I need to put this loginform a login attempt after 3 unsuccessful attempts. Can you please help me out in this situation, I've been trying to do this several days now and none of them is working. I've try some examples on the net but the problem is I can't sync them with my current database installed.

Here is my code:


<div id="login">

<?php if($form->num_errors > 0){
                echo "<strong><font size=\"2\" color=\"#ff0000\">".$form->error("access")."</font></strong>";
                echo "<font size=\"2\" color=\"#ff0000\">".$form->error("attempt")."</font>";
                echo "<br><br>";
} ?>

<center> <img src="images/logo.png" alt="logo width="50px" height="50px"> <br> Member login
    <hr /> </center>

<form action="" method="post">
<label> Username: </label>
<input type="text" name="Username" id="name" placeholder="Enter your username" maxlength="8" required/> <br /> <br />
<label> Password: </label>
<input type="password" name="password" id="password" placeholder="Enter your password" maxlength="10" required/> <br/> <br />
<font size="2"> <a href="register.php"> Register </a> | <a href="index.html"> Go to Website </a> <br> <a href="forgotPass.php"> Forgot Password? </a> | <a href="Help.html"> Help? </a> </font>

                        <input type="hidden" name="sublogin" value="1" />
<input type="submit" value="Login" name="submit"/>  <br />
<span> <?php echo $error; ?> </span>



Member Avatar

You don't show any code that equates with this functionality. Are you storing the attempts in a session variable?

$bad_login_limit = 3;
$lockout_time = 600;

$first_failed_login, failed_login_count; // retrieve from DB

    ($failed_login_count >= $bad_login_limit)
    (time() - $first_failed_login < $lockout_time)
) {
  echo "You are currently locked out.";
  exit; // or return, or whatever.
} else if( /* login is invalid */ ) {
  if( time() - $first_failed_login > $lockout_time ) {
    // first unsuccessful login since $lockout_time on the last one expired
    $first_failed_login = time(); // commit to DB
    $failed_login_count = 1; // commit to db
  } else {
    $failed_login_count++; // commit to db.
  exit; // or return, or whatever.
} else {
  // user is not currently locked out, and the login is valid.
  // do stuff

check these helpful links
1:Click Here
2:Click Here