Hi my name is vishal i have been developing an application in c# windows forms named:Mini Project which has a mdi parent form named:MDIParent1.
I have a form named:frmUser.Given below is c# code of that form with sql server 2008:
sing System.IO;
using System.Data.SqlClient;
namespace Mini_Project
{
public partial class frmUser : Form
{
int pUserID;
public frmUser()
{
InitializeComponent();
SqlConnection conn = new SqlConnection("Data Source=NPD-4\\SQLEXPRESS;Initial Catalog=Task;Integrated Security=true");
if (conn.State != ConnectionState.Open)
{
conn.Open();
}
string manager = ("Select manager_first_name,manager_last_name,manager_id from Manager where type=0");
SqlCommand cmd = new SqlCommand(manager);
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
manager = dr[0].ToString() + " " + dr[1].ToString() + " " + dr[2].ToString();
cboManager.Items.Add(manager);
}
dr.Close();
}
private void btnCreate_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection("Data Source=NPD-4\\SQLEXPRESS;Initial Catalog=Task;Integrated Security=true");
if (conn.State != ConnectionState.Open)
{
conn.Open();
}
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
int autoGenId = -1;
cmd = new SqlCommand("Insert into [dbo].[User](username,user_first_name,user_last_name,user_dob,email,password,user_sex,user_type,row_upd_date,created_by)" + "Values(@username,@user_first_name,@user_last_name,@user_dob,@email,@password,@user_sex,@user_type,GetDate(),@created_by); Select @autoGenId=SCOPE_IDENTITY();", conn);
cmd.Parameters.AddWithValue("@username", txtUsername.Text);
cmd.Parameters.AddWithValue("@user_first_name", txtFName.Text);
cmd.Parameters.AddWithValue("@user_last_name", txtLName.Text);
cmd.Parameters.AddWithValue("@user_dob", dtDOB.Value);
cmd.Parameters.AddWithValue("@email", txtEmailID.Text);
cmd.Parameters.AddWithValue("@password", txtPassword.Text);
cmd.Parameters.Add("@autoGenId", SqlDbType.Int).Direction = ParameterDirection.Output;
if (cboGender.SelectedIndex == 0)
{
cmd.Parameters.AddWithValue("@user_sex", "Male");
}
else if (cboGender.SelectedIndex == 1)
{
cmd.Parameters.AddWithValue("@user_sex", "Female");
}
else if (cboGender.SelectedIndex == 2)
{
cmd.Parameters.AddWithValue("@user_sex", "Transgender");
}
if (cboType.SelectedIndex == 0)
{
cmd.Parameters.AddWithValue("@user_type", 0);
}
else
{
cmd.Parameters.AddWithValue("@user_type", 1);
}
cmd.Parameters.AddWithValue("@created_by", pUserID);
cmd.ExecuteNonQuery();
autoGenId = Convert.ToInt32(cmd.Parameters["@autoGenId"].Value);
if (cboType.SelectedIndex == 0)
{
cmd = new SqlCommand("Insert into Manager(manager_first_name,manager_last_name,manager_dob,manager_sex,email,username,password,type,manager_id,row_upd_date)" + "Values(@manager_first_name,@manager_last_name,@manager_dob,@manager_sex,@email,@username,@password,@type,@manager_id,GetDate())", conn);
cmd.Parameters.AddWithValue("@manager_first_name", txtFName.Text);
cmd.Parameters.AddWithValue("@manager_last_name", txtLName.Text);
cmd.Parameters.AddWithValue("@manager_dob", dtDOB.Value);
if (cboGender.SelectedIndex == 0)
{
cmd.Parameters.AddWithValue("@manager_sex", "Male");
}
else if (cboGender.SelectedIndex == 1)
{
cmd.Parameters.AddWithValue("@manager_sex", "Female");
}
else if (cboGender.SelectedIndex == 2)
{
cmd.Parameters.AddWithValue("@manager_sex", "Transgender");
}
cmd.Parameters.AddWithValue("@email", txtEmailID.Text);
cmd.Parameters.AddWithValue("@username", txtUsername.Text);
cmd.Parameters.AddWithValue("@password", txtPassword.Text);
cmd.Parameters.AddWithValue("@type", 0);
cmd.Parameters.AddWithValue("manager_id", autoGenId);
cmd.ExecuteNonQuery();
((MDIParent1)this.MdiParent).updateUserActivities(autoGenId, 12, txtUsername.Text.ToString() + "Manager detail was added successfully");
}
((MDIParent1)this.MdiParent).updateUserActivities(autoGenId, 11, txtUsername.Text.ToString() + "User detail was added successfully");
MessageBox.Show("User Detail was added successfully", "Task", MessageBoxButtons.OK, MessageBoxIcon.Information);
conn.Close();
this.Close();
}The above code Works with no problem at all!
Given below is my structure of table named:User in sql server 2008:
ColumnName DataType AllowNulls
user_first_name nvarchar(50)
Yes
user_last_name nvarchar(50) Yes
username nvarchar(30)
Yes
user_id(auto-increment) Int
No
password nvarchar(15) Yes
user_dob date Yes
user_sex nvarchar(20)
Yes
email nvarchar(50)
Yes
user_type Int Yes
row_upd_date
datetime Yes
created_by smallint
Yes
I also have a login form named:frmLogin.Given below is c# code of frmLogin with sql server 2008:
using System.Data.SqlClient;
namespace Mini_Project
{
public partial class frmLogin : Form
{
public frmLogin()
{
InitializeComponent();
}
private void btnLogin_Click(object sender, EventArgs e)
{
if ((txtPassword.Text == "password") && (txtUsername.Text.ToLower() == "admin"))
{
MDIParent1 h = new MDIParent1();
h.Show();
this.Close();
}
else
{
string username = txtUsername.Text;
string password = txtPassword.Text;
bool validUser = ValidateUser(username, password);
if (validUser)
{
MDIParent1 m = new MDIParent1();
m.Show();
this.Close();
}
else
{
MessageBox.Show("Invalid user name or password. Please try with another user name or password", "Task", MessageBoxButtons.OK, MessageBoxIcon.Warning);
txtUsername.Focus();
}
}
}
private bool ValidateUser(string username, string password)
{
bool success = false;
SqlConnection conn = new SqlConnection("Data Source=NPD-4\\SQLEXPRESS;Initial Catalog=Task;Integrated Security=true");
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
cmd = new SqlCommand("Select @count = Count(*) from [dbo].[User] where username=@username and password=@password", conn);
cmd.Parameters.AddWithValue("@username", txtUsername.Text);
cmd.Parameters.AddWithValue("@password", txtPassword.Text);
cmd.Parameters.Add("@count", SqlDbType.Int).Direction = ParameterDirection.Output;
conn.Open();
cmd.ExecuteNonQuery();
if (Convert.ToInt32(cmd.Parameters["@count"].Value) > 0)
{
success = true;
}
else
{
success = false;
}
conn.Close();
return success;
}
}
}The above code works with no problem at all!
However what i want is to block/restrict a user for an entire day from entering into the application(Mini Project) based on 3 failed attempts by him/her in the login form(frmLogin).
Can anyone help me how to achieve my required result? Can anyone tell me/guide me what modifications must i do in my c# code offrmLogin(login form),should i need to add any field in my table named:User in sql server 2008? If so can anyone tell me/guide me/help me on modifications that i need to do in myc# code in frmLogin. Also can anyone tell me what are fields should i add to my table named:User in sql server 2008 to make it work? Can anyone help me please! Any help/guidance in solving of this problem would be greatly appreciated!
vishal