如何限制登录尝试? [英] How to limit login attemps?
问题描述
我正在制作一个网站,我知道PHP等基础知识..并且有一个页面,用户必须通过电子邮件注册并激活他们的帐户,当他们clikc链接时将MySQL数据库中的字段从0更改为1.如果它保持为0,则用户无法登录。
我想要做的是,如果密码错误则设置它说5次,然后更新此激活号码并再次更改为0。怎么会这样做?如果声明?虽然循环或什么?
我已经完成了代码的工作,任何帮助都会尽快受到欢迎!
I''m in the process of making a website, I know the basics of PHP etc.. and have a page where a user has to sign up and activiate thier account via e-mail, when they clikc the link it change a field in the MySQL database from 0 to 1. If it remains 0 the user cannot login in.
What I want to do, is set it up so if the password is wrong say 5 times then this activiation number is updated and changed to 0 again. How would be best to do this? If statement? While loop or what??
I have attached the work in progress of the code and any help would be appreciated ASAP!
推荐答案
您可以考虑为登录尝试添加时间窗口。例如,5分钟或者其他。
您可以使用会话来跟踪用户尝试从特定浏览器登录的次数。或者你可以使用一个隐藏字段(这是客户端,所以这可以重置,可能不应该依赖)。或者您可以使用cookie(也存储在客户端)...或者您可以将此号码存储在数据库中.....
-Frinny
You may consider adding a time window for the login attempts...for example, 5 minutes or something.
You could use session to keep track of the number of times a user has attempted to log in from a particular browser. Or you could use a hiddenfield (which is client side so this could be reset and probably shouldn''t be depended on). Or you could use a cookie (also stored client side)...or you could store this number in the database.....
-Frinny
我有一个超时会话,在600秒后注销用户,但我认为这将是一个简单的if语句。第5次说明密码错误,然后更新数据库,将激活代码设为0,从而阻止帐户。
这是一些建议给我的帮助:
看起来像
I have a timeout session in place, whcih logs out the user after 600 seconds, but I thought it would be a simple if statement. Stating the password is wrong of the 5th time then update the database, make the activiation code to 0 and therefore blocking the account.
This is some help that has been suggested to me:
Looks like
我会每次运行脚本时都要重新设置为0.
可能需要创建一个会话变量计数器并在表单和脚本之间前后传递它。
任何帮助将不胜感激
谢谢
i will be re-set to 0 each time the script is run.
May need to create a session variable counter and pass it back and forward between the form and script.
Any help would be appreciated
thanks
这篇关于如何限制登录尝试?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
