i want to add a login attepmt counter here, that if inccorect password count==3 it will be redirected to the forgotpassword.php
need some help thankyou in advance (:

     * checks if user with email "$username" and password "$password" exists
     * */
    public function confirmUserPass($username, $password){
        //$username = mysql_real_escape_string($username);
        /* Verify that user is in database */
        $q = "SELECT password FROM users WHERE email = '$username'";
        $results = mysqli_query($this->link,$q);
        if(!$results || (mysqli_num_rows($results) < 1)){
            return -1; //Indicates username failure
        $dbarray = mysqli_fetch_array($results,MYSQLI_ASSOC);
        $dbarray['password'] = stripslashes($dbarray['password']);
        $password = stripslashes($password);

        if($password == $dbarray['password']){
            return 1; //Success, Username and password confirmed
            return -2; //Indicates password failure

As pzuurveen suggests, store a counter value in a session variable. You would increment this number between lines 21-23. before you exit the block, check if the value is == 3, and if it is redirect to the forget password page.