protected void btnLogin_Click(object sender, EventArgs e)
{
UserDAL userDal = new UserDAL();
LoginLogDAL loginLogDal = new LoginLogDAL();
Enitities.User user = userDal.EmailCheck(TextBoxUsername.Text.Replace("'", "`"));
if (user != null)
{
Enitities.User userLogin = userDal.Login(TextBoxUsername.Text.Replace("'", "`"),
TextBoxPassword.Text.Replace("'", "`"));
if (userLogin != null)
{
msg.Text = userLogin.Status;
if (userLogin.Status == "9")
{
msg.Text = "Your Account is Banned!";
}
else
{
loginLogDal.ClearLog(userLogin.Id);
Response.Redirect("Default.aspx");
}
}
else
{
msg.Text = "Password is incorrect";
int loginTry = loginLogDal.LoginTry(user.Id);
if (loginTry > 4)
{
userDal.BlockUser(user.Id);
msg.Text = "You have tried more than 4 times, Your Account is Blocked";
}
else
{
LoginLog log = new LoginLog();
log.UserId = user.Id;
loginLogDal.Save(log);
}
}
}
else
{
msg.Text = "You have no account";
}
}
public bool Save(LoginLog loginLog)
{
var query = @"INSERT INTO LoginLog(UserId) VALUES ('"+loginLog.UserId+"')";
return SaveChanges(query);
}