Limiting attempts for user login

mr_zog

I have created a user auth script that does everything that I need except that I need to limit the number of attempts a person can make to login.

Any help would be great.

Thanks

malbera

register some var in login.php
if a user attempts to login again, increment that var
if that var = the limit of attempts you chose, register other var and don't let that user to login again (in that session)
you could also use cookies
hope that helps

Mega

um, I think I agree with what malbera said.

just create a session variable ($_SESSION) and then increment it each time an unsuccesful attempt is made.

Also storing a cookie may also work.

Both can be easily gotten around however.

Storing their IP in a database and using that maybe be better if they have a static IP address.

Sessions start each time the browser is opened on the page, and cookies can be deleted, and IPs may be dynamic 🙂