I'm fairly new to asp.net and trying to use a session counter to check for when someone has tried to log in three times it counts and when reaches three it locks them out. I know it's easy but my brain is fried.
Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLogin.Click
Dim IsFound As Boolean = False
If Page.IsPostBack Then
IsFound = clsDataLayer.GetUser(Server.MapPath("AddressBook.mdb"), txtUSERID.Text, txtPassword.Text)
If (IsFound) Then
'user credentials were found in the database so notify the system that the user is authenticated
lblStatus.Text = "Welcome"
'if authentic then wait three seconds to display the welcome label then send user to mymobilepage
Response.AddHeader("REFRESH", "3;URL=mymobilepage.aspx")
Else 'invalid user credentials
Dim myAttempts As Integer = Convert.ToInt16(Session("AttemptsCount "))
myAttempts = myAttempts + 1
Session("AttemptCount") = myAttempts 'update the session variable with the new value
lblStatus.Text = "The User ID and/or Password supplied is incorrect. Please try again!"
If myAttempts >= 3 Then
Dim myDAL As New clsDataLayer
myDAL.Lockuser(Server.MapPath("Addressbook.mdb"), txtUSERID.Text, False)
lblStatus.Text = "Your account has been locked and will need to be reset by the system administrator!"
End If
End If
End If
Can someone direct me the proper way?