• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 690
  • Last Modified:

Block multiple login attempts

Need script to block multiple login attempts after 3 tries. I have the login process set up in Coldfusion. Help.
<CFIF ISDEFINED("Form.userProvided")>
<CFSET userProvided =  #parsecfmsql(Form.userProvided)#>
<CFSET pwProvided =  #parsecfmsql(Form.pwProvided)#>
 <CFQUERY NAME="Check" datasource="datasourcename">
 SELECT *
 FROM Users 
 WHERE userProvided = '#userProvided#'
 AND pwProvided = '#pwProvided#'
 </CFQUERY>
 <CFIF CHECKADMIN.RECORDCOUNT IS 1>
  <CFSET SESSION.LoggedIn="Yes">
  <CFSET SESSION.UserId=Check.Id>
  <cflocation url="gotopage.cfm" addtoken="No">
 <CFelse>
  <script language="JavaScript">
    alert( 'Please try again.');
    self.location="backtologin.cfm";
  </script>
  </cfif>
</CFIF>

Open in new window

0
tartarus78
Asked:
tartarus78
  • 3
  • 2
1 Solution
 
ZvonkoSystems architectCommented:
How about this:
<CFIF ISDEFINED("Form.userProvided")>
<CFSET userProvided =  #parsecfmsql(Form.userProvided)#>
<CFSET pwProvided =  #parsecfmsql(Form.pwProvided)#>
 <CFQUERY NAME="CHECKADMIN" datasource="datasourcename">
 SELECT *
 FROM Users 
 WHERE userProvided = '#userProvided#'
 AND pwProvided = '#pwProvided#'
 </CFQUERY>
 <CFIF CHECKADMIN.RECORDCOUNT IS 1>
  <CFSET SESSION.LogCount=0>
  <CFSET SESSION.LoggedIn="Yes">
  <CFSET SESSION.UserId=Check.Id>
  <cflocation url="gotopage.cfm" addtoken="No">
 <CFelse>
  <cfparam name="SESSION.LogCount" value="0" >
  <CFSET SESSION.LogCount=SESSION.LogCount+1>
  <cfif SESSION.LogCount GT 3 >
    <cflocation url="quitlogin.cfm" >
  </cfif>
  <script language="JavaScript">
    alert( 'Please try again.');
    self.location="backtologin.cfm";
  </script>
  </cfif>
</CFIF>

Open in new window

0
 
tartarus78Author Commented:
Wonderful, thanks Zvonko!!!

I changed value="0" to default="0" in CFPARAM. Any idea why the JavaScript ALERT is not working?
0
 
ZvonkoSystems architectCommented:
Uhps, sorry for the default.

Do you have method=post in your form tag?
I do get the alert() in my tests.

0
 
tartarus78Author Commented:
Yes, I do have method=post on my form tag. Very weird.
0
 
ZvonkoSystems architectCommented:
Look into browser html page source where you expect the alert() and look for broken html tags. Sometimes it is a simple missing closing " for the string to prevent whole script form execution.

Post here the html page source and I can check for you.

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now