|
PHP - Locking User Based On Ip
I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time.
I'd like a pointer towards the right/best thing to do should my code not be worthy. Thanks and heres my code:
<?php
$user_ip = $_SERVER['REMOTE_ADDR'];
$table_name = "loginattempts";
$query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($query) or die("Invalid Login");
while($row = mysql_fetch_array($result)){
$count = $row['attempts'];
}
if($count == 3){
echo("Your login attempt is completed");
}else{
$insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($insert);
$update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'";
$result = mysql_query($update);
}
$update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'";
$result = mysql_query($update);
?>
Similar TutorialsHi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, I have a "Users" table. I would like to find out the average users sign up in total. This table has a "joined date" column so I can track how many users sign up in a single day. For e.g. August 16 - 10 users August 17 - 20 users Auguest 18 - 30 users The total average of user sign ups would be 20 users based on the above results. So I am wondering how can I create this function? This is my starting query.
$get_users = $db->prepare("SELECT user_id FROM users");
$get_users->execute();
$result_users = $get_users->fetchAll(PDO::FETCH_ASSOC);
if(count($result_users) > 0) {
foreach($result_users as $row) {
$user_id = $row['user_id'];
}
}
I manage to display data using below query that will show value for each month. How to calculate average value starting july onwards(based on user selection).
Let say the value for element 'A' are Jul=80, Aug= 80, Sep=90. If user select Aug then the average is 80 and if user select Sep then the average is 83.
Query:
$sql2 = "Select element, SUM(CASE WHEN Month = 'Jan' THEN total ELSE 0 END ) AS Jan, SUM(CASE WHEN Month = 'Feb' THEN total ELSE 0 END ) AS Feb, SUM(CASE WHEN Month = 'Mac' THEN total ELSE 0 END ) AS Mac, SUM(CASE WHEN Month = 'Apr' THEN total ELSE 0 END ) AS Apr, SUM(CASE WHEN Month = 'May' THEN total ELSE 0 END ) AS May, SUM(CASE WHEN Month = 'Jun' THEN total ELSE 0 END ) AS Jun, SUM(CASE WHEN Month = 'Jul' THEN total ELSE 0 END ) AS Jul, SUM(CASE WHEN Month = 'Aug' THEN total ELSE 0 END ) AS Aug, SUM(CASE WHEN Month = 'Sep' THEN total ELSE 0 END ) AS Sep, SUM(CASE WHEN Month = 'Oct' THEN total ELSE 0 END ) AS Oct, SUM(CASE WHEN Month = 'Nov' THEN total ELSE 0 END ) AS Nov, SUM(CASE WHEN Month = 'Dec' THEN total ELSE 0 END ) AS Dis FROM tbl_ma GROUP BY element"; $rs2 = mysql_query($sql2); $getRec2 = mysql_fetch_assoc($rs2);Below is how print the data:
<?php
while ($row = mysql_fetch_assoc($rs2)) {
?>
<tr>
<td style="color:black;background-color:#f5efef"><div align="left"><?php echo $row['element']; ?></div></td>
<?php if( $year != '2014' ){ ?>
<?php if( 1 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jan']; ?></div></td><?php endif; ?>
<?php if( 2 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Feb']; ?></div></td><?php endif; ?>
<?php if( 3 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Mac']; ?></div></td><?php endif; ?>
<?php if( 4 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Apr']; ?></div></td><?php endif; ?>
<?php if( 5 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['May']; ?></div></td><?php endif; ?>
<?php if( 6 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jun']; ?></div></td><?php endif; ?>
<?php } ?>
<?php if( 7 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jul']; ?></div></td><?php endif; ?>
<?php if( 8 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Aug']; ?></div></td><?php endif; ?>
<?php if( 9 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Sep']; ?></div></td><?php endif; ?>
<?php if( 10 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Oct']; ?></div></td><?php endif; ?>
<?php if( 11 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Nov']; ?></div></td><?php endif; ?>
<?php if( 12 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Dis']; ?></div></td><?php endif; ?>
<td><div align="center" style="color:black"><?php //echo average; ?></div></td>
</tr>
<?php } ?>
Hi, I want to update user information in the database but it doesn't do anything. No data entered upon form submission. Please anyone if you can help would be great. Thank you. Code: [Select] <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); $host = "";//edited out $database = ""; $username = ""; $password = ""; $tbl_name = "users"; $link = mysqli_connect($host, $username, $password); $conn = mysql_connect($host, $username, $password) or die("Could not connect: " . mysql_error()); mysql_select_db($database); session_start(); IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; echo $userid; } //$currentUser = $_SESSION['myusername']; //do some cleanup// IF (isset($_POST['submit'])){ $first = $_POST['first']; $last = $_POST['last']; $dob = $_POST['dob']; $gender = $_POST['gender']; $country = $_POST['country']; $state = $_POST['state']; $town = $_POST['town']; $zip = $_POST['zip']; $email = $_POST['email']; $first = mysql_real_escape_string( '$first'); $last = mysql_real_escape_string( '$last'); $dob = mysql_real_escape_string( '$dob'); $gender = mysql_real_escape_string( '$gender'); $country = mysql_real_escape_string( '$country'); $state = mysql_real_escape_string( '$state'); $town = mysql_real_escape_string( '$town'); $zip = mysql_real_escape_string( '$zip'); $email = mysql_real_escape_string( '$email'); }; IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; } ELSE{ $getuserid=mysql_query ("SELECT id FROM users ORDER BY id DESC limit 1") or die(mysql_error()); WHILE ($gtuserid = mysql_fetch_array($getuserid)) { $theuserid=$gtuserid['id']; $userid=$theuserid; $_SESSION['userid']=$theuserid; $userid=$_SESSION['userid']; }//$getuserid }// IF ELSE (isset($_SESSION['userid'])) /////UPDATE SECTION///// IF (isset($_POST['submit'])){ mysql_query ( "UPDATE users SET firstname='$first', lastname='$last', dob = '$dob', gender='$gender', country='$country', state='$state', town='$town', zip='$zip', email='$email' WHERE id=$userid") or die(mysql_error()); }//IF ($_POST['update']=="Update") ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Connection</title> <style type="text/css"> body { font-family:Calibri; font-size:1em; } .title { font-size:1.6em; font-weight:strong; } .links a{ font-size::1.2em; text-decoration:none; } .links a:hover{ font-size::1.2em; color:#0066FF; text-decoration:none; } </style> </head> <body> <p><span class="title">Add your personal information/span></p> <form action="thebeast.php" method="post"> <p> <input type="text" name="first" size="20" id="first" /> First name<br /> <input type="text" name="last" size="20" id="name" /> Last name<br /> <input name="dob" type="text" size="20" id="dob" ; } ?> Date of Birth<br /> <input type="text" name="gender" size="20" id="gender" /> Gender <br /> <input type="text" name="country" size="20" id="country" /> Country<br /> <input type="text" name="state" size="20" id="state" /> State<br /> <input type="text" name="town" size="20" id="town" /> Town<br /> <input type="text" name="zip" size="20" id="zip" /> Zip Code<br /> <input type="text" name="email" size="40" id="email" /> Email<br /> <br /> <input type="submit" name="submit" value="Add your information" /> </form> </body> </html> I'm not totally new to php but I'm no guru either. I'm building an intranet and have three seperate user roles, user - manager - admin. There are some menu items I don't want to allow simple users to see. This will expand later to give them different views of a page as well (some can view/others can edit). As it stands the login validation is holding they're user level in $SESSION. To give you an idea take a look at what I'm trying to do: Code: [Select] function usermenu($usermenu) { if($user_level=0) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); else($user_level=1,2) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="new.php">New Adviser</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); Any help would be great, thanks in advance. Jason I would really appreciate help and I hope my problem can be solved easily. I am attempting to display the date/time based on the user's location. I have installed the timezone.js plugin for help as well. Is there a way to convert the Jquery variable that displays the users timezone location and insert it inside the PHP date_default_timezone_set?
If there is an easier way to display the users timezone date and time please let me know otherwise this was the only solution I could find.
Thanks in advanced...
Here is my code
Header
<header>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>
<script src="Time/detect_timezone.js"></script>
<script src="Time/jquery.detect_timezone.js"></script>
<script>
$(document).ready(function(){
$('#tzvalue').set_timezone({'default' : 'America/Los_Angeles'});
});
</script>
</header>
Hi there, I found a Javascript with what I want, but I want it to be in PHP because if people don't have Javascript enabled, they won't see the login. Here is what I have, but I need it to be converted to PHP: Code: [Select] function loginArea() { val = document.loginForm.password.value; switch(val) { case "password1": document.location = 'http://www.google.com/password1-page/'; break; case "password2": document.location = 'http://www.google.com/password2-page/'; break; default: document.location ='http://www.google.com/sorry/'; break; } } Code: [Select] <form name="loginForm" id="loginForm" method="post" action=""> <input name="password" type="text" id="password" maxlength="5" /> <input name="login" type="button" id="login" value="Check" onclick="loginArea()" /> </form> Help? - Steph Hello,
I'm embarking on a pretty ambitious task and I need some bits of information here and there.
One of the functions I need to achieve is to build a query or array of photos based on a background image and user input.
So imagine that I have a box and within that box is a column of three rows.
I need to have three different bits of data be placed into each of the subsequent rows and then an image is taken of these three pieces of data overlaying the background photo.
Then stored somewhere with an incremented identifier to be pulled later.
I think I can already begin to imagine how it would work but what eludes me is a "screenshot" function to generate the images. I'm looking for .png or .jpg end result files with fixed width/height and item placement.
Thank you for any help
Hi! I'm attempting to do this and feel that I'm fairly close. Would you take a look and throw me any bones? PHP Code: Code: [Select] <?php if (isset($_POST['ppassword']) && (stristr($string,'') === TRUE)) { switch($_POST['ppassword']) { case "Google": header("Location: http://www.google.com"); exit(); case "Yahoo": header("Location: http://www.yahoo.com"); exit(); case "Bing": header("Location: http://www.bing.com"); exit(); } } ?> The Form: Code: [Select] <form name="portal" id="portal" method="post" action=""> <input name="ppassword" type="text" id="ppassword" maxlength="25" onfocus="this.select()" onblur="this.value=!this.value?'company name':this.value;" value="company name" onclick="this.value=''" /> <input name="login" type="submit" id="login" value="Continue" /> </form> I appreciate any of your help. I feel close and this part Code: [Select] (stristr($string,'') feels like the missing piece of the puzzle. I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. So I'm trying to basically trying to make an "advanced search" function in PHP/mysql that will allow users to search by a number of different options like search by zipcode, username, gender, etc. Now my question is how do I vary my mysql query so that it searches for all these things based on whatever the user inputs? For example, the user might need to search zipcode and username but not gender, but in another case, might need to search username and gender, but not zipcode. Obviously I could just do some if/else statements, but that would be increasingly more difficult as there are more fields. What can I do? Hello, I had 8 select boxes(dropdowns) in a form. Its like a search kind of implementation in the website. I don't know what the user selects, he may choose different select boxes, any number of select boxes. So, based upon the user selection, I need to generate the data. The data fields to be generated would be almost same. So, How would I know what the user selection is and how many select boxes has been selected and how could I generate different data based upon selected boxes. I had to make a small note abt this, that the data generation fields may change for some of the user select combinations, but most of the result fields would be same. so, can you please help me out, how to do, how to make different combination data generations, because, i had 8 fields, i had to make 8! combinations, that would result in a big code. Hi, I am developing a large application where I have PHP files that have a number of 'modes'. A typical AJAX query in my app will look something like this: $.post('record-control.php', {target:target, mode:'FETCH_PHONE_NUMBERS'}, function(data){ $('#myDiv').html(data) }) ; I was thinking that if many users are using my app the file record-control.php could have potentially dozens of requests to it per second. Will this be a problem? Could the file become locked when users are using it which would result in other users have data access problems? Generally I don't think so, but I am just wondering. What do you think? I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. <?php session_start(); if (!$_SESSION["user_name"]) { // User not logged in, redirect to login page Header("Location: login.php"); } $con = mysql_connect('localhost','root',''); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("login", $con); $user_name = $_POST['user_name']; $refid = $_POST['refid']; $query = "SELECT * from reference,users WHERE reference.username=users.user_name AND reference.refid='$refid' AND "; $result = mysql_query($query) or trigger_error('MySQL encountered a problem<br />Error: ' . mysql_error() . '<br />Query: ' . $query); while($row = mysql_fetch_array($result)) { echo $row['refid']; echo $row['origin']; echo $row['dest']; echo $row['date']; echo $row['exdate']; echo $row['username']; } echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?> <html> <form method="post" action="final.php"> Ref Id:<input type="text" name="refid"> <input type="submit" value="submit" name="submit"> </html> Hi
I can't get flock() to work, it seems to be such a simple function but I am stumped.
What I think I know...
1. There is a blocking and advisory mode (blocking, waits for a lock whereas advisory lets you know if a lock was succesfully applied)
2. Some UNIX systems do not support blocking
3 Open the file with fopen (+r), apply flock() and if the lock is successful, write to the file.
I have my script
Hello. I'm trying to allow a script to be run only in a certain defined directory on a defined host. What I use now is something like this: $host = $_SERVER[ 'HTTP_HOST' ] . $_SERVER[ 'REQUEST_URI' ]; $key = 'site.com/directory'; $works = stristr( $host, $key ); This works quite well. The only problem, while being a huge problem at the same time is this will return 1 even if it's in a directory like site.com/directory/something_else. What would be the best way to avoid this? I was thinking about finding whether a certain file( for example /core/class/class.mysql.php ) is located within the root directory and not further, but I'm not sure how to do this. I don't want to use neither protocol nor www in the $host variable because users can just go to the website without the protocol or www. and that will result in returning 0. If I'm being not clear here, here's an example: The user gets the application and installs it on site.com/directory. His license allows him to install it only to that directory, which is okay. But he decides to install several more copies in directories like site.com/directory/something_else or whatever. I want to avoid this. Hi guys, I know I'm not the only guy out there with this problem, but it seems that I can not find an answer to my question. I have an eCommerce website on which a cron runs to process orders which have been approved (either manually or by making the payment). The cron is initiated on two different machines to ensure faster processing times. SO far so good. The script obviously selects all orders which require processing, and starts processing. Obviously - we want them to be processed just ONCE to avoid double processing, so I tried building in some sort of locking mechanism, which I believe is supposed to work, but doesn't always seeml to be... Here is the bit of code which I hoped should work; for some reason though, many orders are being processed more than once... private function lockOrderForProcessingByCurrentProcess($args) { global $db; $sql = "UPDATE ShoppingCart SET status = " . $db->qstr(FLEXIN_ORDER_STATUS_PROCESSING) . " WHERE status = " . $db->qstr(FLEXIN_ORDER_STATUS_APPROVED) . " AND isActive = 1 AND objID = " . $db->qstr($this->getField(array("NAME" => "objID"))); $db->Execute($sql); return $db->Affected_Rows(); } function processOrder($args) { if(!$this->lockOrderForProcessingByCurrentProcess(array())) { trigger_error(getTranslatedString(array("CONTEXT" => "SHOPPINGCART_PROCESSORDER", "ITEMSTRING" => "WARNING_ORDER_NOT_APPROVED_YET")), E_USER_WARNING); } else { // processing code goes here... } In my opinion, there should only be ONE process which is able to update that record, and hence, we should only have ONE Process getting an Affected_rows count of > 0 (1 to be exact), but I'm a bit lost. Does anyone have an idea of what might be causing this behaviour? Isn't the update already supposed to lock the table row so that my second process will wait to perform the update until process 1 finishes, only to find out there was nothing else to update? I apologise if this has been asked before - it should have been I believe - but I really don't have any clue as to what might be my issue, and I have been googling for AGES... hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after |
|||||||