PHoutenbos
Member-
Posts
15 -
Joined
-
Last visited
PHoutenbos's Achievements
Newbie (1/14)
0
Reputation
-
That's right. I have now used the code below which unfortunately does not work . He places the data in the database , such as IP , time and username . Only the user is not blocked for 30 min Data in my database table: loginFail_id username IP dateAndTime 20 Test censored 2014-09-25 21:17:47 my login.php file: <?php include("centraalhart.php"); if (isset($_POST['username'])) { // get data $FP->Template->setData('input_user', $_POST['username']); $FP->Template->setData('input_pass', $_POST['password']); // validate data if ($_POST['username'] == '' || $_POST['password'] == '') { // show error if ($_POST['username'] == '') { $FP->Template->setData('error_user', 'required'); } if ($_POST['password'] == '') { $FP->Template->setData('error_pass', 'required'); } $FP->Template->setAlert('Alle velden zijn verplicht', 'error'); echo '<script type="text/javascript">jQuery.colorbox.resize();</script>'; $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else if ($FP->Auth->validateLogin($FP->Template->getData('input_user'), $FP->Template->getData('input_pass')) == FALSE) { // invalid login $FP->Template->setAlert('Ongeldige gebruikersnaam of wachtwoord!', 'error'); echo '<script type="text/javascript">jQuery.colorbox.resize();</script>'; $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else { // successful log in $_SESSION['username'] = $FP->Template->getData('input_user'); $_SESSION['loggedin'] = TRUE; $FP->Template->load(APP_PATH . "core/views/v_loggingin.php"); } } else { $FP->Template->load(APP_PATH . "core/views/v_login.php"); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['username']) && trim($_POST['username']) != '' && isset($_POST['password']) && trim($_POST['password']) != '') { try { //initialisatie $maxAttempts = 3; //pogingen binnen aantal minuten (zie volgende) $attemptsTime = 5; //tijd waarin pogingen gedaan mogen worden (in minuten, wil je dat in seconden e.d. met je de query aanpassen) //vul hier je eigen databasegegevens in, verbinding maken met database //ophalen gebruikersinformatie, testen of wachtwoord en gebruikersnaam overeenkomen $checkUsers = "SELECT memberID FROM users WHERE username = :username AND password = :password"; $userStmt = $db->prepare($checkUsers); $userStmt->execute(array( ':username' => $_POST['username'], ':password' => hash('sha256', $_POST['username'] . $_POST['password']) )); $user = $userStmt->fetchAll(); //ophalen inlogpogingen, alleen laatste vijf minuten $checkTries = "SELECT username FROM loginfail WHERE DateAndTime >= NOW() - INTERVAL :attemptsTime MINUTE AND username = :username GROUP BY username, IP HAVING (COUNT(username) = :maxAttempts)"; $triesStmt = $db->prepare($checkTries); $triesStmt->execute(array( ':username' => $_POST['username'], ':attemptsTime' => $attemptsTime, ':maxAttempts' => $maxAttempts )); $tries = $triesStmt->fetchAll(); if (count($user) == 1 && count($tries) == 0) { $_SESSION['user'] = array('memberID' => $user[0]['memberID'], 'IP' => $_SERVER['REMOTE_ADDR']); //pagina waar naartoe nadat er succesvol is ingelogd header('Location: core/views/v_loggingin.php'); die; } else { $insertTry = "INSERT INTO loginfail (username, IP, dateAndTime) VALUES (:username, :IP, NOW())"; $insertStmt = $db->prepare($insertTry); $insertStmt->execute(array( ':username' => $_POST['username'], ':IP' => $_SERVER['REMOTE_ADDR'] )); if(count($tries) > 0) { $message = 'You have too many times tried the wronge username/password. Please wait a few minutes to login'; } else { $message = 'invalid username/password. Please try again'; } } } catch (PDOException $e) { $message = $e->getMessage(); } $db = NULL; } else { $message = 'please fill in all required information'; } }
-
Hello, i have a question i followed the CMS video but i like to intergrate a 3 times login attempts but how? is there any tutorial for that?
-
Yeaaaaaah! it works thanks a lot!
-
Sure! you can download the zip file here http://pascalhoutenbos.nl/PassieCMS.zip
-
No, there are no errors in the JS console. Jquery and colorbox.js are loaded correctly. It even load the cbox divs when i enter ?login. <html> <head></head> <body class="home "> <div id="wrapper"></div> <div id="cboxOverlay" style="display: none;"> </div> <div id="colorbox" class="" role="dialog" tabindex="-1" style="display: none;"></div> </body> </html>
-
Yes unfortunately. in firefox is to see that colorbox and css file to be loaded. but as soon as I click on login does not pop up by colorbox. I've watched the video again. I can not find the problem
-
<link href="<?php echo APP_RESOURCES; ?>css/fp_style.css" media="screen" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="http://code.jquery.com/jquery-1.11.1.min.js"></script> <script type="text/javascript">$.noConflict();</script> <script type="text/javascript" src="<?php echo APP_RESOURCES; ?>javascript/colorbox/colorbox.js"></script> <link href="<?php echo APP_RESOURCES; ?>javascript/colorbox/colorbox.css" media="screen" rel="stylesheet" type="text/css" /> <script type="text/css"> jQuery(document).ready(function($) { $.colorbox({ transition: 'fade', initialWidth: '50px', initialHeight: '50px', scrolling: false, opacity: .6, href: '<?php echo SITE_PATH; ?>app/login.php', }); }); </script>
-
Yes I've seen. for correct grammar, I use google translator. to be sure that this code has adjusted the correct code that I stand is as indicated.
-
Okay! login functionality is working correctly, I can log in and log out. But then I have in browser or enter the full path as CMS / app / login.php. This window would be opened but not with colorbox. I'm even further as video 20 because I did not get the colorbox working function. I have latest updated version controlled unfortunately this has not worked. syntax error with noconflict remains active. But if I move the script files then I lost this syntax error example is <Link href = "<php echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.com/jquery-1.11.1.min.js"> </ script> <Script type = "text / javascript" src = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Link href = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/css"> jQuery (document). ready (function ($) { $. Colorbox ({ transition: 'fade', initial width: '50px " initial height: '50px " scrolling: false, opacity: .6, href: '<php echo site_path;? > App / login.php " }); }); </ Script> the background of the title tag <h1> also get suddenly the css style along with the v_login.php fp_style and get a green background
-
This was the problem, it works well now! I had forgotten that piece suit. I am working on video 20 because I'm stuck there with colorbox but that is described in the other topic.
-
if i leave it blank this is the respons Warning: mysqli::mysqli(): (HY000/1045): Access denied for user 'root'@'localhost' (using password: NO) in C:\xampp\htdocs\PassieCMS\app\core\core.php on line 13 Warning: mysqli::close(): Couldn't fetch mysqli in C:\xampp\htdocs\PassieCMS\app\core\core.php on line 30 the password for my is also root. i logout in phpmyadmin and sign in again with username root en password root.
-
The gaps are created by adding the code in the text editor in this forum so not in the script Tonight I will have a look at the new video. otherwise I just start the course again maybe I'm forgetting something
-
I use the program Xampp the problem seems to occur in the database syntax of rule 28. for once I insert the query in phpmyadmin to test the code, I get the following message SELECT * FROM users WHERE username =? AND password =? LIMIT 0, 25 MySQL reports: Documentation # 1064 - You have an error in your SQL syntax; check the manual That corresponds to your MySQL server version pounds for the right syntax to use near '? AND password =? LIMIT 0, 25 'at line 1 When i enter SELECT * FROM users WHERE username AND password this is the result MySQL returned an empty result set returned (0 rows). (Query took 0.0003 sec)
-
I have a problem. I have followed the video course and the full code adopted. I still do not have a login box and the colorbox does not seem to work. i also get a syntax error with noconflict below my code: <Link href = "<php echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.c...n.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Script type = "text / javascript" src = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <Link href = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> </ Script> Does anyone know what the problem could be?
-
I have a problem. I have followed the video course and the full code adopted. (i'm not finished yet with the course) I still do not have a login box and the colorbox does not seem to work. i also get a syntax error with noconflict below my code: t_login.php <Link href = "<php echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.c...n.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Script type = "text / javascript" src = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <Link href = "<php echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> </ Script> Login.php <?php include("init.php"); if (isset($_POST['submit'])) { // get data $FP->Template->setData('input_user', $_POST['username']); $FP->Template->setData('input_pass', $_POST['password']); // validate data if ($_POST['username'] == '' || $_POST['password'] == '') { // show error if ($_POST['username'] == '') { $FP->Template->setData('error_user', 'required field!'); } if ($_POST['password'] == '') { $FP->Template->setData('error_pass', 'required field!'); } $FP->Template->setAlert('Please fill in all required fields', 'error'); $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else if ($FP->Auth->validateLogin($FP->Template->getData('input_user'), $FP->Template->getData('input_pass')) == FALSE) { // invalid login $FP->Template->setAlert('Invalid username or password!', 'error'); $FP->Template->load(APP_PATH . "views/v_login.php"); } else { // successful log in $_SESSION['username'] = $FP->Template->getData('input_user'); $_SESSION['loggedin'] = TRUE; $FP->Template->load(APP_PATH . "core/views/v_loggingin.php"); } } else { $FP->Template->load(APP_PATH . "core/views/v_login.php"); } init.php: <?php /* INIT Basic configuration settings */ // create application settings define("SITE_PATH","http://localhost/PassieCMS/"); //<- aanpassen define ("APP_PATH", str_replace("\\","/",dirname(__FILE__)) . "/"); define("SITE_RESOURCES", "http://localhost/PassieCMS/resources/"); define("APP_RESOURCES", "http://localhost/PassieCMS/app/resources/"); define("SITE_CSS", "http://localhost/PassieCMS/resources/css/style.css"); //<-aanpassen indien andere template // database settings $server = 'localhost'; // database server/host $user = 'root'; //gebruikersnaam database $pass = 'root'; // wachtwoord database $db = 'fp_cms'; // selecteert database // error reporting mysqli_report(MYSQLI_REPORT_ERROR); // create FlightPath core object require_once(APP_PATH . "core/core.php"); $FP = new FlightPath_Core($server, $user, $pass, $db); Core.php <?php /* core FlightPath class Creates the central FlightPath object, as well as core functionality */ class FlightPath_Core { public $Template, $Auth, $Database; function __construct($server, $user, $pass, $db) { //create database connection $this->Database = new mysqli($server, $user, $pass, $db); // create template object include(APP_PATH . "core/models/m_template.php"); $this->Template = new Template(); $this->Template->setAlertTypes(array('success', 'warning', 'error')); // create auth object include(APP_PATH . "core/models/m_auth.php"); $this->Auth = new Auth(); // start session session_start(); } function __destruct() { $this->Database->close(); } function head() { if ($this->Auth->checkLoginStatus()) { include(APP_PATH . "core/templates/t_head.php"); } if (isset($_GET['login']) && $this->Auth->checkLoginStatus() == FALSE) { include(APP_PATH . "core/templates/t_login.php"); } } function body_class() { if ($this->Auth->checkLoginStatus()) { echo " fp_editing"; } } function toolbar() { if ($this->Auth->checkLoginStatus()) { include(APP_PATH . "core/templates/t_toolbar.php"); } } function login_link() { if ($this->Auth->checkLoginStatus()) { echo "<a href='" . SITE_PATH . "app/logout.php'>Logout</a>"; } else { echo "<a href='?login'>Login</a>"; } } } index.php <?php include ("app/init.php");?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>PassieCMS</title> <link href="resources/css/style.css" rel="stylesheet" type="text/css"> <?php $FP->head();?> </head> <body class="home <?php $FP->body_class();?>"> <?php $FP->toolbar();?> <div id="wrapper"> <h1>Website</h1> <div id="banner"> <img src="resources/images/banner.jpg" alt="banner" width="900" height="140"> </div> <ul id="nav"> <li><a href="#">Home</a></li> <li><a href="#">Test link</a></li> <li><a href="#">Longer Text Link</a></li> <li><a href="#">Contact us</a></li> </ul> <div id="content"> <div class="left"> <h2>Header info...</h2> <p>Text here...</p> </div> <div class="right"> <p>Text here...</p> <p>Text here...</p> </div> </div> <div id="footer"> Copyright 2014 PassieCMS | <?php $FP->login_link();?> </div> </div> </body> </html> M_auth: <?php /* Authorization Class Deal with auth tasks */ class Auth { private $salt = '2pkhout'; /* Constructor */ function __construct() { } /* Functions */ function validateLogin($user, $pass) { // access db global $Database; // create query if ($stmt = $Database->prepare("SELECT * FROM users WHERE username = ? AND password = ?")) { $stmt->bind_param("ss", $user, md5($pass . $this->salt)); $stmt->execute(); $stmt->store_result(); // check for num rows if ($stmt->num_rows > 0) { // success $stmt->close(); return TRUE; } else { // failure $stmt->close(); return FALSE; } } else { die("ERROR: Could not prepare MySQLi statement."); } } function checkLoginStatus() { if (isset($_SESSION['loggedin'])) { return TRUE; } else { return FALSE; } } function logout() { session_destroy(); session_start(); } } v_login <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Log In</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link href="views/style.css" media="screen" rel="stylesheet" type="text/css"> </head> <body> <h1>Log In</h1> <div id="content"> <form action="" method="post"> <div> <?php $alerts = $this->getAlerts(); if ($alerts != '') { echo '<ul class="alerts">' . $alerts . '</ul>'; } ?> <div class="row"> <label for="username">Username: *</label> <input type="text" name="username" value="<?php echo $this->getData('input_user'); ?>"> <div class="error"><?php echo $this->getData('error_user'); ?></div> </div> <div class="row"> <label for="password">Password: *</label> <input type="password" name="password" value="<?php echo $this->getData('input_pass'); ?>"> <div class="error"><?php echo $this->getData('error_pass'); ?></div> </div> <div class="row"> <p class="required">* required</p> <input type="submit" name="submit" class="submit" value="Submit"> </div> </div> </form> </div> </body> </html> And also when i try to login i get the following error: Fatal error: Call to a member function prepare() on a non-object in C:\xampp\htdocs\PassieCMS\app\core\models\m_auth.php on line 28 Does anyone know what the problem could be?