asp.netasp.net-membershipasp.net-profiles

Web Application Project with Profiles


I created a user as follows:

MembershipCreateStatus status = MembershipCreateStatus.InvalidPassword;
MembershipUser newUser = Membership.CreateUser(userNameTxt.Text.Trim(),
    passwordTxt.Text, emailTxt.Text, "N//A", "N//A", true, out status);
Roles.AddUserToRole(userNameTxt.Text.Trim(), "Member");

// Gather and save Profile info
CustomProfile profile =  CustomProfile.GetProfile(userNameTxt.Text.Trim());

profile.Personal.Email = emailTxt.Text.Trim();
profile.Personal.FirstName = firstNameTxt.Text.Trim();
profile.Personal.LastName = lastNameTxt.Text.Trim();
profile.Personal.Street = streetTxt.Text.Trim();
profile.Personal.City = cityTxt.Text.Trim();
profile.Personal.State = stateDDL.SelectedValue;
profile.Personal.Zip = zipTxt.Text.Trim();
profile.Save();

I see the data in the DB Profile table but not in the Users table - is this by design? It doesn't seem to recognize the user created this way when using the PasswordRecovery control. Can someone explain which tables are used when creating profiles this way and how to reset the password?

UPDATE:

Getting null for user name when testing my PasswordRecovery control:

MembershipUser user = Membership.GetUser(User.Identity.Name);
if (Page.IsPostBack)
{
    Response.Write(user.UserName);
} 

<add 
    name="DefaultMembershipProvider" 
    type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers,
        Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
    connectionStringName="LocalSqlServer" 
    enablePasswordRetrieval="false" 
    enablePasswordReset="true" 
    requiresQuestionAndAnswer="true" 
    requiresUniqueEmail="false" 
    minRequiredPasswordLength="6" 
    minRequiredNonalphanumericCharacters="0" 
    passwordAttemptWindow="1000" 
    applicationName="/" >

Solution

  • The profile data are saved on the aspnet_Profile Table, where each property is dynamic and placed on the PropertyNames and PropertyValuesString the value of it.

    Each property is connected to the user with the UserId. This design is logical from the moment asp.net is let you design your custom profile parameters. From the other hand if you have your database, you can create your personal table to keep that information's as you like, with your design.

    To reset the password you can use the ResetPassword method that is fully explained on MSDN.

    An alternative method that I prefer, but you need to make some more code is, to send the user an e-mail, from the e-mail you send them on a page that actually can write a new password, and you on code behind you reset it as:

    MembershipUser mu = Membership.GetUser(UserIdToChangePass);
    
    if (mu != null)
    {
        string sTemporaryPassword = mu.ResetPassword();
        mu.ChangePassword(sTemporaryPassword, txtNewPassword.Text);
    }
    

    where txtNewPassword is a TextBox that the users enter the new password.