several login attempts

icesh

hi i'm a newbie in php..
can you help me how to make several login attempt in php?
(if we put wrong password/username,, we will go back to the previous form and we can try 3 more attempts to input the correct password/username before appear an error message)
thanks before..

ronverdonk

Welcome to The Scripts.

We cannot help you if we see no code to help or work on. So, first you'll have to show us the code you have written so far. Then we can have a look at how to limit the number of logins.

And show any code within the appropriate code tags!

Ronald

icesh

sorry I didn't write the code..
here's my code..

this is the form.html

Expand|Select|Wrap|Line Numbers

 
<html>

    <head>

        <title>form</title>

    </head>

    <body>

        <form action="login.php" method="post">

            <table border=1>

                <tr>

                    <td colspan=2>

                        Login

                    </td>

                </tr>

                <tr>

                    <td>

                        User

                    </td>

                    <td>

                        <input type="text" name="user" value="<user>">

                    </td>

                </tr>

                <tr>

                    <td>

                        Password

                    </td>

                    <td>

                        <input type="password" name="pass" value="<pass>">

                    </td>

                </tr>

                <tr>

                    <td colspan=2>

                        <input type="hidden" name="ct" value="0">

                        <input type="submit" value="login">

                        &nbsp; &nbsp; &nbsp; &nbsp;

                        <input type="reset" value="cancel">

                    </td>

                </tr>

            </table>

        </form>

    </body>

</html>

this is the login.php

Expand|Select|Wrap|Line Numbers

 
<html>

    <head>

        <title>login</title>

    </head>

    <body>

        <?

            $nama=$_POST["user"];

            $pswd=$_POST["pass"];

            $count=$_POST["ct"];

            if(($nama=="admin")&&($pswd=="admin")){

                echo "Selamat datang <b>admin</b>";

            }

            else{

                if(count<10){

                    $_POST["ct"]++;

                    echo "User atau password yang anda masukkan salah, anda memiliki kesempatan untuk mencoba ";

                    echo 10-$_POST["ct"];

                    echo " kali lagi ";

                }

                else{

                    echo "User atau password yang anda masukkan salah, silakan coba lagi atau hubungi customer service";

                }

            }

        ?>

    </body>

</html>

I tried to changed the value of "ct" but it didn't work..
Sorry if my question & my code looks silly, I'm very newb with php..
thanx..

Markus

Hmm.
So you aren't using a database to store log in details, this may make things harder.

What is the purpose of this 'counting of attempts'? Is it so that, after so many tries, the user is blocked from logging in for a certain amount of time?

I mean, you could use sessions, or cookies, but the user could just delete them.. so they're not a great idea. The best bet would be to store the user's IP address in a database, but by the looks of it you havent had a go with MySQL yet.

I recommend you have a look at some php/mysql tutorials - it'll benefit you greatly in the long run.

Regards, markus.

icesh

thanks for you reply markus but I haven't learnt that far..
this is the first day study about php.. and the purpose of this is just for practice..

can we change the value of the input in html using php?
thanks..

Markus

Quote:

Originally Posted by icesh

can we change the value of the input in html using php?
thanks..

Can you explain abit more please?

icesh

<input type="hidden" name="ct" value="0">
^
^
^
can we change the value="0" in form.html form login.php?
another idea that I got is by writing the counter to file.. (but I haven't learnt how to use file in php)
beside that, I haven't got any idea..
thanx

ronverdonk

Since you do not use a database to log login attemps (could be done on IP address), you can store the count in the $_SESSION array and increment it each time the script is re-executed. Like[php]if (isset($_SESSION['count'])) {
$_SESSION['count']++;
if ($_SESSION['count'] > 3) {
// issue message
exit;
}
}
else
$_SESSION['count']=1;
[/php]
Ronald

icesh

thanks ronald..
now I'm reading about $_SESSION from w3school..
I hope it will solve the problem..
I'll give my report if I've try this..

Markus

Quote:

Originally Posted by icesh

thanks ronald..
now I'm reading about $_SESSION from w3school..
I hope it will solve the problem..
I'll give my report if I've try this..

Thing is, as soon as the user closes the browser, the sessions are lost.
Defeating the error.

icesh

thanks to all of you..
the $_SESSION work very well, here's my code..

Expand|Select|Wrap|Line Numbers

 
<html>

    <head>

        <title>form</title>

    </head>

    <body>

        <form action="login.php" method="post">

            <table border=1>

                <tr>

                    <td colspan=2>

                        Login

                    </td>

                </tr>

                <tr>

                    <td>

                        User

                    </td>

                    <td>

                        <input type="text" name="user" value="<user>">

                    </td>

                </tr>

                <tr>

                    <td>

                        Password

                    </td>

                    <td>

                        <input type="password" name="pass" value="<pass>">

                    </td>

                </tr>

                <tr>

                    <td colspan=2>

                        <input type="submit" value="login">

                        &nbsp; &nbsp; &nbsp; &nbsp;

                        <input type="reset" value="cancel">

                    </td>

                </tr>

            </table>

        </form>

    </body>

</html>

Expand|Select|Wrap|Line Numbers

 
<?

    session_start();

?>
 
<html>

    <head>

        <title>login</title>

    </head>

    <body>

        <?

            $nama=$_POST["user"];

            $pswd=$_POST["pass"];

            if(($nama=="admin")&&($pswd=="admin")){

                echo "Selamat datang <b>admin</b>";

                unset($_SESSION['ct']);

            }

            else{

                if(isset($_SESSION['ct'])){

                    if($_SESSION['ct']>5){

                        echo "Anda salah memasukkan user atau password sebanyak 5 kali, ip anda diblok selama 15 menit";

                        unset($_SESSION['ct']);

                    }

                    else{

                        echo "User atau password yang anda masukkan salah, anda memiliki kesempatan untuk mencoba ";

                        echo 6-$_SESSION["ct"];

                        echo " kali lagi";

                        echo "<br><a href='form.html'>kembali ke form</a>";

                    }

                    $_SESSION['ct']++;

                }

                else{

                    $_SESSION['ct']=1;

                }

            }

        ?>

    </body>

</html>

I've another question,, can we destroy SESSION when we close the tab?

ronverdonk

[php]unset['$_SESSION'];
$_SESSION = array();[/php]See you next time.
Ronald

icesh

I'm sorry Ronald, maybe my question is not clear enough..
when we open a browser,, we can open a lot of tabs..
my question is,, is there any code so that, when we close the tab (login.php), the SESSION will be destroy.. (without close the browser)
thanx..

ronverdonk

You can either close the entire $_SESSION array, I showed that. You can also unset any individual entries that you have set e.g.[php]unset[$_SESSION['count']);[/php]or do I still not understand it?

Ronald

icesh

I use the unset($_SESSION['ct']);
when the attempt is more than 10..
the problem is,, when I close the tab (login.php) and open it again,, the last $_SESSION['ct'] still remain..
where should I add unset($_SESSION['ct']); so that, the $_SESSION['ct'] will be cleared when I close the tab..
I've tried what markus said (when we close the browser, the $_SESSION['ct']) will be automatically cleared.., but when I close the tab without close the browser, the last $_SESSION['ct'] still remain..
I'm sorry to to make such trouble..

TheServant

No trouble. I don't think it's possible to do what you want. Basically with Ronalds way ( or mine - I prefer session_destroy() ) the user would have to load the "session destroying page" to end the session.

I didn't think about closing tabs ending sessions, but if you say they don't then that means that if the user closes the tab he will not have run your script and will continue to be logged in or what ever.

Why do you want to log them out when they close the tab? I don't think it's possible with sessions, and I can't think of another way to do it.

icesh

I just wondering if we can do that, but you're right,, we don't need to start a new session when we close a tab.., I'm sorry..
thank you guys..
this thread can be closed, my question has been answered..
special thanks for Ronald,Markus & "TheServant"

TheServant

Glad I could help. Hope to see you back here.

ronverdonk

The trio is always available here to help!

Ronald

several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

re: several login attempts

Similar PHP bytes

/bytes/development

/bytes/it

/bytes/about