Tip/Trick: Gathering Custom User Registration Information
Problem
You are building a web-site that allows customers to register new users on the site. As part of the registration process, you naturally want to allow them to create a username and password. You also want them to enter additional personalization/registration data like their address, zipcode, gender, age, etc. and associate it with the newly created account. You want to create an intuitive wizard-like navigation UI that enables customers to easily manage this workflow.
Solution
ASP.NET 2.0 now provides a built-in control -- <asp:createuserwizard> -- that provides developers with an easy way to create user registration workflows for their site. The <asp:createuserwizard> control provides built-in UI to enable an end-user to choose a username and password. The <asp:createuserwizard> control also allows developers to specify additional "custom steps" of information to gather.
These custom steps can be defined using additional wizardstep templates defined within the <asp:createuserwizard> control itself -- and so can contain any custom UI the developer wants. For example:
<asp:WizardStep ID="CreateUserWizardStep0" runat="server">
<div class="title">
Billing Information
</div>
<div class="address">
<span>Billing Address:</span>
<asp:TextBox ID="BillingAddress" MaxLength="50" runat="server" />
<asp:RequiredFieldValidator ControlToValidate="BillingAddress" ErrorMessage="Address required!" runat="server"/>
</div>
</asp:WizardStep>
The CreateUserWizard control will then automatically add "next"/"previous" navigation UI to enable an end-user to skip forward and back throughout the registration process.
The CreateUserWizard control exposes a "CreatedUser" event that you can handle within your page to add logic to retrieve the information collected within the various WizardSteps, and store it within whatever database or profile store you want. This event fires after the user has been created within the ASP.NET Membership system. However, the user is not yet logged into the ASP.NET site at this point (they won't be logged in until the page redisplays). So to obtain the username of the newly created username you should access the CreateUserWizard.UserName property.
For example:
Sub CreateUserWizard1_CreatedUser(Sender as Object, E as EventArgs) Handles CreateUserWizard.CreatedUser
' Obtain a reference to the "BillingAddress" textbox in the first step of the wizard
Dim BillingAddress as TextBox
BillingAddress = CreateUserWizardStep0.ContentTemplateContainer.FindControl("BillingAddress")
' Todo: Store the BillingAddress.Text value in a database or profile store
End Sub
Two possible places you could perist this custom user information are:
1) Within a custom database table that you create and define. You could replace the above "todo" statement in the CreatedUser event handler to insert this data into the database table using whatever data API you prefer (for example: ADO.NET or a Strongly Typed Table Adapter).
2) Within the new ASP.NET 2.0 Profile system. The ASP.NET Profile system provides a way to automatically persist additional properties/values about a user in a persistent store, and provides a strongly typed API that enables you to easly set/retrieve them (so for example you could just write Profile.BillingAddress to access the value). The ASP.NET Profile system is by default mapped against an XML blob-like column within a database (which makes it easy to setup). Alternatively, you can use the ASP.NET SQL Table Profile Provider to map the Profile API against a schematized SQL table or set of SPROCs. This gives you the nice strongly typed Profile API against a regular SQL table (which makes data-mining easier).
To learn more about how to use the <asp:createuserwizard> control and download sample code that uses it I'd recommend reviewing these articles:
Customizing the CreateUserWizard Control: This article was published in July of 2006, and provides a good walkthrough of the customization capabilities of the CreateUserWizard control, and how to store custom user properties directly within a database.
How to add a Login, Roles, and Profile system to an ASP.NET 2.0 app in 24 lines of code: This is a sample I put together towards the end of 2005 that shows how to integrate these three features in ASP.NET 2.0 to create a custom registration and profile management system.
CreateUserWizard Samples within the ASP.NET QuickStart tutorials: This page provides a number of samples (in both VB and C#) that you can use to understand how to use the CreateUserWizard control better.
Profiles in ASP.NET 2.0: K. Scott Allen posted this nice article which does a good job providing an overview of the new ASP.NET 2.0 Profile API.
ASP.NET 2.0 Membership, Roles, Forms Authentication and Security Resources: This blog post of mine contains a ton of ASP.NET security informationa and useful links. I'd recommend reviewing it to explore more about ASP.NET security.
Credits
Erich Peterson and K. Scott Allen for the nice articles I listed above.
Hope this helps,
Scott