Postingan lainnya
Blokir user saat gagal login
cara blokir user saat gagal login berkali2 gimana gan..? ini kode saya gan
Controller
public function login_proses() {
$this->form_validation->set_rules('email', 'E-mail', 'trim|required|min_length[3]|max_length[45]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[5]|max_length[12]');
if ($this->form_validation->run() == TRUE) {
if($this->m_user->m_cek_mail()->num_rows()==1) {
$db=$this->m_user->m_cek_mail()->row();
if(hash_verified($this->input->post('password'),$db->password)) {
$data_login=array('is_login'=>TRUE,
'email' =>$db->email,
'nama' =>$db->nama);
$this->session->set_userdata($data_login);
redirect('user/dashboard','refresh');
} else {
$this->session->set_flashdata('pesan', 'Login gagal: password salah!');
$this->db->set('attempts', ($db->attempts + 1), FALSE);
redirect('/','refresh');
}
} else { // jika email tidak terdaftar!
$this->session->set_flashdata('pesan', 'Login gagal: email salah!');
redirect('/','refresh');
}
} else {
$this->load->view('user/form_login');
}
}
View
<div class="col-md-4">
<h2 class="my-4">Login
<small>user</small>
</h2>
<font color="green"><?php echo $this->session->flashdata('pesan'); ?></font>
<?php echo form_open('user/login_proses',''); ?>
<div class="form-group">
<label for="exampleInputEmail1">e-mail</label>
<input type="email" name="email"class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp">
<?php echo form_error('email', '<div class="text-danger"><small>', '</small></div>');?>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" name="password" class="form-control" id="exampleInputPassword1">
<?php echo form_error('password', '<div class="text-danger"><small>', '</small></div>');?>
</div>
<button type="submit" class="btn btn-primary">Sign In</button>
<?php echo form_close(); ?>
<br>
<p>
Buat akun baru: <?php echo anchor('user/register', 'Register!', 'attributes'); ?>
</p>
</div>
0
1 Jawaban:
Ini salah satu caranya:
- tambah di database satu kolom pada table user: login_attempt (tiny integer)
- setiap login gagal (pada conditional else), tambahkan angkanya 1
- lalu setiap sebelum mencoba login, cek nilai dari
login_attempt
ini, kalau sudah di batas tertentu (contoh 3) maka langsung redirect atau lakukan apapun yang kamu mau.
0