I have implemented a login system where after 3 unsuccessful tries (using $_SESSION variables) a cookie is created on the user's computer which expires in 10 minutes. Now I know this is certainly not sufficient, as they can just delete the cookie. Now, what I want to know is, when I implement a table to capture incorrect logins via IP's & username combos, when does this table get cleared? When the user successfully logs in after the block time has expired?
Let's say this table get populated with a 1000 entries, how do I automatically clear this开发者_运维知识库? What is the structure of the table?
I propose this:
4 fields: ID, IP, username (which will be their email address), block_time (time user can log in again)?You can create a record after first unsuccessful login, and remove it after login succeeds.
The second approach would be creating "modified" column, and cleaning it using some php-cron script.
INSERT INTO user_logins(user_hash, time) VALUES(?,?)
ON DUPLICATE KEY UPDATE time = now()
of course, your primary key would be user_hash.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论