控制验证登陆次数

为了防止暴力破解 ,通常使用验证码,现在加入一种新的防暴力破解方法,限制验证登陆错误次数,并封锁IP
代码如下
     /// <summary>
    
/// Login 的摘要说明。
    
/// </summary>

     public   class  Login : System.Web.UI.Page
    
{
        
protected System.Web.UI.WebControls.RequiredFieldValidator rfvUsername;
        
protected System.Web.UI.WebControls.RequiredFieldValidator rfvPassword;
        
protected System.Web.UI.WebControls.Label lblErrorMessage;
        
protected System.Web.UI.WebControls.TextBox txtUserName;
        
protected System.Web.UI.WebControls.TextBox txtPassWord;
        
protected System.Web.UI.WebControls.TextBox txtYanzheng;
        
protected System.Web.UI.WebControls.RequiredFieldValidator Requiredfieldvalidator1;
        
protected System.Web.UI.WebControls.ImageButton btnLogin;
        
protected System.Web.UI.WebControls.Image Image1;
        
        
string strIp="";
        
private void Page_Load(object sender, System.EventArgs e)
        
{
            
// 在此处放置用户代码以初始化页面
            if(!Page.IsPostBack)
            
{
                Session[
"CheckCode"= "";
            }

        }


        
Web 窗体设计器生成的代码

        
        

        
private void ImageButton2_Click(object sender, System.Web.UI.ImageClickEventArgs e)
        
{
            
            WebJTJ.Components.IPLock ip
=new WebJTJ.Components.IPLock();
            
bool IPLocked=ip.IPLockCheck(GetIP());
            
if(IPLocked)
            
{
                lblErrorMessage.Text
="您的ip地址已经被锁定,请联系管理员!"    ;
            }

            
else
            
{
                
if(Convert.ToInt16(Session["LoginTimes"])<1)
                
{
                    
if(txtYanzheng.Text.Trim()==Session["CheckCode"].ToString())
                    
{
                        
string UserID ="";
                        
                        WebJTJ.Components.Staff staff
=new WebJTJ.Components.Staff();
                        
string CheckString = staff.Login(txtUserName.Text, txtPassWord.Text);
                
                        
if(CheckString!=null)
                        
{
                            
string LoginChecked;
                            
if(CheckString.IndexOf("-")>=0)
                            
{
                                UserID
=CheckString.Substring(0,CheckString.IndexOf("-"));
                                LoginChecked 
= CheckString.Substring(CheckString.IndexOf("-")+1);

                                
if(LoginChecked=="True")
                                
{
                                    Session[
"UserName"]=txtUserName.Text;
                                    Session[
"UserID"]=UserID;
                                    Session[
"WebManager"]=LoginChecked;
                                    Response.Redirect(
"Admin_Main.aspx");
                                }

                            }

                        }

                        
else
                        
{
                            Session[
"LoginTimes"]=Convert.ToInt16(Session["LoginTimes"])+1;
                            lblErrorMessage.Text
="您输入的用户名或密码错误,请重新输入!";    
                        }

                    }

                    
else
                    
{
                        lblErrorMessage.Text
="您输入的验证码错误!请重新输入!";
                    }

                }

                
else
                
{
                    
if(Request.ServerVariables["HTTP_VIA"]!=null)
                    
{       
                        strIp
=Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString();       
                    }

                    
else
                    
{       
                        strIp
=Request.ServerVariables["REMOTE_ADDR"].ToString();       
                    }

                    
if(strIp.Length>0)
                    
{
                                            
                        WebJTJ.Components.Staff IPLock
=new WebJTJ.Components.Staff();
                        IPLock.IPLock(strIp);
                    
                    }

                    lblErrorMessage.Text
="对不起,您的密码输入次数已经收到限制,您的IP地址已经被记录封锁,请联系管理员给您解除锁定!";
                }

        
            }

            
        

        }


        
public string GetIP()
        
{
            
if(Request.ServerVariables["HTTP_VIA"]!=null)
             
{       
               strIp
=Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString();       
             }

            
else
             
{       
               strIp
=Request.ServerVariables["REMOTE_ADDR"].ToString();       
             }

            
return strIp ;

        }

    }

}
相关推荐
©️2020 CSDN 皮肤主题: 大白 设计师:CSDN官方博客 返回首页