<%
Private m_sUserName
Private m_sFName
Private m_sLName
Private m_sTitle
Private m_sOrganization
Private m_sAddress1
Private m_sAddress2
Private m_sCity
Private m_sState
Private m_sZip
Private m_sCountry
Private m_sHPhone
Private m_sWPhone
Private m_sFax
Private m_sEmail
Private m_sURL
Private m_sPassword
Private m_sConfirm
Private m_sStep
Private m_sError
'Create DB Connection
Dim sDB, sConn, sInsert 'as String
Dim conn
sDB = "retina.mdb" 'The Database Name
sConn = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("access_db/" & sDB)
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open sConn
Call getQueryString()
If m_sStep = "1" Then
'Process the form.
If doValidation() = "" Then
'Insert this record in the database
sInsert = "INSERT INTO members " _
& "([fname], [lname], [title], [organization], [address1], [address2], [city], [state], [zip], [country], " _
& "[workphone], [homephone], [fax], [email], [url], [password], [username]) VALUES " _
& "('" & clean(m_sFName) & "', " _
& "'" & clean(m_sLName) & "', " _
& "'" & clean(m_sTitle) & "', " _
& "'" & clean(m_sOrganization) & "', " _
& "'" & clean(m_sAddress1) & "', " _
& "'" & clean(m_sAddress2) & "', " _
& "'" & clean( m_sCity) & "', " _
& "'" & clean(m_sState) & "', " _
& "'" & clean(m_sZip) & "', " _
& "'" & clean(m_sCountry) & "', " _
& "'" & clean(m_sWPhone) & "', " _
& "'" & clean(m_sHPhone) & "', " _
& "'" & clean(m_sFax) & "', " _
& "'" & clean(m_sEmail) & "', " _
& "'" & clean(m_sURL) & "', " _
& "'" & clean(m_sPassword) & "', " _
& " '" & clean(m_sUserName) & "') "
Set objRS = conn.Execute(sInsert)
Set conn = Nothing
Response.Redirect "/confirmation.asp"
Else
Response.Write doForm()
End If
Else
'Display the form
Response.Write doForm()
End If
Set conn = Nothing
Public Function clean(sString)
' MySQL escape character is \ , quote character is ' .. double up both to be safe
If sString <> "" Then clean = replace(replace(replace(sString,"\","\\"),"""","""),"'","'")
End Function
Function doForm()
Dim sLayout
sLayout = ""
doForm = sLayout
End Function
Function doValidation()
Set oRegExp = New RegExp
With oRegExp
.IgnoreCase = True
.Global = False
End With
'Unique username
If m_sUserName = "" Then
m_sError = m_sError & "Please enter a username. "
Else
'Make sure it is unique
sSQL = "SELECT username FROM members"
Set objRS= conn.Execute(sSQL)
If Not (objRS.BOF AND objRS.EOF) Then
Do Until objRS.EOF
If lcase(clean(m_sUserName)) = lcase(objRS("username")) Then
m_sError = m_sError & "Username already already in uses. "
End If
objRS.MoveNext
Loop
End If
End If
'Consitant Password
If m_sPassword = "" Then
m_sError = m_sError & "Please enter your password. "
Else
If m_sPassword <> m_sConfirm Then
m_sError = m_sError & "Your passwords do not match. "
End If
End If
'firstname
If m_sFName = "" Then
m_sError = m_sError & "You need to enter your first name. "
End If
'Lastname
If m_sLName = "" Then
m_sError = m_sError & "You need to enter your last name. "
End If
'title
If m_sTitle = "" Then
m_sError = m_sError & "You need to enter your title. "
End If
'Email
If m_sEmail = "" Then
m_sError = m_sError & "Please enter an email address. "
Else
oRegExp.Pattern = "^[a-z\.\-\_0-9]{2,}@[a-z0-9\.\-\_]{2,}\.[a-z]{2,4}$"
If Not oRegExp.Test(m_sEmail) Then
m_sError = m_sError & "Please enter a valid email address. Format name@domain.com "
End If
End If
If lcase(m_sCountry) = "canada" Then
If m_sState = "" Then
m_sError = m_sError & "Please enter you province. "
End If
If m_sZip = "" Then
m_sError = m_sError & "Please enter you postal code. Formate A1A-1A1 "
Else
oRegExp.Pattern = "^[A-Z][0-9][A-Z] ?[0-9][A-Z][0-9]$"
If Not oRegExp.Test(m_sZip) Then
m_sError = m_sError & "Please enter a valid postals code. Formate A1A-1A1 "
End If
End If
End If
If lcase(m_sCountry) = "usa" OR lcase(m_sCountry) = "united states" or lcase(m_sCountry) = "united states of america" Then
If m_sState = "" Then
m_sError = m_sError & "Please enter you state. "
End If
If m_sZip = "" Then
m_sError = m_sError & "Please enter you zip code. "
Else
oRegExp.Pattern = "^[0-9]{5}(?:-[0-9]{4})?$"
If Not oRegExp.Test(m_sZip) Then
m_sError = m_sError & "Please enter a valid zip code. "
End If
End If
End If
If m_sAddress1 = "" AND m_sAddress2 <> "" Then
m_sError = m_sError & "Please enter your address in the first line first. "
End If
'Phone Numbers
If m_sWPhone <> "" Then
oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$"
If Not oRegExp.Test(m_sWPhone) Then
m_sError = m_sError & "Please enter a valid work phone number. Format (999)999-9999 "
End If
End If
If m_sHPhone <> "" Then
oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$"
If Not oRegExp.Test(m_sHPhone) Then
m_sError = m_sError & "Please enter a valid home phone number. Format (999)999-9999 "
End If
End If
If m_sFax <> "" Then
oRegExp.Pattern = "^(?:(\([0-9]{3})\) )[0-9]{3}(-[0-9]{4})?$"
If Not oRegExp.Test(m_sFax) Then
m_sError = m_sError & "Please enter a valid fax number. Format (999)999-9999 "
End If
End If
Set oRegExp = Nothing
doValidation = m_sError
End Function
Sub getQueryString()
Dim x
For Each x in Request.Form
Select Case lcase(x)
'Case "step" : sStep = Request(x)
Case "id" : m_iUserID = Request(x)
Case "fname" : m_sFName = Request(x)
Case "lname" : m_sLName = Request(x)
Case "title" : m_sTitle = Request(x)
Case "organization" : m_sOrganization = Request(x)
Case "address1" : m_sAddress1 = Request(x)
Case "address2" : m_sAddress2 = Request(x)
Case "city" : m_sCity = Request(x)
Case "state" : m_sState = Request(x)
Case "postal" : m_sZip = Request(x)
Case "country" : m_sCountry = Request(x)
Case "wphone" : m_sWPhone = Request(x)
Case "hphone" : m_sHPhone = Request(x)
Case "fax" : m_sFax = Request(x)
Case "email" : m_sEmail = Request(x)
Case "url" : m_sURL = Request(x)
Case "username" : m_sUserName = Request(x)
Case "password" : m_sPassword = Request(x)
Case "confirm" : m_sConfirm = Request(x)
Case "step" : m_sStep = Request(x)
End Select
Next
End Sub
%>