How to blocked login for few minutes after 2 unsuccessful login attempts?

by Lalita 07-May-19

0 243


You can block users for few minutes if they continuously try to login with incorrect details with the following code:

<?php
// your login file where the frontend code you are using...
$msg='';
if(isset($_POST['sub'])){
//If login failed
if(isset($_SESSION['num_login_fail'])){
// check the number of login failed
if($_SESSION['num_login_fail'] >= 2) // you can change the value of login failed
{ //if number of login failed greater than Or equal to 2
// Check the time if 10 minutes done or not...
if((time() - $_SESSION['last_login_time']) < (10*60) )
{
// alert to user wait for 10 minutes after
$msg="You have incorrectly typed your password 2 times,
try again after 15 minutes.";
}
else
{
// after 10 minutes
$_SESSION['num_login_fail'] = 0;
$msg= admin_login($_POST);
}
}
else{ // if number of login failed less than Or not equal to 2
$msg= admin_login($_POST);
}
}
else{
// if number of login failed is not set
$msg= admin_login($_POST);
}
}
echo $msg;
?>
<!-- Here include your function file -->
<?php session_start();
include('dbconnect.php'); // Include your db connect file here

// Here is your login function

function admin_login($data){
$user=mysqli_real_escape_string($GLOBALS['connection'],$_POST['username']);
$password=mysqli_real_escape_string($GLOBALS['connection'],md5($_POST['password']));

// Your mysqli Query...
$login="select * from register_user where username='$user' and password='$password'";
$query=mysqli_query($GLOBALS['connection'],$login);
$result=mysqli_fetch_array($query);
if(mysqli_num_rows($query)>0)
{
// If user details correct, get the User-Id in session and redirect where you want to do...
$_SESSION['id']=$result['id'];
echo '<script>window.location="home.php";</script>';
}
else
{
$_SESSION['id']="";
$_SESSION['num_login_fail']++; //Get the number of login failed in session
$_SESSION['last_login_time'] = time(); //Get the time of last login
$msg= 'Username or Password is not Correct....';
}
return $msg;
}
?>


Share:


Discount Coupons

SEMRush FREE Trial – PRO Account for 14 Days

FREE Pro Account worth $99.95 for 14 Days.



Comments

    No Comments Yet.

Leave a Reply