I am building a login form. If the user attempts to login with invalid username/password for 3 attempts then the submit button must be disabled for a given duration.
How can I do that?
Here is my existing code:
protected void Button1_Click(object sender, EventArgs e)
{
int count = 0;
string username = TextBox1.Text.Trim();
string password = TextBox2.Text.Trim();
String connString = ConfigurationManager.ConnectionStrings["Myconnection"].ToString();
SqlConnection conn = new SqlConnection(connString);
SqlCommand cmd = new SqlCommand("Login", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@username", username);
cmd.Parameters.AddWithValue("@password", password);
conn.Open();
SqlDataReader read = cmd.ExecuteReader();
read.Read();
if (read.HasRows)
{
Session["LoggedIn"] = "correct";
Response.Redirect("WebForm2.aspx", false);
}
else
{
Label1.Visible = true;
Label1.Text = "Wrong user/password";
conn.Close();
}
if (System.Convert.ToInt32(ViewState["Tries"]) == 2)
{
Label1.Text = "Exceeded 3 times Attempts.Please Login after some time";
TextBox1.Enabled = false;
TextBox2.Enabled = false;
Button1.Enabled = false; // Button1 is the submit button
}
else
{
// Otherwise, increment number of tries.
ViewState["Tries"] = System.Convert.ToInt32(ViewState["Tries"]) + 1;
if (System.Convert.ToInt32(ViewState["Tries"]) == 2)
Label1.Text = "Exceeded 3 times Attempts.Please Login after some time";
}
}
For this you can create a table in your code or in database something like
As per th table
When user login fails three time you enter data in table as explained…
Now when user tries to login to system you should check
select * from table name userid=@userid and GetDate() >DATEADD (mi, LockTime, LockDateTime)
Note : query is just a suggession this not actual query as i m not added lockdate + locktime which is depends on the database and function avilable