Home/ Questions/Q 6062453
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T09:03:12+00:00

The problem is right after the account locks then on the next failed attempt

  • 0

The problem is right after the account locks then on the next failed attempt it clears the lock so in other words the two variables above are not right or the if condition isn’t right because its supposed to wait 10 minutes and after that user attempts and successfully logs in after that 10 minutes THEN it unlocks the account
meaning clears it

// Find out if user is locked out of their account
if (($lockDate !== "0000-00-00 00:00:00") AND (strtotime($lockDate) < time())) {

    $currentDateTime = time();
    $minutes = floor(($currentDateTime-$lockDate) / 60);

    // Take minutes and perform tasks
    if ($lockDate > 0 && $minutes < 10) {

        // Calculate time remaining
        $timeRemaining = 10 - $minutes;

        // Account locked error
        $errors = true;
        $message = "Your account is currently locked, we appologize for the inconvienence. You must wait '" .$timeRemaining."' minutes before you can log in again!";

        $output = array('errorsExist' => $errors, 'message' => $message);

   } else {

        // Clear the lock
        $query = "UPDATE manager_users_hacking SET lockDate = NULL, hackerIPAddress = NULL, failedLogins = 0 WHERE userID = '".$userID."'";
        $result = mysqli_query($dbc,$query);

   } 
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It’d be better if you did the date/time comparisons in the database, at the time you retrieve the user record. 

    $sql = <<<EOL
SELECT userID, UNIX_TIMESTAMP(lockDate) as lockDatetimestamp
FROM manage_users
WHERE (userID = $userID) and
    (lockDate IS NOT NULL) and
    (lockoutDate <= DATE_SUB(now(), INTERVAL 10 MINUTE));
EOL;

$result = mysql_query($sql) or die(mysql_error());

if (mysql_num_rows($result) > 0) {
    $row  mysql_fetch_assoc($result);
    $locktime = date('...some date format ...', $row['lockDatetimestamp'])
    die("Your account is locked and reopens $locktime");
}

... if you get here, the account's not locked ...
    • 0