validate user attempts when logging in

Question

validate user attempts when logging in

Navigation

#1 by (3 votes)

1

I'm trying to validate an entry login to verify a user's attempts to login. If this completes 3 unsuccessful attempts, then the account is deactivated (In my database, in the user table, the user's status changes to inactive)

This is my code:

<?php 
session_start();
require_once('conexion.php');
// ================================================ EMPIEZA EL CONTADOR PARA EL LOGIN =====================================
$_SESSION['contadorLogin'] == 0;




if (isset($_POST["submit"])) {

    $usuario=$_POST["nusuario"];
    $contrasena=$_POST["ncontrasena"];
    $usuario = stripslashes($usuario);
    $usuario = $conn->real_escape_string($usuario);
    $contrasena = stripslashes($contrasena);
    $contrasena = $conn->real_escape_string($contrasena);
    $id_emp="";

    $sql="SELECT * FROM usuario WHERE usuario='$usuario' AND (contrasena='$contrasena' AND estado='Activo') ";

    $result = $conn->query($sql);
    if ($result->num_rows == 1) {


          while($row = $result->fetch_assoc()) {
            $id_emp=$row["id_empleado"];

          }
            $_SESSION['iduser']=$usuario;

          $sql2="SELECT * FROM empleado WHERE id_empleado='$id_emp'";
          $result2=$conn->query($sql2);
          if ($result2->num_rows == 1) {
            while($row = $result2->fetch_assoc()) {
                $_SESSION["nombre"]=$row["nombre"];
                $_SESSION["apellidos"]=$row["apellidos"];
                $_SESSION["tipo"]=$row["tipo"];
                $_SESSION["dni"]=$row["dni"];
                $_SESSION["ubicacion"]=$row["ubicacion"];
                $_SESSION["telfmovil"]=$row["telfmovil"];
                $_SESSION["email"]=$row["email"];
                $_SESSION["imagen"]=$row["imagen"];

            }



          }



            $mensaje = "¡Bienvenido al Sistema!";
            echo "<script type='text/javascript'>alert('$mensaje');</script>";
            header( "refresh:0.2;url=../venta_venta.php" );
    }else{

        $mensaje = "Error! Es probable que la contraseña o usuario ingresado son incorrectos o bien su usaurio esta inactivo";
        echo "<script type='text/javascript'>alert('$mensaje');</script>";
        header( "refresh:0.2;url=../login_agro.php" );

        // =============================================================== AUMENTAMOS EL CONTADOR DEL LOGIN ==================
            $_SESSION['contadorLogin'] = $_SESSION['contadorLogin'] + 1; 

 // =================================================== SE DESACTIVA LA CUENTA DEL USUARIO =============================
            if ($_SESSION['contadorLogin']>3) {
                $actualizar="UPDATE usuario SET estado='Inactivo' WHERE usuario='$usuario'";
                $result = $conn->query($actualizar);
                $mensaje2 = "Lo sentimos, su usaurio ha sido desactivado";
                echo "<script type='text/javascript'>alert('$mensaje2');</script>";
                header( "refresh:0.2;url=../login_agro.php" );
            }

    }



}



$conn->close();


?>

And although it works (changes the user's status). The following message appears after login:

Notice: Undefined index: contadorLogin in C:\...

How do I solve the problem? Try to put a isset (); but then the one that throws error is the line where +1 is accumulated.

mysql php mysqli

asked by Raphael 26.06.2016 в 18:30

source

1 answer

Python problem. Collate words Obtain records of several tables without duplicates in postgresql

score 3 · Accepted Answer

The problem is when assigning the value to the session variable, on line 5, you are not checking if the variable already exists or not:

<?php 
session_start();
require_once('conexion.php');

if (!isset($_SESSION['contadorLogin']) {
    $_SESSION['contadorLogin'] = 0;
}