stop login if user has already loggedin with same userid

Brij

One way to do implement this functionality, that whenever a user login make an entry in DB as a loggedin user, once another user try to login with same user, allow to him for login but at the same remove the netry fro first user, and on evry postback check from whether the user has entry in db, if not then make him logout. Its better I think if a user has logged in from one pc then dont allow from other pc , just show a message a user has already loggedin.

Cheers!! Brij Check my latest Article :Exploring ASP.NET Validators

Abhijit Jana

Brij wrote:

Its better I think if a user has logged in from one pc then dont allow from other pc , just show a message a user has already loggedin.

Yes I am agree with you brij. Other wise its unnecessary hitting of DB on every post back which impact badly on performance.

Cheers ! Abhijit Jana | MVP Web Site : abhijitjana.net Don't forget to click "Good Answer" on the post(s) that helped you.

vikas shukla

thank u sir, i was doing the same as you are saying.and i am entering browser name also in my loginentry table(temp table). so that suppose if user login from ie browser and now he opens new ie and enter login page of application then user should not have login page because user has logged in once and it shows direct user home page.but if he enter login url in mozilla or any other browser then he should have login page. but at the same time if i am opening my login page from another system then again user home page is displaying.but it should be login page.

vikas shukla

hi sir, if you never mind sir.i want your yahoo id thank you very much sir.

Brij

Yes. Its better

Cheers!! Brij Check my latest Article :Exploring ASP.NET Validators

Abhijit Jana

And I think this is quite well known problem for us ... ;) .. Account Locked : :laugh:

Cheers ! Abhijit Jana | MVP Web Site : abhijitjana.net Don't forget to click "Good Answer" on the post(s) that helped you.

vikas shukla

yes sir, you both are absolutely right.but please suggest me where i am wrong in my second post. and give your suggestion for this. thanks

Abhijit Jana

Are you checking session variable properly ?

Cheers ! Abhijit Jana | MVP Web Site : abhijitjana.net Don't forget to click "Good Answer" on the post(s) that helped you.

vikas shukla

yes sir, actually i am sending you my code behind. please consider this. using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using Login_Bl; using message; using General_Bal; using ChecknetConnection; [Serializable] public partial class Default : System.Web.UI.Page { LoginBl objloginbl = new LoginBl(); GeneralBal objgeneral = new GeneralBal(); public static DataSet usr_val = new DataSet(); public static DataSet usr_val_usr = new DataSet(); protected void Page_Load(object sender, EventArgs e) { txtUserId.Focus(); if (Session["loginfailed"].ToString() == "1" ) { WebMsgBox.Show("You Have Been Signed Out.As Another User Has Signed In With Your UserID"); } string ses = Session.SessionID; if (usr_val.Tables.Count > 0) { if (usr_val.Tables[0].Rows.Count > 0) { string sess = usr_val.Tables[0].Rows[0]["sessionid"].ToString(); string expl = usr_val.Tables[0].Rows[0]["explorer"].ToString(); HttpBrowserCapabilities bro = new HttpBrowserCapabilities(); bro = Request.Browser; if (bro.Browser.ToString() == expl.ToString()) { Session["Roles"] = "Admin"; Session["customer"] = usr_val.Tables[0].Rows[0]["userid"].ToString(); Session["sessionid"] = usr_val.Tables[0].Rows[0]["sessionid"].ToString(); Response.Redirect("Admin/AdminHome.aspx"); } } } if (usr_val_usr.Tables.Count > 0) { if (usr_val_usr.Tables[0].Rows.Count > 0) { string sess = usr_val_usr.Tables[0].Rows[0]["sessionid"].ToString(); string expl = usr_val.Tables[0].Rows[0]["explorer"].ToString(); HttpBrowserCapabilities bro = new HttpBrowserCapabilities(); bro = Request.Browser; if (bro.Browser.ToString() == expl.ToString()) { Session["Roles"] = "User";

Brij

vikas shukla wrote:

but at the same time if i am opening my login page from another system then again user home page is displaying.but it should be login page.

You should also store the IP of the system along with the browser.So the you can check from which system user is trying to login.If request comes from another Ip then dont allow to be logged in. To get the IP of the client system, you can get using srever variables as Request.ServerVariables["REMOTE_ADDR"]

Cheers!! Brij Check my latest Article :Exploring ASP.NET Validators

Brij

yes :)

Cheers!! Brij Check my latest Article :Exploring ASP.NET Validators

vikas shukla

thanks sir i tried your suggestion.but problem was same.if i am login from pc1 and at the same time i am trying to login from another pc then both are working while according to my requirement second should be on login page.that means both ip of the system are same is it possible? on the page load i am doing this. string ipaddress = Request.ServerVariables["REMOTE_ADDR"]; if (usr_val.Tables.Count > 0) { if (usr_val.Tables[0].Rows.Count > 0) { string ip = usr_val.Tables[0].Rows[0]["ipaddress"].ToString(); HttpBrowserCapabilities bro = new HttpBrowserCapabilities(); bro = Request.Browser; if(ip==ipaddress ) { if (bro.Browser.ToString() == expl.ToString()) { Session["Roles"] = "Admin"; Session["customer"] = usr_val.Tables[0].Rows[0]["userid"].ToString(); Session["sessionid"] = usr_val.Tables[0].Rows[0]["sessionid"].ToString(); Response.Redirect("Admin/AdminHome.aspx"); } } } } is there another way for take the ip of client system?

vikas shukla

hi sir, please try to understand my problem.and me some help.i am waiting for your help. thanks