剃刀和JS故障：检查用户是否存在

Question

我在做什么错？我试图验证用户不存在。我无法弄清楚如何发送@ email1或@ 0。我尝试了几种方法。 我可以让它工作当我硬编码WHERE条款。例如，我知道存在的电子邮件是doug@fresh.com。这工作："var userCheck = "SELECT * FROM USR WHERE EMAIL = 'doug@fresh.com'".Count()

这些做不工作：我曾尝试var userCheck = "SELECT * FROM USR WHERE EMAIL = " +email1.Count();和"var userCheck = "SELECT * FROM USR WHERE EMAIL = @0".Count()

我一定要通过email1作为参数???

ASP.NET-剃刀：

@{ 
    Page.Title = "Register"; 
    var minPass = 2; 
    var maxPass = 100; 
    var email1 = ""; 
    var pass1 = ""; 
    var db = Database.Open("Resume"); 
    var userCheck = "SELECT * FROM USR WHERE EMAIL = " +email1; 
    var userInsert = "INSERT INTO USR (EMAIL, PSWD) VALUES (@0, @1)"; 


    if(IsPost) { 
     email1 = Request.Form["email1"]; 
     pass1 = Request.Form["pass1"]; 
     db.Execute(userInsert, email1, pass1); 
     Response.Redirect("~/Default"); 
    } 
} 

的Javascript：

var error = ""; 
var email1 = document.getElementById('em100').value; 
var email2 = document.getElementById('em101').value; 
var pass1 = document.getElementById('pw100').value; 
var pass2 = document.getElementById('pw101').value; 

if (@userCheck > 0) error += "</br>Email already exists."; // ????????????????? 
if (!document.getElementById('em100').checkValidity()) error += "</br>Emails are not valid."; 
if (email1 !== email2) error += "</br>Emails do not match."; 
if (pass1 !== pass2) error += "</br>Passwords do not match."; 
if (pass1.length < minPass || pass1.length > maxPass) error += "</br>Password must be minPass - maxPass characters."; 

Answer 1

我要评论，我的做法是完全错误的。

我不再使用JavaScript进行验证，但只使用ASP.NET Razor。下面

对于那些谁是类似的事情奋斗，是我的解决方案：

一定要包括WebSecurity.InitializeDatabaseConnection("ResumeLink", "UserProfile", "UserId", "Email", true);

@{ 
    var username = ""; 
    var password = ""; 
    var confirmPassword = ""; 
    var regMsg = ""; 
    var minPass = 2; 
    var maxPass = 5; 


    if (!IsPost) { 
    if (WebSecurity.IsAuthenticated) { 
     regMsg = String.Format("You are already logged in. (User name: {0})", WebSecurity.CurrentUserName); 
     } 
    } 

    if (IsPost){ 
    WebSecurity.Logout();  
    username = Request["username"]; 
    password = Request["password"]; 
    confirmPassword = Request["confirmPassword"]; 

    try { 
     var mail = new System.Net.Mail.MailAddress(username); 
    } catch { 
     regMsg += "Invalid email format."; 
    } 

    //Validation.Add("username", Validator.Regex(@"^[A-Za-z0-9._%+-]+@@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$", regMsg += "Invalid email format.")); 
    if (password != confirmPassword) {regMsg += "</br>Passwords don't match.";} 
    if (WebSecurity.UserExists(username)) {regMsg += String.Format("</br>User '{0}' already exists.", username);} 
    if (password.Length < minPass || password.Length > maxPass) {regMsg += "</br>Password doesn't meet length requirement.";} 
    if (regMsg == "") { 
     WebSecurity.CreateUserAndAccount(username,password,null,false); 
     regMsg = String.Format("{0} created.", username); 
     Response.Write("Registration Successful!"); 
     Response.Redirect("~/Default.cshtml"); 
     } 
    } 
} 

<style>header {visibility: hidden;}</style> 
<body> 
    <div> 
     <h1>Register</h1> 
     <form method="post"> 
      <p> 
       @if(regMsg != ""){ 
        <span class="errorMessage">@Html.Raw(regMsg)</span> 
       } 
      </p> 

      <p> 
       <label for="username">Email Address:</label><br/> 
       <input type="text" name="username" id="username" value='@Request["username"]' /> 
      </p> 
      <p> 
       <label for="password">Password @minPass-@maxPass Characters:</label><br/> 
       <input type="password" name="password" id="password" value="" /> 
      </p> 
      <p> 
       <label for="confirmPassword">Confirm Password:</label><br/> 
       <input type="password" name="confirmPassword" id="confirmPassword" value="" /> 
      </p> 
      <p> 
       <input type="submit" value="Submit" /> 
       <input type="button" value="Cancel" onclick="javascript:location.href='Default.cshtml'" /> 
      </p> 
      <p> 
      </p> 
     </form> 
    </div> 
</body>