一。需要的数据库字段
LastLoginErrDate(日期类型)【登陆失败最大次数时的时间】
LoginErrTimes(整形,默认值为0)【登陆失败的次数】
二。 前台代码
<div>
<asp:TextBox ID="txtUserName" runat="server"></asp:TextBox><br />
<asp:TextBox ID="txtPwd" runat="server"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" />
</div>
三。后台代码
private int permitLoginTimes = 5; //运行失败的次数
private int intervalMinute = 1; //登陆失败最大次数后需间隔的时间(单位为分钟)
protected void Button1_Click(object sender, EventArgs e)
{
string info = string.Empty; //提示信息
string sql = "SELECT COUNT(id) FROM admin a WHERE a.ID='" + this.txtUserName.Text + "'";
DBOperator db = new DBOperator();
int count = Convert.ToInt32(db.ExecuteScalar(sql, System.Data.CommandType.Text)); //判断用户是否存在
if (count > 0) //用户名存在
{
sql = "SELECT a.LoginErrTimes,a.LastLoginErrDate FROM admin a WHERE a.ID='" + this.txtUserName.Text + "'";
DataTable dtTemp = db.GetDataTable(sql, CommandType.Text); //获取该用户登陆失败的次数和达到最大登陆次数的时间
int errTimes = Convert.ToInt32(dtTemp.Rows[0]["LoginErrTimes"]); //登陆失败的次数
if (errTimes == permitLoginTimes) //已经达到允许登陆失败的最大次数
{
DateTime dtLast = Convert.ToDateTime(dtTemp.Rows[0]["LastLoginErrDate"]); //达到最大登陆次数的时间
TimeSpan ts1 = new TimeSpan(dtLast.Ticks);
TimeSpan ts2 = new TimeSpan(DateTime.Now.Ticks); //当前时间
TimeSpan ts = ts2.Subtract(ts1).Duration();
if (ts.Minutes < this.intervalMinute) //登陆间隔时间小于规定的时间
{
info = "请" + this.intervalMinute + "分钟后再登陆!";
Response.Write("<script>alert('" + info + "')</script>");
}
else //达到间隔时间后,清0的登陆失败次数,视其为第一次登陆
{
sql = "UPDATE admin SET LoginErrTimes = 0 WHERE ID='" + this.txtUserName.Text + "'";
db.ExecuteSql(sql, System.Data.CommandType.Text);
LoginLess(0);
}
}
else //登陆还未失败或失败次数小于最大次数
{
LoginLess(errTimes);
}
}
else //用户不存在
{
Response.Write("<script>alert('用户不存在')</script>");
}
}
private void LoginLess(int tempErrorTimes)
{
DBOperator db = new DBOperator();
string info = string.Empty;
string sql = "SELECT COUNT(id) FROM admin a WHERE a.ID='" + this.txtUserName.Text + "' AND a.Pwd='" + this.txtPwd.Text + "'";
int tempCount = Convert.ToInt32(db.ExecuteScalar(sql, System.Data.CommandType.Text));
if (tempCount == 0) //密码错误
{
if (tempErrorTimes == this.permitLoginTimes - 1) //已经登陆失败最大次数
{
sql = "UPDATE admin SET LastLoginErrDate = GETDATE(), LoginErrTimes =5" +
" WHERE ID='" + this.txtUserName.Text + "'";
db.ExecuteSql(sql, System.Data.CommandType.Text);
info = "您已经连续登陆失败" + permitLoginTimes.ToString() + "次,请" + this.intervalMinute + "分钟后再登陆!";
Response.Write("<script>alert('" + info + "')</script>");
}
else //其它登陆失败次数
{
sql = "UPDATE admin SET LastLoginErrDate = GETDATE(), LoginErrTimes = LoginErrTimes+1" +
" WHERE ID='" + this.txtUserName.Text + "'";
db.ExecuteSql(sql, System.Data.CommandType.Text);
info = "您已经连续登陆失败" + Convert.ToString(tempErrorTimes + 1) + "次,你还有" + Convert.ToString(this.permitLoginTimes - tempErrorTimes - 1) + "次登陆机会";
Response.Write("<script>alert('" + info + "')</script>");
}
}
else //登陆成功,将登陆错误次数清0
{
sql = "UPDATE admin SET LoginErrTimes =0" +
" WHERE ID='" + this.txtUserName.Text + "'";
db.ExecuteSql(sql, System.Data.CommandType.Text);
Response.Write("<script>alert('登陆成功!')</script>");
}
}