G
Guest
Hi
I have a web application using asp.net and c#. User has to login to the application with his username and pwd. However, I do not allow other user uses the same username and pwd to login, i.e. one set of login ID cannot be used for twice except the logged in user's session has expired or he exited the system and terminate the session (Session.Clear().
Here is the C# code in my login cs file
[code
protected System.Web.UI.WebControls.TextBox username
protected System.Web.UI.WebControls.TextBox pwd
protected System.Web.UI.WebControls.Label label
private void ImageButton_Click(object sender, System.Web.UI.ImageClickEventArgs e
int e
User obj=null; //User is a clas
tr
obj = new User()
e = obj.Login(this.username.text,this.pwd.text)
switch(e
case User.LOGINOK
Session["LoggedUser"] = obj; //I created a session here after verifying there is such user in DB. But, for another user to login with this same username and pwd, how can I check the session has not expired and prevented him login
Response.Redirect("webapplication/default.aspx",true)
break
default
this.label.Text = "Wrong user name or pwd"
break
[/code
The session name "LoggedUser" in Session["LoggedUser"] has to be constant because this session name will be used to check whether the user has logged in before viewing the web pages in the application.
Or, I need to create a session login table in DB to insert and update a user's login status?
Or, I just edit the above code can perform the same function?
Any sound solution can be suggested to me?
Thanks for help
I have a web application using asp.net and c#. User has to login to the application with his username and pwd. However, I do not allow other user uses the same username and pwd to login, i.e. one set of login ID cannot be used for twice except the logged in user's session has expired or he exited the system and terminate the session (Session.Clear().
Here is the C# code in my login cs file
[code
protected System.Web.UI.WebControls.TextBox username
protected System.Web.UI.WebControls.TextBox pwd
protected System.Web.UI.WebControls.Label label
private void ImageButton_Click(object sender, System.Web.UI.ImageClickEventArgs e
int e
User obj=null; //User is a clas
tr
obj = new User()
e = obj.Login(this.username.text,this.pwd.text)
switch(e
case User.LOGINOK
Session["LoggedUser"] = obj; //I created a session here after verifying there is such user in DB. But, for another user to login with this same username and pwd, how can I check the session has not expired and prevented him login
Response.Redirect("webapplication/default.aspx",true)
break
default
this.label.Text = "Wrong user name or pwd"
break
[/code
The session name "LoggedUser" in Session["LoggedUser"] has to be constant because this session name will be used to check whether the user has logged in before viewing the web pages in the application.
Or, I need to create a session login table in DB to insert and update a user's login status?
Or, I just edit the above code can perform the same function?
Any sound solution can be suggested to me?
Thanks for help