Hi guys in this article I would like to share with you a modified version of my original code that locks the user after three attempts of login in the system by this time I added a functionality to disable the user account in the database by using a Flag in this case the flag is used is the status field in the table if the status = 0 zero it means the user account this disable but if the status = 1 it means the user account is enable. I hope you will find my work useful it has been a long time I was able to solve this problem but here is the complete and right solution to the problem. Thank you very much for visiting my website.
My email address are the following jakerpomperada@gmail.com and jakerpomperada@yahoo.com.
My mobile number here in the Philippines is 09173084360.
Sample Program Output
Database and Table Structure
Program Listing
<!-- connet_to_database.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<?php
define('_HOST_NAME','localhost');
define('_DATABASE_NAME','login');
define('_DATABASE_USER_NAME','root');
define('_DATABASE_PASSWORD','');
$MySQLiconn = new MySQLi(_HOST_NAME,_DATABASE_USER_NAME,_DATABASE_PASSWORD,_DATABASE_NAME);
if($MySQLiconn->connect_errno)
{
die("ERROR : -> ".$MySQLiconn->connect_error);
}
?>
<!-- login.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<html>
<head>
<title>
Login System With User Account Disabled in PHP and MySQLi
</title>
</head>
<?php
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(isset($_SESSION['username'])) { // if already login
header("location: home.php"); // send to home page
exit;
}
?>
<html>
<head></head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
input, button, select, option, textarea {
font-size: 100%;
}
</style>
<br><br>
<h2> Login System With User Account Disabled in PHP and MySQLi OOP Version </h2>
<h4> Created By: Mr. Jake Rodriguez Pomperada, MAED-IT</h4>
<br>
<form action = 'login_process.php' method='POST'>
Enter Username:
<input type="text" name="username" /> <br><br>
Enter Password:
<input type="password" name="password" />
<br> <br>
<input type = "submit" name="submit" value="Ok" />
</form>
</body>
</html>
<!-- login_process.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<html>
<head>
<title>
Login System With User Account Disabled in PHP and MySQLi
</title>
</head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
</style>
<?php
error_reporting(0);
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_POST['submit'])) { // if the form not yet submitted
header("Location: login.php");
exit;
}
$attempt = 1;
$myusername = $_POST['username'];
$mypassword = $_POST['password'];
// query to get the users lastname and firstname to be display in the main page
// Query if the user account is not disabled
$test_query2 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status = 1 ";
// Query if the user account is disabled
$test_query3 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status = 0 ";
$disable_account = "UPDATE users SET status = 0 WHERE username = '$myusername' ";
$res2 = $MySQLiconn->query($test_query3);
// Query to check if the user account is already been disable by the system
if($res2->num_rows > 0) {
header("Location: disabled.php");
}
$res = $MySQLiconn->query($test_query2);
if($res->num_rows > 0) {
while($row=$res->fetch_array()) {
$_SESSION['username'] = $_POST['username'];
$_SESSION['lastname'] = $row['lastname'];
$_SESSION['firstname']= $row['firstname'];
header("Location: home.php");
exit;
}
} else {
$number = $_SESSION['number'];
$number++;
$_SESSION['number'] = $number;
echo "<br><br>";
echo "<h1> Access Denied !!! Try Again </h1>";
echo "Attempt Number : <font color='red'> $number </font>";
echo "<br><br>";
echo "<a href='login.php'>Return To Login Page</a> " ;
echo "</font></font>";
if ($number>2) {
$res3 = $MySQLiconn->query($disable_account);
header("Location: disabled.php");
exit;
}
}
?>
</body>
</html>
<!-- home.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<?php
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_SESSION['username'])) { //if not yet logged in
header("Location: login.php");// send to login page
exit;
}
?>
<html>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
input, button, select, option, textarea {
font-size: 100%;
}
</style>
<br>
<H2> Welcome Page </H2>
<br>
Welcome <b> <?php echo $_SESSION['firstname']. " ".$_SESSION['lastname']."."; ?> </b>
<br><br>
<a href="logout.php">Logout</a>
</body>
</html>
<!-- disabled.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<html>
<head>
<title> Disabled User Account </title>
</head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
</style>
<?php
$message1= "Sorry your user account is already been <font color='red'>DISABLED</font>.";
$message2= "The system will be locked.";
$message3 = "Kindly send an email to the programmer for assistance at
<font color='blue'> jakerpomperada@gmail.com </font>.";
echo "<br><br>";
echo "$message1";
echo "<br>";
echo "<h1><font color='red'> $message2 </font></h1>";
echo "<br>";
echo "<h3>$message3</h3>";
echo "<br>";
echo " <a href='logout.php'>CLOSE</a>";
?>
</body>
</html>
<!-- disabled.php
Author : Mr. Jake Rodriguez Pomperada, MAED-IT
Date : February 26, 2017 Sunday 6:29 AM
Tools : PHP, MySQL, Google Chrome and Sublime Text 3
Emails : jakerpomperada@gmail.com and jakerpomperada@yahoo.com
Country of Origin : Philippines
Nature of Code : Security Routine
Code Licence : Open Source
-->
<html>
<head>
<title> Disabled User Account </title>
</head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
</style>
<?php
$message1= "Sorry your user account is already been <font color='red'>DISABLED</font>.";
$message2= "The system will be locked.";
$message3 = "Kindly send an email to the programmer for assistance at
<font color='blue'> jakerpomperada@gmail.com </font>.";
echo "<br><br>";
echo "$message1";
echo "<br>";
echo "<h1><font color='red'> $message2 </font></h1>";
echo "<br>";
echo "<h3>$message3</h3>";
echo "<br>";
echo " <a href='logout.php'>CLOSE</a>";
?>
</body>
</html>
users.sql
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Generation Time: Feb 25, 2017 at 11:42 PM
-- Server version: 10.1.16-MariaDB
-- PHP Version: 5.6.24
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `login`
--
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE `users` (
`id` int(11) NOT NULL,
`username` varchar(100) NOT NULL,
`password` varchar(100) NOT NULL,
`lastname` varchar(200) NOT NULL,
`firstname` varchar(200) NOT NULL,
`status` varchar(1) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `username`, `password`, `lastname`, `firstname`, `status`) VALUES
(1, 'jake', 'jake', 'POMPERADA', 'JAKE', '1'),
(2, 'jacob', 'jacob', 'POMPERADA', 'JACOB SAMUEL', '0'),
(3, 'allie', 'allie', 'POMPERADA', 'MA. JUNALLIE', '1'),
(4, 'iya', 'iya', 'POMPERADA', 'JULIANNA RAE', '0'),
(5, 'bill', 'bill', 'GATES', 'BILL', '0'),
(6, 'peter', 'peter', 'NORTON', 'PETER', '0');
--
-- Indexes for dumped tables
--
--
-- Indexes for table `users`
--
ALTER TABLE `users`
ADD PRIMARY KEY (`id`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `users`
--
ALTER TABLE `users`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=7;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
No comments:
Post a Comment