protected void btnLogin_Click(object sender, EventArgs e) { UserDAL userDal = new UserDAL(); LoginLogDAL loginLogDal = new LoginLogDAL(); Enitities.User user = userDal.EmailCheck(TextBoxUsername.Text.Replace("'", "`")); if (user != null) { Enitities.User userLogin = userDal.Login(TextBoxUsername.Text.Replace("'", "`"), TextBoxPassword.Text.Replace("'", "`")); if (userLogin != null) { msg.Text = userLogin.Status; if (userLogin.Status == "9") { msg.Text = "Your Account is Banned!"; } else { loginLogDal.ClearLog(userLogin.Id); Response.Redirect("Default.aspx"); } } else { msg.Text = "Password is incorrect"; int loginTry = loginLogDal.LoginTry(user.Id); if (loginTry > 4) { userDal.BlockUser(user.Id); msg.Text = "You have tried more than 4 times, Your Account is Blocked"; } else { LoginLog log = new LoginLog(); log.UserId = user.Id; loginLogDal.Save(log); } } } else { msg.Text = "You have no account"; } }
public bool Save(LoginLog loginLog) { var query = @"INSERT INTO LoginLog(UserId) VALUES ('"+loginLog.UserId+"')"; return SaveChanges(query); }