C# .NET - login_authentication

Asked By praveen pubby on 10-Nov-10 02:49 AM

hii all;

i m tryng to create a new login page using a control of LOGIN !! as if i hv already written a code for tht ..!! it is to just enter the username and password after you click the login means it vill pass into index.aspx page and data will be stored in sql sever !! my doubt is same user enter if many time to my login page means that many times login info ws storing in sql server ...i need to toggle that problm....can ny one help me on this topic

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
      string connStr = ConfigurationManager.ConnectionStrings["MyDbConn77"].ToString();
      SqlConnection conn = new SqlConnection(connStr);
      SqlDataAdapter ad = new SqlDataAdapter("", conn);
      DataSet dSet = new DataSet();
......................................................................
................................................................
............................................................
.........................................................
    }
i need tht code .... !!!

Nowshad M replied to praveen pubby on 10-Nov-10 02:53 AM

Hi,

Create a new column in you DB table as Session ID and when a user logs in save the session id of yhe user in that Field and Clear the session if the User Logs Out.

So, If the user tries to log in for second time check for session value,if the session value is null allow user to log in or else say with a message like you have already logged in..

Hope this helps..

Reena Jain replied to praveen pubby on 10-Nov-10 03:05 AM

hi praveen

you should create a registration page to make user detail i you move the existing client on index page here is the code for this

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)

{

string usernm = ((TextBox)(LoginView1.FindControl("Login1").FindControl("UserName"))).Text;

string pass = ((TextBox)LoginView1.FindControl("Login1").FindControl("Password")).Text;

string connStr = ConfigurationManager.ConnectionStrings["MyDbConn77"].ToString();

SqlConnection conn = new SqlConnection(connStr);

sqlCommand cmd=new sqlcommand("select * from table1 where user=@user and pass=@pass");

SqlDataAdapter ad = new SqlDataAdapter(cmd, conn);

cmd.AddwithValue("@user", usernm);

cmd.AddwithValue("@pass", pass);

Datatable dSet = new Datatable ();

ad.fill(dset);

if(dset.rows.Count >0)

{

response.redirect("index.aspx");

}

else

{

cmd=new sqlcommand("select * from table1 where user=@user and pass=@pass");

ad = new SqlDataAdapter(cmd, conn);

cmd.AddwithValue("@user", usernm);

cmd.AddwithValue("@pass", pass);

cmd.executeNonQuery();

}

hope this will help you

Nowshad M replied to praveen pubby on 10-Nov-10 03:08 AM

Hi,

I have given the sample code below..

Please give your connection string in the place of variable connectionstring

   protected void btnLogin_Click(object sender, ImageClickEventArgs e)

   {

if((txtusername.Text!="") & (txtpassword.Text!=""))

   {



   if (checkUser(SessionConfig.Current.UserType, txtusername.Text.Trim(), txtpassword.Text.Trim()) == 1)

   {



   if (!objCon.isUserHasSessionId("SessionID", "tblLoginUser", "LoginUserID", SessionConfig.Current.UserLoginID))

   {

   UpdateSession(txtusername.Text.Trim());

   Response.Redirect("~/AdminDashboard.aspx?UserType=" + userType.ToString(),false);



   }

   else

   {

   Message - You have already logged in

   }

   }

   else

   {

   txtusername.Text = "";

   txtpassword.Text = "";

   txtusername.Focus();

   //Message- User name or password wrong



   }

   }

}

public int checkUser (string userName,string userPwd)

   {

   int resQry = 0;

   try

   {

   string qryGetuserId = "select count(*) from tblloginuser where LoginUserName='" + userName + "' and LoginUserPassword='" + userPwd + "' and userTypeId=" + userTypeId + "";

   resQry = objCon.GetQryResult(qryGetuserId, "tblloginuser");

   return resQry;

   }

   catch (Exception ex)

   {

   return 0;

   }

   }

public void UpdateSession(string userName)

   {

   try

   {

   string qry = string.Format("UPDATE tblloginuser set SessionID='{0}'where username='" + userName + "'",objLib.GetSessionId(userName));

   SqlDataAdapter ada = new SqlDataAdapter(qry, connectionstring);

   DataSet ds = new DataSet();

   ada.Fill(ds, tableName);

   }

   catch (Exception ex)

   {

   }

   }

//Get master table unique id

   public Int32 GetQryResult(string qryInput, string tableName)

   {

   try

   {

   SqlDataAdapter ada = new SqlDataAdapter(qryInput, connectionstring);

   DataSet ds = new DataSet();

   ada.Fill(ds, tableName);

   if (ds.Tables[0].Rows.Count > 0)

   {

   if (ds.Tables[0].Rows[0][0].ToString() != "")

   {

   return Convert.ToInt32(ds.Tables[0].Rows[0][0]);

   }

   else

   {

   return 0;

   }

   }

   else

   return 0;

   }

   catch (Exception ex)

   {

   throw ex;

   }

   }

praveen pubby replied to Reena Jain on 10-Nov-10 05:01 AM

error ws showing at in position of rows ..!!

Reena Jain replied to praveen pubby on 10-Nov-10 05:47 AM

hi,

use this

if(dSet.Rows.Count)

hope this will help you

praveen pubby replied to Reena Jain on 10-Nov-10 05:52 AM

nope reena ..!!! tryn in different wy

try this

Lalitha Kumaran replied to praveen pubby on 10-Nov-10 07:30 AM

try this:
if (ds.Tables.Count > 0)
        {
            if (ds.Tables[0].Rows.Count > 0)
            {
                if (ds.Tables[0].Rows[0].ItemArray[0].ToString()!="")
                {
return Convert.ToInt32(f (ds.Tables[0].Rows[0].ItemArray[0].ToString());
                 }
             }
        }