Before implement this example first design one table userinformation in your database as shown below
Column Name | Data Type | Allow Nulls |
userid | int(IDENTITY=TRUE) | No |
username | varchar(50) | Yes |
password | varchar(50) | Yes |
location | varchar(50) | Yes |
islocked | int | Yes |
attemptcount | int | Yes |
Once table created in database enter some dummy data to test application once you entered some dummy data that will be like as shown below
Now open your aspx page and write the code like as shown below
<html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title>Lock user after 3 attempts in asp.net</title> </head> <body> <form id="form1" runat="server"> <div> <table> <tr> <td>UserName:</td> <td><asp:TextBox ID="txtUsername" runat="server"/></td> </tr> <tr> <td>Password:</td> <td><asp:TextBox ID="txtPwd" runat="server" TextMode="Password"/></td> </tr> <tr> <td></td> <td><asp:Button ID="btnLogin" runat="server" Text="Login" onclick="btnLogin_Click" /> </td> </tr> <tr> <td colspan="2"><asp:Label ID="lblMsg" runat="server" Font-Bold="true"/> </td> </tr> </table> </div> </form> </body> </html> |
After completion of aspx page add following namespaces in codebehind
C# Code
using System; using System.Data.SqlClient; using System.Data; using System.Drawing; |
After completion of adding namespaces you need to write the code like as shown below
int attempts; protected void Page_Load(object sender, EventArgs e) { } protected void btnLogin_Click(object sender, EventArgs e) { attempts= Convert.ToInt32(ViewState["attempts"]); DataSet ds = new DataSet(); DataSet ds1 = new DataSet(); using (SqlConnection con = new SqlConnection("Data Source=Suresh;Integrated Security=true;Initial Catalog=MySampleDB")) { con.Open(); SqlCommand cmd = new SqlCommand("select userid,attemptcount from userinformation where username=@username", con); cmd.Parameters.AddWithValue("@username", txtUsername.Text); cmd.Parameters.AddWithValue("@password", txtPwd.Text); SqlDataAdapter da = new SqlDataAdapter(cmd); da.Fill(ds); if (ds != null) { if (ds.Tables[0].Rows.Count > 0) { attempts=Convert.ToInt32(ds.Tables[0].Rows[0]["attemptcount"]); if (attempts == 3) { lblMsg.Text = "Your Account Already Locked"; lblMsg.ForeColor = Color.Red; } else { cmd = new SqlCommand("select userid,attemptcount from userinformation where username=@username and password=@password", con); cmd.Parameters.AddWithValue("@username", txtUsername.Text); cmd.Parameters.AddWithValue("@password", txtPwd.Text); da = new SqlDataAdapter(cmd); da.Fill(ds1); if (ds1 != null) { if (ds1.Tables[0].Rows.Count > 0) { ViewState["attempts"] = ds1.Tables[0].Rows[0]["attemptcount"]; if (Convert.ToInt32(ViewState["attempts"]) != 3) { cmd = new SqlCommand("update userinformation set attemptcount=0 where username=@username and password=@password", con); cmd.Parameters.AddWithValue("@username", txtUsername.Text); cmd.Parameters.AddWithValue("@password", txtPwd.Text); cmd.ExecuteNonQuery(); lblMsg.Text = "Logged in Successfully."; lblMsg.ForeColor = Color.Green; } else { lblMsg.Text = "Your Account Already Locked...Contact Administrator"; lblMsg.ForeColor = Color.Red; } } else { string strquery = string.Empty; if (attempts > 2) { strquery = "update userinformation set islocked=1, attemptcount=@attempts where username=@username and password=@password"; lblMsg.Text = "You Reached Maximum Attempts. Your account has been locked"; } else { attempts = attempts + 1; ViewState["attempts"] = attempts; strquery = "update userinformation set attemptcount=@attempts where username=@username"; if (attempts == 3) { lblMsg.Text = "Your Account Locked"; } else lblMsg.Text = "Your Password Wrong you have only " + (3 - attempts) + " attempts"; } cmd = new SqlCommand(strquery, con); cmd.Parameters.AddWithValue("@username", txtUsername.Text); cmd.Parameters.AddWithValue("@password", txtPwd.Text); cmd.Parameters.AddWithValue("@attempts", attempts); cmd.ExecuteNonQuery(); lblMsg.ForeColor = Color.Red; } } } } else { lblMsg.Text = "UserName Not Exists"; lblMsg.ForeColor = Color.Red; } } con.Close(); } } |
0 comments:
Post a Comment
Note: only a member of this blog may post a comment.