public static string UserLogged = ""; //For tracking the User who logged. private void btnLogin_Click(object sender, RoutedEventArgs e) //When you hit the Login button.... { MD5 md5Hash = MD5.Create(); //Initial MD5 hash code for encrypt the password. if (Properties.Settings.Default.checkerAuto == false) //Check if the "Remember auto login" is unchecked last session. { string MD5Password = GetMd5Hash(md5Hash, txtPassword.Password); //Hash the password is typed by User to MD5Password. user.MD5Password = MD5Password; //This MD5Password will be saved to Database. user.Username = txtUsername.Text; } else { user.MD5Password = Properties.Settings.Default.rePassword; //"Remember auto login" is checked so it loads MD5Password from Properties.Settings user.Username = Properties.Settings.Default.reUsername; //Same as Username. } bool valid = BLLogin.TryToLogin(user.Username, user.MD5Password); //Compare the username & hashed password to Database. bool IsUsernameValid = BLLogin.IfUsernameValid(user.Username); //Check if the username exist. if (LoginCount < 4) { if (valid) //If Username & Hashed Password valid -> Access to main window. { LoginSuccess = true; L3.UserID = user.Username; Close(); } else if (IsUsernameValid) //Else check the Username only. If the Username is correct, highlight the Wrong Password notification. { lbWrongUsernamePassword.Visibility = Visibility.Hidden; LoginSuccess = false; lbPassword.Foreground = new SolidColorBrush(Colors.Red); txtPassword.BorderBrush = new SolidColorBrush(Colors.Red); lbWrongPassword.Visibility = Visibility.Visible; LoginCount++; } else //When both Username & Password are wrong. Show the Wrong notification. { lbWrongPassword.Visibility = Visibility.Hidden; LoginSuccess = false; lbUsername.Foreground = new SolidColorBrush(Colors.Red); lbWrongUsernamePassword.Visibility = Visibility.Visible; txtUsername.BorderBrush = new SolidColorBrush(Colors.Red); LoginCount++; } } else //STOP IT YOUR ACCESS IS DENIED. YOU'VE TYPED INVALID INFORMATION FOR 5 TIMES. { LoginCount = 0; MessageBox.Show("Bạn đã nhập sai quá số lần quy định.\n Màn hình đăng nhập sẽ bị khóa trong 5 phút!"); btnLogin.IsEnabled = false; //Disable Login button. System.Timers.Timer timer = new System.Timers.Timer(); //Just call the timer to delay 5 minutes. timer.Interval = 300000; //Bad security. Prevent brute-force temporarily =]]z timer.Elapsed += new ElapsedEventHandler(EnableBtn); timer.Enabled = true; } /////////////////////The section below do saving if "Remember login information" or "Remember auto login" is checked. if (ceRememberLogin.IsChecked == true && ceAutoLogin.IsChecked == false) { Properties.Settings.Default.checkerUser = true; Properties.Settings.Default.checkerAuto = false; Properties.Settings.Default.reUsername = user.Username; Properties.Settings.Default.Save(); } else if (ceRememberLogin.IsChecked == false || ceAutoLogin.IsChecked == false) { Properties.Settings.Default.checkerUser = false; Properties.Settings.Default.checkerAuto = false; Properties.Settings.Default.reUsername = ""; Properties.Settings.Default.rePassword = ""; Properties.Settings.Default.Save(); } else if (ceAutoLogin.IsChecked == true) { Properties.Settings.Default.checkerAuto = true; Properties.Settings.Default.reUsername = user.Username; Properties.Settings.Default.rePassword = user.MD5Password; Properties.Settings.Default.Save(); } ////////////////////End of saving section. }