php/js help

i´ve get interested in real11, where you have only one chance to login, if you fail, the login form will get disabled.. how can i do this in my login script? thanks

well, I'm no expert at php, but I'm guessing you could do something like:

if (login==failed){echo "login disabled"} else {echo "form"};

yes that is probably it, thanks

<input type="submit" disabled="disabled"> :)

mr noob wrote: <input type="submit" disabled="disabled">

you would be able to bypass that quite easily though, probably :|

smufkin wrote:

you would be able to bypass that quite easily though, probably :|

yeah i think the web developer toolbar would get passed that nicely

go with smufkins php code as that would work i think

Web developer, DOM inspector, Firebug, any debugger. Btw, you can also do something like this :

document.forms[0].address.disabled = true

This to disable the form element with name="address".

yes, but i must declare the variable login first, and when user will refresh the page, it will be automatically setted back to true

And you can set a session if the form elements weren't entered correctly

I've written a quick script for you, it uses sessions.

<?php session_start(); $username=$_POST['username']; $password=$_POST['password']; if (session_is_registered("locked")) { echo "<head> <script> function disbl() { document.forms[0].button1.disabled=true document.forms[0].username.disabled=true document.forms[0].password.disabled=true } </script> </head> <body onLoad='disbl()'> <form method='POST' action=''> <input type='text' name='username'> <br /> <input type='password' name='password'> <br /> <input type='submit' name='button1'> </form> "; exit; }

if (isset($username) && isset($password)) { if ($username == "admin" && $password == "adminpassword") { echo "Logged In"; }

else if ($username != "admin" && $password != "adminpassword")
{
session_register("locked");
echo "<head>
<script>
function disbl()
{
document.forms[0].button1.disabled=true
document.forms[0].username.disabled=true
document.forms[0].password.disabled=true
}
</script>
</head>
<body onLoad='disbl()'>
<form method='POST' action=''>
<input type='text' name='username'>
<br />
<input type='password' name='password'>
<br />
<input type='submit' name='button1'>


</form>
";
exit;
}

} elseif (!isset($username) || !isset($password)) {

echo " <body> <form method='POST' action=''> <input type='text' name='username'> <br /> <input type='password' name='password'> <br /> <input type='submit' name='button1'> </form> "; exit; }

?>

EDIT : Use $_SESSION better. Damn smiles!

ok, very thanks, mido, i will use it with my login form… but i have last question for this thread, i want to add under main login form little square, that indicates if the login system is active or not.. this is no problem, when the user come on the page, it indicates login system status : active, but when the user enter incorrect data, it will get locked (solved) and login system status : active will be switched to login system status : disabled, but when it indicates disabled, i want to add a link under it, that will enable the login system… it will open small window, which will request the random pass based on any system, and then unlock the form if the pass is correct… i need help with this two last things.. anyway, thank you mido for your help

so finally i have it… i have two versions of form, when users fails with loggining in, his ip will be written into mysql… on the load of page will be checked the list of banned ips in database, if you dont have banned ip, you see unlocekd form, if have, you see the locked form… of course you still have chance to unlock the form, if you are member you can enter your username, password and the ip and you´ve get unlocked ;)

That would be more nicer, since sessions can be deleted very easily.