ASPForums.Net RSS Feedhttp://www.aspforums.net/Handlers/RSS.ashxLatest additions to the content that appears on ASPForums.Net(c) 2019 www.aspforums.com. All rights reserved.Prevent multiple systems Login using same User Name and Password in ASP.Net<p>Hi <a class="username" rel="nauna"> nauna</a>,</p> <p>When you click on login button user will validate if user exist or not.</p> <p>And then you will have to create a table where you have store login details of user like ip address of user machine and username or id and login date.</p> <p>And then by user id or username get ip addres from table, if ip address is there then it is going to check current ip address with getting ip address from table.</p> <p>if they are similar then it is going to be logging. Else if it is not similar then it is going to update current ip address and logging date in table.</p> <p>And then it is going to logging bases on current ip address.</p> <p>When you click on Logout you need to remove the record from database.</p> <p>Refer below sample.</p> <p><span style="text-decoration: underline;"><strong>HTML</strong></span></p> <p><strong>Login.aspx</strong></p> <pre class="brush: html">&lt;asp:Login ID=&#34;Login1&#34; runat=&#34;server&#34; OnAuthenticate=&#34;ValidateUser&#34;&gt; &lt;/asp:Login&gt;</pre> <p><strong>Home.aspx</strong></p> <pre class="brush: html">&lt;div&gt; Welcome &lt;asp:LoginName ID=&#34;LoginName1&#34; runat=&#34;server&#34; Font-Bold=&#34;true&#34; /&gt; &lt;br /&gt; &lt;br /&gt; &lt;asp:Label ID=&#34;lblLastLoginDate&#34; runat=&#34;server&#34; /&gt; &lt;asp:LoginStatus ID=&#34;LoginStatus1&#34; runat=&#34;server&#34; onloggedout=&#34;LoginStatus1_LoggedOut&#34; /&gt; &lt;/div&gt;</pre> <p><span style="text-decoration: underline;"><strong>Namespaces</strong></span></p> <p><strong>C#</strong></p> <pre class="brush: csharp">using System.Data; using System.Configuration; using System.Data.SqlClient; using System.Web.Security; </pre> <p><strong>VB.Net</strong></p> <pre class="brush: vb">Imports System.Data Imports System.Configuration Imports System.Data.SqlClient Imports System.Web.Security </pre> <p><span style="text-decoration: underline;"><strong>Code</strong></span></p> <p><strong>C#</strong></p> <p><strong>Login.aspx.cs</strong></p> <pre class="brush: csharp">protected void ValidateUser(object sender, EventArgs e) { int userId = 0; string constr = ConfigurationManager.ConnectionStrings[&#34;constr&#34;].ConnectionString; using (SqlConnection con = new SqlConnection(constr)) { using (SqlCommand cmd = new SqlCommand(&#34;Validate_User&#34;)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue(&#34;@Username&#34;, Login1.UserName); cmd.Parameters.AddWithValue(&#34;@Password&#34;, Login1.Password); cmd.Connection = con; con.Open(); userId = Convert.ToInt32(cmd.ExecuteScalar()); } switch (userId) { case -1: Login1.FailureText = &#34;Username and/or password is incorrect.&#34;; break; case -2: Login1.FailureText = &#34;Account has not been activated.&#34;; break; default: string ipAddress = Request.ServerVariables[&#34;HTTP_X_FORWARDED_FOR&#34;]; if (string.IsNullOrEmpty(ipAddress)) { ipAddress = Request.ServerVariables[&#34;REMOTE_ADDR&#34;]; } string constr1 = ConfigurationManager.ConnectionStrings[&#34;constr1&#34;].ConnectionString; SqlConnection con1 = null; SqlCommand cmd1 = null; string getIp = getIpAddress(Login1.UserName); if (!string.IsNullOrEmpty(getIp)) { if (ipAddress != getIp) { con1 = new SqlConnection(constr1); cmd1 = new SqlCommand(&#34;UPDATE tblSession SET ipAddress = @ipAddress ,LoginDate =@LoginDate WHERE UserName = @UserName&#34;, con1); cmd1.Parameters.AddWithValue(&#34;@ipAddress&#34;, ipAddress); cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now); cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName); con1.Open(); cmd1.ExecuteNonQuery(); } else { con1 = new SqlConnection(constr1); cmd1 = new SqlCommand(&#34;UPDATE tblSession SET LoginDate =@LoginDate WHERE UserName = @UserName&#34;, con1); cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now); cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName); con1.Open(); cmd1.ExecuteNonQuery(); } } else { con1 = new SqlConnection(constr1); cmd1 = new SqlCommand(&#34;INSERT INTO tblSession VALUES(@ipAddress,@UserName,@LoginDate)&#34;, con1); cmd1.Parameters.AddWithValue(&#34;@ipAddress&#34;, ipAddress); cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName); cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now); con1.Open(); cmd1.ExecuteNonQuery(); con1.Close(); } FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet); break; } } } public string getIpAddress(string userName) { string constr = ConfigurationManager.ConnectionStrings[&#34;constr1&#34;].ConnectionString; SqlConnection con = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(&#34;SELECT ipAddress FROM tblSession WHERE UserName = @UserName&#34;, con); cmd.Parameters.AddWithValue(&#34;@UserName&#34;, userName); con.Open(); string ipAddress = Convert.ToString(cmd.ExecuteScalar()); con.Close(); return ipAddress; }</pre> <p><strong>Home.aspx.cs</strong></p> <pre class="brush: csharp">protected void Page_Load(object sender, EventArgs e) { if (!this.Page.User.Identity.IsAuthenticated) { FormsAuthentication.RedirectToLoginPage(); } } protected void LoginStatus1_LoggedOut(object sender, EventArgs e) { string constr = ConfigurationManager.ConnectionStrings[&#34;constr1&#34;].ConnectionString; SqlConnection con = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(&#34;DELETE FROM tblSession WHERE UserName = @UserName&#34;, con); cmd.Parameters.AddWithValue(&#34;@UserName&#34;, this.Page.User.Identity.Name); con.Open(); string ipAddress = Convert.ToString(cmd.ExecuteScalar()); con.Close(); }</pre> <p><strong>VB.Net</strong></p> <p><strong>Login.aspx.vb</strong></p> <pre class="brush: vb">Protected Sub ValidateUser(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load Dim userId As Integer = 0 Dim constr As String = ConfigurationManager.ConnectionStrings(&#34;constr&#34;).ConnectionString Using con As SqlConnection = New SqlConnection(constr) Using cmd As SqlCommand = New SqlCommand(&#34;Validate_User&#34;) cmd.CommandType = CommandType.StoredProcedure cmd.Parameters.AddWithValue(&#34;@Username&#34;, Login1.UserName) cmd.Parameters.AddWithValue(&#34;@Password&#34;, Login1.Password) cmd.Connection = con con.Open() userId = Convert.ToInt32(cmd.ExecuteScalar()) End Using Select Case userId Case -1 Login1.FailureText = &#34;Username and/or password is incorrect.&#34; Case -2 Login1.FailureText = &#34;Account has not been activated.&#34; Case Else Dim ipAddress As String = Request.ServerVariables(&#34;HTTP_X_FORWARDED_FOR&#34;) If String.IsNullOrEmpty(ipAddress) Then ipAddress = Request.ServerVariables(&#34;REMOTE_ADDR&#34;) End If Dim constr1 As String = ConfigurationManager.ConnectionStrings(&#34;constr1&#34;).ConnectionString Dim con1 As SqlConnection = Nothing Dim cmd1 As SqlCommand = Nothing Dim getIp As String = getIpAddress(Login1.UserName) If Not String.IsNullOrEmpty(getIp) Then If ipAddress &lt;&gt; getIp Then con1 = New SqlConnection(constr1) cmd1 = New SqlCommand(&#34;UPDATE tblSession SET ipAddress = @ipAddress ,LoginDate =@LoginDate WHERE UserName = @UserName&#34;, con1) cmd1.Parameters.AddWithValue(&#34;@ipAddress&#34;, ipAddress) cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now) cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName) con1.Open() cmd1.ExecuteNonQuery() Else con1 = New SqlConnection(constr1) cmd1 = New SqlCommand(&#34;UPDATE tblSession SET LoginDate =@LoginDate WHERE UserName = @UserName&#34;, con1) cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now) cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName) con1.Open() cmd1.ExecuteNonQuery() End If Else con1 = New SqlConnection(constr1) cmd1 = New SqlCommand(&#34;INSERT INTO tblSession VALUES(@ipAddress,@UserName,@LoginDate)&#34;, con1) cmd1.Parameters.AddWithValue(&#34;@ipAddress&#34;, ipAddress) cmd1.Parameters.AddWithValue(&#34;@UserName&#34;, Login1.UserName) cmd1.Parameters.AddWithValue(&#34;@LoginDate&#34;, DateTime.Now) con1.Open() cmd1.ExecuteNonQuery() con1.Close() End If FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet) Exit Select con.Close() End Select End Using End Sub Public Function getIpAddress(ByVal userName As String) As String Dim constr As String = ConfigurationManager.ConnectionStrings(&#34;constr1&#34;).ConnectionString Dim con As SqlConnection = New SqlConnection(constr) Dim cmd As SqlCommand = New SqlCommand(&#34;SELECT ipAddress FROM tblSession WHERE UserName = @UserName&#34;, con) cmd.Parameters.AddWithValue(&#34;@UserName&#34;, userName) con.Open() Dim ipAddress As String = Convert.ToString(cmd.ExecuteScalar()) con.Close() Return ipAddress End Function</pre> <p>&nbsp;</p>https://www.aspforums.net:443/Threads/462025/Prevent-multiple-systems-Login-using-same-User-Name-and-Password-in-ASPNet/https://www.aspforums.net:443/Threads/462025/Prevent-multiple-systems-Login-using-same-User-Name-and-Password-in-ASPNet/Thu, 06 Jun 2019 06:14:32 GMT