The code

This is the code that checks the user and sends the email -

<% Dim objConn, objRS, uname, pword, email, aok, rndnum, objCDO, sqlstatement uname = LCase(Request.Form("UN")) pword = LCase(Request.Form("PWD")) email = LCase(Request.Form("EM")) Set objConn = Server.CreateObject("ADODB.Connection") Set objRS = Server.CreateObject("ADODB.RecordSet") objConn.Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=d:\domains\aspalliance.com\wisemonk\authuser\users.mdb") objRS.ActiveConnection = objConn objRS.Source = "SELECT * FROM users" objRS.LockType = 3 objRS.Open() While Not objRS.EOF If (objRS.Fields.Item("username").Value = uname) OR (objRS.Fields.Item("email").Value = email) Then Response.Write("That Username or Email is already in the database") aok = False Else aok = True End If objRS.MoveNext() Wend If aok = True Then Randomize rndnum = Int(((9521 - 521 + 1) * Rnd) + 521) With objRS .AddNew .Fields("username") = uname .Fields("password") = pword .Fields("email") = email .Fields("status") = "N" & rndnum .Update End With Set objCDO = Server.CreateObject("CDONTS.NewMail") objCDO.To = email objCDO.From = "Validation Committee on Validating" objCDO.Subject = "Validate THIS!" objCDO.Body = "To validate your account go here : http://yoursite/val.asp?e=" & email & "&c=N" & rndnum & vbCrLf & "If the link does not work then remember that your email is " & email & " and your authorization code is N" & rndnum & vbCrLf & "-Validation Committee on Validating" objCDO.Send() Set objCDO = Nothing Response.Write("We send you an email with instructions on how to validate your account") End If objConn.Close() Set objConn = Nothing Set objRS = Nothing %>

Ok, that was quite a bit of code, but here is the explanation of what it does =

• It first gets all of the information from the form that was submitted.
• Then opens a database connection to the database and fills a recordset from the database.
• Next it loops through all of the rows in the recordset looking for any fields that match the username or email address.
• If none are found then it sets aok to True and continues.
• If aok is True then it inserts the user into the database. Note that the status is N[random number]. This random number is the authorization code.
• It then sends an email using CDONTS to the user with the link and the auth code.

The reason for the auth code is so that a user can't just use a false email (eg. fakeemail@sofake.com) and then validate it by going to val.asp?e=fakeemail@sofake.com. The code is only in the database and in the email sent.