Keep a log of visitors 2

[Cooperdam]

HI I have a login page, and was thinking to keep a log of visitors, or the time they came in. Should this be done here in this code? I would need a table as well.

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="RReports.Login" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "

http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="

http://www.w3.org/1999/xhtml"

>
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>

<table style="width:100%;">
<tr>
<td width="60%">
 </td>
<td width="20%">
 </td>
<td width="20%">
 </td>
</tr>
<tr>
<td>
 </td>
<td style="text-align: right">
 </td>
<td>
<asp:Label ID="lblMessage" runat="server" ForeColor="Red"
style="font-family: Arial, Helvetica, sans-serif; font-size: small"></asp:Label>
</td>
</tr>
<tr>
<td>
 </td>
<td style="text-align: right">
<asp:Label ID="Label1" runat="server"
style="font-family: Arial, Helvetica, sans-serif; font-size: small;"
Text="UserName : "></asp:Label>
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server"
style="font-family: Arial, Helvetica, sans-serif" Text=" "></asp:TextBox>
</td>
</tr>
<tr>
<td>
 </td>
<td style="text-align: right">
<asp:Label ID="Label2" runat="server"
style="text-align: right; font-family: Arial, Helvetica, sans-serif; font-size: small;"
Text="Password : "></asp:Label>
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server"
style="font-family: Arial, Helvetica, sans-serif" Text=" " TextMode="Password"></asp:TextBox>
</td>
</tr>
<tr>
<td>
 </td>
<td>
 </td>
<td>
<asp:Button ID="btnLogin" runat="server" onclick="btnLogin_Click"
style="font-family: Arial, Helvetica, sans-serif" Text="Login" />
</td>
</tr>
<tr>
<td>
 </td>
<td>
 </td>
<td>
 </td>
</tr>
</table>

</div>
</form>
</body>
</html>

 

[jbenson001]

That code would go in your code-behind file.

 

[Cooperdam]

Thank you JBenson! I am not sure how to do this type of thing. this is my code-behind:

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;

using System.Data.SqlClient;
using System.Xml;
using RReports.Helpers;

namespace RReports
{
public partial class Login : System.Web.UI.Page
{
const string XML_CONFIG_FILE = "reports.xml";

protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
ClearSession();
}

// Compilation Directive
// This will by-pass the authentication when DEV flag is added to Conditional Compilation Symbols
// If not, it will ask for login as usual
#if DEV
txtPassword.Text = "test";
btnLogin_Click(null, null);
#endif
}

private void ClearSession()
{
// Clear all Session data
Session.Clear();
}

protected void btnLogin_Click(object sender, EventArgs e)
{
ClearSession();
lblMessage.Text = "";

// Perform Login based on the entered UserName and Password
string sql = "Select * from Users where UserName = '" + txtUserName.Text.Replace("'", "") + "' and Password = '" + txtPassword.Text.Replace("'", "") + "'";
DataSet ds = Lib.GetResults(sql, ConnectionHelper.GetSecurityDatabaseConnection());

if (ds != null)
{
if (ds.Tables.Count > 0)
{
if (ds.Tables[0].Rows.Count == 1)
{
Session["UserName"] = txtUserName.Text.Trim();
Response.Redirect("DashBoard.aspx");
}
else
{
lblMessage.Text = "Invalid UserName/Password.";
}
}
else
{
lblMessage.Text = "Invalid UserName/Password.";
}
}
else
{
lblMessage.Text = "Invalid UserName/Password.";
}

}
}

}

 

[ca8msm]

                    if (ds.Tables[0].Rows.Count == 1)
                    {
                        Session["UserName"] = txtUserName.Text.Trim();
                        Response.Redirect("DashBoard.aspx");
                    }

This section of your code assumes a login is correct, so you'll just need to add an insert statement here to enter the details into your database (I'll assume your "Lib" object has an easy way of performing an insert for you).

However, if all you are doing is auditing the fact that a user logged into the system, it may be much easier to just use a stored procedure that not only returns the results of checking the users credentials, but performs the audit as well.

I'm also hoping that you aren't storing the passwords in the database in plain text...

Mark,

Darlington Web Design
Experts, Information, Ideas & Knowledge
ASP.NET Tips & Tricks

 

[Cooperdam]

Mark, yes we are. What can we do instead? I am new to this.
The users are all our customers but they are not coming in via a VPN. But the server is a standalone getting the data refreshed every night.

 

[jbenson001]

Passwords should be created using a one-way hash algorithum. I would do this through the .NET framework. There are many examples on line.

 

[jbenson001]

Here is a good example:

http://davidhayden.com/blog/dave/archive/2004/02/16/157.aspx