ASP.NET 2.0 now provides a built-in control --
<asp:createuserwizard> -- that provides developers with an easy way to
create user registration workflows for their site. The
<asp:createuserwizard> control provides built-in UI to enable an end-user
to choose a username and password. The <asp:createuserwizard>
control also allows developers to specify additional "custom steps"
of information to gather.
These custom steps can be defined using additional
wizardstep templates defined within the <asp:createuserwizard>
control itself -- and so can contain any custom UI the developer wants.
For example:
Listing 1
<asp:WizardStep ID="CreateUserWizardStep0" runat="server">
<div class="title">
Billing Information
</div>
<div class="address">
<span>Billing Address:</span>
<asp:TextBox ID="BillingAddress" MaxLength="50" runat="server" />
<asp:RequiredFieldValidator ControlToValidate="BillingAddress"
ErrorMessage="Address required!" runat="server"/>
</div>
</asp:WizardStep>
The CreateUserWizard control will then automatically add
"next"/"previous" navigation UI to enable an end-user to
skip forward and back throughout the registration process.
The CreateUserWizard control exposes a
"CreatedUser" event that you can handle within your page to add logic
to retrieve the information collected within the various WizardSteps, and store
it within whatever database or profile store you want. This event fires
after the user has been created within the ASP.NET Membership system.
However, the user is not yet logged into the ASP.NET site at this point (they
won't be logged in until the page redisplays). So to obtain the username
of the newly created username you should access the CreateUserWizard.UserName
property.
For example:
Listing 2
Sub CreateUserWizard1_CreatedUser(Sender as Object, E as EventArgs) _
Handles CreateUserWizard.CreatedUser
' Obtain a reference to the "BillingAddress" textbox in the first step of the wizard
Dim BillingAddress as TextBox
BillingAddress = _
CreateUserWizardStep0.ContentTemplateContainer.FindControl("BillingAddress")
' Todo: Store the BillingAddress.Text value in a database or profile store
End Sub
Two possible places you could perist this custom
user information are:
1) Within a custom database table that you create and
define. You could replace the above "todo" statement in the
CreatedUser event handler to insert this data into the database table using
whatever data API you prefer (for example: ADO.NET or a Strongly Typed
Table Adapter).
2) Within the new ASP.NET 2.0 Profile system. The
ASP.NET Profile system provides a way to automatically persist additional
properties/values about a user in a persistent store, and provides a strongly
typed API that enables you to easly set/retrieve them (so for example you could
just write Profile.BillingAddress to access the value). The ASP.NET
Profile system is by default mapped against an XML blob-like column within a
database (which makes it easy to setup). Alternatively, you can use the ASP.NET
SQL Table Profile Provider to map the Profile API against a schematized SQL
table or set of SPROCs. This gives you the nice strongly typed Profile
API against a regular SQL table (which makes data-mining easier).
To learn more about how to use the
<asp:createuserwizard> control and download sample code that uses
it I'd recommend reviewing these articles:
Customizing the
CreateUserWizard Control: This article was published in July of 2006, and
provides a good walkthrough of the customization capabilities of the
CreateUserWizard control, and how to store custom user properties directly
within a database.
How to add
a Login, Roles, and Profile system to an ASP.NET 2.0 app in 24 lines of code:
This is a sample I put together towards the end of 2005 that shows how to
integrate these three features in ASP.NET 2.0 to create a custom registration
and profile management system.
CreateUserWizard
Samples within the ASP.NET QuickStart tutorials: This page provides a
number of samples (in both VB and C#) that you can use to understand how to use
the CreateUserWizard control better.
Profiles in
ASP.NET 2.0: K. Scott Allen posted this nice article which does a good job
providing an overview of the new ASP.NET 2.0 Profile API.
ASP.NET
2.0 Membership, Roles, Forms Authentication and Security Resources: This
blog post of mine contains a ton of ASP.NET security informationa and useful
links. I'd recommend reviewing it to explore more about ASP.NET security.