blocking users

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

blocking users

Doood
hi,
I want to know how to block an account after logining in for more than 3 times using the zend framework.

thanks in advance
Reply | Threaded
Open this post in threaded view
|

Re: blocking users

Ralph Schindler-2
Attempting to log in with bad credentials 3 times?

Or simply only allowing them to log in 3 times per account?

-ralph

Doood wrote:
> hi,
> I want to know how to block an account after logining in for more than 3
> times using the zend framework.
>
> thanks in advance
Reply | Threaded
Open this post in threaded view
|

Re: blocking users

Hector Virgen
If you're using database authentication, take a look at this page to see how you can add extra conditionals to the adapter:


If you want to prevent login after 3 unsuccessful attempts, you can add a "failed_login_attempts" field to your users table, and increment the value each time the authentication fails.

-Hector


On Wed, Apr 15, 2009 at 2:07 PM, Ralph Schindler <[hidden email]> wrote:
Attempting to log in with bad credentials 3 times?

Or simply only allowing them to log in 3 times per account?

-ralph


Doood wrote:
hi, I want to know how to block an account after logining in for more than 3
times using the zend framework.

thanks in advance


--
Hector Virgen
Reply | Threaded
Open this post in threaded view
|

Re: blocking users

Ralph Schindler-2
In reply to this post by Doood


If you are using a database, and thus using the
Zend_Auth_Adapter_DbTable, here is one way to handle this:

In your users table, add a column called failed_auth_attempts as an integer.

As Hector points out, setup the adapter to check that the value in this
column is not larger than 3 as part of the credential treatment.

http://framework.zend.com/manual/en/zend.auth.adapter.dbtable.html#zend.auth.adapter.dbtable.advanced.advanced_usage

(BTW, as of 1.8 you will be able to get the select object from this
adapter).

Then, if there is an unsuccessful login, check the code for the
authentication attempt getCode().  If the code is
Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, I would then use the
credential as the key for the row to update.. and update the
failed_auth_attempts = its value + 1.

On a successful login, be sure to set the failed_auth_attempts back to 0.

Hope this helps.

-ralph

Doood wrote:
> hi,
> I want to know how to block an account after logining in for more than 3
> times using the zend framework.
>
> thanks in advance
Reply | Threaded
Open this post in threaded view
|

Re: blocking users

SalmaRayan
In reply to this post by Hector Virgen
Could you please send me the increment code, it increments in the first time and then stops i guess there is something wrong. This is my Code
$this->view->message = 'Login failed you probably enterd your user name or password Incorrectly';
                                        $db = Zend_Registry::get('db');
                                        $i=0;
                                        $i+=+1;
                                        $data = array(    'failed_logins'  => $i);
                                        $n = $db->update('account478', $data, "username='$uname'");
                                        $this->view->form = $form;
                                        $form->populate($Data);

please help me

Hector Virgen wrote
If you're using database authentication, take a look at this page to see how
you can add extra conditionals to the adapter:
http://framework.zend.com/manual/en/zend.auth.adapter.dbtable.html#zend.auth.adapter.dbtable.advanced.advanced_usage

If you want to prevent login after 3 unsuccessful attempts, you can add a
"failed_login_attempts" field to your users table, and increment the value
each time the authentication fails.

-Hector


On Wed, Apr 15, 2009 at 2:07 PM, Ralph Schindler
<ralph.schindler@zend.com>wrote:

> Attempting to log in with bad credentials 3 times?
>
> Or simply only allowing them to log in 3 times per account?
>
> -ralph
>
>
> Doood wrote:
>
>> hi, I want to know how to block an account after logining in for more than
>> 3
>> times using the zend framework.
>>
>> thanks in advance
>>
>
>