Hi,
In the following article located at http://www.xlinesoft.com/articles/system_access_lock.htm, there are several errors.
First of all, you need to declare a primary key in the table loginattempts (example given for MySql) :
CREATE TABLE `loginattempts` (
`ip` varchar(20) NOT NULL,
`attempts` int(11) NOT NULL,
`lastlogin` datetime NOT NULL,
[b]PRIMARY KEY (`ip`)[/b]
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Without that statement, your application is unable to update records (thanks to xlinesoft for the headache <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=question&id=11098&image=1&table=forumtopics' class='bbc_emoticon' alt=':angry:' /> )
Then, the given source code is for PHPRunner 4 and has not been updated.
Here is an adaptation for PHPRunner 5 with the custom code for the three events :
1- BeforeLogin event :
function BeforeLogin(&$username, &$password){
//Before login :
global $dal;
$rs = $dal->loginattempts->Query('ip = "'.$_SERVER['REMOTE_ADDR'].'"');
$data = db_fetch_array($rs);
if (! $data || ! strlen($data['lastlogin']))
return true;
if ($data['attempts'] >= 3){
$atime = db2time($data['lastlogin']);
$time = mktime($atime[3],$atime[4],$atime[5],$atime[1],$atime[2],$atime[0]);
$diff = (time() - $time) / 60;
if($diff < 30){
echo '<div style="width: 40%; margin:auto;text-align: center;background-color: yellow;color: red;font-size: large;"><br />Access denied for '.intval(30 - $diff).' minutes for ip address '.$_SERVER['REMOTE_ADDR'].'</div>';
return false;
}else{
$dal->loginattempts->Param['ip'] = $_SERVER['REMOTE_ADDR'];
$dal->loginattempts->Value['attempts'] = 0;
$dal->loginattempts->Update();
return true;
}
}
return true;
} // function BeforeLogin
2 - AfterSuccessful login event :
function AfterSuccessfulLogin($username, $password,&$data){
// After successful login :
// clear previous attempts
global $dal;
$dal->loginattempts->Param['ip'] = $_SERVER['REMOTE_ADDR'];
$dal->loginattempts->Value['attempts'] = 0;
$dal->loginattempts->Update();
//return true;
} // function AfterSuccessfulLogin
3- After UnSuccessful login event :
function AfterUnsuccessfulLogin($username, $password){
// After unsuccessful login :
global $dal;
$rs = $dal->loginattempts->Query('ip = "'.$_SERVER['REMOTE_ADDR'] .'"');
$data = db_fetch_array($rs);
if($data){
$attempts = $data['attempts'] + 1;
if($attempts == 3){
$dal->loginattempts->Param['ip'] = $_SERVER['REMOTE_ADDR'];
$dal->loginattempts->Value['attempts'] = $attempts;
$dal->loginattempts->Value['lastlogin'] = date('Y-m-d H:i:s');
$dal->loginattempts->Update();
}
else{
$dal->loginattempts->Param['ip'] = $_SERVER['REMOTE_ADDR'];
$dal->loginattempts->Value['attempts'] = $attempts;
$dal->loginattempts->Update();
}
}else{
$dal->loginattempts->attempts = 1;
$dal->loginattempts->ip = (string)$_SERVER['REMOTE_ADDR'];
$dal->loginattempts->lastlogin = date('Y-m-d H:i:s');
$dal->loginattempts->Add();
}
} // function AfterUnsuccessfulLogin
Hope this helps and XLineSoft wil update its inline example.
Philippe