PHoutenbos

That's right. I have now used the code below which unfortunately does not work . He places the data in the database , such as IP , time and username . Only the user is not blocked for 30 min Data in my database table: loginFail_id username IP dateAndTime 20 Test censored 2014-09-25 21:17:47 my login.php file: <?php include("centraalhart.php"); if (isset($_POST['username'])) { // get data $FP->Template->setData('input_user', $_POST['username']); $FP->Template->setData('input_pass', $_POST['password']); // validate data if ($_POST['username'] == '' || $_POST['password'] == '') { // show error if ($_POST['username'] == '') { $FP->Template->setData('error_user', 'required'); } if ($_POST['password'] == '') { $FP->Template->setData('error_pass', 'required'); } $FP->Template->setAlert('Alle velden zijn verplicht', 'error'); echo '<script type="text/javascript">jQuery.colorbox.resize();</script>'; $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else if ($FP->Auth->validateLogin($FP->Template->getData('input_user'), $FP->Template->getData('input_pass')) == FALSE) { // invalid login $FP->Template->setAlert('Ongeldige gebruikersnaam of wachtwoord!', 'error'); echo '<script type="text/javascript">jQuery.colorbox.resize();</script>'; $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else { // successful log in $_SESSION['username'] = $FP->Template->getData('input_user'); $_SESSION['loggedin'] = TRUE; $FP->Template->load(APP_PATH . "core/views/v_loggingin.php"); } } else { $FP->Template->load(APP_PATH . "core/views/v_login.php"); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['username']) && trim($_POST['username']) != '' && isset($_POST['password']) && trim($_POST['password']) != '') { try { //initialisatie $maxAttempts = 3; //pogingen binnen aantal minuten (zie volgende) $attemptsTime = 5; //tijd waarin pogingen gedaan mogen worden (in minuten, wil je dat in seconden e.d. met je de query aanpassen) //vul hier je eigen databasegegevens in, verbinding maken met database //ophalen gebruikersinformatie, testen of wachtwoord en gebruikersnaam overeenkomen $checkUsers = "SELECT memberID FROM users WHERE username = :username AND password = :password"; $userStmt = $db->prepare($checkUsers); $userStmt->execute(array( ':username' => $_POST['username'], ':password' => hash('sha256', $_POST['username'] . $_POST['password']) )); $user = $userStmt->fetchAll(); //ophalen inlogpogingen, alleen laatste vijf minuten $checkTries = "SELECT username FROM loginfail WHERE DateAndTime >= NOW() - INTERVAL :attemptsTime MINUTE AND username = :username GROUP BY username, IP HAVING (COUNT(username) = :maxAttempts)"; $triesStmt = $db->prepare($checkTries); $triesStmt->execute(array( ':username' => $_POST['username'], ':attemptsTime' => $attemptsTime, ':maxAttempts' => $maxAttempts )); $tries = $triesStmt->fetchAll(); if (count($user) == 1 && count($tries) == 0) { $_SESSION['user'] = array('memberID' => $user[0]['memberID'], 'IP' => $_SERVER['REMOTE_ADDR']); //pagina waar naartoe nadat er succesvol is ingelogd header('Location: core/views/v_loggingin.php'); die; } else { $insertTry = "INSERT INTO loginfail (username, IP, dateAndTime) VALUES (:username, :IP, NOW())"; $insertStmt = $db->prepare($insertTry); $insertStmt->execute(array( ':username' => $_POST['username'], ':IP' => $_SERVER['REMOTE_ADDR'] )); if(count($tries) > 0) { $message = 'You have too many times tried the wronge username/password. Please wait a few minutes to login'; } else { $message = 'invalid username/password. Please try again'; } } } catch (PDOException $e) { $message = $e->getMessage(); } $db = NULL; } else { $message = 'please fill in all required information'; } }

Hello, i have a question i followed the CMS video but i like to intergrate a 3 times login attempts but how? is there any tutorial for that?

Yeaaaaaah! it works thanks a lot!

Sure! you can download the zip file here http://pascalhoutenbos.nl/PassieCMS.zip

No, there are no errors in the JS console. Jquery and colorbox.js are loaded correctly. It even load the cbox divs when i enter ?login. <html> <head></head> <body class="home "> <div id="wrapper"></div> <div id="cboxOverlay" style="display: none;"> </div> <div id="colorbox" class="" role="dialog" tabindex="-1" style="display: none;"></div> </body> </html>

Yes unfortunately. in firefox is to see that colorbox and css file to be loaded. but as soon as I click on login does not pop up by colorbox. I've watched the video again. I can not find the problem

<link href="<?php echo APP_RESOURCES; ?>css/fp_style.css" media="screen" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="http://code.jquery.com/jquery-1.11.1.min.js"></script> <script type="text/javascript">$.noConflict();</script> <script type="text/javascript" src="<?php echo APP_RESOURCES; ?>javascript/colorbox/colorbox.js"></script> <link href="<?php echo APP_RESOURCES; ?>javascript/colorbox/colorbox.css" media="screen" rel="stylesheet" type="text/css" /> <script type="text/css"> jQuery(document).ready(function($) { $.colorbox({ transition: 'fade', initialWidth: '50px', initialHeight: '50px', scrolling: false, opacity: .6, href: '<?php echo SITE_PATH; ?>app/login.php', }); }); </script>

Yes I've seen. for correct grammar, I use google translator. to be sure that this code has adjusted the correct code that I stand is as indicated.

Okay! login functionality is working correctly, I can log in and log out. But then I have in browser or enter the full path as CMS / app / login.php. This window would be opened but not with colorbox. I'm even further as video 20 because I did not get the colorbox working function. I have latest updated version controlled unfortunately this has not worked. syntax error with noconflict remains active. But if I move the script files then I lost this syntax error example is <Link href = "<php ​​echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.com/jquery-1.11.1.min.js"> </ script> <Script type = "text / javascript" src = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Link href = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/css"> jQuery (document). ready (function ($) { $. Colorbox ({ transition: 'fade', initial width: '50px " initial height: '50px " scrolling: false, opacity: .6, href: '<php echo site_path;? > App / login.php " }); }); </ Script> the background of the title tag <h1> also get suddenly the css style along with the v_login.php fp_style and get a green background

This was the problem, it works well now! I had forgotten that piece suit. I am working on video 20 because I'm stuck there with colorbox but that is described in the other topic.

if i leave it blank this is the respons Warning: mysqli::mysqli(): (HY000/1045): Access denied for user 'root'@'localhost' (using password: NO) in C:\xampp\htdocs\PassieCMS\app\core\core.php on line 13 Warning: mysqli::close(): Couldn't fetch mysqli in C:\xampp\htdocs\PassieCMS\app\core\core.php on line 30 the password for my is also root. i logout in phpmyadmin and sign in again with username root en password root.

The gaps are created by adding the code in the text editor in this forum so not in the script Tonight I will have a look at the new video. otherwise I just start the course again maybe I'm forgetting something

I use the program Xampp the problem seems to occur in the database syntax of rule 28. for once I insert the query in phpmyadmin to test the code, I get the following message SELECT * FROM users WHERE username =? AND password =? LIMIT 0, 25 MySQL reports: Documentation # 1064 - You have an error in your SQL syntax; check the manual That corresponds to your MySQL server version pounds for the right syntax to use near '? AND password =? LIMIT 0, 25 'at line 1 When i enter SELECT * FROM users WHERE username AND password this is the result MySQL returned an empty result set returned (0 rows). (Query took 0.0003 sec)

I have a problem. I have followed the video course and the full code adopted. I still do not have a login box and the colorbox does not seem to work. i also get a syntax error with noconflict below my code: <Link href = "<php ​​echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.c...n.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Script type = "text / javascript" src = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <Link href = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> </ Script> Does anyone know what the problem could be?

I have a problem. I have followed the video course and the full code adopted. (i'm not finished yet with the course) I still do not have a login box and the colorbox does not seem to work. i also get a syntax error with noconflict below my code: t_login.php <Link href = "<php ​​echo APP_RESOURCES;?> Css / fp_style.css" media = "screen" rel = "stylesheet" type = "text / css" /> <script type="text/javascript" src="http://code.jquery.c...n.js"> </ script> <script type="text/javascript"> $ noConflict (). </ script> <Script type = "text / javascript" src = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.js"> </ script> <Link href = "<php ​​echo APP_RESOURCES;?> Javascript / colorbox / colorbox.css" media = "screen" rel = "stylesheet" type = "text / css" /> </ Script> Login.php <?php include("init.php"); if (isset($_POST['submit'])) { // get data $FP->Template->setData('input_user', $_POST['username']); $FP->Template->setData('input_pass', $_POST['password']); // validate data if ($_POST['username'] == '' || $_POST['password'] == '') { // show error if ($_POST['username'] == '') { $FP->Template->setData('error_user', 'required field!'); } if ($_POST['password'] == '') { $FP->Template->setData('error_pass', 'required field!'); } $FP->Template->setAlert('Please fill in all required fields', 'error'); $FP->Template->load(APP_PATH . "core/views/v_login.php"); } else if ($FP->Auth->validateLogin($FP->Template->getData('input_user'), $FP->Template->getData('input_pass')) == FALSE) { // invalid login $FP->Template->setAlert('Invalid username or password!', 'error'); $FP->Template->load(APP_PATH . "views/v_login.php"); } else { // successful log in $_SESSION['username'] = $FP->Template->getData('input_user'); $_SESSION['loggedin'] = TRUE; $FP->Template->load(APP_PATH . "core/views/v_loggingin.php"); } } else { $FP->Template->load(APP_PATH . "core/views/v_login.php"); } init.php: <?php /* INIT Basic configuration settings */ // create application settings define("SITE_PATH","http://localhost/PassieCMS/"); //<- aanpassen define ("APP_PATH", str_replace("\\","/",dirname(__FILE__)) . "/"); define("SITE_RESOURCES", "http://localhost/PassieCMS/resources/"); define("APP_RESOURCES", "http://localhost/PassieCMS/app/resources/"); define("SITE_CSS", "http://localhost/PassieCMS/resources/css/style.css"); //<-aanpassen indien andere template // database settings $server = 'localhost'; // database server/host $user = 'root'; //gebruikersnaam database $pass = 'root'; // wachtwoord database $db = 'fp_cms'; // selecteert database // error reporting mysqli_report(MYSQLI_REPORT_ERROR); // create FlightPath core object require_once(APP_PATH . "core/core.php"); $FP = new FlightPath_Core($server, $user, $pass, $db); Core.php <?php /* core FlightPath class Creates the central FlightPath object, as well as core functionality */ class FlightPath_Core { public $Template, $Auth, $Database; function __construct($server, $user, $pass, $db) { //create database connection $this->Database = new mysqli($server, $user, $pass, $db); // create template object include(APP_PATH . "core/models/m_template.php"); $this->Template = new Template(); $this->Template->setAlertTypes(array('success', 'warning', 'error')); // create auth object include(APP_PATH . "core/models/m_auth.php"); $this->Auth = new Auth(); // start session session_start(); } function __destruct() { $this->Database->close(); } function head() { if ($this->Auth->checkLoginStatus()) { include(APP_PATH . "core/templates/t_head.php"); } if (isset($_GET['login']) && $this->Auth->checkLoginStatus() == FALSE) { include(APP_PATH . "core/templates/t_login.php"); } } function body_class() { if ($this->Auth->checkLoginStatus()) { echo " fp_editing"; } } function toolbar() { if ($this->Auth->checkLoginStatus()) { include(APP_PATH . "core/templates/t_toolbar.php"); } } function login_link() { if ($this->Auth->checkLoginStatus()) { echo "<a href='" . SITE_PATH . "app/logout.php'>Logout</a>"; } else { echo "<a href='?login'>Login</a>"; } } } index.php <?php include ("app/init.php");?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>PassieCMS</title> <link href="resources/css/style.css" rel="stylesheet" type="text/css"> <?php $FP->head();?> </head> <body class="home <?php $FP->body_class();?>"> <?php $FP->toolbar();?> <div id="wrapper"> <h1>Website</h1> <div id="banner"> <img src="resources/images/banner.jpg" alt="banner" width="900" height="140"> </div> <ul id="nav"> <li><a href="#">Home</a></li> <li><a href="#">Test link</a></li> <li><a href="#">Longer Text Link</a></li> <li><a href="#">Contact us</a></li> </ul> <div id="content"> <div class="left"> <h2>Header info...</h2> <p>Text here...</p> </div> <div class="right"> <p>Text here...</p> <p>Text here...</p> </div> </div> <div id="footer"> Copyright 2014 PassieCMS | <?php $FP->login_link();?> </div> </div> </body> </html> M_auth: <?php /* Authorization Class Deal with auth tasks */ class Auth { private $salt = '2pkhout'; /* Constructor */ function __construct() { } /* Functions */ function validateLogin($user, $pass) { // access db global $Database; // create query if ($stmt = $Database->prepare("SELECT * FROM users WHERE username = ? AND password = ?")) { $stmt->bind_param("ss", $user, md5($pass . $this->salt)); $stmt->execute(); $stmt->store_result(); // check for num rows if ($stmt->num_rows > 0) { // success $stmt->close(); return TRUE; } else { // failure $stmt->close(); return FALSE; } } else { die("ERROR: Could not prepare MySQLi statement."); } } function checkLoginStatus() { if (isset($_SESSION['loggedin'])) { return TRUE; } else { return FALSE; } } function logout() { session_destroy(); session_start(); } } v_login <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Log In</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link href="views/style.css" media="screen" rel="stylesheet" type="text/css"> </head> <body> <h1>Log In</h1> <div id="content"> <form action="" method="post"> <div> <?php $alerts = $this->getAlerts(); if ($alerts != '') { echo '<ul class="alerts">' . $alerts . '</ul>'; } ?> <div class="row"> <label for="username">Username: *</label> <input type="text" name="username" value="<?php echo $this->getData('input_user'); ?>"> <div class="error"><?php echo $this->getData('error_user'); ?></div> </div> <div class="row"> <label for="password">Password: *</label> <input type="password" name="password" value="<?php echo $this->getData('input_pass'); ?>"> <div class="error"><?php echo $this->getData('error_pass'); ?></div> </div> <div class="row"> <p class="required">* required</p> <input type="submit" name="submit" class="submit" value="Submit"> </div> </div> </form> </div> </body> </html> And also when i try to login i get the following error: Fatal error: Call to a member function prepare() on a non-object in C:\xampp\htdocs\PassieCMS\app\core\models\m_auth.php on line 28 Does anyone know what the problem could be?