Hi guys it has been a while since I want to create a login system in PHP and MySQL that limits the amount of attempt of login of the user. Here is it the complete code from start to finish I will allow the user to login just only for three attempt after that our login system will lock the application. The code is very easy to understand and use I hope you will find it useful. Thank you very much.
My email address are the following jakerpomperada@gmail.com and jakerpomperada@yahoo.com.
My mobile number here in the Philippines is 09173084360.
Sample Program Output and Database Structure
Program Listing
connect_to_database.php
<?php
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("login");
?>
home.php
<?php
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_SESSION['username'])) { //if not yet logged in
header("Location: login.php");// send to login page
exit;
}
?>
<html>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
input, button, select, option, textarea {
font-size: 100%;
}
</style>
<br>
<H2> Main Page </H2>
<br>
Welcome <b> <?php echo $_SESSION['firstname']. " ".$_SESSION['lastname']."."; ?> </b>
<br><br>
<a href="logout.php">Logout</a>
</body>
</html>
lock.php
<html>
<head>
<title> Login Lock </title>
</head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
</style>
<?php
$message1= "Sorry you are reached the three number of attempts to login in the system.";
$message2= "The system will be locked.";
$message3 = "Kindly send an email to the programmer for assistance at
<font color='blue'> jakerpomperada@gmail.com </font>.";
echo "<br><br>";
echo "$message1";
echo "<br>";
echo "<h1><font color='red'> $message2 </font></h1>";
echo "<br>";
echo "<h3>$message3</h3>";
echo "<br>";
echo " <a href='logout.php'>CLOSE</a>";
?>
login.php
<?php
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(isset($_SESSION['username'])) { // if already login
header("location: home.php"); // send to home page
exit;
}
?>
<html>
<head></head>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
input, button, select, option, textarea {
font-size: 100%;
}
</style>
<br><br>
<h2> Three Attempt Login System in PHP and MySQL </h2>
<h4> Created By: Mr. Jake Rodriguez Pomperada, MAED-IT</h4>
<br>
<form action = 'login_process.php' method='POST'>
Enter Username:
<input type="text" name="username" /> <br><br>
Enter Password:
<input type="password" name="password" />
<br> <br>
<input type = "submit" name="submit" value="Ok" />
</form>
</body>
</html>
</body>
</html>
login_process.php
<html>
<body>
<style>
body {
background-color: lightgreen;
font-family:arial;
font-size:20px;
}
</style>
<?php
error_reporting(0);
include 'connect_to_database.php'; //connect the connection page
if(empty($_SESSION)) // if the session not yet started
session_start();
if(!isset($_POST['submit'])) { // if the form not yet submitted
header("Location: login.php");
exit;
}
$attempt = 1;
$myusername = $_POST['username'];
$mypassword = $_POST['password'];
// query to get the users lastname and firstname to be display in the main page
$test_query2 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status = 1";
$query_result2 = mysql_query($test_query2);
$rows = mysql_num_rows($query_result2);
$test_query3 = "SELECT * FROM users WHERE username = '$myusername' and password = '$mypassword' and status =0";
$query_deactive= mysql_query($test_query3);
$rows2 = mysql_num_rows($query_deactive);
if($rows==1) {
while($row_query2 = mysql_fetch_array($query_result2)) {
$_SESSION['username'] = $_POST['username'];
$_SESSION['lastname'] = $row_query2['lastname'];
$_SESSION['firstname']= $row_query2['firstname'];
header("Location: home.php");
exit;
}
} else {
$number = $_SESSION['number'];
$number++;
$_SESSION['number'] = $number;
echo "<br><br>";
echo "<h1> Access Denied !!! Try Again </h1>";
echo "Attempt Number : <font color='red'> $number </font>";
echo "<br><br>";
echo "<a href='login.php'>Return To Login Page</a> " ;
echo "</font></font>";
if ($number>2) {
header("Location: lock.php");
exit;
}
}
?>
</body>
</html>
logout.php
<?php
session_start();
unset($_SESSION['username']);
session_destroy();
header("Location: login.php");
exit;
?>
users.sql
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Generation Time: Feb 25, 2017 at 11:23 AM
-- Server version: 10.1.16-MariaDB
-- PHP Version: 5.6.24
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
--
-- Database: `login`
--
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE `users` (
`id` int(11) NOT NULL,
`username` varchar(100) NOT NULL,
`password` varchar(100) NOT NULL,
`lastname` varchar(200) NOT NULL,
`firstname` varchar(200) NOT NULL,
`status` varchar(1) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `username`, `password`, `lastname`, `firstname`, `status`) VALUES
(1, 'jake', 'jake', 'POMPERADA', 'JAKE', '1'),
(2, 'jacob', 'jacob', 'POMPERADA', 'JACOB SAMUEL', '1'),
(3, 'allie', 'allie', 'POMPERADA', 'MA. JUNALLIE', '1'),
(4, 'iya', 'iya', 'POMPERADA', 'JULIANNA RAE', '1');
--
-- Indexes for dumped tables
--
--
-- Indexes for table `users`
--
ALTER TABLE `users`
ADD PRIMARY KEY (`id`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `users`
--
ALTER TABLE `users`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=5;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
