3次无效尝试后阻止用户帐户,它是基于Web的站点 [英] block user account after 3 invalid attempts ,it is web based site
问题描述
你好,民谣
我有一个有关在3个无效用户尝试后阻止用户帐户的查询,这是基于Web的应用程序,我想在3个无效帐户后阻止用户帐户,
我的代码就是这种方式.....
Hi folk''s
I have a query regarding blocking a user account after 3 invalid user attempts it is web based application ,i want to block user account after 3 invalid account,
my code is in this way.....
static DataTable dt = new DataTable();//getting the user name from db
DataRow row ;
Loginbal objbal = new Loginbal();
public void count_log()
{
BAL_ClassLibrary.Rcm_service.LoginEntities get_login_details = login_values();
int count = Convert.ToInt32(Session["logincount"]);//placing count value in session
Session["loginuid"] = txt_username.Text.Trim();//placing username in session
string username=get_login_details.username1;
if (dt.Rows.Count > 0)
{
if (username == dt.Rows[0]["UserName"].ToString())
{
if (Convert.ToInt32(Session["logincount"]) >= 3)//chech if count is >= 3
{
objbal.account_block(get_login_details);
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "Result", "alert('*Your Account is blocked')", true);
Session["logincount"] = 0;
}
else
{
count += 1;//incrementing count invalid attempt
Session["logincount"] = count;
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "Result", "alert('*The username or password you entered is incorrect!')", true);
}
}
else
{
int rowcount = dt.Rows.Count;
dt.Rows[0]["UserName"] = username;
Session["logincount"] = 1;
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "Result", "alert('*The username or password you entered is incorrect!')", true);
}
}
else
{
dt.Columns.Add("UserName", typeof(System.String));
row = dt.NewRow();
int rowcount = dt.Rows.Count;
row["UserName"]=username;
dt.Rows.Add(row);
Session["logincount"] = 1;
ScriptManager.RegisterClientScriptBlock(Page, Page.GetType(), "Result", "alert('*The username or password you entered is incorrect!')", true);
}
}
身份验证失败时,我称此为乐趣...
在数据库中有3次无效尝试后,它的工作正常,我只将列的活动标志更改为不活动
当大量用户正在访问时,fun()会引起任何问题...
因为我使用静态数据集来存储用户名,并进一步比较用户名...
请尽快清除疑问.....
请帮助我
i calling this fun when authentication is failed ...
It is working fine after three invalid attempt in database i have column just changing the flag active to inactive
Is fun() make any problem when huge number of users is accessing ...
because i am using static data-set to store the username and further to compare the username ...
please make doubt clear as soon as possible.....
plz help me out
推荐答案
在您的代码中实现以下内容.
1.在用户表中,输入诸如loginAttempt之类的字段.
2.每当身份验证失败时,将该字段更新1
3.在进行身份验证时,如果> = 3,请检查loginAttempt字段值,以绕过用户身份验证过程,并将用户重定向到带有正确消息的页面.
4.如果通过了用户身份验证,则将loginAttempt值重置为0
我已经给出了步骤,现在轮到您编写代码了.
我相信这种逻辑可以毫无问题地解决您的问题.
Implement the following thing in your code.
1. In the user table make a field like loginAttempt.
2. Whenever the authentication fails update that field by 1
3. At the time of authentication check the loginAttempt field value if >= 3 bypass the user authentication process and redirect the user to a page with a proper message.
4. If the user authentication passes, reset loginAttempt value to 0
I''ve given the steps, now its your turn to write the code.
I believe this logic solves your problem without any hiccups.
这篇关于3次无效尝试后阻止用户帐户,它是基于Web的站点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!