in MySql.Web/src/MembershipProvider.cs [721:824]
public override MembershipUser CreateUser(string username, string password,
string email, string passwordQuestion, string passwordAnswer,
bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
//basis on MSDN documentation we should trim all the paramater values: http://msdn.microsoft.com/en-us/library/d8t4h2es%28v=vs.110%29.aspx
TrimParametersValues(ref username, ref password, ref email, ref passwordQuestion, ref passwordAnswer);
ValidatePasswordEventArgs Args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(Args);
if (Args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
if (RequiresUniqueEmail && !String.IsNullOrEmpty(GetUserNameByEmail(email)))
{
status = MembershipCreateStatus.DuplicateEmail;
return null;
}
ValidateQA(passwordQuestion, passwordAnswer);
// now try to validate the password
if (!ValidatePassword(password, "password", false))
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
// now check to see if we already have a member by this name
MembershipUser u = GetUser(username, false);
if (u != null)
{
status = MembershipCreateStatus.DuplicateUserName;
return null;
}
string passwordKey = GetPasswordKey();
DateTime createDate = DateTime.Now;
MySqlTransaction transaction = null;
using (MySqlConnection connection = new MySqlConnection(connectionString))
{
try
{
connection.Open();
transaction = connection.BeginTransaction();
// either create a new user or fetch the existing user id
long userId = SchemaManager.CreateOrFetchUserId(connection, username,
app.EnsureId(connection), true);
MySqlCommand cmd = new MySqlCommand(
@"INSERT INTO my_aspnet_membership
VALUES(@userId, @email, @comment, @password, @passwordKey,
@passwordFormat, @passwordQuestion, @passwordAnswer,
@isApproved, @lastActivityDate, @lastLoginDate,
@lastPasswordChangedDate, @creationDate,
@isLockedOut, @lastLockedOutDate, @failedPasswordAttemptCount,
@failedPasswordAttemptWindowStart, @failedPasswordAnswerAttemptCount,
@failedPasswordAnswerAttemptWindowStart)",
connection);
cmd.Parameters.AddWithValue("@userId", userId);
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@comment", "");
cmd.Parameters.AddWithValue("@password",
EncodePassword(password, passwordKey, PasswordFormat));
cmd.Parameters.AddWithValue("@passwordKey", passwordKey);
cmd.Parameters.AddWithValue("@passwordFormat", PasswordFormat);
cmd.Parameters.AddWithValue("@passwordQuestion", passwordQuestion);
cmd.Parameters.AddWithValue("@passwordAnswer",
EncodePassword(passwordAnswer, passwordKey, PasswordFormat));
cmd.Parameters.AddWithValue("@isApproved", isApproved);
cmd.Parameters.AddWithValue("@lastActivityDate", createDate);
cmd.Parameters.AddWithValue("@lastLoginDate", createDate);
cmd.Parameters.AddWithValue("@lastPasswordChangedDate", createDate);
cmd.Parameters.AddWithValue("@creationDate", createDate);
cmd.Parameters.AddWithValue("@isLockedOut", false);
cmd.Parameters.AddWithValue("@lastLockedOutDate", createDate);
cmd.Parameters.AddWithValue("@failedPasswordAttemptCount", 0);
cmd.Parameters.AddWithValue("@failedPasswordAttemptWindowStart", createDate);
cmd.Parameters.AddWithValue("@failedPasswordAnswerAttemptCount", 0);
cmd.Parameters.AddWithValue("@failedPasswordAnswerAttemptWindowStart", createDate);
int recAdded = cmd.ExecuteNonQuery();
if (recAdded > 0)
status = MembershipCreateStatus.Success;
else
status = MembershipCreateStatus.UserRejected;
transaction.Commit();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
WriteToEventLog(e, "CreateUser");
status = MembershipCreateStatus.ProviderError;
if (transaction != null)
transaction.Rollback();
return null;
}
}
return GetUser(username, false);
}