If a user entered invalid username 3 times i want keep that username value some where each time a username entered and compare them and do a process, can someone help.
Thanks
PHP form values
Moderator: General Moderators
phice wrote:Could you give us a slight bit more information? Because I've got a few different positions in where I could head with this.
yes, say if a user type username or password which is invalid i want to catch that username entered and take a count, like that if a user type the invalid username or password for the second time I want to catch that username as well and take a count so on.
And when user typed invalid username or password for the 3rd time want to block the user if he as typed the same user name 3 times.
Thanks
-
Tubbietoeter
- Forum Contributor
- Posts: 149
- Joined: Fri Mar 14, 2003 2:41 am
- Location: Germany
I'd use session variables for that; on each page you must start a session with session_start().
Then you can access session variables.
// init of <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> login counter
if (!isset($_SESSION['error_count'])) $_SESSION['error_count']=0;
// increment on each invalid login
if ($login="<span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>") $_SESSION['error_count']++;
// make user leave
if ($_SESSION['error_count']==3) get_rid_of_user();
The problem is, this only works for the session, so if the user closes the browser and reopens it, he can try again.
another way is to do logfiles or cookies (but if the user knows that he just needs to delete the cookie) or logtables in a database, where you realize one counter per ip-address plus the time of last invalid login. rememer to set the counter back to 0 after 24 hrs or so.
maybe anyone here has a better solution.
Then you can access session variables.
// init of <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> login counter
if (!isset($_SESSION['error_count'])) $_SESSION['error_count']=0;
// increment on each invalid login
if ($login="<span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>") $_SESSION['error_count']++;
// make user leave
if ($_SESSION['error_count']==3) get_rid_of_user();
The problem is, this only works for the session, so if the user closes the browser and reopens it, he can try again.
another way is to do logfiles or cookies (but if the user knows that he just needs to delete the cookie) or logtables in a database, where you realize one counter per ip-address plus the time of last invalid login. rememer to set the counter back to 0 after 24 hrs or so.
maybe anyone here has a better solution.
