].ConnectionString;
        con.Open();
    }
    protected void RegisterButton_Click(object sender, EventArgs e)
    {
        
        String insertCmd = "insert into Register_Form values (@username,@email,@mobile_number,@pswrd)";
        SqlCommand myCommand = new SqlCommand(insertCmd, con);
        
        myCommand.Parameters.Add(new SqlParameter("@name", SqlDbType.VarChar, 50));
        myCommand.Parameters["@usernamename"].Value = UserName.Text;
        
        myCommand.Parameters.Add(new SqlParameter("@email", SqlDbType.VarChar, 50));
        myCommand.Parameters["@email"].Value = Email.Text;
        myCommand.Parameters.Add(new SqlParameter("@mobile_number", SqlDbType.VarChar, 50));
        myCommand.Parameters["@mobile_number"].Value = Mobile.Text;
        myCommand.Parameters.Add(new SqlParameter("@pswrd", SqlDbType.VarChar, 50));
        myCommand.Parameters["@pswrd"].Value = Password.Text;

        try
        {
            myCommand.ExecuteNonQuery();
            
                StatusLabel.Text = "You are successfully Registerd. Now you can";
                HyperLink1.Text = "Log In";
            
        }
        catch (Exception ex)
        {

            Response.Write(ex.ToString());
            con.Close();

        }

Posted 9-Dec-16 4:07am

navi G

Updated 9-Dec-16 4:25am

v2

Add a Solution

Comments

F-ES Sitecore 9-Dec-16 10:18am

Add a unique constraint on the username table and analyse the exception that comes back on duplicate to see if that is the reason for the exception and if so show the appropriate error.

Or do a "select count(*) from register_form where username = @username" and see if the result is >0.

navi G 9-Dec-16 10:23am

thanks sir but please edit my code with your solution then paste it. for better understanding.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2016-12-09T04:25:00

Start by changing the way you handle passwords: that is very insecure. Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
Secondly, never try to insert values without specifying column names:

SQL

INSERT INTO MyTable (MyColumn1, MyColumn2) VALUES (@C1, @c2)

If you change your DB you may insert the wrong values to the wrong columns unless you specify the order. In addition, if your table starts with an IDENTITY column - which many do, and for good reason - the INSERT will fail as SQL tries to insert them in order and you can't write to an IDENTITY field. (If you aren't using a separate ID field, it's a very good idea to do so: that way the user can change his name without you having to update all the other records, and it's a lot more efficient to use an INT or GUID as a foreign key than a string)
Then, don't just try to insert the value: check if the username is in use by asking SQL:

C#

using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand cmd = new SqlCommand("SELECT COUNT(*) FROM myTable WHERE UserName = @UN", con))
        {
        cmd.Parameters.AddWithValue("@UN", UserName.Text);
        int users = cmd.ExecuteScalar();
        if (users != 0)
            {
            // username in use
            ...
            }
        else
            {
            ...
            }
        }
    }