New to coding and need some help

I am trying to add a lock out for log after x times of login.

/* Check Username and Password existence in defined array */
if (isset($logins[$Username]) && $logins[$Username] == $Password){
    /* Success: Set session variables and redirect to Protected page  */
    $_SESSION['UserData']['Username']=$logins[$Username];
    header("location:index.php");
    
    if ($logins != [$Username]
} else {
    /*Unsuccessful attempt: Set error message */
    $msg="<span style='color:red'>Invalid Login Details</span>";
}

}

Any help would be truly appreciated.

My personal opinion that feature is a pain in the neck for users and unless you are a bank or a financial all you are going to do is alienate people. Besides, I learn the hard way that unless you are a security expert that 99 percent of the hackers can easily bypass that feature.

More info would be needed.

Lock out for…? How long? Time? Forever?

What are you using as the ‘tracker’ for these users/attempts? an IP address? (can be spoofed)
Sessions? (date be deleted/exploited)

You need to think this through in all scenarios.

Sponsor our Newsletter | Privacy Policy | Terms of Service