Hi everybody
I am using the following code behind login.aspx.vb. When a user uses wrong passwor then redirect to "expirationmessage.aspx" page, but when that user uses right password he can easily enter the site. IS THERE ANY WRONG. PLEASE HELP.
Another Qestion:: has there any wrong funtioning in 'Expiration of User' function. I use
Dim RenewDate = Profile.GetProfile(Login1.UserName).DateRenewed
If DateDiff(DateInterval.day, RenewDate, DateTime.Now) > 365 Then
Response.Redirect("~/expirationmessage.aspx")
===========the code behind========
Partial Class Login
Inherits System.Web.UI.Page
Protected Sub Login1_LoginError(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login1.LoginError
'Set the parameters for InvalidCredentialsLogDataSource
InvalidCredentialsLogDataSource.InsertParameters("ApplicationName").DefaultValue = Membership.ApplicationName
InvalidCredentialsLogDataSource.InsertParameters("UserName").DefaultValue = Login1.UserName
InvalidCredentialsLogDataSource.InsertParameters("IPAddress").DefaultValue = Request.UserHostAddress
'The password is only supplied if the user enters an invalid username or invalid password - set it to Nothing, by default
InvalidCredentialsLogDataSource.InsertParameters("Password").DefaultValue = Nothing
'There was a problem logging in the user
'See if this user exists in the database
Dim userInfo As MembershipUser = Membership.GetUser(Login1.UserName)
Dim RenewDate = Profile.GetProfile(Login1.UserName).DateRenewed
If userInfo Is Nothing Then
'The user entered an invalid username...
Response.Redirect("~/invaliduser.aspx")
'The password is only supplied if the user enters an invalid username or invalid password
InvalidCredentialsLogDataSource.InsertParameters("Password").DefaultValue = Login1.Password
End If
'See if the user is locked out or not approved
If Not userInfo.IsApproved Then
Response.Redirect("~/approval.aspx")
End If
If userInfo.IsLockedOut Then
Response.Redirect("~/idlock.aspx")
End If
'Expiration of User
If DateDiff(DateInterval.day, RenewDate, DateTime.Now) > 365 Then
Response.Redirect("~/expirationmessage.aspx")
End If
'The password was incorrect (don't show anything, the Login control already describes the problem)
'The password is only supplied if the user enters an invalid username or invalid password
InvalidCredentialsLogDataSource.InsertParameters("Password").DefaultValue = Login1.Password
'Add a new record to the InvalidCredentialsLog table
InvalidCredentialsLogDataSource.Insert()
End Sub
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
'If the person is already logged in, but is being redirected to the login page from some other
'page, then they were attempting to visit a page they weren't authorized for
If Request.IsAuthenticated AndAlso Request.QueryString("ReturnUrl") IsNot Nothing Then
Response.Redirect("~/unauthorizeduser.aspx")
End If
End Sub
End Class
↧
code behind login.aspx.vb error, please help
↧