Examining ASP.NET 2.0's Membership, Roles, and Profile - Part 11
Posted by: 4GuysFromRolla.com Headlines,
on 25 Jun 2008 |
View original | Bookmarked: 0 time(s)
Many websites that support user account allow anyone to create a new account, but require new users to undergo some form of verification before their
account is activated. A common approach is to send an email to the newly created user with a link that, when visited, activates their account. This
approach ensures that the email address entered by the user is valid (since it is sent to that user's email address). This workflow not only ensures the
valid data entry, but also helps deter automated spam bots and abusive users.
In past installments of this article series we've seen how to use the CreateUserWizard control to allow users to create new accounts. By default, the
user accounts created by the CreateUserWizard control are activated; new users can login immediately and start interacting with the site. This default
behavior can be customized, however, so that new accounts are disabled. A disabled user cannot log into the site; therefore, there needs to be some manner
by which a newly created user can have her account enabled.
There are many ways by which an account may be activated. You could have each account manually verified by an administrative user. If your site requires
users to pay some sort of monthly fee or annual due, you could have the account approved once the payment was successfully processed. As aforementioned,
one very common approach is to require the user to visit a link sent to the email address they entered when logging on.
This article explores this latter technique. Read on to learn more!
Read More >