-2

我的问题是让计数器为 x 次失败的登录工作。我在 MySQL 中的列是:id、用户名、密码、尝试和地址!

if ($result[0]['total'] == true)
{

    $_SESSION['userLogin'] = $result[0]['total'];
    $_SESSION['isLoggedIn'] = $login;
    header('location: index.php?id=home');
    $db->query("UPDATE authenticate SET attempts=0, adress='$ip' WHERE username='$login'");
    exit;
}
else
{
    $rs = mysql_query('SELECT id,username,password,attempts,address FROM authenticate WHERE username = '.$username.'');
    $num = mysql_num_rows($rs);
    if ($row['attempts'] > 3) {
        // Redirect to captcha
        header('location: captcha.php');
    } else {
        $ip = $_SERVER['REMOTE_ADDR'];
        if ($row['address'] != $ip) {
        // New ip adress, reset failed logins
        $failed_logins = 0;
        } else {
        // Increment failed logins
        $failed_logins = $row['attempts']+1;
        }
        mysql_query('UPDATE authenticate SET attempts = '.$failed_logins.',address = '.$ip.' WHERE id = '.$row['id'].' ');
    }
header('location: index.php');
exit;
}
4

1 回答 1

2

不需要数据库计数器,而是创建一个称为尝试的会话并增加它。与仅使用会话并增加它相比,使用数据库会更慢且效率更低:) 这应该可以解决您的问题并使用更少的编码。这是使用我的想法的代码,它也应该可以工作:

//Checks if the user is logged in
if ($result[0]['total'] == true){
    //Sets the users login
    $_SESSION['userLogin'] = $result[0]['total'];
    //Sets the loggedin variable
    $_SESSION['isLoggedIn'] = $login;
    //Resets the attempts
    $_SESSION['attempts'] = 0;
    //Redirects to index.php?id=home
    header('location: index.php?id=home');
    exit;
}else{
    //Checks if the attempts are greater than three
    if ($_SESSION['attempts'] > 3) {
        // Redirect to captcha
        header('location: captcha.php');
    } else {
        //Increments the session variable
        $_SESSION['attempts'] = $_SESSION['attempts'] + 1;
        //Goes back to the index page
         header('location: index.php');
         exit;
    }
}
exit;
于 2013-02-10T12:12:15.790 回答