<% Private m_sUserName Private m_sFName Private m_sLName Private m_sTitle Private m_sOrganization Private m_sAddress1 Private m_sAddress2 Private m_sCity Private m_sState Private m_sZip Private m_sCountry Private m_sHPhone Private m_sWPhone Private m_sFax Private m_sEmail Private m_sURL Private m_sPassword Private m_sConfirm Private m_sStep Private m_sError 'Create DB Connection Dim sDB, sConn, sInsert 'as String Dim conn sDB = "retina.mdb" 'The Database Name sConn = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("access_db/" & sDB) Set conn = Server.CreateObject("ADODB.Connection") conn.Open sConn Call getQueryString() If m_sStep = "1" Then 'Process the form. If doValidation() = "" Then 'Insert this record in the database sInsert = "INSERT INTO members " _ & "([fname], [lname], [title], [organization], [address1], [address2], [city], [state], [zip], [country], " _ & "[workphone], [homephone], [fax], [email], [url], [password], [username]) VALUES " _ & "('" & clean(m_sFName) & "', " _ & "'" & clean(m_sLName) & "', " _ & "'" & clean(m_sTitle) & "', " _ & "'" & clean(m_sOrganization) & "', " _ & "'" & clean(m_sAddress1) & "', " _ & "'" & clean(m_sAddress2) & "', " _ & "'" & clean( m_sCity) & "', " _ & "'" & clean(m_sState) & "', " _ & "'" & clean(m_sZip) & "', " _ & "'" & clean(m_sCountry) & "', " _ & "'" & clean(m_sWPhone) & "', " _ & "'" & clean(m_sHPhone) & "', " _ & "'" & clean(m_sFax) & "', " _ & "'" & clean(m_sEmail) & "', " _ & "'" & clean(m_sURL) & "', " _ & "'" & clean(m_sPassword) & "', " _ & " '" & clean(m_sUserName) & "') " Set objRS = conn.Execute(sInsert) Set conn = Nothing Response.Redirect "/confirmation.asp" Else Response.Write doForm() End If Else 'Display the form Response.Write doForm() End If Set conn = Nothing Public Function clean(sString) ' MySQL escape character is \ , quote character is ' .. double up both to be safe If sString <> "" Then clean = replace(replace(replace(sString,"\","\\"),"""","""),"'","'") End Function Function doForm() Dim sLayout sLayout = "
" _ & "" _ & "" If m_sError <> "" Then sLayout = sLayout & "" sLayout = sLayout & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & ""_ & "
Please correct the following :
" & m_sError & "
*User Name
*First Name*Last Name
*TitleOrganization
Street AddressAddress(cont.)
CityState/Province
Zip/Postal CodeCountry
Work PhoneHome Phone
Fax*E-mail
URL
*Password
*Confirm Password
" _ & "
" doForm = sLayout End Function Function doValidation() Set oRegExp = New RegExp With oRegExp .IgnoreCase = True .Global = False End With 'Unique username If m_sUserName = "" Then m_sError = m_sError & "Please enter a username.
" Else 'Make sure it is unique sSQL = "SELECT username FROM members" Set objRS= conn.Execute(sSQL) If Not (objRS.BOF AND objRS.EOF) Then Do Until objRS.EOF If lcase(clean(m_sUserName)) = lcase(objRS("username")) Then m_sError = m_sError & "Username already already in uses.
" End If objRS.MoveNext Loop End If End If 'Consitant Password If m_sPassword = "" Then m_sError = m_sError & "Please enter your password.
" Else If m_sPassword <> m_sConfirm Then m_sError = m_sError & "Your passwords do not match.
" End If End If 'firstname If m_sFName = "" Then m_sError = m_sError & "You need to enter your first name.
" End If 'Lastname If m_sLName = "" Then m_sError = m_sError & "You need to enter your last name.
" End If 'title If m_sTitle = "" Then m_sError = m_sError & "You need to enter your title.
" End If 'Email If m_sEmail = "" Then m_sError = m_sError & "Please enter an email address.
" Else oRegExp.Pattern = "^[a-z\.\-\_0-9]{2,}@[a-z0-9\.\-\_]{2,}\.[a-z]{2,4}$" If Not oRegExp.Test(m_sEmail) Then m_sError = m_sError & "Please enter a valid email address. Format name@domain.com
" End If End If If lcase(m_sCountry) = "canada" Then If m_sState = "" Then m_sError = m_sError & "Please enter you province.
" End If If m_sZip = "" Then m_sError = m_sError & "Please enter you postal code. Formate A1A-1A1
" Else oRegExp.Pattern = "^[A-Z][0-9][A-Z] ?[0-9][A-Z][0-9]$" If Not oRegExp.Test(m_sZip) Then m_sError = m_sError & "Please enter a valid postals code. Formate A1A-1A1
" End If End If End If If lcase(m_sCountry) = "usa" OR lcase(m_sCountry) = "united states" or lcase(m_sCountry) = "united states of america" Then If m_sState = "" Then m_sError = m_sError & "Please enter you state.
" End If If m_sZip = "" Then m_sError = m_sError & "Please enter you zip code.
" Else oRegExp.Pattern = "^[0-9]{5}(?:-[0-9]{4})?$" If Not oRegExp.Test(m_sZip) Then m_sError = m_sError & "Please enter a valid zip code.
" End If End If End If If m_sAddress1 = "" AND m_sAddress2 <> "" Then m_sError = m_sError & "Please enter your address in the first line first.
" End If 'Phone Numbers If m_sWPhone <> "" Then oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$" If Not oRegExp.Test(m_sWPhone) Then m_sError = m_sError & "Please enter a valid work phone number. Format (999)999-9999
" End If End If If m_sHPhone <> "" Then oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$" If Not oRegExp.Test(m_sHPhone) Then m_sError = m_sError & "Please enter a valid home phone number. Format (999)999-9999
" End If End If If m_sFax <> "" Then oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$" If Not oRegExp.Test(m_sFax) Then m_sError = m_sError & "Please enter a valid fax number. Format (999)999-9999
" End If End If Set oRegExp = Nothing doValidation = m_sError End Function Sub getQueryString() Dim x For Each x in Request.Form Select Case lcase(x) 'Case "step" : sStep = Request(x) Case "id" : m_iUserID = Request(x) Case "fname" : m_sFName = Request(x) Case "lname" : m_sLName = Request(x) Case "title" : m_sTitle = Request(x) Case "organization" : m_sOrganization = Request(x) Case "address1" : m_sAddress1 = Request(x) Case "address2" : m_sAddress2 = Request(x) Case "city" : m_sCity = Request(x) Case "state" : m_sState = Request(x) Case "postal" : m_sZip = Request(x) Case "country" : m_sCountry = Request(x) Case "wphone" : m_sWPhone = Request(x) Case "hphone" : m_sHPhone = Request(x) Case "fax" : m_sFax = Request(x) Case "email" : m_sEmail = Request(x) Case "url" : m_sURL = Request(x) Case "username" : m_sUserName = Request(x) Case "password" : m_sPassword = Request(x) Case "confirm" : m_sConfirm = Request(x) Case "step" : m_sStep = Request(x) End Select Next End Sub %>