User unable to verify account using Asp.Net

Question

I have a simple create user wizard and custom membership provider which was taken from here

Now I am following this tutorial by scott Mitchell and creating new user using wizard and able to send email by setting Disable create property user to "False" so that whenever user recieves the activation link he needs to click that and verifies his account.

Now the problem is when he creates new user it is working fine and when he tried to login immediately he gets message that he needs to ativate the link first in order to login.

And after registration he gets email and when he clicks the link it gives me error that there is no user in the database.

As you can see below that user gets activation link

When the user tried to click it he gets that he is not found in the database

And if i check in the administration tool If I check the user is available without a tick beside it.

Here is my web.config:

    <?xml version="1.0"?>

<configuration>
  <connectionStrings>
    <add name="HDIConnectionString"
     connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|HDIMembershipProvider.mdf"/>
  </connectionStrings>
  <system.web>
    <roleManager defaultProvider="CustomProvider">
      <providers>
        <add connectionStringName="HDIConnectionString" name="CustomProvider"
          type="System.Web.Security.SqlRoleProvider" />
      </providers>
    </roleManager>
    <membership defaultProvider="HDIMembershipProvider">
      <providers>
        <clear/>
        <add name="HDIMembershipProvider" type="HDI.AspNet.Membership.HDIMembershipProvider" connectionStringName="HDIConnectionString" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Clear"/>
      </providers>
    </membership>
    <machineKey validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE" decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F" validation="SHA1"/>
    <authentication mode="Forms">
      <forms name=".ASPXFORMSAUTH" loginUrl="Login.aspx" />
    </authentication>
    <compilation debug="true" strict="false" explicit="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
      </assemblies>
    </compilation>
  </system.web>
  <appSettings>
    <add key="adminEmail" value="noreply@xyz.com"/>
  </appSettings>
  <system.net>
    <mailSettings>
      <smtp from="xyz@gmail.com">
        <network host="smtp.gmail.com" password="password" port="587" userName="xyz@gmail.com"/>
      </smtp>
    </mailSettings>
  </system.net>
</configuration>

And code behind for createuser.aspx:

 Protected Sub CreateUserWizard1_SendingMail(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.MailMessageEventArgs) Handles CreateUserWizard1.SendingMail
        Dim userInfo As MembershipUser = Membership.GetUser(CreateUserWizard1.UserName)

        'Construct the verification URL
        Dim verifyUrl As String = Request.Url.GetLeftPart(UriPartial.Authority) & Page.ResolveUrl("~/Verify.aspx?ID=" & userInfo.ProviderUserKey.ToString())

        'Replace <%VerifyUrl%> placeholder with verifyUrl value
        e.Message.Body = e.Message.Body.Replace("<%VerifyUrl%>", verifyUrl)
    End Sub

Verify Page_Load:

   Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        'Make sure that a valid querystring value was passed through
        If String.IsNullOrEmpty(Request.QueryString("ID")) OrElse Not Regex.IsMatch(Request.QueryString("ID"), "[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}") Then
            InformationLabel.Text = "An invalid ID value was passed in through the querystring."
        Else
            'ID exists and is kosher, see if this user is already approved
            'Get the ID sent in the querystring
            Dim userId As Guid = New Guid(Request.QueryString("ID"))

            'Get information about the user
            Dim userInfo As MembershipUser = Membership.GetUser(userId)
            If userInfo Is Nothing Then
                'Could not find user!
                InformationLabel.Text = "The user account could not be found in the membership database."
            Else
                'User is valid, approve them
                userInfo.IsApproved = True
                Membership.UpdateUser(userInfo)

                'Display a message
                InformationLabel.Text = "Your account has been verified and you can now log into the site."
            End If
        End If

And here is the database screenshot:

Answer 1

@Tim and Baldy-I have finally got working but not with UserID.I don't know what's wrong with the GUID and I tried it with username and it's working perfectly.

So if any modifications with the GUID please let me know.

Answer 2

You are passing a guid type to the GetUser method of the Membership class.

UPDATE Have tested this now. Passing a GUID does call the correct overload - GetUser(object providerUserKey). So this answer is not relevant.

How can you be sure that this is being inferred to the correct overload at runtime?

GetUser has both string and object single parameter overloads, therefore it would make sense to pass the guid in as an object so you are explicitly stating which overload you want to call.

The framework may be calling ToString() on your guid, which would invoke the overload that looks up the username rather than the provider key.

Not at a computer right now, but it should go like this...

      Dim key as new object()
'put the guid in the object type
    key = Userid
    Dim user = Membership.GetUser(key)