For that you need to have SignUp Page , login page and your Poll page.
On login Page you will validate the user credentail and based on user validation you can allow access to Poll page. If user not logged in then redirect to login page also add Sign Up link.
If you need to verify user by email then this link Send user Confirmation email after Registration with Activation Link in ASP.Net for your reference and as per your code logic implement it.
Also on Poll Page based on user it only Insert/Update user vote based on PollId and on userid so for one Poll user can vote for one answer.
Refer the below sample Code for your reference.
SQL
CREATE TABLE [Users]
(
[UserId] [int] IDENTITY(1,1) NOT NULL,
[Username] [nvarchar](20) NOT NULL,
[Password] [nvarchar](20) NOT NULL,
[Email] [nvarchar](30) NOT NULL,
[CreatedDate] [datetime] NOT NULL,
CONSTRAINT [PK_Users] PRIMARY KEY CLUSTERED
(
[UserId] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY]
GO
CREATE TABLE PollQuestions
(
PollId INT PRIMARY KEY,
Question VARCHAR(100)
)
GO
INSERT INTO PollQuestions VALUES(1,'What is your favorite color?')
GO
CREATE TABLE PollOptions
(
PollId INT,
PollOptionId INT,
PoleOption VARCHAR(50),
CONSTRAINT pk_PollOptionId PRIMARY KEY (PollId,PollOptionId),
CONSTRAINT fk_PollId FOREIGN KEY (PollId) REFERENCES PollQuestions(PollId)
)
GO
INSERT INTO PollOptions VALUES(1,1,'Red')
INSERT INTO PollOptions VALUES(1,2,'Green')
INSERT INTO PollOptions VALUES(1,3,'Yellow')
GO
CREATE TABLE PollAnswers
(
PollAnswerId INT PRIMARY KEY IDENTITY,
PollId INT,
PollAnswers INT,
[UserId] [int] NOT NULL,
CONSTRAINT fk_PollAnswerId FOREIGN KEY (PollId) REFERENCES PollQuestions(PollId),
CONSTRAINT fk_UserId FOREIGN KEY (UserId) REFERENCES [Users](UserId)
)
GO
CREATE PROCEDURE SavePollAnswer
@PollId INT
,@PollAnswer INT
,@UserId INT
AS
BEGIN
IF EXISTS(SELECT PollAnswerId FROM PollAnswers WHERE PollId = @PollId AND UserId = @UserId)
BEGIN
UPDATE PollAnswers
SET PollAnswers = @PollAnswer
WHERE PollId = @PollId AND UserId = @UserId
END
ELSE
BEGIN
INSERT INTO PollAnswers VALUES(@PollId,@PollAnswer,@UserId)
END
END
GO
CREATE PROCEDURE PollCount
@PollId INT
AS
BEGIN
SELECT PollOptions.PoleOption,COUNT(PollAnswers.PollAnswerId) 'Polls Count'
FROM PollAnswers
INNER JOIN PollOptions ON PollOptions.PollID = PollAnswers.PollID
AND PollOptions.PollOptionId = PollAnswers.PollAnswers
WHERE PollAnswers.PollID = @PollId
GROUP BY PollAnswers,PollOptions.PoleOption
END
GO
CREATE PROCEDURE [Insert_User]
@Username NVARCHAR(20)
,@Password NVARCHAR(20)
,@Email NVARCHAR(30)
AS
BEGIN
SET NOCOUNT ON;
IF EXISTS(SELECT UserId FROM Users WHERE Username = @Username)
BEGIN
SELECT -1 -- Username exists.
END
ELSE IF EXISTS(SELECT UserId FROM Users WHERE Email = @Email)
BEGIN
SELECT -2 -- Email exists.
END
ELSE
BEGIN
INSERT INTO [Users]
([Username]
,[Password]
,[Email]
,[CreatedDate])
VALUES
(@Username
,@Password
,@Email
,GETDATE())
SELECT SCOPE_IDENTITY() -- UserId
END
END
GO
CREATE PROCEDURE [Validate_User]
@Username NVARCHAR(20)
,@Password NVARCHAR(20)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @UserId INT
SELECT @UserId = UserId FROM Users WHERE Username = @Username AND [Password] = @Password
IF @UserId IS NOT NULL
BEGIN
SELECT @UserId -- User Valid
END
ELSE
BEGIN
SELECT -1 UserId ,''Username, '' Email -- User invalid.
END
END
GO
CREATE PROCEDURE [GetUserDetails]
@UserId INT
AS
BEGIN
SET NOCOUNT ON;
SELECT UserId,Username,Email FROM users WHERE UserId = @UserId
END
GO
User Class
C#
public class User
{
public int UserId { get; set; }
public string Username { get; set; }
public string Password { get; set; }
public string Email { get; set; }
}
VB.Net
Public Class User
Public Property UserId As Integer
Get
End Get
Set
End Set
End Property
Public Property Username As String
Get
End Get
Set
End Set
End Property
Public Property Password As String
Get
End Get
Set
End Set
End Property
Public Property Email As String
Get
End Get
Set
End Set
End Property
End Class
Login Page
HTML
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<td>
User Name:
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password"></asp:TextBox>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnLogin" runat="server" OnClick="ValidateUser" Text="Login"/>
</td>
</tr>
<tr>
<td colspan="2">
Not a Member? <asp:LinkButton runat="server" PostBackUrl="~/SignUp.aspx">Sign Up</asp:LinkButton>
</td>
</tr>
</table>
</div>
</form>
</body>
</html>
C#
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
Session["UserDetails"] = null;
}
}
protected void ValidateUser(object sender, EventArgs e)
{
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", txtUserName.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Text);
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
}
string message = string.Empty;
switch (userId)
{
case -1:
message = "Username and/or password is incorrect.";
break;
default:
message = "";
break;
}
if (userId < 0)
{
ClientScript.RegisterStartupScript(GetType(), "alert", "alert('" + message + "');", true);
}
else
{
GetUserDetails(userId);
Response.Redirect("CS.aspx");
}
}
}
private void GetUserDetails(int userId)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand cmd = new SqlCommand("GetUserDetails", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserId", userId);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
dr.Read();
User user = new User();
user.UserId = Convert.ToInt32(dr["UserId"].ToString());
user.Username = dr["Username"].ToString();
user.Email = dr["Email"].ToString();
Session["UserDetails"] = user;
}
con.Close();
}
VB.Net
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If Not Me.IsPostBack Then
Session("UserDetails") = Nothing
End If
End Sub
Protected Sub ValidateUser(ByVal sender As Object, ByVal e As EventArgs)
Dim userId As Integer = 0
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("Validate_User")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", txtUserName.Text)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text)
cmd.Connection = con
con.Open()
userId = Convert.ToInt32(cmd.ExecuteScalar)
con.Close()
Dim message As String = String.Empty
Select Case (userId)
Case -1
message = "Username and/or password is incorrect."
Case Else
message = ""
End Select
If (userId < 0) Then
ClientScript.RegisterStartupScript([GetType](), "alert", ("alert('" _
+ (message + "');")), True)
Else
GetUserDetails(userId)
Response.Redirect("VB.aspx")
End If
End Sub
Private Sub GetUserDetails(ByVal userId As Integer)
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
con.Open()
Dim cmd As SqlCommand = New SqlCommand("GetUserDetails", con)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@UserId", userId)
Dim dr As SqlDataReader = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
Dim user As User = New User
user.UserId = Convert.ToInt32(dr("UserId").ToString)
user.Username = dr("Username").ToString
user.Email = dr("Email").ToString
Session("UserDetails") = user
End If
con.Close()
End Sub
SignUp Page
HTML
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<th colspan="3">
Registration
</th>
</tr>
<tr>
<td>
Username
</td>
<td>
<asp:TextBox ID="txtUsername" runat="server" />
</td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1" ErrorMessage="Required"
ForeColor="Red" ControlToValidate="txtUsername" runat="server" />
</td>
</tr>
<tr>
<td>
Password
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" />
</td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator2" ErrorMessage="Required"
ForeColor="Red" ControlToValidate="txtPassword" runat="server" />
</td>
</tr>
<tr>
<td>
Confirm Password
</td>
<td>
<asp:TextBox ID="txtConfirmPassword" runat="server" TextMode="Password" />
</td>
<td>
<asp:CompareValidator ID="CompareValidator1" ErrorMessage="Passwords do not match."
ForeColor="Red" ControlToCompare="txtPassword" ControlToValidate="txtConfirmPassword"
runat="server" />
</td>
</tr>
<tr>
<td>
Email
</td>
<td>
<asp:TextBox ID="txtEmail" runat="server" />
</td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator3" ErrorMessage="Required"
Display="Dynamic" ForeColor="Red" ControlToValidate="txtEmail" runat="server" />
<asp:RegularExpressionValidator ID="RegularExpressionValidator1" runat="server" Display="Dynamic"
ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*" ControlToValidate="txtEmail"
ForeColor="Red" ErrorMessage="Invalid email address." />
</td>
</tr>
<tr>
<td>
</td>
<td>
<asp:Button ID="Button1" Text="Submit" runat="server" OnClick="RegisterUser" />
</td>
<td>
</td>
</tr>
</table>
</div>
</form>
</body>
</html>
C#
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
Session["UserDetails"] = null;
}
}
private void GetUserDetails(int userId)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand cmd = new SqlCommand("GetUserDetails", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserId", userId);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
dr.Read();
User user = new User();
user.UserId = Convert.ToInt32(dr["UserId"].ToString());
user.Username = dr["Username"].ToString();
user.Email = dr["Email"].ToString();
Session["UserDetails"] = user;
}
con.Close();
}
protected void RegisterUser(object sender, EventArgs e)
{
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Insert_User"))
{
using (SqlDataAdapter sda = new SqlDataAdapter())
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim());
cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
}
}
string message = string.Empty;
switch (userId)
{
case -1:
message = "Username already exists.\\nPlease choose a different username.";
break;
case -2:
message = "Supplied email address has already been used.";
break;
default:
message = "";
break;
}
if (userId < 0)
{
ClientScript.RegisterStartupScript(GetType(), "alert", "alert('" + message + "');", true);
}
else
{
GetUserDetails(userId);
Response.Redirect("CS.aspx");
}
}
}
VB.Net
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If Not Me.IsPostBack Then
Session("UserDetails") = Nothing
End If
End Sub
Private Sub GetUserDetails(ByVal userId As Integer)
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
con.Open()
Dim cmd As SqlCommand = New SqlCommand("GetUserDetails", con)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@UserId", userId)
Dim dr As SqlDataReader = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
Dim user As User = New User
user.UserId = Convert.ToInt32(dr("UserId").ToString)
user.Username = dr("Username").ToString
user.Email = dr("Email").ToString
Session("UserDetails") = user
End If
con.Close()
End Sub
Protected Sub RegisterUser(ByVal sender As Object, ByVal e As EventArgs)
Dim userId As Integer = 0
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("Insert_User")
Dim sda As SqlDataAdapter = New SqlDataAdapter
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim)
cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim)
cmd.Connection = con
con.Open()
userId = Convert.ToInt32(cmd.ExecuteScalar)
con.Close()
Dim message As String = String.Empty
Select Case (userId)
Case -1
message = "Username already exists.\\n Please choose a different username."
Case -2
message = "Supplied email address has already been used."
Case Else
message = ""
End Select
If (userId < 0) Then
ClientScript.RegisterStartupScript([GetType](), "alert", ("alert('" + (message + "');")), True)
Else
GetUserDetails(userId)
Response.Redirect("VB.aspx")
End If
End Sub
Pole Page
HTML
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
<style type="text/css">
body
{
font-family: Arial;
font-size: 10pt;
}
table
{
border: 1px solid #ccc;
}
table th
{
background-color: #F7F7F7;
color: #333;
font-weight: bold;
}
table th, table td
{
padding: 5px;
border-color: #ccc;
}
</style>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="lblPollQuestion" runat="server" />
<asp:RadioButtonList ID="rblPollOptions" runat="server" OnSelectedIndexChanged="OnOptionChanged"
AutoPostBack="true">
</asp:RadioButtonList>
<asp:Repeater runat="server" ID="rptPollCount">
<HeaderTemplate>
<table>
<thead>
<th>
Vote for
</th>
<th>
Vote Count
</th>
</thead>
</HeaderTemplate>
<ItemTemplate>
<tr>
<td>
<asp:Label ID="lblOptions" Text='<%# Eval("PoleOption") %>' runat="server" />
</td>
<td>
<asp:Label ID="lblCount" Text='<%# Eval("Polls Count") %>' runat="server" />
</td>
</tr>
</ItemTemplate>
<FooterTemplate>
</table>
</FooterTemplate>
</asp:Repeater>
</div>
</form>
</body>
</html>
C#
private void Logout(object sender, EventArgs e)
{
Session.Abandon();
Response.Redirect("Login.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
if (this.Session["UserDetails"] == null)
{
Response.Redirect("Login.aspx");
}
if (!IsPostBack)
{
lblPollQuestion.Text = PopulatePollQuestions();
PopulatePollOptions();
rptPollCount.DataSource = PopulatePollCount(1);
rptPollCount.DataBind();
}
}
protected void OnOptionChanged(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("SavePollAnswer", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@PollId", 1);
cmd.Parameters.AddWithValue("@PollAnswer", rblPollOptions.SelectedValue);
cmd.Parameters.AddWithValue("@UserId", ((User)this.Session["UserDetails"]).UserId);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
Response.Redirect(Request.Url.AbsoluteUri);
}
private string PopulatePollQuestions()
{
object question = "";
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("SELECT Question FROM PollQuestions WHERE PollId = 1", con))
{
con.Open();
question = cmd.ExecuteScalar();
con.Close();
}
}
return question.ToString();
}
private DataTable PopulatePollOptions()
{
DataTable dt = new DataTable();
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("SELECT PollId,PollOptionId,PoleOption FROM PollOptions WHERE PollId = 1", con))
{
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
da.Fill(dt);
rblPollOptions.DataSource = dt;
rblPollOptions.DataTextField = "PoleOption";
rblPollOptions.DataValueField = "PollOptionId";
rblPollOptions.DataBind();
}
}
}
return dt;
}
private DataTable PopulatePollCount(int pollId)
{
DataTable dt = new DataTable();
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("PollCount", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@PollId", pollId);
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
da.Fill(dt);
}
}
}
return dt;
}
VB.Net
Private Sub Logout(ByVal sender As Object, ByVal e As EventArgs)
Session.Abandon()
Response.Redirect("Login.aspx")
End Sub
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If (Me.Session("UserDetails") Is Nothing) Then
Response.Redirect("Login.aspx")
End If
If Not IsPostBack Then
lblPollQuestion.Text = PopulatePollQuestions()
PopulatePollOptions()
rptPollCount.DataSource = PopulatePollCount(1)
rptPollCount.DataBind()
End If
End Sub
Protected Sub OnOptionChanged(ByVal sender As Object, ByVal e As EventArgs)
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("SavePollAnswer", con)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@PollId", 1)
cmd.Parameters.AddWithValue("@PollAnswer", rblPollOptions.SelectedValue)
cmd.Parameters.AddWithValue("@UserId", CType(Me.Session("UserDetails"), User).UserId)
con.Open()
cmd.ExecuteNonQuery()
con.Close()
Response.Redirect(Request.Url.AbsoluteUri)
End Sub
Private Function PopulatePollQuestions() As String
Dim question As Object = ""
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("SELECT Question FROM PollQuestions WHERE PollId = 1", con)
con.Open()
question = cmd.ExecuteScalar
con.Close()
Return question.ToString
End Function
Private Function PopulatePollOptions() As DataTable
Dim dt As DataTable = New DataTable
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("SELECT PollId,PollOptionId,PoleOption FROM PollOptions WHERE PollId = 1", con)
Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)
da.Fill(dt)
rblPollOptions.DataSource = dt
rblPollOptions.DataTextField = "PoleOption"
rblPollOptions.DataValueField = "PollOptionId"
rblPollOptions.DataBind()
Return dt
End Function
Private Function PopulatePollCount(ByVal pollId As Integer) As DataTable
Dim dt As DataTable = New DataTable
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Dim con As SqlConnection = New SqlConnection(constr)
Dim cmd As SqlCommand = New SqlCommand("PollCount", con)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@PollId", pollId)
Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)
da.Fill(dt)
Return dt
End Function
Screenshot
