Hi ahmadsubuhanl...,
Please refer below Sample.
Here i am making this sample with reference from
HTML
<asp:Login ID="loginUser" runat="server" OnAuthenticate="ValidateUser"></asp:Login>
Namespaces
C#
using System.Data;
using System.Configuration;
using System.Data.SqlClient;
using System.Web.Security;
VB.Net
Imports System.Data
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Web.Security
SQL
CREATE PROCEDURE [ValidateLogin]
@UserId INT
AS
BEGIN
IF EXISTS(SELECT UserId FROM tblSession WHERE UserId = @UserId)
BEGIN
UPDATE tblSession
SET [Status] = 1
WHERE UserId = @UserId
END
ELSE
BEGIN
INSERT INTO tblSession VALUES(@UserId, 1)
END
END
Code
C#
protected void ValidateUser(object sender, EventArgs e)
{
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", loginUser.UserName);
cmd.Parameters.AddWithValue("@Password", loginUser.Password);
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
}
switch (userId)
{
case -1:
loginUser.FailureText = "Username and/or password is incorrect.";
break;
case -2:
loginUser.FailureText = "Account has not been activated.";
break;
default:
if (IsLoggedIn(userId) == 0)
{
string constr1 = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con1 = new SqlConnection(constr1))
{
using (SqlCommand cmd1 = new SqlCommand("ValidateLogin", con1))
{
cmd1.CommandType = CommandType.StoredProcedure;
cmd1.Parameters.AddWithValue("@UserId", userId);
con1.Open();
cmd1.ExecuteNonQuery();
con1.Close();
FormsAuthentication.RedirectFromLoginPage(loginUser.UserName, loginUser.RememberMeSet);
}
}
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('User already loggedin.');", true);
}
break;
}
}
}
private int IsLoggedIn(int userId)
{
int isLogged = 0;
string conString = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(conString))
{
using (SqlCommand cmd = new SqlCommand("SELECT Status FROM tblSession WHERE Userid = @UserId", con))
{
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@UserId", userId);
con.Open();
isLogged = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
}
}
return isLogged;
}
VB.Net
Protected Sub ValidateUser(ByVal sender As Object, ByVal e As EventArgs)
Dim userId As Integer = 0
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As SqlConnection = New SqlConnection(constr)
Using cmd As SqlCommand = New SqlCommand("Validate_User")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", loginUser.UserName)
cmd.Parameters.AddWithValue("@Password", loginUser.Password)
cmd.Connection = con
con.Open()
userId = Convert.ToInt32(cmd.ExecuteScalar())
End Using
Select Case userId
Case -1
loginUser.FailureText = "Username and/or password is incorrect."
Case -2
loginUser.FailureText = "Account has not been activated."
Case Else
If IsLoggedIn(userId) = 0 Then
Dim constr1 As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con1 As SqlConnection = New SqlConnection(constr1)
Using cmd1 As SqlCommand = New SqlCommand("ValidateLogin", con1)
cmd1.CommandType = CommandType.StoredProcedure
cmd1.Parameters.AddWithValue("@UserId", userId)
con1.Open()
cmd1.ExecuteNonQuery()
con1.Close()
FormsAuthentication.RedirectFromLoginPage(loginUser.UserName, loginUser.RememberMeSet)
End Using
End Using
Else
ClientScript.RegisterStartupScript(Me.[GetType](), "alert", "alert('User already loggedin.');", True)
End If
End Select
End Using
End Sub
Private Function IsLoggedIn(ByVal userId As Integer) As Integer
Dim isLogged As Integer = 0
Dim conString As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As SqlConnection = New SqlConnection(conString)
Using cmd As SqlCommand = New SqlCommand("SELECT Status FROM tblSession WHERE Userid = @UserId", con)
cmd.CommandType = CommandType.Text
cmd.Parameters.AddWithValue("@UserId", userId)
con.Open()
isLogged = Convert.ToInt32(cmd.ExecuteScalar())
con.Close()
End Using
End Using
Return isLogged
End Function
Screenshot