User Tracking

naimish's Avatar author of User Tracking
This is an article on User Tracking in ASP.NET.
Rated 5.00 By 1 users


At present many are using the Production URL with the same cuid (User id). There is no log maintained about the login of the user. Even when some user logs in to the system and does some changes in the contents either intentionally or accidentally, it is difficult to track it.
The proposed solution will maintain a log about the login of the user and will send the mail whenever there is an unauthorised usage


The solution is a ASP.NET based web application. It does the following
1. Validates the login credential of the user. If the login attempt is successful it displays success message, if it is a failed login it throws Login Failed message. But if there are more than 3 consequetive failed attemts, then the application sends email message to the concerned user and the admin.
2.Maintains a log about the status of the login whether success or failed, time of the login along with the Userid and password supplied by the user

The code

Code: CSharp
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Web.Mail;
namespace UserTracking
    /// <summary>
    /// Summary description for WebForm1.
    /// </summary>
    public class WebForm1 : System.Web.UI.Page
        protected System.Web.UI.WebControls.Label lblUserName;
        protected System.Web.UI.WebControls.Label lblPassword;
        protected System.Web.UI.WebControls.TextBox tbxUserName;
        protected System.Web.UI.WebControls.TextBox tbxPassword;
        protected System.Web.UI.WebControls.Button btnSubmit;
        protected System.Web.UI.WebControls.RegularExpressionValidator RegularExpressionValidator1;
        protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
        protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
        protected System.Web.UI.WebControls.Label lblMessage;
        System.Web.Mail.MailMessage mailMessage;

        private void Page_Load(object sender, System.EventArgs e)
            // Put user code to initialize the page here

        #region Web Form Designer generated code
        override protected void OnInit(EventArgs e)
            // CODEGEN: This call is required by the ASP.NET Web Form Designer.

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
            this.btnSubmit.Click += new System.EventHandler(this.btnSubmit_Click);
            this.Load += new System.EventHandler(this.Page_Load);

        private void btnSubmit_Click(object sender, System.EventArgs e)
            /*if (tbxUserName.Text== "Kalidas" && tbxPassword.Text == "Krsna")
             lblMessage.Text="Hi 1";

            int totAttempt = UserTracking.DBConn.fnValidate(Convert.ToInt32(tbxUserName.Text), tbxPassword.Text);
            if (totAttempt == 0)
                lblMessage.Visible = true;
                lblMessage.Text = "Login Success";
                if (totAttempt > 3)
                    lblMessage.Visible = true;
                    lblMessage.Text = "Unauthorised Usage";
                    mailMessage = new MailMessage();

                    mailMessage.From = "";
                    //mailMessage.To = "[EMAIL=""][/EMAIL] ";
                    mailMessage.To = "";

                    mailMessage.Subject = "Test subject";
                    mailMessage.BodyFormat = System.Web.Mail.MailFormat.Text;
                    mailMessage.Body = "Unauthorized User Entry ";
                    System.Web.Mail.SmtpMail.SmtpServer = "localhost";

                    lblMessage.Visible = true;
                    lblMessage.Text = "Login Failed";

Alter procedure uspLoginValidation
	@Userid int , 
	@Password nchar(15)
	--@attempt int output
	--@totattempt int output

	Declare @flag bit
	if exists (Select userid,password  from tbllogin a where a.userid = @userid and a.password =@password )
	   set @flag = 1 
	   delete tbllogin_log where userid = @Userid and  status = 0 
		set @flag = 0
	insert into tbllogin_log select @userid , @Password, @flag , Getdate()
	--set @totattempt = (select count(status) from tbllogin_log where status = 0)
	select count(status) from tbllogin_log where status = 0 and userid = @Userid and Filetimestamp > Getdate() -30
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Nominate this article for Article of the month - Jul 2009
dasli's Avatar
Go4Expert Member
sometimes can read many usefull information...
naimish like this
naimish's Avatar
Invasive contributor
Thanks, The Pleasure is mine and shabbir too
szoasis's Avatar, Join Date: Nov 2010
Light Poster
mukeshsoftona's Avatar
i love to read it thanks buddy.
It was really a helpful content. Keep sharing…

Last edited by shabbir; 3May2012 at 14:16.. Reason: Confine Links to Signatures
deonrock's Avatar, Join Date: Jan 2013
Newbie Member
I tried this code in my project.....but this this not showing any proper output.....