1. 首页
  2. 问答
  3. ASP.NET限制登录重试

ASP.NET限制登录重试

2012-03-16 89 views
2

我是新手,我只想知道是否有人熟悉限制用户最多只能登录3次,但是失败。登录工作正常,但是当我尝试使用不正确的密码访问网络时,计数器不起作用。有人能帮我吗 。这里是我的代码:ASP.NET限制登录重试

protected void btnSubmit_Click(object sender, EventArgs e) 
    { 
     try 
     { 
      SqlConnection con = new SqlConnection(GetConnectionString()); 
      con.Open(); 

      SqlCommand cmd = new SqlCommand("CheckMember",con); 
      cmd.CommandType = CommandType.StoredProcedure; 
      SqlParameter p1 = new SqlParameter("@userName",txtUsername.Text.ToString()); 
      SqlParameter p2 = new SqlParameter("@password",txtPassword.Text.ToString()); 
      SqlParameter p3 = new SqlParameter("@accountNo",txtAcctNo.Text.ToString()); 
      cmd.Parameters.Add(p1); 
      cmd.Parameters.Add(p2); 
      cmd.Parameters.Add(p3); 

      SqlDataReader lmsreader = cmd.ExecuteReader(); 

      if (lmsreader.HasRows) 
      { 
       lmsreader.Read(); 
       FormsAuthentication.RedirectFromLoginPage(txtUsername.Text.ToString(), false); 
       // FormsAuthentication.RedirectFromLoginPage(txtUsername.Text.ToString(), chkboxCookie.Checked); 
       lblError.Text = "You got it!"; 
       Response.Redirect("MyAccount.aspx"); 
       con.Close(); 
      } 
      else 
      { 
       this.lblError.Text = "Invalid username, password or account number.<br> Please try again."; 
       this.lblError.ForeColor = System.Drawing.Color.Red; 

       object FailedLoginCounter = this.Page.Cache["UserKey_" + this.txtUsername.Text]; 
       if (FailedLoginCounter == null) 
       { 
        FailedLoginCounter = 0; 
       } 
       this.Page.Cache["UserKey_" + this.txtUsername.Text] = (int)FailedLoginCounter + 1; 
       if (((int)this.Page.Cache["UserKey_" + this.txtUsername.Text]) == 3) 
       { 

        SqlConnection conect = new SqlConnection(GetConnectionString()); 
        SqlCommand commander = new SqlCommand("MemberIsBlocked", con); 
        commander.CommandType = CommandType.StoredProcedure; 
        conect.Open(); 
        SqlParameter puser = new SqlParameter("@username", txtUsername.Text.ToString()); 
        cmd.ExecuteNonQuery(); 
        conect.Close(); 
        lblError.Text = "You are Temporarily Blocked for <br> Exceeding Max Number of Login Attempts."; 
       } 
      } 
     } 
     catch 
     { 

     } 
     finally 
     { 

     } 

     } 

     public string GetConnectionString() 
     { 

      return ConfigurationManager.ConnectionStrings["ConnectionServices"].ConnectionString; 

     }

您的帮助将不胜感激!谢谢!

来源

2012-03-16 Dhenn

+1

尝试使用'Session [“User_Key”+ ...]'而不是'this.Page.Cache [“User_Key”+ ...]'。 – 2012-03-16 05:32:34

+0

当你说'柜台不工作'时,你究竟是什么意思?你是否已经通过调试器浏览了这段代码,看看到底发生了什么? – patmortech 2012-03-16 05:35:26

+0

@UweKeim我几秒钟前做了,但还没有工作。 – Dhenn 2012-03-16 05:44:00

回答

1

本应该做的工作......它的工作对我很好..

void GetUser(string EmployeeName, string Password) 
    { 
     SqlConnection con2 = new SqlConnection(connstring); 
     string cmd1 = "select Emp_IsBlocked from dbo.PTS_Employee where Emp_Username='" + EmployeeName + "' and Emp_Password='" + Password + "'"; 
     SqlCommand mycomm2 = new SqlCommand(cmd1, con2); 
     con2.Open(); 
     Object Blocked = mycomm2.ExecuteScalar(); 
     con2.Close(); 
     //Checks Wether the user is blocked or not 
     if (Blocked != null) 
     { 
      //if the use is not blocke it redirects to the specified page 
      if (Blocked.ToString() == "") 
      { 
       Session["EmployeeName"] =EmployeeName; 

       Response.Redirect("~/Transactions.aspx"); 
      } 
      else 
      { 
       lblError.Text = "You are Temporarily Blocked for Exceeding Max Number of Login Attempts"; 
      } 
     } 
      //Checks the attempts of the user if the user attempts are more than 3 it blocks him for login again 
     else 
     { 
      object FailedLoginCounter = this.Page.Cache["UserKey_" + this.txtEmpName.Text]; 
      if (FailedLoginCounter == null) 
      { 
       FailedLoginCounter = 0; 
      } 
      this.Page.Cache["UserKey_" + this.txtEmpName.Text] = (int)FailedLoginCounter + 1; 
      if (((int)this.Page.Cache["UserKey_" + this.txtEmpName.Text]) == 3) 
      { 
       SqlConnection con1 = new SqlConnection(connstring); 
       SqlCommand mycomm1 = new SqlCommand("SP_IsBlocked", con1); 
       mycomm1.CommandType = CommandType.StoredProcedure; 
       con1.Open(); 
       mycomm1.Parameters.Add("@IsBlocked", SqlDbType.VarChar).Value = "Yes"; 
       mycomm1.Parameters.Add("@EmployeeName", SqlDbType.VarChar).Value = txtEmpName.Text; 
       mycomm1.ExecuteNonQuery(); 
       con1.Close(); 
       lblError.Text = "You Exceeded The Maximum Login Attempts of 3,You are Blocked for now....Please Contact your Admin for Reuse Of Your Account"; 
      } 
     } 
    }

,并呼吁在你的按钮“的getUser”方法点击

来源

2012-03-16 13:19:42 SoftwareNerd

相关问题

 相关问题