1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

User Tracking

Discussion in 'ASP.NET' started by naimish, Jul 2, 2009.

  1. naimish

    naimish New Member

    Joined:
    Jun 29, 2009
    Messages:
    1,046
    Likes Received:
    18
    Trophy Points:
    0
    Occupation:
    Software Engineer
    Location:
    On Earth

    Introduction



    At present many are using the Production URL with the same cuid (User id). There is no log maintained about the login of the user. Even when some user logs in to the system and does some changes in the contents either intentionally or accidentally, it is difficult to track it.
    The proposed solution will maintain a log about the login of the user and will send the mail whenever there is an unauthorised usage

    Background



    The solution is a ASP.NET based web application. It does the following
    1. Validates the login credential of the user. If the login attempt is successful it displays success message, if it is a failed login it throws Login Failed message. But if there are more than 3 consequetive failed attemts, then the application sends email message to the concerned user and the admin.
    2.Maintains a log about the status of the login whether success or failed, time of the login along with the Userid and password supplied by the user

    The code



    Code:
    using System;
    using System.Collections;
    using System.ComponentModel;
    using System.Data;
    using System.Drawing;
    using System.Web;
    using System.Web.SessionState;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Web.UI.HtmlControls;
    using System.Web.Mail;
    namespace UserTracking
    {
        /// <summary>
        /// Summary description for WebForm1.
        /// </summary>
        public class WebForm1 : System.Web.UI.Page
        {
            protected System.Web.UI.WebControls.Label lblUserName;
            protected System.Web.UI.WebControls.Label lblPassword;
            protected System.Web.UI.WebControls.TextBox tbxUserName;
            protected System.Web.UI.WebControls.TextBox tbxPassword;
            protected System.Web.UI.WebControls.Button btnSubmit;
            protected System.Web.UI.WebControls.RegularExpressionValidator RegularExpressionValidator1;
            protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
            protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
            protected System.Web.UI.WebControls.Label lblMessage;
            System.Web.Mail.MailMessage mailMessage;
    
            private void Page_Load(object sender, System.EventArgs e)
            {
                // Put user code to initialize the page here
            }
    
            #region Web Form Designer generated code
            override protected void OnInit(EventArgs e)
            {
                //
                // CODEGEN: This call is required by the ASP.NET Web Form Designer.
                //
                InitializeComponent();
                base.OnInit(e);
            }
    
            /// <summary>
            /// Required method for Designer support - do not modify
            /// the contents of this method with the code editor.
            /// </summary>
            private void InitializeComponent()
            {
                this.btnSubmit.Click += new System.EventHandler(this.btnSubmit_Click);
                this.Load += new System.EventHandler(this.Page_Load);
            }
            #endregion
    
            private void btnSubmit_Click(object sender, System.EventArgs e)
            {
                /*if (tbxUserName.Text== "Kalidas" && tbxPassword.Text == "Krsna")
                {
                 lblMessage.Text="Hi 1";
        
                }*/
                int totAttempt = UserTracking.DBConn.fnValidate(Convert.ToInt32(tbxUserName.Text), tbxPassword.Text);
                //lblMessage.Text=totAttempt.ToString();
                if (totAttempt == 0)
                {
                    lblMessage.Visible = true;
                    lblMessage.Text = "Login Success";
                }
                else
                {
                    if (totAttempt > 3)
                    {
                        lblMessage.Visible = true;
                        lblMessage.Text = "Unauthorised Usage";
                        mailMessage = new MailMessage();
    
                        mailMessage.From = "kxax@Qwest.com";
                        //mailMessage.To = "[EMAIL="kalidas.a@tcs.com"]kalidas.a@tcs.com[/EMAIL] ";
                        mailMessage.To = "kalidas.a@qwest.com";
    
                        mailMessage.Subject = "Test subject";
                        mailMessage.BodyFormat = System.Web.Mail.MailFormat.Text;
                        mailMessage.Body = "Unauthorized User Entry ";
                        System.Web.Mail.SmtpMail.SmtpServer = "localhost";
                        System.Web.Mail.SmtpMail.Send(mailMessage);
    
                    }
                    else
                    {
                        lblMessage.Visible = true;
                        lblMessage.Text = "Login Failed";
                    }
                }
    
            }
        }
    }
    Code:
    Alter procedure uspLoginValidation
    (
    	@Userid int , 
    	@Password nchar(15)
    	[EMAIL="--@attempt"]--@attempt[/EMAIL] int output
    	[EMAIL="--@totattempt"]--@totattempt[/EMAIL] int output
    )
    as 
    
    Begin
    	Declare @flag bit
    	if exists (Select userid,password  from tbllogin a where a.userid = @userid and a.password [EMAIL="=@password"]=@password[/EMAIL] )
    	Begin
    	   set @flag = 1 
    	   delete tbllogin_log where userid = @Userid and  status = 0 
    	end
    	Else
    	Begin
    		set @flag = 0
    	End	 
    	insert into tbllogin_log select @userid , @Password, @flag , Getdate()
    	--set @totattempt = (select count(status) from tbllogin_log where status = 0)
    	select count(status) from tbllogin_log where status = 0 and userid = @Userid and Filetimestamp > Getdate() -30
    End
    
     
  2. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,285
    Likes Received:
    364
    Trophy Points:
    83
  3. dasli

    dasli New Member

    Joined:
    Aug 13, 2009
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    0
    sometimes can read many usefull information...
    thanks
     
  4. naimish

    naimish New Member

    Joined:
    Jun 29, 2009
    Messages:
    1,046
    Likes Received:
    18
    Trophy Points:
    0
    Occupation:
    Software Engineer
    Location:
    On Earth
    Thanks, The Pleasure is mine and shabbir too ;)
     
  5. szoasis

    szoasis New Member

    Joined:
    Nov 23, 2010
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    Thanks:sifone:
     
  6. mukeshsoftona

    mukeshsoftona Banned

    Joined:
    Oct 28, 2011
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    0
    i love to read it thanks buddy.
     
  7. hireaspdeveloper

    hireaspdeveloper Banned

    Joined:
    Apr 26, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    ASP Developer
    Location:
    Lilburn
    Home Page:
    It was really a helpful content. Keep sharing…
     
    Last edited by a moderator: May 3, 2012
  8. deonrock

    deonrock New Member

    Joined:
    Jan 10, 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    work at it sector!!
    Location:
    mumbai
    Home Page:
    I tried this code in my project.....but this this not showing any proper output.....
     

Share This Page