0

i want to add a login attepmt counter here, that if inccorect password count==3 it will be redirected to the forgotpassword.php
need some help thankyou in advance (:

/*
     * checks if user with email "$username" and password "$password" exists
     * */
    public function confirmUserPass($username, $password){
        //$username = mysql_real_escape_string($username);
        /* Verify that user is in database */
        $q = "SELECT password FROM users WHERE email = '$username'";
        $results = mysqli_query($this->link,$q);
        if(!$results || (mysqli_num_rows($results) < 1)){
            mysqli_free_result($results);
            return -1; //Indicates username failure
        }
        $dbarray = mysqli_fetch_array($results,MYSQLI_ASSOC);
        $dbarray['password'] = stripslashes($dbarray['password']);
        $password = stripslashes($password);
        mysqli_free_result($results);

        if($password == $dbarray['password']){
            return 1; //Success, Username and password confirmed
        }
        else{
            return -2; //Indicates password failure
        }
    }
3
Contributors
2
Replies
14
Views
3 Years
Discussion Span
Last Post by JorgeM
0

As pzuurveen suggests, store a counter value in a session variable. You would increment this number between lines 21-23. before you exit the block, check if the value is == 3, and if it is redirect to the forget password page.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.