i want the code for
if user try to access the login screen for more than 3 times with invalid password then account should lock
plzzzzzzzzzzzz......
bbinais 0 Light Poster
Shanti C 106 Posting Virtuoso
just intialize a session with username and logincounter like $_SESSION and $_SESSION
for every try increment the logincounter session for the same username..
if its greater than 3 then dont' allow for login..
or post your code, we will check it out..
bbinais 0 Light Poster
<?php
session_start();
$host="192.168.200.100";
$username="emt_dev";
$password="ready2go#";
$db_name="emtd101";
$tbl_name="M_USER";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if(isset($_POST['sub']))
{
$myusername=$_POST['txtusername'];
$mypassword=$_POST['txtpassword'];
}
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
session_register("txtusername");
session_register("txtpassword");
header("location:Main_Dashboard.php");
}
else
header("location:Main_Login.php")
?> bbinais 0 Light Poster
this is my code.....
and one more thing i need to know how the session time out works...
thanks 4 ur replay
<?php
session_start();
$host="192.168.200.100";
$username="emt_dev";
$password="ready2go#";
$db_name="emtd101";
$tbl_name="M_USER";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if(isset($_POST['sub']))
{
$myusername=$_POST['txtusername'];
$mypassword=$_POST['txtpassword'];
}
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
session_register("txtusername");
session_register("txtpassword");
header("location:Main_Dashboard.php");
}
else
header("location:Main_Login.php")
?> Shanti C 106 Posting Virtuoso
try this:
if($count==1)
{
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
session_register("login_counter");
$_SESSION['login_counter']=0;
$_SESSION['txtusername']="";// intialize name
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
}
}and to validate:
if(isset($_SESSION['login_counter']) && ($_SESSION['login_counter']==3))
{
echo "Please wait for some time!";
} bbinais 0 Light Poster
i can log in successfully.....
but when i put wrong password it redirect to blank page...
i change the code to this..
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
session_register("login_counter");
$_SESSION['login_counter']=0;
$_SESSION['txtusername']="";
header("location:Main_Dashboard.php");
}
else
{
header("location:Main_Login.php");
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
}
}but still not working.....
diafol
@bbinais
Please use code tags [ CODE ]. I'm getting a headache trying to read your code.
Shanti C 106 Posting Virtuoso
You have to increment session login_counter before redirect to the Main_Login.php page..
see this:
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
session_register("login_counter");
$_SESSION['login_counter']=0;
$_SESSION['txtusername']="";
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
header("location:Main_Login.php");
}
}and put this code in Main_Login.php page:
if(isset($_SESSION['login_counter']) && ($_SESSION['login_counter']==3))
{
echo "Please wait for some time!";
} bbinais 0 Light Poster
i couldn't login pls help me......
is there any problm in this code....
<?php
session_start();
$host="192.168.200.100";
$username="emt_dev";
$password="ready2go#";
$db_name="emtd101";
$tbl_name="M_USER";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if(isset($_POST['sub']))
{
$myusername=$_POST['txtusername'];
$mypassword=$_POST['txtpassword'];
}
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$encrypted_mypassword=md5($mypassword);
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
$_SESSION['login_counter']=0;
$_SESSION['txtusername']="$myusername";
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
header("location:invalid.php");
}
?> bakir 0 Light Poster
$encrypted_mypassword=md5($mypassword);do u use md5() when u insert password in the sql table?
maybe that is ur fault
if so try to use
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD=MD5('$mypassword')";hope that may help
bakir 0 Light Poster
<?php
$host="192.168.200.100";
$username="emt_dev";
$password="ready2go#";
$db_name="emtd101";
$tbl_name="M_USER";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// let's say the block time is 5 mins
$failded_waiting_time = 300; // 5 mins
if(!isset($_SESSION['login_counter'])) $_SESSION['login_counter']=0;
if($_SESSION['login_counter'] = 3) {
$period = time()-$_SESSION['failed_login'];
if($period < 500) {
// do wat you want here like saying u need to wait
// rediorect to login page
header("location:invalid.php");
}
// if period > $failded_waiting_time
// reset time
$_SESSION['failed_login'] = time();
}
if(isset($_POST['sub']))
{
$myusername=$_POST['txtusername'];
$mypassword=$_POST['txtpassword'];
}
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
// $_SESSION['login_counter']=0; not needed here
$_SESSION['txtusername']="$myusername";
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
// register the 3 failed acces time
if($_SESSION['login_counter'] == 3) {
$_SESSION['failed_login'] = time();
}
header("location:invalid.php");
}
?>hope this fast fix help
and sorry if i have errors coz it was so fast
good luck
bbinais 0 Light Poster
i rewright it as below
<?php
$uname = "";
$pword = "";
$errorMessage = "";
$num_rows = 0;
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$uname = $_POST['txtusername'];
$pword = $_POST['txtpassword'];
}
$uname = htmlspecialchars($uname);
$pword = htmlspecialchars($pword);
$user_name = "emt_dev";
$pass_word = "ready2go#";
$database = "emtd101";
$server = "192.168.200.100";
$db_handle = mysql_connect($server, $user_name, $pass_word);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found)
{
$uname = quote_smart($uname, $db_handle);
$pword = quote_smart($pword, $db_handle);
}
else
{
$errorMessage = "Error logging on";
}
$SQL = "SELECT * FROM $tbl_name WHERE MUSE_NAME = $uname AND MUSE_PWD = $pword";
$result = mysql_query($SQL);
if ($result)
{
$num_rows = mysql_num_rows($result);
}
else
{
$errorMessage = "Error logging on";
}
if ($num_rows > 0)
{
$errorMessage= "logged on ";
}
else
{
$errorMessage= "Invalid Logon";
}
?>
i'm getting an error:
Fatal error: Call to undefined function quote_smart() in C:\Program Files\EasyPHP-5.3.3\www\brando\html\screens\test.php on line 31
bbinais 0 Light Poster
i rewright it as below
<?php
$uname = "";
$pword = "";
$errorMessage = "";
$num_rows = 0;
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$uname = $_POST['txtusername'];
$pword = $_POST['txtpassword'];
}
$uname = htmlspecialchars($uname);
$pword = htmlspecialchars($pword);
$user_name = "emt_dev";
$pass_word = "ready2go#";
$database = "emtd101";
$server = "192.168.200.100";
$db_handle = mysql_connect($server, $user_name, $pass_word);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found)
{
$uname = quote_smart($uname, $db_handle);
$pword = quote_smart($pword, $db_handle);
}
else
{
$errorMessage = "Error logging on";
}
$SQL = "SELECT * FROM $tbl_name WHERE MUSE_NAME = $uname AND MUSE_PWD = $pword";
$result = mysql_query($SQL);
if ($result)
{
$num_rows = mysql_num_rows($result);
}
else
{
$errorMessage = "Error logging on";
}
if ($num_rows > 0)
{
$errorMessage= "logged on ";
}
else
{
$errorMessage= "Invalid Logon";
}
?>i'm getting an error: Fatal error: Call to undefined function quote_smart() in C:\Program Files\EasyPHP-5.3.3\www\brando\html\screens\test.php on line 31
bbinais 0 Light Poster
Re: if user try to access the login screen for more than 3 times with invalid password th
PHP Syntax (Toggle Plain Text)
1.
<?php
2.
$host="192.168.200.100";
3.
$username="emt_dev";
4.
$password="ready2go#";
5.
$db_name="emtd101";
6.
$tbl_name="M_USER";
7.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
8.
mysql_select_db("$db_name")or die("cannot select DB");
9.
// let's say the block time is 5 mins
10.
$failded_waiting_time = 300; // 5 mins
11.
if(!isset($_SESSION)) $_SESSION=0;
12.
13.
if($_SESSION = 3) {
14.
$period = time()-$_SESSION;
15.
if($period < 500) {
16.
// do wat you want here like saying u need to wait
17.
// rediorect to login page
18.
header("location:invalid.php");
19.
}
20.
// if period > $failded_waiting_time
21.
// reset time
22.
$_SESSION = time();
23.
}
24.
if(isset($_POST))
25.
{
26.
$myusername=$_POST;
27.
$mypassword=$_POST;
28.
}
29.
$myusername = stripslashes($myusername);
30.
$mypassword = stripslashes($mypassword);
31.
$myusername = mysql_real_escape_string($myusername);
32.
$mypassword = mysql_real_escape_string($mypassword);
33.
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
34.
$result=mysql_query($sql);
35.
$count=mysql_num_rows($result);
36.
if($count==1)
37.
{
38.
if(!isset($_SESSION))
39.
{
40.
session_register("txtusername");
41.
session_register("txtpassword");
42.
// $_SESSION=0; not needed here
43.
$_SESSION="$myusername";
44.
header("location:Main_Dashboard.php");
45.
}
46.
else
47.
{
48.
$_SESSION=$_SESSION+1;
49.
// register the 3 failed acces time
50.
if($_SESSION == 3) {
51.
$_SESSION = time();
52.
}
53.
header("location:invalid.php");
54.
}
55.
?>
<?php $host="192.168.200.100"; $username="emt_dev"; $password="ready2go#"; $db_name="emtd101"; $tbl_name="M_USER"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // let's say the block time is 5 mins $failded_waiting_time = 300; // 5 mins if(!isset($_SESSION)) $_SESSION=0; if($_SESSION = 3) { $period = time()-$_SESSION; if($period < 500) { // do wat you want here like saying u need to wait // rediorect to login page header("location:invalid.php"); } // if period > $failded_waiting_time // reset time $_SESSION = time(); } if(isset($_POST)) { $myusername=$_POST; $mypassword=$_POST; } $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1) { if(!isset($_SESSION)) { session_register("txtusername"); session_register("txtpassword"); // $_SESSION=0; not needed here $_SESSION="$myusername"; header("location:Main_Dashboard.php"); } else { $_SESSION=$_SESSION+1; // register the 3 failed acces time if($_SESSION == 3) { $_SESSION = time(); } header("location:invalid.php"); } ?>
hope this fast fix help
and sorry if i have errors coz it was so fast
good luck
------------------------------------------------------------------------------------
hi bakir,
now i get this error
Parse error: syntax error, unexpected $end in C:\Program Files\EasyPHP-5.3.3\www\brando\html\screens\check_user.php on line 55
bbinais 0 Light Poster
hi bakir,
now i get this error
Parse error: syntax error, unexpected $end in C:\Program Files\EasyPHP-5.3.3\www\brando\html\screens\check_user.php on line 55
bakir 0 Light Poster
hi bbinais
can use code tags to post so i can read it clearly .. waiting for ya
bbinais 0 Light Poster
<?php
$host="192.168.200.100";
$username="emt_dev";
$password="ready2go#";
$db_name="emtd101";
$tbl_name="M_USER";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// let's say the block time is 5 mins
$failded_waiting_time = 300; // 5 mins
if(!isset($_SESSION['login_counter'])) $_SESSION['login_counter']=0;
if($_SESSION['login_counter'] = 3) {
$period = time()-$_SESSION['failed_login'];
if($period < 500) {
// do wat you want here like saying u need to wait
// rediorect to login page
header("location:Main_Login.php");
}
// if period > $failded_waiting_time
// reset time
$_SESSION['failed_login'] = time();
}
if(isset($_POST['sub']))
{
$myusername=$_POST['txtusername'];
$mypassword=$_POST['txtpassword'];
}
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
if(!isset($_SESSION['txtusername']))
{
session_register("txtusername");
session_register("txtpassword");
// $_SESSION['login_counter']=0; not needed here
$_SESSION['txtusername']="$myusername";
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['login_counter']=$_SESSION['login_counter']+1;
// register the 3 failed acces time
if($_SESSION['login_counter'] == 3) {
$_SESSION['failed_login'] = time();
}
header("location:
Main_Login.php");
}
?>i use this code....
but i get the error
"Parse error: syntax error, unexpected $end in C:\Program Files\EasyPHP-5.3.3\www\brando\html\screens\check_user.php on line 55"
bakir 0 Light Poster
this error mean there is missing } on the end so
u forget to add } at the end to close the if($count ==1 ) statement
good luck and dont forget to mark this thread as solved if it true
bbinais 0 Light Poster
what will be the logout page code
Shanti C 106 Posting Virtuoso
what will be the logout page code
logout page contains destroy all your sessions (created on login page) and redirect to index/thankyou page...
bakir 0 Light Poster
maybe like this
<?php
session_start();
if(!iseet($_SESSION['username'])) {
// not logged in cant logged out
header('Location: login.php');
}
unset($_SESSION['username']); // remove all $_SESSION data unset if u have more
session_destroy();
header('Location:mainPage.php');
?>simple code and u can coustmize it to fit ur needs
bbinais 0 Light Poster
thank you very much bakir.....
bakir 0 Light Poster
thank you very much bakir.....
np ;) ur welcome always but dont forget to mardk this thread as solved so unsolved can come up
good luck
bbinais 0 Light Poster
i want to disable the login page for 5 minutes if the user inputs wrong password 3 times.
please help me
this is my check_user.php
<?php
session_start();
include("config.php");
if (isset($_POST['sub'])) {
$myusername = $_POST['txtusername'];
$mypassword = $_POST['txtpassword'];
$name = stripslashes($myusername);
$password = stripslashes($mypassword);
$myusername = mysql_real_escape_string($name);
$mypassword = mysql_real_escape_string($password);
$sql = "SELECT * FROM $tbl_name WHERE MUSE_NAME='$myusername' and MUSE_PWD='$mypassword'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
if ($count == 1) {
$_SESSION['login'] = "1";
header("location:Main_Dashboard.php");
}
else
{
$_SESSION['error'] = "Incorrect username or password";
header("location:Main_Login.php");
}
}
?> Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.