Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function check(PDO $muc){
- function get_multiple_rows($getfailed) {
- $rows = array();
- while($row = $getfailed->fetch(PDO::FETCH_ASSOC)) {
- $rows[] = $row;
- }
- return $rows;
- }
- $throttle = array(1 => 1, 5 => 2, 30 => 10);
- if ($getfailed = $muc->query("SELECT MAX(attempted) AS attempted FROM failed_logins")){
- $rows = get_multiple_rows($getfailed);
- $getfailed->closeCursor();
- $latest_attempt = (int) date('U', strtotime($rows[0]['attempted']));
- if ($getfailed = $muc->query("SELECT COUNT(1) AS failed FROM failed_logins WHERE attempted > DATE_SUB(NOW(), INTERVAL 15 minute)")){
- $rows = get_multiple_rows($getfailed);
- $getfailed->closeCursor();
- $failed_attempts = (int) $rows[0]['failed'];
- krsort($throttle);
- foreach ($throttle as $attempts => $delay){
- if ($failed_attempts > $attempts) {
- $remaining_delay = (time() - $latest_attempt) - $delay;
- if ($remaining_delay < 0){
- echo "remaining time until next try".abs($remaining_delay);
- }
- return false;
- break;
- }else{
- return true;
- }
- }
- }
- }
- }
- ?>
- <?php
- if(check($muc) === true){
- $much = $muc->query('SELECT * from users_enc WHERE name=name');
- $much->bindParam(1, $name);
- $much->bindParam(2, $password);
- $much->execute();
- $much->setFetchMode(PDO::FETCH_ASSOC);
- while($row = $much->fetch()) {
- $dbname = $row['Name'];
- $dbpassword = $row['Password'];
- }
- if($_POST['name']==$dbname){
- if (password_verify($_POST['password'], $dbpassword)){
- session_start();
- $_SESSION['Name'] = $_POST['name'];
- $_SESSION['Password'] = $_POST['password'];
- $successq = $muc->query("DELETE FROM failed_logins WHERE name = '".$_SESSION['Name']."'");
- $successq->execute();
- echo"<a href='../onlinestore.php' style='color:green;padding:10px;background-color:rgba(240,255,240,0.5);border:1px solid green;border-radius:5px;'>You can enter here</a><br /><br />";
- }else{
- echo $err4;
- include("throttle.php");
- }
- }else{
- echo $err3;
- include("throttle.php");
- $stmt = $muc->prepare('SELECT Name from failed_logins WHERE name=:name');
- $stmt->bindParam(':name', $name);
- $stmt->execute();
- if($stmt->rowCount() > 200){
- $overdose = $muc->query("DELETE FROM failed_logins WHERE name = '".$_SESSION['Name']."'");
- $overdose->execute();
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment