参数
- username
-
新用户的用户名。
- password
-
新用户的密码。
-
新用户的电子邮件地址。
- passwordQuestion
-
新用户的密码提示问题。
- passwordAnswer
-
新用户的密码提示问题答案。
- isApproved
-
是否允许验证新用户。
- providerUserKey
-
唯一标识 SQL Server 数据库中成员资格用户的 Guid。
- status
-
一个 MembershipCreateStatus 值,指示是否成功创建用户。
返回值
用于新创建用户的 MembershipUser 对象。如果没有创建用户,此方法将返回 空引用(在 Visual Basic 中为 Nothing)。
备注
Membership 类调用此方法来在 ASP.NET 应用程序配置文件中指定的 SQL Server 数据库中添加一个新用户。
新用户由已配置的 ApplicationName 进行标识。
如果 email 参数指定的值与数据库中 ApplicationName 的现有用户的电子邮件地址重复,用户创建也将失败。
用户名的最大长度为 256 个字符。电子邮件地址的最大长度为 256 个字符。明文形式的密码,或者密码在哈希计算或加密后,最大长度为 128 个字符。
其他将导致用户创建失败的情况:
-
password 参数为 空引用(在 Visual Basic 中为 Nothing) 或是修整后变为空字符串。
-
password 参数的长度小于 MinRequiredPasswordLength 属性中指定的值。
-
password 参数中的非字母字符数小于 MinRequiredNonAlphanumericCharacters 属性中指定的值。
-
password 参数未通过 PasswordStrengthRegularExpression 属性中的正则表达式的验证。
-
自定义密码验证代码在执行 ValidatingPassword 事件的过程中取消了用户创建。
-
passwordAnswer 参数为 空引用(在 Visual Basic 中为 Nothing) 或修整后的空字符串。
-
passwordAnswer 参数是空字符串。
-
passwordAnswer 参数的长度大于 128 个字符。
-
RequiresQuestionAndAnswer 属性为 true 并且密码提示问题为 空引用(在 Visual Basic 中为 Nothing) 或修整后的空字符串。
-
passwordQuestion 参数是空字符串。
-
passwordQuestion 参数的长度大于 256 个字符。
-
providerUserKey 参数设置为非 System.Guid 类型的对象。
-
providerUserKey 参数与现有用户键值重复。
-
username 参数与现有用户名重复。
删除所有字符串参数值的前导和尾随空格。
示例
<%@ Page Language="C#" %> <%@ Import Namespace="System.Web.Security" %> <mce:script runat="server"><!-- public void CreateUser_OnClick(object sender, EventArgs args) { // Create new user and retrieve create status result. MembershipCreateStatus status; string passwordQuestion = ""; string passwordAnswer = ""; if (Membership.RequiresQuestionAndAnswer) { passwordQuestion = PasswordQuestionTextbox.Text; passwordAnswer = PasswordAnswerTextbox.Text; } try { MembershipUser newUser = Membership.CreateUser(UsernameTextbox.Text, PasswordTextbox.Text, EmailTextbox.Text, passwordQuestion, passwordAnswer, true, out status); if (newUser == null) { Msg.Text = GetErrorMessage(status); } else { Response.Redirect("login.aspx"); } } catch { Msg.Text = "An exception occurred creating the user."; } } public string GetErrorMessage(MembershipCreateStatus status) { switch (status) { case MembershipCreateStatus.DuplicateUserName: return "Username already exists. Please enter a different user name."; case MembershipCreateStatus.DuplicateEmail: return "A username for that e-mail address already exists. Please enter a different e-mail address."; case MembershipCreateStatus.InvalidPassword: return "The password provided is invalid. Please enter a valid password value."; case MembershipCreateStatus.InvalidEmail: return "The e-mail address provided is invalid. Please check the value and try again."; case MembershipCreateStatus.InvalidAnswer: return "The password retrieval answer provided is invalid. Please check the value and try again."; case MembershipCreateStatus.InvalidQuestion: return "The password retrieval question provided is invalid. Please check the value and try again."; case MembershipCreateStatus.InvalidUserName: return "The user name provided is invalid. Please check the value and try again."; case MembershipCreateStatus.ProviderError: return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator."; case MembershipCreateStatus.UserRejected: return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator."; default: return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator."; } } // --></mce:script> <html> <head> <title>Create User</title> </head> <body> <form runat="server"> <h3>Create New User</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><BR> <table CellPadding="3" border="0"> <tr> <td>Username:</td> <td><asp:Textbox id="UsernameTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server" ControlToValidate="UserNameTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password:</td> <td><asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server" ControlToValidate="PasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Confirm Password:</td> <td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /> <asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ControlToCompare="PasswordTextBox" ErrorMessage="Confirm password must match password." /> </td> </tr> <tr> <td>Email Address:</td> <td><asp:Textbox id="EmailTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server" ControlToValidate="EmailTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <% if (Membership.RequiresQuestionAndAnswer) { %> <tr> <td>Password Question:</td> <td><asp:Textbox id="PasswordQuestionTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="PasswordQuestionRequiredValidator" runat="server" ControlToValidate="PasswordQuestionTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password Answer:</td> <td><asp:Textbox id="PasswordAnswerTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="PasswordAnswerRequiredValidator" runat="server" ControlToValidate="PasswordAnswerTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <% } %> <tr> <td></td> <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td> </tr> </table> </form> </body> </html>
使用方法:
在已有的项目DNNDEMO中添加一个testCreateUsers.aspx文件,然后将上面的代码粘贴过去。
在web.config中将RequiresQuestionAndAnswer 设置为true,因为默认的DNN中的web.config这个属性是false。
点击创建以后去数据库中查看就能找到我们创建的用户了,不过在Users表中没有这个用户,只在aspnet_Membership表中找到了创建的用户。
下面是通过reflector得到的DNN使用SqlMembershipProvider的CreateUser的源代码:
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { string str3; MembershipUser user; if (!SecUtility.ValidateParameter(ref password, true, true, false, 0x80)) { status = MembershipCreateStatus.InvalidPassword; return null; } string salt = base.GenerateSalt(); string objValue = base.EncodePassword(password, (int) this._PasswordFormat, salt); if (objValue.Length > 0x80) { status = MembershipCreateStatus.InvalidPassword; return null; } if (passwordAnswer != null) { passwordAnswer = passwordAnswer.Trim(); } if (!string.IsNullOrEmpty(passwordAnswer)) { if (passwordAnswer.Length > 0x80) { status = MembershipCreateStatus.InvalidAnswer; return null; } str3 = base.EncodePassword(passwordAnswer.ToLower(CultureInfo.InvariantCulture), (int) this._PasswordFormat, salt); } else { str3 = passwordAnswer; } if (!SecUtility.ValidateParameter(ref str3, this.RequiresQuestionAndAnswer, true, false, 0x80)) { status = MembershipCreateStatus.InvalidAnswer; return null; } if (!SecUtility.ValidateParameter(ref username, true, true, true, 0x100)) { status = MembershipCreateStatus.InvalidUserName; return null; } if (!SecUtility.ValidateParameter(ref email, this.RequiresUniqueEmail, this.RequiresUniqueEmail, false, 0x100)) { status = MembershipCreateStatus.InvalidEmail; return null; } if (!SecUtility.ValidateParameter(ref passwordQuestion, this.RequiresQuestionAndAnswer, true, false, 0x100)) { status = MembershipCreateStatus.InvalidQuestion; return null; } if ((providerUserKey != null) && !(providerUserKey is Guid)) { status = MembershipCreateStatus.InvalidProviderUserKey; return null; } if (password.Length < this.MinRequiredPasswordLength) { status = MembershipCreateStatus.InvalidPassword; return null; } int num = 0; for (int i = 0; i < password.Length; i++) { if (!char.IsLetterOrDigit(password, i)) { num++; } } if (num < this.MinRequiredNonAlphanumericCharacters) { status = MembershipCreateStatus.InvalidPassword; return null; } if ((this.PasswordStrengthRegularExpression.Length > 0) && !Regex.IsMatch(password, this.PasswordStrengthRegularExpression)) { status = MembershipCreateStatus.InvalidPassword; return null; } ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(username, password, true); this.OnValidatingPassword(e); if (e.Cancel) { status = MembershipCreateStatus.InvalidPassword; return null; } try { SqlConnectionHolder connection = null; try { connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true); this.CheckSchemaVersion(connection.Connection); DateTime time = this.RoundToSeconds(DateTime.UtcNow); SqlCommand command = new SqlCommand("dbo.aspnet_Membership_CreateUser", connection.Connection); command.CommandTimeout = this.CommandTimeout; command.CommandType = CommandType.StoredProcedure; command.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName)); command.Parameters.Add(this.CreateInputParam("@UserName", SqlDbType.NVarChar, username)); command.Parameters.Add(this.CreateInputParam("@Password", SqlDbType.NVarChar, objValue)); command.Parameters.Add(this.CreateInputParam("@PasswordSalt", SqlDbType.NVarChar, salt)); command.Parameters.Add(this.CreateInputParam("@Email", SqlDbType.NVarChar, email)); command.Parameters.Add(this.CreateInputParam("@PasswordQuestion", SqlDbType.NVarChar, passwordQuestion)); command.Parameters.Add(this.CreateInputParam("@PasswordAnswer", SqlDbType.NVarChar, str3)); command.Parameters.Add(this.CreateInputParam("@IsApproved", SqlDbType.Bit, isApproved)); command.Parameters.Add(this.CreateInputParam("@UniqueEmail", SqlDbType.Int, this.RequiresUniqueEmail ? 1 : 0)); command.Parameters.Add(this.CreateInputParam("@PasswordFormat", SqlDbType.Int, (int) this.PasswordFormat)); command.Parameters.Add(this.CreateInputParam("@CurrentTimeUtc", SqlDbType.DateTime, time)); SqlParameter parameter = this.CreateInputParam("@UserId", SqlDbType.UniqueIdentifier, providerUserKey); parameter.Direction = ParameterDirection.InputOutput; command.Parameters.Add(parameter); parameter = new SqlParameter("@ReturnValue", SqlDbType.Int); parameter.Direction = ParameterDirection.ReturnValue; command.Parameters.Add(parameter); command.ExecuteNonQuery(); int num3 = (parameter.Value != null) ? ((int) parameter.Value) : -1; if ((num3 < 0) || (num3 > 11)) { num3 = 11; } status = (MembershipCreateStatus) num3; if (num3 != 0) { return null; } providerUserKey = new Guid(command.Parameters["@UserId"].Value.ToString()); time = time.ToLocalTime(); user = new MembershipUser(this.Name, username, providerUserKey, email, passwordQuestion, null, isApproved, false, time, time, time, time, new DateTime(0x6da, 1, 1)); } finally { if (connection != null) { connection.Close(); connection = null; } } } catch { throw; } return user; }
PS:2012-6-20
这样操作知识简单的创建用户,跟在DNN注册界面上注册用户并不相同,注册用户比创建用户更加麻烦。