Implement Limit login with Mysql Database using Core PHP
Hi, In this article i am going to show how to implement limit login system using PHP.
Create the Database
Open your PHPMyAdmin and create a new databse naming dbase. Then navigate to database SQL Tab and paste the SQL script below
Create a table
CREATE TABLE `loginlogs` (
`id` int(11) NOT NULL,
`IpAddress` varbinary(16) NOT NULL,
`TryTime` bigint(20) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE `tbl_user` (
`id` int(11) NOT NULL,
`username` varchar(50) NOT NULL,
`email` varchar(50) NOT NULL,
`salt` varchar(50) NOT NULL,
`password` varchar(200) NOT NULL,
`created_at` timestamp NOT NULL DEFAULT current_timestamp()
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Here I am using salt for more secure your password. you can avoid it or simple using MD5 . Here I am only try to explain how to implement login attempts restriction.
Login Page
<?phpsession_start();if (isset($_SESSION[’email’])){?><script>window.location.href=”/admin”</script><?}else{?><meta name=”viewport” content=”width=device-width, initial-scale=1.0″><!– Latest compiled and minified CSS –><link rel=”stylesheet” href=”https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css”><!– jQuery library –><script src=”https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js”></script><!– Latest compiled JavaScript –><script src=”https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js”></script><!—— Include the above in your HEAD tag ———-><script type=”text/javascript” src=”script/validation.min.js”></script><script type=”text/javascript” src=”script/login.js”></script><style>/* BASIC */body {font-family: “Poppins”, sans-serif;height: 100vh;}a {color: #92badd;display:inline-block;text-decoration: none;font-weight: 400;}h2 {text-align: center;font-size: 16px;font-weight: 600;text-transform: uppercase;display:inline-block;margin: 40px 8px 10px 8px;color: #cccccc;}/* STRUCTURE */.wrapper {display: flex;align-items: center;flex-direction: column;justify-content: center;width: 100%;min-height: 100%;padding: 20px;}#formContent {-webkit-border-radius: 10px 10px 10px 10px;border-radius: 10px 10px 10px 10px;background: #fff;padding: 30px;width: 90%;max-width: 450px;position: relative;padding: 0px;-webkit-box-shadow: 0 30px 60px 0 rgba(0,0,0,0.3);box-shadow: 0 30px 60px 0 rgba(0,0,0,0.3);text-align: center;}#formFooter {background-color: #f6f6f6;border-top: 1px solid #dce8f1;padding: 25px;text-align: center;-webkit-border-radius: 0 0 10px 10px;border-radius: 0 0 10px 10px;}/* TABS */h2.inactive {color: #cccccc;}h2.active {color: #0d0d0d;border-bottom: 2px solid #5fbae9;}/* FORM TYPOGRAPHY*/input[type=button], input[type=submit], input[type=reset] {background-color: #56baed;border: none;color: white;padding: 15px 80px;text-align: center;text-decoration: none;display: inline-block;text-transform: uppercase;font-size: 13px;-webkit-box-shadow: 0 10px 30px 0 rgba(95,186,233,0.4);box-shadow: 0 10px 30px 0 rgba(95,186,233,0.4);-webkit-border-radius: 5px 5px 5px 5px;border-radius: 5px 5px 5px 5px;margin: 5px 20px 40px 20px;-webkit-transition: all 0.3s ease-in-out;-moz-transition: all 0.3s ease-in-out;-ms-transition: all 0.3s ease-in-out;-o-transition: all 0.3s ease-in-out;transition: all 0.3s ease-in-out;}input[type=button]:hover, input[type=submit]:hover, input[type=reset]:hover {background-color: #39ace7;}input[type=button]:active, input[type=submit]:active, input[type=reset]:active {-moz-transform: scale(0.95);-webkit-transform: scale(0.95);-o-transform: scale(0.95);-ms-transform: scale(0.95);transform: scale(0.95);}input[type=text],[type=password] {background-color: #f6f6f6;border: none;color: #0d0d0d;padding: 15px 32px;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;margin: 5px;width: 85%;border: 2px solid #f6f6f6;-webkit-transition: all 0.5s ease-in-out;-moz-transition: all 0.5s ease-in-out;-ms-transition: all 0.5s ease-in-out;-o-transition: all 0.5s ease-in-out;transition: all 0.5s ease-in-out;-webkit-border-radius: 5px 5px 5px 5px;border-radius: 5px 5px 5px 5px;}input[type=text],[type=password]:focus {background-color: #fff;border-bottom: 2px solid #5fbae9;}input[type=text],[type=password]:placeholder {color: #cccccc;}/* ANIMATIONS *//* Simple CSS3 Fade-in-down Animation */.fadeInDown {-webkit-animation-name: fadeInDown;animation-name: fadeInDown;-webkit-animation-duration: 1s;animation-duration: 1s;-webkit-animation-fill-mode: both;animation-fill-mode: both;}@-webkit-keyframes fadeInDown {0% {opacity: 0;-webkit-transform: translate3d(0, -100%, 0);transform: translate3d(0, -100%, 0);}100% {opacity: 1;-webkit-transform: none;transform: none;}}@keyframes fadeInDown {0% {opacity: 0;-webkit-transform: translate3d(0, -100%, 0);transform: translate3d(0, -100%, 0);}100% {opacity: 1;-webkit-transform: none;transform: none;}}/* Simple CSS3 Fade-in Animation */@-webkit-keyframes fadeIn { from { opacity:0; } to { opacity:1; } }@-moz-keyframes fadeIn { from { opacity:0; } to { opacity:1; } }@keyframes fadeIn { from { opacity:0; } to { opacity:1; } }.fadeIn {opacity:0;-webkit-animation:fadeIn ease-in 1;-moz-animation:fadeIn ease-in 1;animation:fadeIn ease-in 1;-webkit-animation-fill-mode:forwards;-moz-animation-fill-mode:forwards;animation-fill-mode:forwards;-webkit-animation-duration:1s;-moz-animation-duration:1s;animation-duration:1s;}.fadeIn.first {-webkit-animation-delay: 0.4s;-moz-animation-delay: 0.4s;animation-delay: 0.4s;}.fadeIn.second {-webkit-animation-delay: 0.6s;-moz-animation-delay: 0.6s;animation-delay: 0.6s;}.fadeIn.third {-webkit-animation-delay: 0.8s;-moz-animation-delay: 0.8s;animation-delay: 0.8s;}.fadeIn.fourth {-webkit-animation-delay: 1s;-moz-animation-delay: 1s;animation-delay: 1s;}/* Simple CSS3 Fade-in Animation */.underlineHover:after {display: block;left: 0;bottom: -10px;width: 0;height: 2px;background-color: #56baed;content: “”;transition: width 0.2s;}.underlineHover:hover {color: #0d0d0d;}.underlineHover:hover:after{width: 100%;}/* OTHERS */*:focus {outline: none;}#icon {width:60%;}</style><div class=”wrapper fadeInDown”><div id=”formContent”><!– Tabs Titles –><!– Icon –><div class=”fadeIn first”><img src=”/admin/logo.png” id=”icon” alt=”User Icon” /></div><div id=”error”></div><!– Login Form –><form class=”form-login” method=”post” id=”login-form”><input type=”text” id=”user_email” class=”fadeIn second” name=”user_email” placeholder=”Email”><span id=”check-e”></span><input type=”password” id=”password” class=”fadeIn third” name=”password” placeholder=”Password”><button type=”submit” class=”btn btn-success” name=”login_button” id=”login_button”><span class=”glyphicon glyphicon-log-in”></span> Sign In</button><div id=”result”><?php echo $msg?></div></form><!– Remind Passowrd –><div id=”formFooter”><a class=”underlineHover” href=”#”>Forgot Password?</a></div></div></div><?}?>
First we have to start session
session_start();
Then we will check session variable exit or not
if not set session it will redirect to Login Page
Download script for validation
<script type=”text/javascript” src=”script/validation.min.js”></script>
<script type=”text/javascript” src=”script/login.js”></script>
Login.js
$(‘document’).ready(function() {/* handling form validation */$(“#login-form”).validate({rules: {password: {required: true,},user_email: {required: true,email: true},},messages: {password:{required: “please enter your password”},user_email: “please enter your email address”,},submitHandler: submitForm});/* Handling login functionality */function submitForm() {var data = $(“#login-form”).serialize();$.ajax({type : ‘POST’,url : ‘login.php’,data : data,beforeSend: function(){$(“#error”).fadeOut();$(“#login_button”).html(‘<span class=”glyphicon glyphicon-transfer”></span> sending …’);},success : function(response){if(response==”ok”){$(“#login_button”).html(‘<img src=”ajax-loader.gif” /> Signing In …’);setTimeout(‘ window.location.href = “/admin”; ‘,4000);} else {$(“#error”).fadeIn(1000, function(){$(“#error”).html(‘<div class=”alert alert-danger”> <span class=”glyphicon glyphicon-info-sign”></span> ‘+response+’ !</div>’);$(“#login_button”).html(‘<span class=”glyphicon glyphicon-log-in”></span> Sign In’);});}}});return false;}});
Create a page in a root directory login.php
<?phpsession_start();require(‘../admin/Connection/DBClass.php’);$db = new DBClass();// $msg=”;if(isset($_POST[‘login_button’])) {$time=time()-60;$ip_address=getIpAddr();// Getting total count of hits on the basis of IP$ipcount= $db->query(“select count(*) as total_count from loginlogs where TryTime > $time and IpAddress=’$ip_address'”);$check_login_row=mysqli_fetch_assoc($ipcount);$total_count=$check_login_row[‘total_count’];if($total_count==3){// $msg=”To many failed login attempts. Please login after 30 sec”;echo “To many failed login attempts. Please login after 60 sec <br/>”;}else{$user_email = trim($_POST[‘user_email’]);$resultset = $db->query(“SELECT * FROM `tbl_user` WHERE `email`=’$user_email'”);if($resultset->num_rows >0){$data = $resultset->fetch_assoc();$salt = $data[‘salt’];$password = $_POST[“password”];$dbpassword = $data[“password”];if(sha1($salt.$password)== $dbpassword){echo “ok”;$_SESSION[‘userid’] = $data[‘id’];$_SESSION[’email’] = $data[’email’];// print_r($_SESSION);$db->query(“delete from loginlogs where IpAddress=’$ip_address'”);}else{$total_count++;$rem_attm=3-$total_count;if($rem_attm==0){// $msg=”To many failed login attempts. Please login after 300 sec”;echo “To many failed login attempts. Please login after 60 sec”;}else{// $msg=”Please enter valid login details.<br/>$rem_attm attempts remaining”;echo “Please enter valid login details.<br/>$rem_attm attempts remaining”;}$try_time=time();$db->query(“INSERT INTO `loginlogs`(`IpAddress`, `TryTime`) VALUES (‘$ip_address’,’$try_time’)”);// echo ‘Wrong Password’;}}}}// Getting IP Addressfunction getIpAddr(){if (!empty($_SERVER[‘HTTP_CLIENT_IP’])){$ipAddr=$_SERVER[‘HTTP_CLIENT_IP’];}elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_FOR’])){$ipAddr=$_SERVER[‘HTTP_X_FORWARDED_FOR’];}else{$ipAddr=$_SERVER[‘REMOTE_ADDR’];}return $ipAddr;}?>
Database Connectivityrequire(‘../admin/Connection/DBClass.php’);DBClass.php
<?phprequire_once( ‘DBSettings.php’ );class DBClass extends DatabaseSettings{var $classQuery;var $link;var $errno = ”;var $error = ”;function __construct(){$settings = DatabaseSettings::getSettings();$host = $settings[‘dbhost’];$name = $settings[‘dbname’];$user = $settings[‘dbusername’];$pass = $settings[‘dbpassword’];$this->link = new mysqli( $host , $user , $pass , $name );}function query( $query ) {$this->classQuery = $query;return $this->link->query( $query );}function lastInsertedID(){if($this->link->insert_id)return $this->link->insert_id;else$this->link->errno;}}?>
For full source code you can comment me
