记录三次失败的登录尝试 - Log three failed login attempts

我需要一个记录登录尝试的脚本：如果用户尝试使用错误的密码登录3次，那么脚本将提醒用户以另一种方式登录。

我试过这种方法，但不起作用。我应该如何做到这一点？还将感谢对该代码的实现方式的解释。

public function log($usrname, $password, $type) {
    try {
        $stmt = $this->db->prepare("SELECT * FROM $table WHERE username=:username and password =:password and type=:type");
        $stmt->execute(array(':username' => $usrname, ':password' => $password, ':type' => $type));
        $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($stmt->rowCount()== 1) {
            echo "loged in";
            } else if($stmt->rowCount == 0){
                $ec = 0;
                $error = ++$ec;
                if(count($error)== 3){
                    echo "you provide wrong username and password 3 times";
                }
            }
        }
    } catch (PDOException $e) {
        $e->getMessage();
    }
}

数据库表中应该有一个"尝试"字段，每次使用错误密码登录时，只需将计数更新到表字段中，就可以在错误条件中检查尝试计数。如果登录成功，只需将尝试次数重置为0。

我在这里提供了代码逻辑。但我没有测试过。用这个逻辑。

但我建议你检查一下你的表上是否注册了用户名

 public function log($usrname, $password, $type) {
        try {
            $stmt0 = $this->db->prepare("SELECT username FROM $table WHERE username=:username");                
            $stmt0->execute(array(':username' => $usrname);
            if ($stmt0->rowCount()== 1) {
                  $stmt = $this->db->prepare("SELECT * FROM $table WHERE username=:username and password =:password and type=:type");
                  $stmt->execute(array(':username' => $usrname, ':password' => $password, ':type' => $type));
                  $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
                  if ($stmt->rowCount()== 1) {
                      echo "loged in";
                      // UPDATE THE attempt field to 0 here
                       $stmt2 = $this->db->prepare("UPDATE $table SET attempt=:attepmt WHERE username=:username");
                       $stmt2->execute(array(':username' => $usrname, ':attempt' => 0));
                  }else if($stmt->rowCount == 0){                    
                           // select the attempt field and check this is 3
                          $stmt3 = $this->db->prepare("SELECT attempt FROM $table WHERE username=:username");
                          $stmt3->execute(array(':username' => $usrname));
                          $obj= $stmt3->fetch(PDO::FETCH_OBJ);
                          if($obj->attempt==3){                           
                              echo "you provide wrong username and password 3 times";
                          }
                      $attempt = $obj->attempt+1;
                      $stmt4 = $this->db->prepare("UPDATE $table SET attempt=:attepmt WHERE username=:username");
                      $stmt4->execute(array(':username' => $usrname, ':attempt' => $attempt));

                  }

            }else{
              echo "Username  is not  found in table !";
            }
        } catch (PDOException $e) {
            $e->getMessage();
        }

}

您可以使用$_SESSION来计算尝试次数。

public function log($usrname, $password, $type) {
    try {
        $stmt = $this->db->prepare("SELECT * FROM $table WHERE username=:username and password =:password and type=:type");
        $stmt->execute(array(':username' => $usrname, ':password' => $password, ':type' => $type));
        $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($stmt->rowCount()== 1) {
            echo "loged in";
            } else if($stmt->rowCount == 0){
                if(isset($_SESSION['attempt']))
                 {
                   $_SESSION['attempt']=$_SESSION['attempt']+1;
                  }else {
                    $_SESSION['attempt']=1;
                  }
                $error = ++$ec;
                if($_SESSION['attempt']== 3){
                    echo "you provide wrong username and password 3 times";
                }
            }
        }
    } catch (PDOException $e) {
        $e->getMessage();
    }
}