locked
How prevent a user log in twice with the same username RRS feed

  • Question

  • How to stop twice user login
    This is my code for login of users

     tblUsers user = new tblUsers();

            user.UserExist(txtUsername.Text);
            if (user.RowCount > 0)
            {
                if (user.s_SPassword == txtPassword.Text)
                {
                    if (user.BActiveByAdmin && user.BActiveByUser)
                    {
                        tblUserDepartment Udepart = new tblUserDepartment();
                        Udepart.LoadUserDepartment(user.PkUserID);
                        tblUserAccessLevel AcLevel = new tblUserAccessLevel();
                        AcLevel.LoadAccessLevel(user.PkUserID);
                        SessionUser sessionuser = new SessionUser();
                        sessionuser.UserID = user.PkUserID;
                        sessionuser.AccessLevel = Convert.ToInt32(AcLevel.GetColumn("AccessLevel"));
                        if (sessionuser.AccessLevel == 6)
                        {
                            sessionuser.DepartmentID = 0;
                        }
                        else
                        {
                            sessionuser.DepartmentID = Udepart.FkDepartmentID;
                        }
                        //sessionuser.DepartmentID = Udepart.FkDepartmentID;
                        Session["UserLogin"] = sessionuser;
                        if (sessionuser.AccessLevel == 1)
                        {
                            Response.Redirect("Users/EditAccount.aspx");
                        }
                        else if (sessionuser.AccessLevel == 2)
                        {
                            Response.Redirect("Managers/ManageUsers.aspx");
                        }
                        else if (sessionuser.AccessLevel == 6)
                        {
                            Response.Redirect("Admin/ManageDepartments.aspx");
                        }
                        else if (sessionuser.AccessLevel == 5)
                        {
                            Response.Redirect("DepartmentAdmin/BonusDoc.aspx");
                        }
                        else if (sessionuser.AccessLevel == 4)
                        {
                            Response.Redirect("AccountManager/WorkshiftsAttendance.aspx");
                        }
                        else if (sessionuser.AccessLevel == 3)
                        {
                            Response.Redirect("ECUser/DailyIncome.aspx");
                        }
                    }
                    else
                    {
                        Response.Redirect("Expired.aspx");
                    }

                }
                else
                {
                    lblError.Visible = true;
                    lblError.Text = "Invalid Password";
                }

            }
            else
            {
                lblError.Visible = true;
                lblError.Text = "Invalid Username";
            }
    • Moved by Alexander Sun Monday, March 25, 2013 9:10 AM ASP.NET related
    Wednesday, March 20, 2013 8:11 AM

Answers

  • If I remember correctly the Membership does not include prevention like this by default so you need to modify it for your own needs.

    But ASP.NET forums are the correct place for ASP.NET technology questions, so you might want to look help from there.

    • Proposed as answer by Carmelo La Monica Wednesday, March 20, 2013 12:48 PM
    • Marked as answer by Just Karl Monday, October 28, 2013 3:41 AM
    Wednesday, March 20, 2013 9:12 AM

All replies

  • Hello aftab104,

    and what to do and create a DataBase table where you store all your username and password, and log in to each run a check on the table and if the entered username already exists or that it alerts the user already logged in or enter a different username, or otherwise for your code stored in a local variable or a variable of the last settings at every login username and check if the entered username and equal and the previously entered.

    Regards.


    Wednesday, March 20, 2013 8:39 AM
  • can i do this with using system.web.security; and with membership class please help me with some code
    Wednesday, March 20, 2013 8:42 AM
  • If I remember correctly the Membership does not include prevention like this by default so you need to modify it for your own needs.

    But ASP.NET forums are the correct place for ASP.NET technology questions, so you might want to look help from there.

    • Proposed as answer by Carmelo La Monica Wednesday, March 20, 2013 12:48 PM
    • Marked as answer by Just Karl Monday, October 28, 2013 3:41 AM
    Wednesday, March 20, 2013 9:12 AM