 |  |  |  |  |  |  |  |
sleep function
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
•
•
Join Date: Aug 2008
Posts: 94
Reputation: 
Solved Threads: 0
Junior Poster in Training
Hello all!
I wanted to ask everyone what they thought about the sleep function in php. I do believe I'm going to use it for my website, but I'm really unsure how to implement it in. I wanted to use it on the login page. I googled this until I'm blue in the face and can't get anywhere. Does anyone know of a good site that shows lots of examples? Or can someone show me where to put it in a login code?
Thanks bunches!
~Amy
I wanted to ask everyone what they thought about the sleep function in php. I do believe I'm going to use it for my website, but I'm really unsure how to implement it in. I wanted to use it on the login page. I googled this until I'm blue in the face and can't get anywhere. Does anyone know of a good site that shows lots of examples? Or can someone show me where to put it in a login code?
Thanks bunches!
~Amy
•
•
Join Date: Jun 2008
Posts: 849
Reputation:
Solved Threads: 67
Practically a Posting Shark
•
•
•
•
Originally Posted by designingamy 
Hello all!
I wanted to ask everyone what they thought about the sleep function in php. I do believe I'm going to use it for my website, but I'm really unsure how to implement it in. I wanted to use it on the login page. I googled this until I'm blue in the face and can't get anywhere. Does anyone know of a good site that shows lots of examples? Or can someone show me where to put it in a login code?
Thanks bunches!
~Amy
Last edited by R0bb0b; Aug 21st, 2008 at 11:29 pm.
“Be who you are and say what you feel because those who mind don't matter and those who matter don't mind.” - Dr. Seuss
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
•
•
Join Date: Aug 2008
Posts: 94
Reputation:
Solved Threads: 0
Junior Poster in Training
Like I said, I want to use it for the LogIn page, so if hackers want to try to use 50 billion passwords to find the right username, or vice versa, it may take them longer than they want to wait.
Since you don't use the sleep function, I'm curious to know what you use for security. I've heard both good and bad things about the sleep function. I don't think it will hurt to use it and any additional security to try to prevent the wrong ones from entering.
~Amy
Since you don't use the sleep function, I'm curious to know what you use for security. I've heard both good and bad things about the sleep function. I don't think it will hurt to use it and any additional security to try to prevent the wrong ones from entering.
~Amy
•
•
Join Date: Jun 2008
Posts: 849
Reputation:
Solved Threads: 67
Practically a Posting Shark
•
•
•
•
Originally Posted by designingamy
Like I said, I want to use it for the LogIn page, so if hackers want to try to use 50 billion passwords to find the right username, or vice versa, it may take them longer than they want to wait.
Since you don't use the sleep function, I'm curious to know what you use for security. I've heard both good and bad things about the sleep function. I don't think it will hurt to use it and any additional security to try to prevent the wrong ones from entering.
~Amy
“Be who you are and say what you feel because those who mind don't matter and those who matter don't mind.” - Dr. Seuss
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
•
•
Join Date: Aug 2008
Posts: 94
Reputation:
Solved Threads: 0
Junior Poster in Training
Hmmm...that sounds like a good idea. But what about if a hacker has a password and then does nothing but try to figure out what the username is. How do you prevent those attacks?
~Amy
~Amy
•
•
Join Date: Jun 2008
Posts: 849
Reputation:
Solved Threads: 67
Practically a Posting Shark
•
•
•
•
Originally Posted by designingamy
Hmmm...that sounds like a good idea. But what about if a hacker has a password and then does nothing but try to figure out what the username is. How do you prevent those attacks?
~Amy
Last edited by R0bb0b; Aug 22nd, 2008 at 2:57 pm.
“Be who you are and say what you feel because those who mind don't matter and those who matter don't mind.” - Dr. Seuss
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
•
•
Join Date: Aug 2008
Posts: 94
Reputation:
Solved Threads: 0
Junior Poster in Training
Yes, but I think if it were only delayed a few seconds I don't think that most users would have a major problem with it.
I guess it could be possible to do both? Limit the # of attempts as well as using the sleep function?
~Amy
I guess it could be possible to do both? Limit the # of attempts as well as using the sleep function?
~Amy
•
•
Join Date: Aug 2008
Posts: 1,160
Reputation:
Solved Threads: 137
Once again, hackers might keep trying the passwords, but you might want to try an approach of blocking ip's. 5 attempts at an ip with an incorrect password, record the ip in a table, and pull back from the table when user's are accessing the login page. If they match an ip in the table, disable the ability to log in or along those lines. Yes they can spoof the ip's, but it is a viable solution.
•
•
Join Date: Aug 2008
Posts: 94
Reputation:
Solved Threads: 0
Junior Poster in Training
That sounds like a pretty good idea...of course they could go to any computer, but it would make it harder for them.
I am not sure exactly how to write all that php code. Can you point me into the right direction, a website perhaps, that discusess this?
I really appreciate it
~Amy
I am not sure exactly how to write all that php code. Can you point me into the right direction, a website perhaps, that discusess this?
I really appreciate it
~Amy
•
•
Join Date: Aug 2008
Posts: 1,160
Reputation:
Solved Threads: 137
Here's a link of how to get the ip address
http://www.plus2net.com/php_tutorial/php_ip.php
Then just set up table along the lines of
BLOCKED_IP
FAILED_LOGIN_ATTEMPTS
LAST_FAILED_TIME
When the user accesses the page, check the ip against blocked_ip, if it matches then check LAST_FAILED_TIME and FAILED_LOGIN_ATTEMPTS, if it is greater than 30 min and whatever value for FAILED_LOGIN_ATTEMPTS you choose, then display the login page, otherwise dispaly the access denied page and increment the FAILED_LOGIN_ATTEMPTS. If you allow access, delete the row for that ip. If the user types in a bad password insert or increment the FAILED_LOGIN_ATTEMPTS.
You might want to go about it a little different of a way, but there is a good start.
Thanks
http://www.plus2net.com/php_tutorial/php_ip.php
Then just set up table along the lines of
BLOCKED_IP
FAILED_LOGIN_ATTEMPTS
LAST_FAILED_TIME
When the user accesses the page, check the ip against blocked_ip, if it matches then check LAST_FAILED_TIME and FAILED_LOGIN_ATTEMPTS, if it is greater than 30 min and whatever value for FAILED_LOGIN_ATTEMPTS you choose, then display the login page, otherwise dispaly the access denied page and increment the FAILED_LOGIN_ATTEMPTS. If you allow access, delete the row for that ip. If the user types in a bad password insert or increment the FAILED_LOGIN_ATTEMPTS.
You might want to go about it a little different of a way, but there is a good start.
Thanks
|
Similar Threads
- Using the sleep function (Java)
- Python Sleep Function: (Python)
- What is sleep function (Perl)
- PHP hold program execute function (PHP)
- Interrupt Sleep function (Python)
- Help: need feedback on my Java assignment about thread sleep. It's already coded. (Java)
Other Threads in the PHP Forum
- Previous Thread: from in email
- Next Thread: easy question
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest PHP Posts
- Today's Posts
- Unanswered Threads
apache api archive array autocomplete beginner binary broken buttons cakephp checkbox class cms code cron curl database dataentry date display duplicates dynamic ebooks echo email emptydisplayvalue error execute explodefunction file files firstoptioninphpdroplist folder form forms function functions google href htaccess html image include insert ip javasciptvalidation javascript joomla keywords limit link login mail matching mediawiki menu mlm multiple mysql number oop paypal pdf php phpincludeissue problem query radio random recursion recursive remote script search server sessions shot sms source sp space speed sql subscription syntax system table tag tutorial tutorials update upload url validator variable vbulletin video web white youtube
