I'm working on login form and I have to limit attempts to 3 and then block any form submit for 10 minutes. The following code isn't working correctly and I need to know how to block submitting after unsuccessful attempts. Thanks.
function autoDefender($attempts,$username,$pass)
{
$logins=0;
$logins++;
$ats = $attempts-$logins;
if (isset($_POST['password']) && isset($_POST['userName']))
{
if($_POST['password']!=$pass && $_POST['userName']!=$username)
{
if($logins == $attempts)
{
echo ("<div class='errmg'>Acess denied for 1 minute</div>");
}
echo ("<div class='errmg'>Error:
invalid username or pass; <span class='atmpts'>$ats</span> attempts left</div>");
}
}
}