The actual validation

Now that the email has been sent and the user has been added to the database, they need to be authorized.

Form Name : AuthUser
EM	AU
Email	Authorization Code

 

<% Dim email, aucode, objConn, objRS email = Request.Form("EM") aucode = Request.Form("AU") Set objConn = Server.CreateObject("ADODB.Connection") Set objRS = Server.CreateObject("ADODB.RecordSet") objConn.Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=d:\domains\aspalliance.com\wisemonk\authuser\users.mdb") objRS.ActiveConnection = objConn objRS.Source = "SELECT status FROM users WHERE email = '" & email & "'" objRS.LockType = 3 objRS.Open() If objRS.EOF Then Response.Write("There is no user with that email in the database") Else If objRS.Fields.Item("status").Value = aucode Then objRS.Fields("status") = "V" objRS.Update Response.Write("User Validated") Else Response.Write("Incorrect auth code") End If End If objConn.Close() Set objConn = Nothing Set objRS = Nothing %>

• Just like before it gets the form values, opens the db connection and fills the recordset.
• It then checks the recordset for records (to see if the email exists).
• Then it checks the auth code against the database.
• If both check out then the user is validated, otherwise an error is displayed.