|
|
<%
Dim mode
'Dimension Variables
Dim strUserName 'Holds the name of the user
Dim userID
Dim rsNewUser 'Holds the recordset for the records in the database
Dim strSQL 'Holds the SQL query to query the database
DIM strSQLCheck
'Get the users name passed from the previous page
If Request.querystring("mode") = "new" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [sitename] FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Register")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Register for an account")
Response.Write ("")
End If
%>
<%
If Request.querystring("mode") = "add" then
strUserName = Replace(Request.Form("txtUserName"), "'", "''")
strUserPassNE = Replace(Request.Form("txtUserPass"), "'", "''")
strUserPass = md5(Replace(Request.Form("txtUserPass"), "'", "''"))
strEmail = Replace(Request.Form("txtEmail"), "'", "''")
strConfirm = RandomPW(0)
IF strUserName = "" then
Response.Redirect"register.asp?mode=blankuser"
End If
If strEmail = "" then
Response.Redirect"register.asp?mode=blankemail"
End If
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "INSERT INTO tblUsers ([username], [password], [email], [suspend], [Timestamp], [confirm]) VALUES('" & strUserName & "', '" & strUserPass & "','" & strEmail & "', '1', '" & date() & "', '" & strConfirm & "')"
strSQLCheck = "SELECT [username] from tblUsers where username = '" & strUserName & "'"
strEmailCheck = "SELECT [email] from tblUsers where email = '" & strEmail & "'"
'Create an ADO recordset object
Set rsGetEmail = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQLAdminEmail = "SELECT [siteemail], [emailserver] from tblAdmin"
'Open the recordset with the SQL query
rsGetEmail.Open strSQLAdminEmail, adoCon
Set rsNewUser = adoCon.Execute(strSQLCheck)
Set rsNewEmailUser = adoCon.Execute(strEmailCheck)
IF rsNewUser.EOF then
IF rsNewEmailUser.EOF then
Set rsNewUser = adoCon.Execute(strSQL)
htmlBody = "Welcome to Cardinal District Secure Site
Please keep this email for your records. Your account information is as follows:
--------------------
Username: "
htmlBody = htmlBody & strUserName & "
"
htmlBody = htmlBody & "Password: "
htmlBody = htmlBody & strUserPassNE & "
--------------------
"
htmlBody = htmlBody & "
Your account is currently inactive. You cannot use it until you visit the following link:
"
htmlBody = htmlBody & ""
htmlBody = htmlBody & "http://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("URL") & "?mode=activate&email=" & strEmail & "&confirm=" & strConfirm & ""
htmlBody = htmlBody & "
"
htmlBody = htmlBody & "
--------------------
Thank you for registering."
'Dimension variables
''Dim objCDOSYSCon
'Create the e-mail server object
''Set objCDOSYSMail = Server.CreateObject("CDO.Message")
''Set objCDOSYSCon = Server.CreateObject ("CDO.Configuration")
'Set and update fields properties
'Out going SMTP server
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = rsGetEmail("emailserver")
'SMTP port
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
'CDO Port
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
'Timeout
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
''objCDOSYSCon.Fields.Update
'Update the CDOSYS Configuration
''Set objCDOSYSMail.Configuration = objCDOSYSCon
'Who the e-mail is from
''objCDOSYSMail.From = rsGetEmail("siteemail")
'Who the e-mail is sent to
''objCDOSYSMail.To = strEmail
'The subject of the e-mail
''objCDOSYSMail.Subject = "New Account"
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
''objCDOSYSMail.HTMLBody = htmlBody
'Send the e-mail
''objCDOSYSMail.Send
'Close the server mail object
''Set objCDOSYSMail = Nothing
''Set objCDOSYSCon = Nothing
'Dimension variables [new CDONTS code for GoDaddy]
'Create the e-mail server object
Set MyMail = Server.CreateObject("CDONTS.NewMail")
'Update the CDONTS Configuration
myMail.BodyFormat = 0
myMail.MailFormat = 0
'Who the e-mail is from
MyMail.From = rsGetEmail("siteemail")
'Who the e-mail is sent to
MyMail.To = strEmail
MyMail.Bcc = rsGetEmail("siteemail")
'The subject of the e-mail
MyMail.Subject = "New Account Request -- Cardinal District"
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
MyMail.Body = htmlBody
'Send the e-mail
MyMail.Send
'Close the server mail object
Set MyMail = Nothing
Set rsGetEmail = Nothing
Set adoCon = Nothing
Response.Redirect"register.asp?mode=ok"
End If
Response.Redirect"register.asp?mode=emailtaken"
End If
'Reset server objects
Set rsNewUser = Nothing
Set rsNewEmailUser = Nothing
Set rsGetEmail = Nothing
Set adoCon = Nothing
Response.Redirect"register.asp?mode=usertaken"
End If
If Request.querystring("mode") = "activate" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [sitename] FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Account Activated")
Set rsSiteName = Nothing
%>
<%
strEmail = Replace(Request.querystring("email"), "'", "''")
strConfirm = Replace(Request.querystring("confirm"), "'", "''")
Set rsConfirm = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [email], [confirm] from tblUsers where email = '" & strEmail & "'"
'Open the recordset with the SQL query
rsConfirm.Open strSQL, adoCon
Set rsGetEmail = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQLAdminEmail = "SELECT [siteemail], [emailserver] from tblAdmin"
'Open the recordset with the SQL query
rsGetEmail.Open strSQLAdminEmail, adoCon
IF rsConfirm("confirm") = strConfirm then
Set rsConfirmUpdate = Server.CreateObject("ADODB.Recordset")
strUpdateSQL = "UPDATE tblUsers SET tblUsers.suspend='0' WHERE email = '" & strEmail & "'"
rsConfirmUpdate.Open strUpdateSQL, adoCon
Response.Write ("Your Account was successfully activated. Please login.")
Response.Write ("")
htmlBody = "The account owned by " & strEmail & " has been created."
'Dimension variables
'Create the e-mail server object
''Set objCDOSYSMail = Server.CreateObject("CDO.Message")
''Set objCDOSYSCon = Server.CreateObject ("CDO.Configuration")
'Set and update fields properties
'Out going SMTP server
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = rsGetEmail("emailserver")
'SMTP port
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
'CDO Port
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
'Timeout
''objCDOSYSCon.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
''objCDOSYSCon.Fields.Update
'Update the CDOSYS Configuration
''Set objCDOSYSMail.Configuration = objCDOSYSCon
'Who the e-mail is from
''objCDOSYSMail.From = rsGetEmail("siteemail")
'Who the e-mail is sent to
''objCDOSYSMail.To = rsGetEmail("siteemail")
'The subject of the e-mail
''objCDOSYSMail.Subject = "New Account"
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
''objCDOSYSMail.HTMLBody = htmlBody
'Send the e-mail
''objCDOSYSMail.Send
'Close the server mail object
''Set objCDOSYSMail = Nothing
''Set objCDOSYSCon = Nothing
''Set rsConfirmUpdate = Nothing
'Dimension variables [new CDONTS code for GoDaddy]
'Create the e-mail server object
Set MyMail = Server.CreateObject("CDONTS.NewMail")
'Update the CDONTS Configuration
myMail.BodyFormat = 0
myMail.MailFormat = 0
'Who the e-mail is from
MyMail.From = rsGetEmail("siteemail")
'Who the e-mail is sent to
MyMail.To = rsGetEmail("siteemail")
'The subject of the e-mail
MyMail.Subject = "New Account Activated - Cardinal District"
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
MyMail.Body = htmlBody
'Send the e-mail
MyMail.Send
'Close the server mail object
Set MyMail = Nothing
Set rsGetEmail = Nothing
Set adoCon = Nothing
Else
Response.Write ("An error occured when activating your account. Please contact the administrator " & rsGetEmail("siteemail") & "")
End If
Set rsConfirm = Nothing
Set rsGetEmail = Nothing
End If
If Request.querystring("mode") = "ok" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT sitename FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Account Created")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Your Account was successfully created. Please check the email account given for login details.")
End If
If Request.querystring("mode") = "blankemail" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT sitename FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Register Error")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Please enter an email.")
Response.Write ("")
End If
%>
<%
If Request.querystring("mode") = "blankuser" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [sitename] FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Register Error")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Please enter a username.")
Response.Write ("")
End If
If Request.querystring("mode") = "emailtaken" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [sitename] FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Register Error")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Email is already taken.")
Response.Write ("")
End If
If Request.querystring("mode") = "usertaken" then %>
<%
'Create an ADO recordset object
Set rsSiteName = Server.CreateObject("ADODB.Recordset")
'Initialise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT [sitename] FROM tblAdmin"
'Open the recordset with the SQL query
rsSiteName.Open strSQL, adoCon
Response.Write ("")
Response.Write (rsSiteName("sitename"))
Response.Write (" - Register Error")
Set rsSiteName = Nothing
%>
<%
Response.Write ("Username is already taken.")
Response.Write ("")
End If
%>
|
