protected void Page_Load(object sender, EventArgs e) { // Set the focus on the User ID Textbox UserIDTextBox.Focus(); if (IsPostBack) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["RegistrationConnectionString"].ConnectionString); conn.Open(); try { String checkUserID = "select count(*) from Login where USERID ='" + UserIDTextBox.Text + "'"; SqlCommand com = new SqlCommand(checkUserID, conn); int checkID = Convert.ToInt32(com.ExecuteScalar().ToString()); // Check if the user already exists if (checkID == 1) { ErrorLabel.Text = "The user already exists."; } } catch (Exception) { } conn.Close(); } }
protected void Page_Load(object sender, EventArgs e) { // [ユーザーID]ボックスにフォーカスをセットする UserIDTextBox.Focus(); // [ログオン]ボタンをこのWebフォームの既定ボタンにする this.Form.DefaultButton = LogonButton.UniqueID; }
private int CheckUser(OleDbConnection Connection, string ID, string password) { OleDbCommand comm = new OleDbCommand(); comm.Connection = Connection; comm.CommandText = "select * from [users] where 用户ID= @ID"; comm.Parameters.AddWithValue("@ID", ID); OleDbDataReader sdr = comm.ExecuteReader(); //执行查询 if (sdr.Read()) //如果该用户存在 { if (sdr["密码"].ToString().Trim() == password) //密码正确 { //MessageBox.Show("登录成功!", "提示"); userID = Convert.ToInt32(sdr["用户ID"]); comm.Dispose(); sdr.Close(); sdr.Dispose(); this.Hide(); return(userID); } else //密码错误 { MessageBox.Show("您输入的密码有误,请重新输入!", "警告"); this.UserPWTextBox.Text = null; this.UserPWTextBox.Focus(); sdr.Close(); sdr.Dispose(); return(0); } } else { MessageBox.Show("该用户不存在,请检查后重新输入!", "警告"); this.UserIDTextBox.Text = null; this.UserPWTextBox.Text = null; UserIDTextBox.Focus(); sdr.Close(); sdr.Dispose(); return(0); } }
private int CheckUser(SqlConnection Connection, string ID, string password) { string searchsql = "select * from users where 用户ID='" + ID + "'"; SqlCommand comm = new SqlCommand(searchsql, Connection); SqlDataReader sdr = comm.ExecuteReader(); //执行查询 if (sdr.Read()) //如果该用户存在 { if (sdr["密码"].ToString().Trim() == password) //密码正确 { //MessageBox.Show("登录成功!", "提示"); userID = Convert.ToInt32(sdr["用户ID"]); comm.Dispose(); sdr.Close(); sdr.Dispose(); this.Hide(); return(userID); } else //密码错误 { MessageBox.Show("您输入的密码有误,请重新输入!", "警告"); this.UserPWTextBox.Text = null; this.UserPWTextBox.Focus(); sdr.Close(); sdr.Dispose(); return(0); } } else { MessageBox.Show("该用户不存在,请检查后重新输入!", "警告"); this.UserIDTextBox.Text = null; this.UserPWTextBox.Text = null; UserIDTextBox.Focus(); sdr.Close(); sdr.Dispose(); return(0); } }
private void SignInButton_Click(object sender, EventArgs e) { if (string.IsNullOrEmpty(UserIDTextBox.Text)) { ShowTips("请输入用户名!"); UserIDTextBox.Focus(); return; } if (string.IsNullOrEmpty(PasswordTextBox.Text)) { ShowTips("请输入密码!"); PasswordTextBox.Focus(); return; } if (!Logining) { //开始登录 Logining = true; ShowTips("正在登录..."); LoginThread = new Thread(Login); LoginThread.Start(); } else { //取消登录 LoginSocket?.Close(); LoginSocket?.Dispose(); LoginThread?.Abort(); UserIDTextBox.Enabled = true; PasswordTextBox.Enabled = true; SignInButton.Text = "Sign In"; ShowTips("已取消登录。"); Logining = false; } }
protected void Page_Load(object sender, EventArgs e) { UserIDTextBox.Focus(); this.Form.DefaultButton = LogonButton.UniqueID; }
private void ButtonNext_Click(object sender, RoutedEventArgs e) { PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password); //MessageBox.Show(PasswordTextBox.Password); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con); reader = cmd.ExecuteReader(); int count = 0; while (reader.Read()) { count += 1; Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4)); } if (count == 1) { string userID = UserIDTextBox.Text; string[][] userList = checkUserEligibility(userID, connectionString); UserModel.UserModel.currentUserID = userID; string currentUser = UserModel.UserModel.currentUserID; //MessageBox.Show(currentUser + "is thios"); UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser); Console.WriteLine(um.userPassword); string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString); (App.Current as App).LoginUserID = UserIDTextBox.Text; try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); //MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); if (noOfFailedLoginAttempt > 3) { MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication1 = new Authentication1(); this.NavigationService.Navigate(authentication1); } else { if (checkForFollowUp == "True") { //MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); } else { //MessageBox.Show("Account not locked."); if (userList.Count() < 30) { string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string userLogInPreference = getUserLogInPreference(userID, connectionString); string userComputerPreference = getUserComputerPreference(userID, connectionString); //The method below is supposed to read from the database all the entries of hostname for this specific user string[] currentHostnameSet = getUserHostNameSet(userID, connectionString); foreach (var element in currentHostnameSet) { Console.WriteLine(element + "JADSjc"); } //string[] currentHostnameSet = //{ // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", //}; double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime); double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet); logInRisk = logInRisk * 0.3; userHostRisk = userHostRisk * 0.7; double totalRisk = logInRisk + userHostRisk; Console.WriteLine(userHostRisk + " HOSTNAME"); Console.WriteLine(logInRisk + "LOG IN RISK"); Console.WriteLine(totalRisk); string riskStatement = null; string riskStatementLevel = null; if (totalRisk <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (totalRisk <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (totalRisk > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; Console.WriteLine(cm.userName + "Hellolols"); string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } else if (userList.Count() >= 30) { //Run the login prediction string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string[][] logInCollection = getUserLogInData(userID, connectionString); double testTime = Convert.ToDouble(loginTime); double testDay = Convert.ToDouble(date); PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection); string logInRiskLevel = logInPredictionModel.logInRisk; string logInOutput = logInPredictionModel.logInOutput; Console.WriteLine(logInOutput); Console.WriteLine("The risk level is " + logInRiskLevel); string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString); Console.Write(ipAddressCollection.Count()); string[] query = new string[] { publicIP, publicMAC, date }; PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query); string ipRisk = ipPredictionModel.ipRisk; string ipOutput = ipPredictionModel.ipOutput; Console.WriteLine(ipOutput); double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0; double ipPercentage = Convert.ToDouble(ipRisk); logInPercentage = (logInPercentage / 100) * 30; ipPercentage = (ipPercentage / 100) * 70; double riskLevel = logInPercentage + ipPercentage; Console.WriteLine(logInPercentage); Console.WriteLine(ipRisk); Console.WriteLine(riskLevel); string riskStatement = null; string riskStatementLevel = null; //Can do anything if (riskLevel <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //Navigate To Chester Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (riskLevel <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (riskLevel > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; //Do 2FA string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine("The current Risk Level is " + riskLevel); Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } } (App.Current as App).LoginUserID = UserIDTextBox.Text; //MessageBox.Show("Successful Login."); //this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute)); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } else { MessageBox.Show("Invalid user id or password."); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con); reader = cmd.ExecuteReader(); int countt = 0; while (reader.Read()) { countt += 1; } if (countt == 1) { try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con); cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text); cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString()); cmd.ExecuteNonQuery(); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } UserIDTextBox.Clear(); PasswordTextBox.Clear(); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } }
private void LoginButton_Click(object sender, EventArgs e) { //if (UserIDTextBox.Text.Trim() == "" || UserPWTextBox.Text.Trim() == "") if (false) { MessageBox.Show("提示:请输入操作员ID和密码!", "警告"); UserIDTextBox.Focus(); } else { String myID = this.UserIDTextBox.Text; String mypassword = this.UserPWTextBox.Text; if (Parameter.isSqlOk) { Parameter.userID = CheckUser(Parameter.connUser, myID, mypassword); if (Parameter.userID != 0) { Parameter.userName = Parameter.IDtoName(Parameter.userID); Parameter.userRole = Parameter.IDtoRole(Parameter.userID); Parameter.userflight = Parameter.IDtoFlight(Parameter.userID); // ID和密码匹配完成,获取本机UUID,获取服务器的UUID // 如果相同或者服务器的UUID为空,则update // 否则弹出提示,问是否登陆 String localUUID = Utility.getUUID(); SqlDataAdapter da = new SqlDataAdapter("select * from users where 用户ID='" + myID + "'", Parameter.connUser); SqlCommandBuilder cb = new SqlCommandBuilder(da); DataTable dt = new DataTable("user"); da.Fill(dt); if (dt.Rows.Count < 1) { return; } String remoteUUID = dt.Rows[0]["token"].ToString(); if (localUUID == remoteUUID || remoteUUID == "") { dt.Rows[0]["token"] = localUUID; da.Update(dt); } else { if (DialogResult.OK == MessageBox.Show("该账号已在别处登陆,是否继续?", "登陆确认", MessageBoxButtons.OKCancel)) { dt.Rows[0]["token"] = localUUID; da.Update(dt); } else { this.Close(); Application.ExitThread(); //return; } } //InstruReceive(); } } else { Parameter.userID = CheckUser(Parameter.connOleUser, myID, mypassword); if (Parameter.userID != 0) { Parameter.userName = Parameter.IDtoName(Parameter.userID); Parameter.userRole = Parameter.IDtoRole(Parameter.userID); Parameter.userflight = Parameter.IDtoFlight(Parameter.userID); //InstruReceive(); } } } }