+1-888-365-2779
Try Now
More in this section
Categories
Bloggers
Blogs RSS feed

How to force newly created users to enable their accounts.

by Ivan Dimitrov
This is a general topic that shows extending the server CreateUserWizard control. I am going to show you how you can force newly create users to confirm their registration to your website by sending an email message. Actually this is a simple implementation that could be extended depending on your project and security needs. First you need to drop CreateUser control that is located under Login category of your website ToolBox section. Then open the control in edit mode and set CreateUserWizard.DisableCreatedUser Propertyto true. By doing so all users that use our form will not be able to log in until they click on the confirm subscription email sent to their email. In this sample I will use the username as a querystring. You can make the code more complicated by using auto generated keys and expiration time for the subscription.

 

1. Open the code behind of CreateUserWizard control located under ~/Sitefinity/UserControls/Login folder

2. Subscribe for SendingMail event.

 

protected override void OnInit(EventArgs e) 
    { 
        base.OnInit(e); 
 
        this.CreateUserWizard1.CreatedUser += new EventHandler(CreateUserWizard1_CreatedUser); 
        //SUBSCRIBE FOR SENDINGMAIL EVENT 
        this.CreateUserWizard1.SendingMail += new MailMessageEventHandler(CreateUserWizard1_SendingMail); 
    } 

3. Use MailMessageEventArgs to get/set the email subject and message.

 void CreateUserWizard1_SendingMail(object sender, MailMessageEventArgs e) 
    { 
        e.Message.IsBodyHtml = false
        e.Message.Subject = Subject + Request.ServerVariables["SERVER_NAME"]; 
        string subscriptionUrl = string.Concat(SubscriptionUrl, QueryString, CreateUserWizard1.UserName); 
        e.Message.Body = MessageBody + subscriptionUrl; 
     
    } 

 

4. You should implement custom public properties that will allow you to change the subject and body through the control designer instead of hardcoding them.

 [System.ComponentModel.Category("Mail attributes")] 
    public string Subject 
    { 
        get 
        { 
            if (string.IsNullOrEmpty(_subject)) 
                return "You have requested subscription for:"
            return _subject; 
 
        } 
        set { this._subject = value;} 
    } 
 
    [System.ComponentModel.Category("Mail attributes")] 
    public string QueryString 
    { 
        get 
        { 
            if (string.IsNullOrEmpty(_querystring)) 
                return "?username="
            return _querystring; 
 
        } 
        set { this._querystring = value; } 
    } 
 
    [System.ComponentModel.Category("Mail attributes")] 
    public string SubscriptionUrl 
    { 
        get 
        { 
            if (string.IsNullOrEmpty(_subscriptionUrl)) 
                return "http://localhost:2889/EmptyProject/confirmsubscription.aspx"
            return _subscriptionUrl; 
 
        } 
        set { this._subscriptionUrl = value; } 
    } 
    [System.ComponentModel.Category("Mail attributes")] 
    public string MessageBody 
    { 
        get 
        { 
            if (string.IsNullOrEmpty(_messageBody)) 
                return "Please confirm your account using the link:"
            return _messageBody; 
 
        } 
        set { this._messageBody = value; } 
    } 
 
    [System.ComponentModel.Category("Mail attributes")] 
    public string MailDefinitionFrom 
    { 
        get 
        { 
            string maildefinition = CreateUserWizard1.MailDefinition.From; 
            if (string.IsNullOrEmpty(maildefinition)) 
                return string.Empty; 
            return CreateUserWizard1.MailDefinition.From; 
 
        } 
        set { CreateUserWizard1.MailDefinition.From = value; } 
 
    } 
 
    private string _subject; 
    private string _querystring; 
    private string _subscriptionUrl; 
    private string _messageBody; 

 

Now I have to create a user control that will check whether the user is valid or not. If the user is valid i will approve the user using MembershipUser.IsApproved property.The user control is simple. In its template I added a Literal control that will be displayed only in case the user does not exist in the database.

<%@ Control Language="C#" AutoEventWireup="true" CodeFile="EnableUser.ascx.cs" Inherits="CustomControls_EnableUser" %> 
 
<asp:Label ID="Label1" runat="server" /> 

 

In the code behind I added my logic that would check the querystring and passed the value from the key.

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Web; 
using System.Web.UI; 
using System.Web.UI.WebControls; 
using System.Web.Security; 
 
public partial class CustomControls_EnableUser : System.Web.UI.UserControl 
    protected void Page_Load(object sender, EventArgs e) 
    { 
 
        Label1.Visible = false
        // GET THE QUERY STRING KEYS 
        
            string key = Request.QueryString.AllKeys[0]; 
            string query = Request.QueryString[0]; 
            if (key.Equals(Key) && !String.IsNullOrEmpty(query)) 
            { 
                //GET THE USER FROM THE PROVIDER 
                MembershipUser user = Membership.GetUser(query); 
                if (user != null
                { 
                    user.IsApproved = true
                    Membership.UpdateUser(user); 
                    Response.Redirect("~/Sitefinity/Login.aspx"); 
                } 
                else 
                { 
                    Label1.Visible = true
                    Label1.Text = LabelText; 
                } 
            } 
    } 
 
    [System.ComponentModel.Category("Mail attributes")] 
    public string Key 
    { 
        get 
        { 
            if(string.IsNullOrEmpty(_key)) 
                return "username"
                 return _key; 
        } 
        set 
        { 
            this._key = value; 
        } 
    } 
 
    [System.ComponentModel.Category("Mail attributes")] 
    public string LabelText 
    { 
        get 
        { 
            if (string.IsNullOrEmpty(_labelText)) 
                return "There is no such user registered"
            return _labelText; 
        } 
        set 
        { 
            this._labelText = value; 
        } 
    } 
 
    private string _key; 
    private string _labelText; 
 
 
 

 

Note that the value of QueryString property of CreateUserWizard control should be the same as the value of Key property in EnableUser control.

6 comments

Leave a comment
  1. Flavio Cometto Nov 05, 2009
    Thanks Ivan,
    this is very helpful, infact just few days ago I have asked to support if sitefinty has a mail-subscription-confirmation behaviour out of the box.
    Your post is a good starting point.

    Regards.
  2. adijuh Jan 26, 2010
    very interesting topic, thanks
  3. Nimit Verma Oct 22, 2010
    Hi Ivan,
    I did all the steps described above.
    It is creating the User but not sending the email I mean it not calling the function CreateUserWizard1_SendingMail(object sender, MailMessageEventArgs e) .

    Please suggest me what should I do.
  4. Ivan D Oct 26, 2010
    You should set MailDefinition property of CreateUserWizard control
  5. Brian Nov 09, 2010
    Where do I put the EnableUser.ascx control that was created? I have a folder called "CustomControl" under the website root. Email does not seem to be working. I am not receiving any emails and the User that is created is already enabled.
    What does "Note that the value of QueryString property of CreateUserWizard control should be the same as the value of Key property in EnableUser control." mean?

    Thanks    
  6. Brian Nov 09, 2010
    Where do I put the EnableUser.ascx control that was created? I have a folder called "CustomControl" under the website root. Email does not seem to be working. I am not receiving any emails and the User that is created is already enabled.
    What does "Note that the value of QueryString property of CreateUserWizard control should be the same as the value of Key property in EnableUser control." mean?

    Thanks    

    Leave a comment