User Authentication Question

[Violation]

I am looking for a way to have a user register for access to a site and then be limited to 5 successful logins and then blocked there after.  Does anyone know of a script that has this functionality or of a better solution?  Any help is greatly appreciated.

[.josh]

I would setup a table that records every time there's a failed login attempt.  It would contain columns for ip address, username, time, etc... and in the login script, before selecting where username&&password, check to see how many that ip address has tried to login or how many login attempts were made with that username or both.  Could have a cronjob that removes entries after x amount of time or set it up to where user has to contact someone through a form or whatever.  Really depends on how robust you want to make it.

[Violation]

Thanks for your reply.  I don't care about failed login attempts.  I just want the user to register and then be able to login to the site a total of 5 times, and then be locked out.  Any Suggestions? Thanks for your help.

[.josh]

Well, it would still sort of be the same principle.  You'd have a column in your user account table called numLogins or something and inc it every successful login.  Then in your login script, check what number it's at.  if it's >=5, don't let them login.  Send them to some page saying they logged in 5 times already, or whatever.

 

If you are not wanting to login in anymore whatsoever (like, not even creating a new account)...well, there's no way to 100% prevent them, but you can log their ip address and check for it when registering.  But again, there's no way to 100% prevent them from getting around that. 

 

[cooldude832]

normal user table add a field called Logins

 

add to the login script to take 1 off the # of logins each succesful time

 

add to the login script if Logins = "0" then don't login

 

 

Use Email address as Account Name and require them to activate account via emailed code this will cut down on ppl making extra accounts