Membership.CreateUser Method (String, String, String, String, String, Boolean, MembershipCreateStatus)
Assembly: System.Web (in system.web.dll)
'Declaration Public Shared Function CreateUser ( _ username As String, _ password As String, _ email As String, _ passwordQuestion As String, _ passwordAnswer As String, _ isApproved As Boolean, _ <OutAttribute> ByRef status As MembershipCreateStatus _ ) As MembershipUser 'Usage Dim username As String Dim password As String Dim email As String Dim passwordQuestion As String Dim passwordAnswer As String Dim isApproved As Boolean Dim status As MembershipCreateStatus Dim returnValue As MembershipUser returnValue = Membership.CreateUser(username, password, email, passwordQuestion, passwordAnswer, isApproved, status)
public static MembershipUser CreateUser ( String username, String password, String email, String passwordQuestion, String passwordAnswer, boolean isApproved, /** @attribute OutAttribute() */ /** @ref */ MembershipCreateStatus status )
Not applicable.
Parameters
- username
The user name for the new user.
- password
The password for the new user.
The e-mail address for the new user.
- passwordQuestion
The password-question value for the membership user.
- passwordAnswer
The password-answer value for the membership user.
- isApproved
A Boolean that indicates whether the new user is approved to log on.
- status
A MembershipCreateStatus indicating that the user was created successfully or the reason that creation failed.
Return Value
A MembershipUser object for the newly created user. If no user was created, this method returns a null reference (Nothing in Visual Basic).CreateUser adds a new user to the data store and returns a MembershipUser object for the newly created user. If the user creation fails, you can retrieve a MembershipCreateStatus value from the status output parameter that indicates why user creation failed.
The CreateUser method will return a null reference (Nothing in Visual Basic) if password is an empty string or a null reference (Nothing in Visual Basic), username is an empty string or a null reference (Nothing in Visual Basic) or contains a comma (,), passwordQuestion is not a null reference (Nothing in Visual Basic) and is an empty string, or passwordAnswer is not a null reference (Nothing in Visual Basic) and contains an empty string.
Once a membership user has been created and you have a reference to a MembershipUser object for that user, you can modify the settings for that user with the MembershipUser public methods and by setting the property values of the MembershipUser object and then passing the MembershipUser object to the UpdateUser method.
If a user already exists in the data source for the application, you can obtain a MembershipUser object for the existing user with the GetUser method.
Leading and trailing spaces are trimmed from all string parameter values.
The following code example creates a new user for an ASP.NET application configured to use forms authentication and ASP.NET membership. If the user is not created successfully, a message is displayed to the user. Otherwise, the user is redirected to the login page for the application.
Security Note: |
|---|
|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview (Visual Studio). |
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Public Sub CreateUser_OnClick(sender As Object, args As EventArgs) ' Create new user and retrieve create status result. Dim status As MembershipCreateStatus Dim passwordQuestion As String = "" Dim passwordAnswer As String = "" If Membership.RequiresQuestionAndAnswer Then passwordQuestion = PasswordQuestionTextbox.Text passwordAnswer = PasswordAnswerTextbox.Text End If Try Dim newUser As MembershipUser = Membership.CreateUser(UsernameTextbox.Text, PasswordTextbox.Text, _ EmailTextbox.Text, passwordQuestion, _ passwordAnswer, True, status) If newUser Is Nothing Then Msg.Text = GetErrorMessage(status) Else Response.Redirect("login.aspx") End If Catch Msg.Text = "An exception occurred creating the user." End Try End Sub Public Function GetErrorMessage(status As MembershipCreateStatus) As String Select Case status Case MembershipCreateStatus.DuplicateUserName: Return "Username already exists. Please enter a different user name." Case MembershipCreateStatus.DuplicateEmail: Return "A username for that e-mail address already exists. Please enter a different e-mail address." Case MembershipCreateStatus.InvalidPassword: Return "The password provided is invalid. Please enter a valid password value." Case MembershipCreateStatus.InvalidEmail: Return "The e-mail address provided is invalid. Please check the value and try again." Case MembershipCreateStatus.InvalidAnswer: Return "The password retrieval answer provided is invalid. Please check the value and try again." Case MembershipCreateStatus.InvalidQuestion: Return "The password retrieval question provided is invalid. Please check the value and try again." Case MembershipCreateStatus.InvalidUserName Return "The user name provided is invalid. Please check the value and try again." Case MembershipCreateStatus.ProviderError: Return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator." Case MembershipCreateStatus.UserRejected: Return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator." Case Else: Return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator." End Select End Function </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Create User</title> </head> <body> <form id="form1" runat="server"> <h3>Create New User</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /> <table cellpadding="3" border="0"> <tr> <td>Username:</td> <td><asp:Textbox id="UsernameTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server" ControlToValidate="UserNameTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password:</td> <td><asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server" ControlToValidate="PasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Confirm Password:</td> <td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /> <asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ControlToCompare="PasswordTextBox" ErrorMessage="Confirm password must match password." /> </td> </tr> <tr> <td>Email Address:</td> <td><asp:Textbox id="EmailTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server" ControlToValidate="EmailTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <% If Membership.RequiresQuestionAndAnswer Then %> <tr> <td>Password Question:</td> <td><asp:Textbox id="PasswordQuestionTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="PasswordQuestionRequiredValidator" runat="server" ControlToValidate="PasswordQuestionTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password Answer:</td> <td><asp:Textbox id="PasswordAnswerTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="PasswordAnswerRequiredValidator" runat="server" ControlToValidate="PasswordAnswerTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <% End If %> <tr> <td></td> <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td> </tr> </table> </form> </body> </html>
Security Note: