在 SQL 中保存注册页面数据并在 Visual Basic (Visual Studio 2019) 中验证并重定向到主页

Question

I have an ASP.Net WebForms website with a login and registration form. I to save data in the local database when the user submits the registration form and validate when the user logs into the website.

I have created a database but now I am struggling to connect the database and save the data into the database and validate the form I need help to connect the database and save the data from the registration form

there is my code signup.aspx.vb file name

Imports System.Data
Imports System.Data.SqlClient
Imports System.Windows
Imports System.Windows.Forms

Public Class Signup
    Inherits System.Web.UI.Page

    Protected Sub signup_button_Click(sender As Object, e As EventArgs)

        Dim con As SqlConnection = New SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=D:\AvivProject\App_Data\Database.mdf;Integrated Security=True")
        Dim cmd As SqlCommand = New SqlCommand("INSERT INTO [dbo].[register] ([username],[email],[password],[repeat-password])
VALUES('" + username.Text + "', '" + email.Text + "', '" + Password.Text + "','" + repeat - password.Text + "')")
        con.Open()
        cmd.ExecuteNonQuery()
        MessageBox.Show("You have seccusessfull registered.", "Information", MessageBoxButtons.OK, MessageBoxButtons.Information)
        con.Close()

    End Sub
End Class

and this my front end signup.aspx file name

<%@ Page Title="" Language="vb" AutoEventWireup="false" MasterPageFile="~/Site.Master" CodeBehind="Signup.aspx.vb" Inherits="AvivProject.Signup" %>
<asp:Content ID="Content1" ContentPlaceHolderID="MainContent" runat="server">

    <table style="width: 100%">
        <tr>
            <td>
                <asp:Label ID="Label1" runat="server" Text="Username"></asp:Label>
                 <input type="text" placeholder="Enter Username" name="username" id="username" 
                    required dir="rtl" formmethod="post" />
                <asp:Label ID="Label3" runat="server" Text="איימל"></asp:Label>
                <input type="email" placeholder="Enter Email" name="email" id="email" required dir="rtl" formmethod="post"/>
                <asp:Label ID="Label2" runat="server" Text="סיסמא"></asp:Label>
                <input type="password" placeholder="Enter Password" name="password" id="psw" 
                    required dir="rtl" formmethod="post" />
                <asp:Label ID="Label4" runat="server" Text="חזור על הסיסמא"></asp:Label>
                <input type="password" placeholder="Repeat Password" name="reapeat-password" id="psw-repeat" required dir="rtl" formmethod="post"/>

                <asp:Button ID="signup_button" runat="server" Text="Register" 
                    CssClass="registerbtn" />
            </td>
        </tr>
    </table>

</asp:Content>

Please Let me know what is the mistakes that code did not work

Answer 1

The real issue and problem?

think about this:

Near EVERY web site needs some kind of logon and security system. As a result, you could spend a month or so building your OWN logon and security system. However, it is VERY doubtful all your own work on this matter will EVER match the resources, time and efforts to use an built in security system.

And there is huge advantages to use the built in system. For example, you can say that a set of web pages is ONLY allowed to be used by say users that are members of the sales security group. And another set of web pages could be secured for say only site administrators. All of this security setup can and does occur WITHOUT YOU having to write any code. (you use the IIS internet security settings and model).

As a result of above, then you can apply security to your web site, and NOT have to write code to check for a valid logon, and even better check if the logged on users in question have rights to use a particular web part or parts of the web site.

Now, we OFTEN will still write some code, and say check if a user has rights to do certain actions - say we might have a page that we let ALL logged on users view some data, but we ONLY allow users who are members of say the "portal master" group to be able to delete records.

So in some cases, we can use code to check what a user is allowed to do. (their roles).

but, regardless of writing some code, the overall setup of logon system, setup of user "roles" etc. should be left to using the built in system.

By using that built in system, then you save BOATLOADS of work and time. Sure, it might take you better part of the day to setup this logon system on, but that is FAR FAR less work then you attempting to roll your own security system. And if you roll your own security system, it not going to be all that secure anyway, and will be FAR MORE work to setup and build your own security system.

And it gets even better. If you use the built in security system, then you can drop in the asp.net logon control - and it will auto matic wire up the logon system for you.

You can certainly then "add" or have more information about each user added to the logon database, but it makes ZERO sense, and I repeat ZERO sense to try and build your own logon and security system from scratch. Since darn near every web site needs and requires a logon, then a VERY large set of built in tools and systems ALREADY exist for this purpose, and thus you spending a month or two to develop your own security and logon system is a VERY bad idea, and it will take you huge amounts of work to try and re-produce what is already made, build in, and has been created for you.

there are quite a few ways to start out a web site with built in logons. You can choose one of many of the templates, and if you enable logons (authentication), then it will create and wire up the security system for you. As noted, you can then create additional tables in your database for additonal things like address, or tables for their projects and whatever the web site is eventually supposed to achieve.

But, I high recommend you don't attempt to build your own system, when multiple built-in choices already exist, and are already built and setup for you. It is better to spend the time learning how to use these built in systems as opposed to attempting to build and roll your own security system - that will result in huge amounts of work for you, and the results will STILL be worse and have less features then using a built in and support security model for you web site.

Web site security is a HUGE topic - beyond what can be a simple question and answer in say this forum, and requires efforts on your part.

I would start out by creating a new web site application, and choose to have logons enabled, and the database(s), and all of that logon stuff will be created and wired up for you automatic. You then have to learn how it works - but that is FAR LESS work then trying to build and re-create your own security system.