public static bool Update(dbo_LoginHistoryClass newdbo_LoginHistoryClass) { SqlConnection connection = SAMDataClass.GetConnection(); string updateProcedure = "[LoginHistoryUpdate]"; SqlCommand updateCommand = new SqlCommand(updateProcedure, connection); updateCommand.CommandType = CommandType.StoredProcedure; if (newdbo_LoginHistoryClass.User_ID != null) { updateCommand.Parameters.AddWithValue("@NewUser_ID", newdbo_LoginHistoryClass.User_ID); } else { updateCommand.Parameters.AddWithValue("@NewUser_ID", DBNull.Value); } if (newdbo_LoginHistoryClass.Login_Time.HasValue == true) { updateCommand.Parameters.AddWithValue("@NewLogin_Time", newdbo_LoginHistoryClass.Login_Time); } else { updateCommand.Parameters.AddWithValue("@NewLogin_Time", DBNull.Value); } if (newdbo_LoginHistoryClass != null) { updateCommand.Parameters.AddWithValue("@NewStatus", newdbo_LoginHistoryClass.Status); } else { updateCommand.Parameters.AddWithValue("@NewStatus", DBNull.Value); } updateCommand.Parameters.Add("@ReturnValue", System.Data.SqlDbType.Int); updateCommand.Parameters["@ReturnValue"].Direction = ParameterDirection.Output; try { connection.Open(); updateCommand.ExecuteNonQuery(); int count = System.Convert.ToInt32(updateCommand.Parameters["@ReturnValue"].Value); if (count > 0) { return(true); } else { return(false); } } catch (SqlException ex) { logger.Error(ex.Message); return(false); } finally { connection.Close(); } }
public static bool Add(dbo_LoginHistoryClass clsdbo_LoginHistory) { SqlConnection connection = SAMDataClass.GetConnection(); string insertProcedure = "[dbo].[LoginHistoryInsert]"; SqlCommand insertCommand = new SqlCommand(insertProcedure, connection); insertCommand.CommandType = CommandType.StoredProcedure; if (clsdbo_LoginHistory.User_ID != null) { insertCommand.Parameters.AddWithValue("@User_ID", clsdbo_LoginHistory.User_ID); } else { insertCommand.Parameters.AddWithValue("@User_ID", DBNull.Value); } if (clsdbo_LoginHistory.Login_Time.HasValue == true) { insertCommand.Parameters.AddWithValue("@Login_Time", clsdbo_LoginHistory.Login_Time); } else { insertCommand.Parameters.AddWithValue("@Login_Time", DBNull.Value); } if (clsdbo_LoginHistory != null) { insertCommand.Parameters.AddWithValue("@Status", clsdbo_LoginHistory.Status); } else { insertCommand.Parameters.AddWithValue("@Status", DBNull.Value); } insertCommand.Parameters.Add("@ReturnValue", System.Data.SqlDbType.Int); insertCommand.Parameters["@ReturnValue"].Direction = ParameterDirection.Output; try { connection.Open(); insertCommand.ExecuteNonQuery(); int count = System.Convert.ToInt32(insertCommand.Parameters["@ReturnValue"].Value); if (count > 0) { return(true); } else { return(false); } } catch (SqlException ex) { logger.Error(ex.Message); return(false); } finally { connection.Close(); } }
private void unlock_user() { System.Threading.Thread.Sleep(60000); dbo_LoginHistoryClass login = new dbo_LoginHistoryClass(); login.Status = "Invalid Password(reset)"; login.User_ID = user_id; dbo_LoginHistoryDataClass.Update(login); login.Status = "reset"; login.Login_Time = DateTime.Now; dbo_LoginHistoryDataClass.Add(login); }
public static dbo_LoginHistoryClass Select_Record(dbo_LoginHistoryClass clsdbo_LoginHistoryPara) { dbo_LoginHistoryClass clsdbo_LoginHistory = new dbo_LoginHistoryClass(); SqlConnection connection = SAMDataClass.GetConnection(); string selectProcedure = "[dbo].[LoginHistorySelect]"; SqlCommand selectCommand = new SqlCommand(selectProcedure, connection); selectCommand.CommandType = CommandType.StoredProcedure; selectCommand.Parameters.AddWithValue("@User_ID", clsdbo_LoginHistoryPara.User_ID); try { connection.Open(); SqlDataReader reader = selectCommand.ExecuteReader(CommandBehavior.SingleRow); if (reader.Read()) { clsdbo_LoginHistory.User_ID = reader["User_ID"] is DBNull ? null : reader["User_ID"].ToString(); clsdbo_LoginHistory.Login_Time = reader["Login_Time"] is DBNull ? null : (DateTime?)reader["Login_Time"]; clsdbo_LoginHistory.Status = reader["Status"] is DBNull ? null : reader["Status"].ToString(); } else { clsdbo_LoginHistory = null; } reader.Close(); } catch (SqlException ex) { logger.Error(ex.Message); return(clsdbo_LoginHistory); } finally { connection.Close(); } return(clsdbo_LoginHistory); }
protected void btnLogin_Click(object sender, EventArgs e) { logger.Info(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString() + " " + System.Reflection.MethodBase.GetCurrentMethod().Name); try { if (Session["LOGIN_USER_ID"] != null) { Session.Remove("LOGIN_USER_ID"); } List <dbo_LoginHistoryClass> item = dbo_LoginHistoryDataClass.Search(txtUser.Text); logger.Info("item.Count " + item.Count); //if (item.Count >= 3) if (item.Count >= 5) { item.OrderByDescending(f => f.Login_Time); TimeSpan?result = DateTime.Now - item[0].Login_Time; // int hours = result.Hours; int minutes = result.Value.Minutes; //if (minutes >= 10) if (minutes >= 1) { dbo_LoginHistoryClass login = new dbo_LoginHistoryClass(); login.Status = "Invalid Password(reset)"; login.User_ID = txtUser.Text; dbo_LoginHistoryDataClass.Update(login); login.Status = "reset"; login.Login_Time = DateTime.Now; dbo_LoginHistoryDataClass.Add(login); } else { //Show("Lockout effective period 10 minutes"); Show("Lockout effective period 1 minutes"); return; } } string Username = string.Empty; string Password = string.Empty; Username = txtUser.Text; Password = txtPassword.Text; logger.Info("Username " + Username + " Password " + Password); dbo_UserClass user_class = dbo_UserDataClass.VerifyPassword(Username, Password); int days = 0; if (user_class != null) { if (user_class.Status == "Active") { List <dbo_PasswordHistoryClass> history = dbo_PasswordHistoryDataClass.Search(user_class.Username).OrderBy(f => f.Last_Password_Change_Or_Reset).ToList(); if (history.Count < 1) { dbo_PasswordHistoryClass password = new dbo_PasswordHistoryClass(); password.Last_Password_Change_Or_Reset = DateTime.Now; password.Password = Password; password.User_ID = Username; dbo_PasswordHistoryDataClass.Add(password); } logger.Info("history.Count " + history.Count); if (history.Count != 0) { DateTime?his_date = history[history.Count - 1].Last_Password_Change_Or_Reset; TimeSpan?result_ = DateTime.Now - his_date; days = result_.Value.Days; logger.Info("days " + days); } else { days = 0; } //TimeSpan? result_ = DateTime.Now - his_date; //int days = result_.Value.Days; int cal_expire = 90 - days; if (cal_expire <= 0) { // Show("รหัสผ่านของท่านหมดอายุ"); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", "alert('รหัสผ่านของท่านหมดอายุ');window.location.href='ForgotPassword.aspx'", true); } Request.Cookies.Remove("User_ID"); if (Request.Cookies["User_ID"] != null && !string.IsNullOrEmpty(Request.Cookies["User_ID"].Value)) { Response.Cookies.Set(Request.Cookies["User_ID"]); } else { Response.Cookies.Set(new HttpCookie("User_ID", user_class.User_ID)); } Response.Cookies["User_ID"].Expires = DateTime.Now.AddDays(1); dbo_LoginHistoryClass login = new dbo_LoginHistoryClass(); login.Status = "Invalid Password(reset)"; login.User_ID = txtUser.Text; dbo_LoginHistoryDataClass.Update(login); //login.User_ID = txtUser.Text; login.Status = "Success"; login.Login_Time = DateTime.Now; dbo_LoginHistoryDataClass.Add(login); if (cal_expire <= 15) { // Show(string.Format("รหัสผ่านจะหมดอายุภายใน {0} วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ", cal_expire)); // string script = string.Format("window.location.href='Views/Home.aspx'", ""); //==========================Old===================================== //string baseurl = GetBaseUrl(); //string url = string.Format("{0}changepwd?username={1}", baseurl, Username); //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", // "alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='Views/Home.aspx'", true); Session["LOGIN_USER_ID"] = user_class.User_ID; string baseurl = GetBaseUrl(); string url = string.Format("{0}Views/Home.aspx", baseurl); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", "alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='Views/Home.aspx'", true); //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", // "alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='" + url + "'", true); } else { Session["LOGIN_USER_ID"] = user_class.User_ID; Response.Redirect("Views/Home.aspx"); } } else { Show("ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง กรุณาตรวจสอบข้อมูลอีกครั้ง"); } } else { Show("ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง กรุณาตรวจสอบข้อมูลอีกครั้ง"); dbo_LoginHistoryClass login = new dbo_LoginHistoryClass(); login.User_ID = txtUser.Text; login.Status = "Invalid Password"; login.Login_Time = DateTime.Now; dbo_LoginHistoryDataClass.Add(login); } } catch (Exception ex) { logger.Error(ex.Message); } }
protected void btnOK_Click(object sender, EventArgs e) { try { Regex r = new Regex("^(?=.*[a-zA-Z])(?=.*[0-9])"); List <dbo_PasswordHistoryClass> item = dbo_PasswordHistoryDataClass.Search(txtUserName.Value); dbo_PasswordHistoryClass pass = item.OrderByDescending(f => f.Last_Password_Change_Or_Reset).Take(3).FirstOrDefault(f => f.Password == txtNewPassword.Text); if (txtNewPassword.Text != txtConfirmPassword.Text) { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("รหัสผ่านไม่ตรงกับยืนยันรหัสผ่าน"); //string script = @"swal(""กรุณาระบุรหัสผ่านอีกครั้ง"");"; //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true); } else if (txtNewPassword.Text.Length < 8) { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("รหัสผ่านควรมีอย่างน้อย 8 ตัวอักษร"); } else if (!r.IsMatch(txtNewPassword.Text)) { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("รหัสผ่านควรประกอบด้วยตัวเลขและตัวอักษร"); } else if (pass != null) { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("รหัสผ่านต้องไม่ซ้ำกันกับ 3 ครั้งที่ผ่านมา"); } else { // Page.Validate("ValidatePassword"); //if (Page.IsValid) //{ string Username = string.Empty; string Password = string.Empty; Username = CommonDataClass.User_ID; Password = txtConfirmPassword.Text; //dbo_UserClass user_class = dbo_UserDataClass.VerifyPassword(Username, Password); //if (user_class != null) //{ dbo_UserClass oclsdbo_User = new dbo_UserClass(); //dbo_UserClass clsdbo_User = new dbo_UserClass(); //oclsdbo_User.User_ID = txtUserName.Value; List <dbo_UserClass> users = dbo_UserDataClass.Search(string.Empty, string.Empty, string.Empty, string.Empty , string.Empty, string.Empty, string.Empty, string.Empty, null, txtUserName.Value, string.Empty); if (users.Count > 0) { oclsdbo_User = users[0]; //dbo_UserDataClass.Select_Record(CommonDataClass.User_ID); oclsdbo_User.Password = txtConfirmPassword.Text; string User_ID = HttpContext.Current.Request.Cookies["User_ID"].Value; bool success = false; success = dbo_UserDataClass.UpdatePassword(oclsdbo_User, User_ID); if (success) { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("เปลี่ยนรหัสผ่านสำเร็จ"); dbo_PasswordHistoryClass password = new dbo_PasswordHistoryClass(); password.Last_Password_Change_Or_Reset = DateTime.Now; password.Password = txtNewPassword.Text; password.User_ID = txtUserName.Value; dbo_PasswordHistoryDataClass.Add(password); Request.Cookies.Remove("User_ID"); if (Request.Cookies["User_ID"] != null && !string.IsNullOrEmpty(Request.Cookies["User_ID"].Value)) { // Response.Cookies.Remove(); Response.Cookies.Set(Request.Cookies["User_ID"]); } else { Response.Cookies.Set(new HttpCookie("User_ID", oclsdbo_User.User_ID)); } Response.Cookies["User_ID"].Expires = DateTime.Now.AddDays(1); dbo_LoginHistoryClass login = new dbo_LoginHistoryClass(); login.User_ID = oclsdbo_User.User_ID; login.Status = "Success"; login.Login_Time = DateTime.Now; dbo_LoginHistoryDataClass.Add(login); //Response.Redirect("~/Views/Home.aspx"); //string script = @"swal(""เปลี่ยนรหัสผ่านสำเร็จ"");"; //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true); } } else { System.Threading.Thread.Sleep(500); ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true); Show("ไม่พบชื่อผู้ใช้ในระบบ"); } //UpdateRecord(); //} //else //{ // Show("กรุณาตรวจสอบชื่อผู้ใช้งานและรหัสผ่านอีกครั้ง"); // //string script = @"swal(""กรุณาตรวจสอบชื่อผู้ใช้งานและรหัสผ่านอีกครั้ง."");"; // //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true); //} //} //else //{ // Show("กรุณาตรวจสอบรหัสผ่านอีกครั้ง"); //} } } catch (Exception ex) { logger.Error(ex.Message); } }