user7654321

----------------------------------------------------------this code---------------------------------------------------------------------- <?php if($login_incorrect){ if(isset($_COOKIE['login'])){ if($_COOKIE['login'] < 3){ $attempts = $_COOKIE['login'] + 1; setcookie('login', $attempts, time()+60*10); //set the cookie for 10 minutes with the number of attempts stored } else{ echo 'You are banned for 10 minutes. Try again later'; } } else{ setcookie('login', 1, time()+60*10); //set the cookie for 10 minutes with the initial value of 1 } } ?> ----------------------------------------------------in here---------------------------------------------------------------------------------- include('dbc.php'); if(isset($_POST['login'])) { $username=$_POST['username']; $password=$_POST['password']; if(empty($username) && empty($password)) { echo"<script>alert('please enter username and password')</script>"; } if(empty($username) || empty($password)) { echo"<script>alert('please enter username and password')</script>"; } $pass= hash('sha512', $password); $set="Lecturer"; $set2='Admin'; $sel="select * from $tb1 where username='$username' and password='$pass'"; $result=mysqli_query($con,$sel); $row=mysqli_fetch_array($result); if($row['username']== $username && $row['password']== $pass && $row['usertype']==$set) { $_SESSION["username"] = $_POST["username"]; $_SESSION['last_login_timestamp'] = time(); $_SESSION['username'] = $username; header('location:userhome.php'); } elseif ($row['username']== $username && $row['password']== $pass && $row['usertype']==$set2) { $_SESSION["username"] = $_POST["username"]; $_SESSION['last_login_timestamp'] = time(); $_SESSION['username'] = $username; header('location:adminhome.php'); }} else {echo"<script>alert('not registered/approved')</script>";} ?>