Blokir user saat gagal login

cara blokir user saat gagal login berkali2 gimana gan..? ini kode saya gan

Controller

public function login_proses() {

  $this->form_validation->set_rules('email', 'E-mail', 'trim|required|min_length[3]|max_length[45]');
  $this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[5]|max_length[12]');

    if ($this->form_validation->run() == TRUE) {

          if($this->m_user->m_cek_mail()->num_rows()==1) {

            $db=$this->m_user->m_cek_mail()->row();
            if(hash_verified($this->input->post('password'),$db->password)) {

                    $data_login=array('is_login'=>TRUE,
                            'email'  =>$db->email,
                            'nama'   =>$db->nama);

                    $this->session->set_userdata($data_login);
                    redirect('user/dashboard','refresh');

                        } else {

                        $this->session->set_flashdata('pesan', 'Login gagal: password salah!');
                        $this->db->set('attempts', ($db->attempts + 1), FALSE);
                        redirect('/','refresh');
                        }

          } else { // jika email tidak terdaftar!

          $this->session->set_flashdata('pesan', 'Login gagal: email salah!');
          redirect('/','refresh');

          }

    } else {

    	$this->load->view('user/form_login');
    }

  }

View

<div class="col-md-4">

        <h2 class="my-4">Login
          <small>user</small>
        </h2>

  <font color="green"><?php echo $this->session->flashdata('pesan'); ?></font>
  <?php echo form_open('user/login_proses',''); ?>
  <div class="form-group">
    <label for="exampleInputEmail1">e-mail</label>
    <input type="email" name="email"class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp">
    <?php echo form_error('email', '<div class="text-danger"><small>', '</small></div>');?>
  </div>

  <div class="form-group">
    <label for="exampleInputPassword1">Password</label>
    <input type="password" name="password" class="form-control" id="exampleInputPassword1">
    <?php echo form_error('password', '<div class="text-danger"><small>', '</small></div>');?>
  </div>

  <button type="submit" class="btn btn-primary">Sign In</button>
<?php echo form_close(); ?>
<br>
<p>
Buat akun baru: <?php echo anchor('user/register', 'Register!', 'attributes'); ?>
</p>
</div>

avatar MRifai
@MRifai

18 Kontribusi 0 Poin

Diperbarui 1 bulan yang lalu

1 Jawaban:

Ini salah satu caranya:

  • tambah di database satu kolom pada table user: login_attempt (tiny integer)
  • setiap login gagal (pada conditional else), tambahkan angkanya 1
  • lalu setiap sebelum mencoba login, cek nilai dari login_attempt ini, kalau sudah di batas tertentu (contoh 3) maka langsung redirect atau lakukan apapun yang kamu mau.
avatar hilmanski
@hilmanski

2690 Kontribusi 2138 Poin

Dipost 1 bulan yang lalu

Login untuk ikut Jawaban