第n次登录尝试后阻止用户

编程入门行业动态更新时间:2024-10-24 21:21:13

本文介绍了第n次登录尝试后阻止用户-PHP的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

我正在登录，以便将失败的登录尝试存储在数据库中.

I am working in login such that unsuccessful login attempts are stored a database.

然后，在第三次登录尝试后，将根据记录的IP地址和/或用户帐户为受影响的用户禁用登录.

Then, after the 3rd login attempt, login will be disabled for the affected user based on the recorded IP address and/or user account.

不幸的是，我的代码无法按预期运行；登录尝试不会被存储到数据库中，并且仍然不会为受影响的用户禁用登录.

Unfortunately, my code is not working as expected; the login attempts is not getting stored into the database, and login is still not disabled for the affected user.

我在做什么错，我该如何解决?

What am I doing wrong and how can I fix it?

下面是我的登录脚本:

session_start(); //Get IP address // code goes here $loginDate = date("Y-m-d H:i:s"); $Error = ""; $successMessage = ""; if (($_REQUEST['captcha'] == $_SESSION['vercode'])) { //captcha code goes here if (isset($_POST['submit'])) { if (!( $_POST['username'] == "" && $_POST['password'] == "")) { //submit form codes goes here if (filter_var($username, FILTER_VALIDATE_INT)) { $con = mysqli_connect("localhost", "root", "", "test"); $result = mysqli_query($con, "SELECT * FROM Users WHERE username='$username' AND password='$password'"); $loginAttempt = mysqli_query($con, "SELECT * FROM Logs WHERE username='$username'"); $data = mysqli_fetch_row($result); if (count($data)>0) { $_SESSION['login_user']=$username; mysqli_query($con, "INSERT INTO `test`.`Logs`(`username`, `lastLogin`, `ipAddress`, `captcha`) VALUES('$username', '$loginDate', '$ipaddress', '$captcha') ON DUPLICATE KEY UPDATE `username` = '$username', `lastLogin` = '$loginDate'"); header('Location: privatepage.php'); } else { $Error ="Invalid Contract Number or Password"; } mysqli_close($con); } else { $Error ="Invalid Contract Number"; } if (($data['username'] == $username) || ($data['password'] == $password)) { $loginAttempt = mysqli_query($con, "UPDATE Logs SET loginAttempt = 0 WHERE username='$username'"); mysqli_close($con); } else { if ($loginAttempt >= 3) { echo 'Sorry your account has been lock out. Please contact the administrator'; } else { mysqli_query($con, "UPDATE Logs SET loginAttempt = loginAttempt +1 WHERE username= '$username'"); } } } } }

我收到此错误:

PHP注意:未定义的变量:第62行的loginAttempt

PHP Notice: Undefined variable: loginAttempt on line 62

PHP警告:mysqli_query():无法在第65行获取mysqli

PHP Warning: mysqli_query(): Couldn't fetch mysqli on line 65

推荐答案

您的$ data仅包含mysql中的行数

Your $data is only containing number of rows in mysql

$data = mysqli_num_rows($result);

考虑使用mysqli_fetch_row

Consider using mysqli_fetch_row

更多推荐