1

when a person want to log in but he/she failed into first attempt then captcha will show and he/she remains only 3 tries but he/she failed into all of there reaming attempts then on the particular ip login will be block for some time how it will be possible into codeigniter

this is my code

function login() {
    $this->form_validation->set_rules('username', 'Username', 'trim|required');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|md5');
    //$this->session->unset_userdata('count');
    if($this->session->userdata('count')) {

        $this->form_validation->set_rules('captcha', 'Captcha', 'required|callback_recaptcha_validation');
        $this->session->unset_userdata('count');
    }

    if ($this->form_validation->run() == TRUE) {
        $checkAdminLoginDeatils = $this->admin_model->adminLogin();
        if ($checkAdminLoginDeatils == false) {
            $val='0';
            $val=$this->session->set_userdata('validate','0');
            $val=$val+1;
            $ip_address = $this->input->ip_address();
            $record = $this->db->where('IP', $ip_address)->get('LoginAttempts')->row();
            $this->session->set_userdata('count', '1');
            $vals = array(
                    'img_path'   => './captcha/',
                    'img_url'    =>  base_url().'/captcha/'
            );

            $cap = create_captcha($vals);

            $captcha = array(
                    'captcha_time'  => $cap['time'],
                    'ip_address'    => $this->input->ip_address(),
                    'word'   => $cap['word']
            );

            $data['cap']=$cap;
            $this->session->set_userdata('message', 'Invalid username or password');
            $this->db->select('*');
            $this->db->where('IP',$this->input->ip_address());
            $query=$this->db->get('LoginAttempts');
           if($query->num_rows() == 1) {
                $this->db->set('LastLogin',time());
                if(isset ($val))
                    $this->db->set('Attempts',$val);
                $this->db->where('IP', $this->input->ip_address());
                $result=$this->db->update('LoginAttempts');
            }
            else {
                $insert = array(
                        'LastLogin' => time(),
                        'Attempts' => $val,
                        'IP'    => $this->input->ip_address()
                );


                $query = $this->db->insert_string('LoginAttempts', $insert);
                $this->db->query($query);
            }
            //$time=now();


            $expiration = time()-7200; // Two hour limit
            $this->db->query("DELETE FROM LoginAttempts WHERE LastLogin < ".$expiration);
        } else {
            redirect('admin/admin/dashboard');
        }
    }
vijay
  • 11
  • 3
  • Please take a look at [auth libraries](http://stackoverflow.com/questions/346980/how-should-i-choose-an-authentication-library-for-codeigniter), pick one and don't waste time creating new thing that has been already done. [Tank Auth](http://konyukhov.com/soft/tank_auth/) (best one so far) provides you with all you ask for. – Kyslik Jun 10 '13 at 11:51

0 Answers0