• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Max logic attempts

I came up with some ideas and was hoping you could look it over and see if you see anything still wrong with it. I think something is. When the user puts in the wrong credentials it correctly inserts a new row into the failed login attempts table however I can't see the session variable established and increased each failed time and everything after that because after every failed attempt it always says incorrect username and password combination.


Anybody have any ideas?

I figured out its my session. I have it setting the session variable but its not showing assigning it to 1 on the first failed attempt. Not sure why.

     * Checks to see if the max number of attempts have been exceeded.
     * @param string $post_username Posted value of a username field.
     * @return boolean TRUE/FALSE Depends on if login attempts have been exceeded or not.
    private function is_max_failed_login_attempts_exceeded($post_username)
        $failed_logins = $this->session->userdata('failed_logins');  
        if ((isset($failed_logins)) && (!empty($failed_logins) || $failed_logins == ''))
            if ($failed_logins == $this->config->item('failed_login_limit'))
                $this->users_model->lock_out_user($post_username, date('Y-m-d H:i:s', $this->config->item('wait_time')));
                return TRUE;
            $this->session->set_userdata('failed_logins', $failed_logins);
            return FALSE;
            $this->session->set_userdata('failed_logins', 1);
            return FALSE;


Any ideas?

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.