Click here to Skip to main content
15,358,692 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
Hi my name is vishal.I have a application named:Project which has mdi parent form named:MDIParent1. I have a login form named:frmLogin. Given below is my c# code of frmLogin with sql server 2008.:
C#
using System.Data.SqlClient;
namespace Project
{
    public partial class frmLogin : Form
    {
        public frmLogin()
        {
            InitializeComponent();
        }
private void btnLogin_Click(object sender, EventArgs e)
        {
            if ((txtPassword.Text == "tuscano") && (txtUsername.Text.ToLower() == "kumar"))
            {
                MDIParent1 g = new MDIParent1();
                g.Show();
                this.Close();
            }
            else
            {
                string username = txtUsername.Text;
                string password = txtPassword.Text;
                bool validUser = ValidateUser(username, password);
                if (validUser)
                {
                    MDIParent1 m = new MDIParent1();
                    m.Show();
                    this.Close();
                }
                else
                {
                    MessageBox.Show("Invalid user name or password. Please try with another user name or password", "DRRS", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                    txtUsername.Focus();
                }
            }
        }
private bool ValidateUser(string username, string password)
        {
            bool success = false;
            SqlConnection conn = new SqlConnection("Data Source=NPD-4\\SQLEXPRESS;Initial Catalog=DRRS;Integrated Security=true");
            SqlCommand cmd = new SqlCommand();
            cmd.Connection = conn;
            cmd.CommandType = CommandType.Text;
            cmd = new SqlCommand("Select @count=Count(*) from [dbo].[User] where username=@username and password=@password", conn);
            cmd.Parameters.AddWithValue("@username", txtUsername.Text);
            cmd.Parameters.AddWithValue("@password", txtPassword.Text);
            cmd.Parameters.Add("@count", SqlDbType.Int).Direction = ParameterDirection.Output;
            conn.Open();
            cmd.ExecuteNonQuery();
            if (Convert.ToInt32(cmd.Parameters["@count"].Value) > 0)
            {
                success = true;
            }
            else
            {
                success = false;
            }
            conn.Close();
            return success;
        }

The above c# code Works with no problem at all!
However what is want is to restrict a user after 3 unsuccessful attempts(failed logins/attempts) by displaying a message box to user telling "Sorry you have tried to access application either with wrong user name or wrong password! Sorry for the trouble!". Can anyone help me/guide me on how to achieve this required result?! Can anyone help me Please! Any help/guidance in solving of this problem would be greatly appreciated!
Posted

It should be simple: add a failure_count (or whatever) field to the user table: increment it at each failure and reset it to 0 on each successfull login. Then
Select @count=Count(*) from [dbo].[User] where username=@username and password=@password and failure_count < 3"
should do the trick.
   
Comments
Member 10248768 17-Jul-14 1:11am
   
Dear CPallini
I think that your code should do the trick! But can you show/send me sample on how to add a field(failure_count) to user table which increments upon each failure login and resets it to 0 upon each successful login from c# windows forms?

Given below is my structure of my table named:user in sql server 2008:

ColumnName DataType AllowNulls
user_first_name nvarchar(50) Yes
user_last_name nvarchar(50) Yes
username nvarchar(30) Yes
user_id(auto-increment) Int No
password nvarchar(15) Yes
user_dob date Yes
user_sex nvarchar(20) Yes
email nvarchar(50) Yes
user_type Int Yes
row_upd_date datetime Yes
created_by smallint Yes

Can you guide me/help me on how to add and implement failure_count field in table user which increments by 1 upon each failure login and resets to 0 upon successful login from c# windows forms? Reply Please?! I hope i get a reply from You!
I think you have to use Global Static int variable above btnLogin_Click e.g.,

private int static hitcount=0;
if(hitcount !=3)
{
if (validUser)
{
MDIParent1 m = new MDIParent1();
m.Show();
this.Close();
}
else
{
MessageBox.Show("Invalid user name or password. Please try with another user name or password", "DRRS", MessageBoxButtons.OK, MessageBoxIcon.Warning);
txtUsername.Focus();}
hitcount ++; }
}
else
{
MessageBox.Show("Sorry you have tried to access application either with wrong user name or wrong password! Sorry for the trouble!", "DRRS", MessageBoxButtons.OK, MessageBoxIcon.Warning);
txtUsername.Focus();
}



Under "else" block you can also save the "hitcount" in database so that if user again try to login then again by checking the hitcount on behalf of username and password we can restrict the user to login.
   
Comments
Member 10248768 17-Jul-14 0:21am
   
Dear Member10950750
Thank you for replying to my question/query on such short notice.
However i cannot understand what you mean by "saving the "hitcount" in database from "else" block in order to check the hitcount on behalf of username and password to restrict his login when that particular user tries to login again after 3 failed attempts"? Should i need to include hitcount as a field in my table named:User in sql server 2008? If so tell me how to increment hitcount on each failure login of that user until 3 and reset it to 0 on successful login? Can explain it to little briefly because i cant understand what you are trying to say? Reply Please Sir?! I am waiting for your reply! I hope i get a reply from you Sir!
Adityakumar2318 6-Jun-17 8:51am
   
"Saving the hitcount" means whatever you have stored in "hitcount" variable, just save to database.
Lets assume if "hitcount" contains 1, database will contain 1.
If "hitcount" contains 2, database will contain 2.
If "hitcount" contains 3, database will contain 3.

Hope it clears.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900