This article
will show you how you can deactivate user account after 3 consecutive failed
login attempts in asp.net using c#. This validation will take from sql server
database.
So for this article first we will create the user table in sql database.
So for this article first we will create the user table in sql database.
<table width="100%">
<tr>
<td style="text-align: right;">User
Id</td>
<td style="text-align: right;">
<asp:TextBox ID="txtUSerId"
runat="server"></asp:TextBox></td>
</tr>
<tr>
<td style="text-align: right;">Password</td>
<td style="text-align: right;">
<asp:TextBox ID="txtPassword"
runat="server" TextMode="Password"></asp:TextBox></td>
</tr>
<tr>
<td style="text-align: center;" colspan="2">
<asp:Button ID="Button1" runat="server" Text="Submit" OnClick="Button1_Click" />
<br />
<asp:Label ID="lblmessage"
runat="server" Style="color: #FF3300" Text=""></asp:Label></td>
</tr>
</table>
|
In above code I have created a login page. In this user id and password field is there. Now we will write code on button click.
protected void Button1_Click(object sender, EventArgs e)
{
try
{
DataSet ds = new DataSet();
SqlConnection con =
new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial
Catalog=Demo;Integrated Security=True");
string query = "select * from UserLoginDetail Where
[UserId]='" + txtUSerId.Text + "' and [Password]='" + txtPassword.Text + "' and [StatusId]=1;";
con.Open();
SqlDataAdapter da = new SqlDataAdapter(query,
con);
da.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count
> 0)
{
Session["LoginCount"] = 0;
Response.Redirect("SuccessPage.aspx");
}
else
{
Session["LoginCount"] = Convert.ToInt32(Session["LoginCount"]) + 1;
if (Convert.ToInt32(Session["LoginCount"])
> 3)
{
lblmessage.Text = DeactivateLoginAccount();
}
else
{
lblmessage.Text = "Please
enter a valid login detail.";
}
}
}
catch
{
}
}
private string
DeactivateLoginAccount()
{
DataSet ds = new DataSet();
SqlConnection con =
new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial
Catalog=Demo;Integrated Security=True");
string query = "select * from UserLoginDetail Where
[UserId]='" + txtUSerId.Text + "';Update UserLoginDetail set StatusId=0 Where
[UserId]='" + txtUSerId.Text + "';";
con.Open();
SqlDataAdapter da = new SqlDataAdapter(query,
con);
da.Fill(ds);
if (ds.Tables[0].Rows.Count
> 0)
{
return "Your Account is Locaked. Please contact to
admin.";
}
else
{
return "Please enter a valid login detail.";
}
con.Close();
}
|
In above code I have stored the user failed login attempts into session. And after each fail attempt I am increasing the count. After 3 failed attempts If user enter wrong userid and password ion password. I have called a function named as DeactivateLoginAccount(). So check the detail explanation of this function.
private string
DeactivateLoginAccoint()
{
DataSet ds = new DataSet();
SqlConnection con =
new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial
Catalog=Demo;Integrated Security=True");
string query = "select * from UserLoginDetail Where
[UserId]='" + txtUSerId.Text + "';Update UserLoginDetail set StatusId=0 Where
[UserId]='" + txtUSerId.Text + "';";
con.Open();
SqlDataAdapter da = new SqlDataAdapter(query, con);
da.Fill(ds);
if (ds.Tables[0].Rows.Count
> 0)
{
return "Your Account is Locaked. Please contact to
admin.";
}
else
{
return "Enter user id does not belong to application.";
}
con.Close();
}
|
In above code I have first written query to select the use detail, and then updated. If have not enter the correct user id. On that case then he will we will not get ant value in dataset and we will display the message that user does not belong to application. Otherwise we will display the account lock message.
Now we have
done just check the output.
Now check the table detail.
About the Author
0 comments:
Please let me know your view