Lock User after specific number of attempt in ASP.Net

vereato

SOLVED CLOSED ACTIVE ANSWERED
User: vereato
Posted: on Nov 06, 2023 10:06 PM
Forum: ASP.Net Web Forms
Replies: 4
Views: 1660

I found this code for users attempt 3 times and gets lock

I want to lock the user of having access to the website like lock user adding 0 and 1

Imports System.Data.SqlClient 
Imports System.Data 
Imports System.Drawing 

Partial Class VBCode
    Inherits System.Web.UI.Page
    Private attempts As Integer
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs)
    End Sub
    Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As EventArgs)
        attempts = Convert.ToInt32(ViewState("attempts"))
        Dim ds As New DataSet()
        Dim ds1 As New DataSet()
        Using con As New SqlConnection("Data Source=Suresh;Integrated Security=true;Initial Catalog=MySampleDB")
            con.Open()
            Dim cmd As New SqlCommand("select userid,attemptcount from userinformation where username=@username", con)
            cmd.Parameters.AddWithValue("@username", txtUsername.Text)
            cmd.Parameters.AddWithValue("@password", txtPwd.Text)
            Dim da As New SqlDataAdapter(cmd)
            da.Fill(ds)
            If ds IsNot Nothing Then
                If ds.Tables(0).Rows.Count > 0 Then
                    attempts = Convert.ToInt32(ds.Tables(0).Rows(0)("attemptcount"))
                    If attempts = 3 Then
                        lblMsg.Text = "Your Account Already Locked"
                        lblMsg.ForeColor = Color.Red
                    Else
                        cmd = New SqlCommand("select userid,attemptcount from userinformation where username=@username and password=@password", con)
                        cmd.Parameters.AddWithValue("@username", txtUsername.Text)
                        cmd.Parameters.AddWithValue("@password", txtPwd.Text)
                        da = New SqlDataAdapter(cmd)
                        da.Fill(ds1)
                        If ds1 IsNot Nothing Then
                            If ds1.Tables(0).Rows.Count > 0 Then
                                ViewState("attempts") = ds1.Tables(0).Rows(0)("attemptcount")
                                If Convert.ToInt32(ViewState("attempts")) <> 3 Then
                                    cmd = New SqlCommand("update userinformation set attemptcount=0 where username=@username and password=@password", con)
                                    cmd.Parameters.AddWithValue("@username", txtUsername.Text)
                                    cmd.Parameters.AddWithValue("@password", txtPwd.Text)
                                    cmd.ExecuteNonQuery(lblMsg.Text = "Logged in Successfully.")
                                    lblMsg.ForeColor = Color.Green
                                Else
                                    lblMsg.Text = "Your Account Already Locked...Contact Administrator"
                                    lblMsg.ForeColor = Color.Red
                                End If
                            Else
                                Dim strquery As String = String.Empty
                                If attempts > 2 Then
                                    strquery = "update userinformation set islocked=1, attemptcount=@attempts where username=@username and password=@password"
                                    lblMsg.Text = "You Reached Maximum Attempts. Your account has been locked"
                                Else
                                    attempts = attempts + 1
                                    ViewState("attempts") = attempts
                                    strquery = "update userinformation set attemptcount=@attempts where username=@username"
                                    If attempts = 3 Then
                                        lblMsg.Text = "Your Account Locked"
                                    Else
                                        lblMsg.Text = "Your Password Wrong you have only " & (3 - attempts) & " attempts"
                                    End If
                                End If
                                cmd = New SqlCommand(strquery, con)
                                cmd.Parameters.AddWithValue("@username", txtUsername.Text)
                                cmd.Parameters.AddWithValue("@password", txtPwd.Text)
                                cmd.Parameters.AddWithValue("@attempts", attempts)
                                cmd.ExecuteNonQuery(lblMsg.ForeColor = Color.Red)
                            End If
                        End If
                    End If
                Else
                    lblMsg.Text = "UserName Not Exists"
                    lblMsg.ForeColor = Color.Red
                End If
            End If
            con.Close()
        End Using
    End Sub
End Class

Download FREE API for Word, Excel and PDF in ASP.Net

dharmend...

0 1

Reply
User: dharmendr
Replied: on Nov 06, 2023 10:06 PM
Report

I am working on it. I will get back to you in 3 hours.

steven

0 2

Reply
User: steven
Replied: on Nov 07, 2023 04:43 AM
Report

Hi vereato

Please refer below sample code.

HTML

Enter Username :
<asp:TextBox ID="txtName" runat="server"></asp:TextBox><br />
<asp:Label ID="lblMsg" Text="Label" runat="server"></asp:Label><br />
<asp:Button ID="button" runat="server" Text="Submit" OnClick="OnLogin" />

Namespaces

using System.Configuration;
using System.Data.SqlClient;

Imports System.Configuration;
Imports System.Data.SqlClient

CODE

protected void OnLogin(object sender, EventArgs e)
{
    string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
    using (SqlConnection con = new SqlConnection(constr))
    {
        con.Open();
        using (SqlCommand cmd = new SqlCommand("SELECT LockStatus FROM Users WHERE UserId=@UserId", con))
        {
            cmd.Parameters.AddWithValue("@UserId", txtName.Text);
            string i = Convert.ToString(cmd.ExecuteScalar());
            con.Close();
            if (i == "1")
            {
                lblMsg.Text = "User is locked.";
            }
        }
    }
}

Protected Sub OnLogin(ByVal sender As Object, ByVal e As EventArgs)
    Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString

    Using con As SqlConnection = New SqlConnection(constr)
        con.Open()

        Using cmd As SqlCommand = New SqlCommand("SELECT LockStatus FROM Users WHERE UserId=@UserId", con)
            cmd.Parameters.AddWithValue("@UserId", txtName.Text)
            Dim i As String = Convert.ToString(cmd.ExecuteScalar())
            con.Close()

            If i = "1" Then
                lblMsg.Text = "User is locked."
            End If
        End Using
    End Using
End Sub

vereato

0 3

Reply
User: vereato
Replied: on Nov 10, 2023 07:41 PM
Report

hi there it work this way or not i not even try

could you help me how to do this using database

on database it shows column Lock_Account 0 or 1

when the user try to login 3 times the account wiill be locked

then the admin has the option to unlock the account on change the 0 and 1

Protected Sub OnLogin(ByVal sender As Object, ByVal e As EventArgs)
    Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString

    Using con As SqlConnection = New SqlConnection(constr)
        con.Open()

         Dim 0 as String = Unlocked
         Dim 1 as String = Locked 

        Using cmd As SqlCommand = New SqlCommand("SELECT LockStatus FROM Users WHERE UserId=@UserId", con)
            cmd.Parameters.AddWithValue("@UserId", txtName.Text)
            Dim i As String = Convert.ToString(cmd.ExecuteScalar())
            con.Close()

            If i = "1" Then
                lblMsg.Text = "User is locked."
          else 
             i = "0" 
              lblMsg.Text = "User is unlocked."
            End If
        End Using
    End Using
End Sub

dharmend...

0 4

Reply
User: dharmendr
Replied: on Nov 11, 2023 11:08 AM
Report

Refer

Disable user Login for 24 hours after three failed login attempts in ASP.Net

I agree, here is the link: https://www.e-iceblue.com/Introduce/spire-office-for-net-free.html

Lock User after specific number of attempt in ASP.Net

Disable user Login for 24 hours after three failed login attempts in ASP.Net

Company

Explore

Follow us

Contact Us