Password Entry Counter
Posted: Thu Jan 12, 2012 7:56 pm
I didn't know where I ought to post this. I am trying to write a script which will prevent access to a users' account for 20 minutes after 4 failed login attempts. I am attempting to implement this as a function so I can call it on the login and activation [age. The code I have so far is:
function sideaccess($key, $mode) { global $db_host; global $db_user; global $db_pass; global $db_base; $output = ""; mysql_connect($db_host, $db_user, $db_pass); mysql_select_db($db_base); $select = mysql_query("SELECT `accessid`,`userid`,`timestring`,`attempts` FROM accesslog WHERE userid='$key'"); $timestring = strtotime(date("d/m/Y. H:i:s", strtotime("+20 minutes"))); If ($mode==1) { $rows = mysql_num_rows($select); if($rows==0) { $output == FALSE; } else { $read = mysql_fetch_assoc($select); $attempts = $read["attempts"]; $chectime = $read["timestring"]; } } elseif ($mode==2) { $sql = "INSERT INTO accesslog (`userid`,`timestring`,`attempts`) VALUES ('$key','$timestring') ON DUPLICATE KEY UPDATE `attempts` = 'attempts' + 1;"; $insert = mysql_query($sql); if(!$insert) { echo mysql_error(); } } else { $output = "Function number ".$mode." not valid"; } return $output; }The key is the user id, and the mode is either 1 or 2 depending on whether you want to write to the database. SQL database currently looks like this:
CREATE TABLE `accesslog` ( `accessid` INT(6) NOT NULL PRIMARY KEY AUTO_INCREMENT, `userid` INT(6) NOT NULL, `timestring` INT(10) NOT NULL, `attempts` INT(4) NOT NULL ) ENGINE = InnoDB; ALTER TABLE `accesslog` ADD INDEX (`userid`); ALTER TABLE `accesslog` ADD FOREIGN KEY (`userid`) REFERENCES `useraccounts` (`userid`) ON DELETE CASCADE ON UPDATE CASCADE;I have been trying for a couple of days and it hasn't worked. This is the code I have so far from trying to rewrite this function. Please, someone, help?