Membership.CreateUser should fail but doesn't

Question

I'm creating users for test purposes, using :

string username = ...
string password = ...
string email = "******** not a valid email address! *********";
MembershipUser NewUser = Membership.CreateUser(userName, password, email, "no question", "no answer", true, out createStatus);
if (NewUser == null)
{
  switch (createStatus)
  {
    case MembershipCreateStatus.DuplicateUserName:
      throw new Exception("There already exists a user with this username.");
    case MembershipCreateStatus.InvalidEmail:
      throw new Exception("There email address you provided in invalid.");
    case MembershipCreateStatus.InvalidPassword:
      throw new Exception("The password you provided is invalid. It must be seven characters long.");
    default:
      throw new Exception("There was an unknown error; the user account was NOT created.");
  }
}

When this gets executed, a new user will get created, it doesn't fail with NewUser==null, MembershipCreateStatus.InvalidEmail, which is what I would expect.

Any idea why?

Here's the membership section from config if that has a bearing, although I don't see how:

    <membership defaultProvider="myProvider">
  <providers>
    <add
            name="myProvider"
            applicationName="/"
            connectionStringName="myconnectionsString"
            enablePasswordRetrieval="true"
            enablePasswordReset="true"
            passwordFormat="Clear"
            requiresQuestionAndAnswer="false"
            requiresUniqueEmail="true"
            minRequiredNonalphanumericCharacters="0"
            type="System.Web.Security.SqlMembershipProvider"
            />
  </providers>
</membership>

Thanks in advance!

can you show us more code? i would like to see the value of all MembershipCreateStatus.* — Danny Hong, Nov 02 '12 at 10:40

score 0 · Accepted Answer · answered Nov 02 '12 at 19:09

From reflector this is the validation on email in SqlMembershipProvider

  if (!SecUtility.ValidateParameter(ref email, this.RequiresUniqueEmail, this.RequiresUniqueEmail, false, 0x100))
    {
        status = MembershipCreateStatus.InvalidEmail;
        return null;
    }

internal static bool ValidateParameter(ref string param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize)
{
    if (param == null)
    {
        return !checkForNull;
    }
    param = param.Trim();
    return (((!checkIfEmpty || (param.Length >= 1)) && ((maxSize <= 0) || (param.Length <= maxSize))) && (!checkForCommas || !param.Contains(",")));
}

Looks like it doesn't care abut valid email or not, just that something is provided. You'll want to handle it from your client or override the SqlMembershipProvider.

Membership.CreateUser should fail but doesn't

1 Answers1