PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I have done a few google searches to find my answer but the time topic goes way off what i need. I am trying to secure my user login by banning users for 15min after 5 login attempts. I thought this would be simple but i am getting stuck on times. Here is what i have so far:
}
else
{
$msg = urlencode("Invalid Login. Please try again with correct user name and password. ");
header("Location: login.php?msg=$msg");
$updatefail = "UPDATE `users`
SET failed_login_attempts = failed_login_attempts + 1 AND last_failed_login = NOW() WHERE user_name = '$user_email'";
$result3 = mysql_query($updatefail)
or die('Invalid query: ' . $updatefail . ' - Error is ' . mysql_error());
}
while ($line = mysql_fetch_assoc($result))
{
foreach ($line as $key => $val) { $$key = htmlentities($val); }
$failedloginattempts = "$failed_login_attempts";
$lastfailedlogin = "$last_failed_login";
if ($failedloginattempts > 5 && $lastfailedlogin > (NOW() - 10 minutes)) {
// now ban user for 15min?
}
So on the last part the IF statement i am trying to say if the login attempt is over 5 and the last attempt was within 10minutes from now the user will get banned for 15min. I dont know how to do the "&& $lastfailedlogin > (NOW() - 10 minutes))". I also dont know how to ban a user for just 15 minutes i only know how to ban forever.
As i said i have googled this but not got very far. Any help would be great.