Three Attempt Login System in PHP and MySQL

Hi guys it has been a while since I want to create a login system in PHP and MySQL that limits the amount of attempt of login of the user. Here is it the complete code from start to finish I will allow the user to login just only for three attempt after that our login system will lock the application. The code is very easy to understand and use I hope you will find it useful.  Thank you very much. 

My email address are the following jakerpomperada@gmail.com and jakerpomperada@yahoo.com. 

My mobile number here in the Philippines is 09173084360.

Sample Program Output and Database Structure

Program Listing

connect_to_database.php

<?php

mysql_connect("localhost","root","") or die(mysql_error()); 

mysql_select_db("login");

?> 

home.php

<?php

include 'connect_to_database.php'; //connect the connection page

if(empty($_SESSION)) // if the session not yet started 

   session_start();

if(!isset($_SESSION['username'])) { //if not yet logged in

   header("Location: login.php");// send to login page

   exit;

} 

?>

<html>

<body>

<style>

body {

    background-color: lightgreen;

    font-family:arial;

    font-size:20px;

    }

input, button, select, option, textarea {

    font-size: 100%;

}

</style>

<br>

<H2> Main Page </H2>

<br>

Welcome  <b> <?php echo $_SESSION['firstname']. " ".$_SESSION['lastname']."."; ?>  </b>

<br><br>

 <a href="logout.php">Logout</a> 

</body>

</html> 

lock.php

<html>

 <head>

 <title> Login Lock </title>

 </head>

<body>

<style>

body {

    background-color: lightgreen;

    font-family:arial;

    font-size:20px;

}

</style>

<?php

         

 $message1= "Sorry you are reached the three number of attempts to login in the system.";

 $message2= "The system will be locked.";

 $message3 = "Kindly send an email to the programmer for assistance at 

           <font color='blue'> jakerpomperada@gmail.com </font>.";

             

 echo "<br><br>"; 

 echo "$message1";

 echo "<br>";

 echo "<h1><font color='red'> $message2 </font></h1>";

 echo "<br>"; 

 echo "<h3>$message3</h3>";

 echo "<br>"; 

 

 echo "&nbsp;&nbsp;&nbsp;&nbsp;<a href='logout.php'>CLOSE</a>";

?>

login.php

<?php

include 'connect_to_database.php'; //connect the connection page

if(empty($_SESSION)) // if the session not yet started 

   session_start();

if(isset($_SESSION['username'])) { // if already login

   header("location: home.php"); // send to home page

   exit; 

}

?>

<html>

<head></head>

<body>

<style>

body {

    background-color: lightgreen;

    font-family:arial;

    font-size:20px;

}

   input, button, select, option, textarea {

    font-size: 100%;

}

</style>

<br><br>

<h2> Three Attempt Login System in PHP and MySQL </h2>

<h4> Created By: Mr. Jake Rodriguez Pomperada, MAED-IT</h4>

<br>

<form action = 'login_process.php' method='POST'>

  Enter   Username:   &nbsp;

 <input type="text" name="username" />  <br><br>

    Enter Password: &nbsp;

 <input type="password" name="password" />

<br> <br>

<input type = "submit" name="submit" value="Ok" />  

</form>

</body>

</html>

  </body>

</html>

login_process.php

<html>

<body>

<style>

body {

    background-color: lightgreen;

    font-family:arial;

    font-size:20px;

}

</style>

<?php

error_reporting(0);

include 'connect_to_database.php'; //connect the connection page

  

if(empty($_SESSION)) // if the session not yet started 

   session_start();

if(!isset($_POST['submit'])) { // if the form not yet submitted

   header("Location: login.php");

   exit; 

}

  $attempt = 1;

      $myusername = $_POST['username'];

      $mypassword = $_POST['password'];

// query to get the users lastname and firstname to be display in the main page

$test_query2 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status = 1";

$query_result2 = mysql_query($test_query2);

$rows = mysql_num_rows($query_result2);

$test_query3 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status =0";

$query_deactive= mysql_query($test_query3);

$rows2 = mysql_num_rows($query_deactive);

            if($rows==1) {

                        

                        while($row_query2 = mysql_fetch_array($query_result2)) {

                        $_SESSION['username'] = $_POST['username'];

                        $_SESSION['lastname'] = $row_query2['lastname'];

                        $_SESSION['firstname']= $row_query2['firstname'];

                        header("Location: home.php");

                        exit;

                    }   

          

            } else {

                    $number = $_SESSION['number'];

                    $number++;

                    $_SESSION['number'] = $number;

                    echo "<br><br>";

                    echo "<h1> Access Denied !!! Try Again </h1>";  

                    echo "Attempt Number   : <font color='red'> $number </font>";           

                    echo "<br><br>";

                    echo "<a href='login.php'>Return To Login Page</a> " ;

                    echo "</font></font>";

            

                if ($number>2) {

                    header("Location: lock.php");

                    exit;

                }

        }

            

?>

</body>

</html>

logout.php

<?php

session_start();

unset($_SESSION['username']);

session_destroy();

header("Location: login.php");

exit;

?>

users.sql

-- phpMyAdmin SQL Dump

-- version 4.5.1

-- http://www.phpmyadmin.net

--

-- Host: 127.0.0.1

-- Generation Time: Feb 25, 2017 at 11:23 AM

-- Server version: 10.1.16-MariaDB

-- PHP Version: 5.6.24

SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";

SET time_zone = "+00:00";

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;

/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;

/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;

/*!40101 SET NAMES utf8mb4 */;

--

-- Database: `login`

--

-- --------------------------------------------------------

--

-- Table structure for table `users`

--

CREATE TABLE `users` (

  `id` int(11) NOT NULL,

  `username` varchar(100) NOT NULL,

  `password` varchar(100) NOT NULL,

  `lastname` varchar(200) NOT NULL,

  `firstname` varchar(200) NOT NULL,

  `status` varchar(1) NOT NULL

) ENGINE=InnoDB DEFAULT CHARSET=latin1;

--

-- Dumping data for table `users`

--

INSERT INTO `users` (`id`, `username`, `password`, `lastname`, `firstname`, `status`) VALUES

(1, 'jake', 'jake', 'POMPERADA', 'JAKE', '1'),

(2, 'jacob', 'jacob', 'POMPERADA', 'JACOB SAMUEL', '1'),

(3, 'allie', 'allie', 'POMPERADA', 'MA. JUNALLIE', '1'),

(4, 'iya', 'iya', 'POMPERADA', 'JULIANNA RAE', '1');

--

-- Indexes for dumped tables

--

--

-- Indexes for table `users`

--

ALTER TABLE `users`

  ADD PRIMARY KEY (`id`);

--

-- AUTO_INCREMENT for dumped tables

--

--

-- AUTO_INCREMENT for table `users`

--

ALTER TABLE `users`

  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=5;

/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;

/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;

/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

DOWNLOAD SOURCE CODE HERE