----------------------------------------------------------this code----------------------------------------------------------------------
<?php if($login_incorrect){
if(isset($_COOKIE['login'])){ if($_COOKIE['login'] < 3){ $attempts = $_COOKIE['login'] + 1; setcookie('login', $attempts, time()+60*10); //set the cookie for 10 minutes with the number of attempts stored } else{ echo 'You are banned for 10 minutes. Try again later'; } } else{ setcookie('login', 1, time()+60*10); //set the cookie for 10 minutes with the initial value of 1 } } ?>
----------------------------------------------------in here----------------------------------------------------------------------------------
include('dbc.php');
if(isset($_POST['login']))
{
$username=$_POST['username'];
$password=$_POST['password'];
if(empty($username) && empty($password))
{
echo"<script>alert('please enter username and password')</script>";
}
if(empty($username) || empty($password))
{
echo"<script>alert('please enter username and password')</script>";
}
$pass= hash('sha512', $password);
$set="Lecturer";
$set2='Admin';
$sel="select * from $tb1 where username='$username' and password='$pass'";
$result=mysqli_query($con,$sel);
$row=mysqli_fetch_array($result);
if($row['username']== $username && $row['password']== $pass && $row['usertype']==$set)
{
$_SESSION["username"] = $_POST["username"];
$_SESSION['last_login_timestamp'] = time();
$_SESSION['username'] = $username;
header('location:userhome.php'); }
elseif ($row['username']== $username && $row['password']== $pass && $row['usertype']==$set2)
{
$_SESSION["username"] = $_POST["username"];
$_SESSION['last_login_timestamp'] = time();
$_SESSION['username'] = $username;
header('location:adminhome.php');
}}
else
{echo"<script>alert('not registered/approved')</script>";}
?>