我的问题是让计数器适用于x次登录失败。 我在MySQL中的列是:id,username,password,attempts& ADRESS!
if ($result[0]['total'] == true)
{
$_SESSION['userLogin'] = $result[0]['total'];
$_SESSION['isLoggedIn'] = $login;
header('location: index.php?id=home');
$db->query("UPDATE authenticate SET attempts=0, adress='$ip' WHERE username='$login'");
exit;
}
else
{
$rs = mysql_query('SELECT id,username,password,attempts,address FROM authenticate WHERE username = '.$username.'');
$num = mysql_num_rows($rs);
if ($row['attempts'] > 3) {
// Redirect to captcha
header('location: captcha.php');
} else {
$ip = $_SERVER['REMOTE_ADDR'];
if ($row['address'] != $ip) {
// New ip adress, reset failed logins
$failed_logins = 0;
} else {
// Increment failed logins
$failed_logins = $row['attempts']+1;
}
mysql_query('UPDATE authenticate SET attempts = '.$failed_logins.',address = '.$ip.' WHERE id = '.$row['id'].' ');
}
header('location: index.php');
exit;
}
答案 0 :(得分:2)
不需要数据库计数器,而是创建一个名为尝试的会话,然后将其递增。使用数据库将比使用会话并递增更慢且效率更低:)这应该可以解决您的问题并使用更少的编码。这是使用我的想法的代码,它也应该工作:
//Checks if the user is logged in
if ($result[0]['total'] == true){
//Sets the users login
$_SESSION['userLogin'] = $result[0]['total'];
//Sets the loggedin variable
$_SESSION['isLoggedIn'] = $login;
//Resets the attempts
$_SESSION['attempts'] = 0;
//Redirects to index.php?id=home
header('location: index.php?id=home');
exit;
}else{
//Checks if the attempts are greater than three
if ($_SESSION['attempts'] > 3) {
// Redirect to captcha
header('location: captcha.php');
} else {
//Increments the session variable
$_SESSION['attempts'] = $_SESSION['attempts'] + 1;
//Goes back to the index page
header('location: index.php');
exit;
}
}
exit;