PHPMaker has already provided the ability to prevent the user if the login attempt exceeds the maximum login retry count for the websites that created by it. If this condition occurs, then the user will get the message that inform her/him about it. Assuming system also have defined the next duration time user will be allowed again with value of 5 minutes, then the message will be look like this:
Exceed maximum login retry count. Account is locked. Please try again in 5 minutes
Unfortunately, if the user is still trying to login after he/she got that warning message, then the system will keep inform him/her about the “5 minutes” again and again. I think this message is not so smart, because that “5 minutes” message should be updated automatically in accordance with the real time at that time. So, instead of saying “5 minutes”, we will make it auto-adjust to the real time. The result will be like this:
-
The first time user got the message at 08:00:00, it will show as following:
Exceed maximum login retry count. Account is locked. Please try again in 5 minute(s), and 0 second(s).
-
When that user is trying to login at 08:00:15, the time will be automatically updated become:
Exceed maximum login retry count. Account is locked. Please try again in 4 minute(s), and 45 second(s).
-
When that user is trying to login at 08:03:39, the time will be automatically updated become:
Exceed maximum login retry count. Account is locked. Please try again in 1 minute(s), and 21 second(s).
-
When that user is trying to login at 08:04:11, the time will be automatically updated become:
Exceed maximum login retry count. Account is locked. Please try again in 49 second(s).
- And so on, and so on ...
Well, does it sound smarter than before, right? 🙂
Warning and Important: In order to make this feature is working properly, then make sure you have given a checked mark at the Track failed attempts item under the Login section of Advanced Security - User Login Options dialog windows that you can access from Security -> Advanced menu.
Just for your information, the value of countdown time will use EW_USER_PROFILE_SESSION_TIMEOUT constant in the configuration (ewcfg*.php) file.
All we have to do is customizing the PHPMaker template files so we can re-use this template for the future projects. In other words, we will not customize the generated script files.
Updated on May 30, 2012: This customization has been implemented in PHPMaker version 9.0.2, it matches to each other, and as a result, it works properly.
Updated on July 21, 2012: This customization has been implemented in PHPMaker version 9.0.3, it matches to each other, and as a result, it works properly.
Updated on September 4, 2012: This customization has been implemented in PHPMaker version 9.0.4, it matches to each other, and as a result, it works properly.
Updated on November 28, 2012: This customization has been implemented in PHPMaker version 9.1.0, it matches to each other, and as a result, it works properly.
Updated on February 9, 2013: This customization has been implemented in PHPMaker version 9.2.0, it matches to each other, and as a result, it works properly.
Updated on June 17, 2013: This customization below has been handled by using MasinoFixedWidthSite extension. You don’t need to implement the customization below if you use my extensions together with the original PHPMaker Template and Extension files.
[hidepost]
-
Open your C:\Program Files\PHPMaker 9\languages\english.xml file, and find this code:
<phrase id="ExceedMaxRetry" value="Exceed maximum login retry count. Account is locked. Please try again in %t minutes"/>
then replace it with the following code:
<phrase id="ExceedMaxRetry" value="Exceed maximum login retry count. Account is locked. Please try again in %t."/> <phrase id="Days" value="day(s)"/> <phrase id="Hours" value="hour(s)"/> <phrase id="Minutes" value="minute(s)"/> <phrase id="Seconds" value="second(s)"/>
Do the same way for your another language .xml file. For example, I am also using Indonesian, then I replace the related language code with the following code, too:
<phrase id="ExceedMaxRetry" value="Telah melebihi jumlah usaha maksimum login. Akun terkunci. Silahkan coba lagi dalam %t."/> <phrase id="Days" value="hari"/> <phrase id="Hours" value="jam"/> <phrase id="Minutes" value="menit"/> <phrase id="Seconds" value="detik"/>
-
Open your \Script\login.php file, and find this code:
$this->setFailureMessage(str_replace("%t", EW_USER_PROFILE_SESSION_TIMEOUT, $Language->Phrase("ExceedMaxRetry")));then replace it with the following code:
// Begin of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum, by Masino Sinaga, May 12, 2012 $this->setFailureMessage(str_replace("%t", Duration( date("Y-m-d H:i:s"), CurrentDateTime_Add_Minutes( $UserProfile->getValue( EW_USER_PROFILE_LAST_BAD_LOGIN_DATE_TIME), EW_USER_PROFILE_SESSION_TIMEOUT)), $Language->Phrase("ExceedMaxRetry"))); // End of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum, by Masino Sinaga, May 12, 2012 -
Open your \Script\phpfn.php file, and find this code:
if (ew_DateDiff($dt, ew_StdCurrentDateTime(), "n") < $this->RetryLockoutTime) {then replace it with the following code:
// Begin of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum, by Masino Sinaga, May 12, 2012 if (ew_DateDiff($dt, ew_StdCurrentDateTime(), "n") < EW_USER_PROFILE_RETRY_LOCKOUT) { // End of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum, by Masino Sinaga, May 12, 2012 [/code] </li> <li> Open your <strong>\Script\userfn.php</strong> file, and find this code: [code lang="php"] <!--##~SYSTEMFUNCTIONS.GetServerScript("Global","Global Code")##-->after that line, please insert the following code:
// Begin of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum Limit, by Masino Sinaga, May 12, 2012 function CurrentDateTime_Add_Minutes($currentdate, $minute) { $timestamp = strtotime("$currentdate"); $addtime = strtotime("+$minute minutes", $timestamp); $next_time = date('Y/m/d H:i:s', $addtime); return $next_time; } function Duration($parambegindate, $paramenddate) { global $Language; $begindate = strtotime($parambegindate); $enddate = strtotime($paramenddate); $diff = intval($enddate) - intval($begindate); $diffday = intval(floor($diff/86400)); $modday = ($diff%86400); $diffhour = intval(floor($modday/3600)); $diffminute = intval(floor(($modday%3600)/60)); $diffsecond = ($modday%60); if ($diffday==0 && $diffhour!=0 && $diffminute!=0) { return round($diffhour)." ".$Language->Phrase('hours').", ".round($diffminute,0)." ".$Language->Phrase('minutes'). ", ".round($diffsecond,0)." ".$Language->Phrase('seconds').""; } elseif ($diffday==0 && $diffhour==0 && $diffminute!=0) { return round($diffminute,0)." ".$Language->Phrase('minutes'). ", ".round($diffsecond,0)." ".$Language->Phrase('seconds').""; } elseif ($diffday==0 && $diffhour==0 && $diffminute==0) { return round($diffsecond,0)." ".$Language->Phrase('seconds').""; } elseif ($diffday!=0 && $diffhour!=0 && $diffminute!=0) { return round($diffday)." ".$Language->Phrase('days'). ", ".round($diffhour)." ".$Language->Phrase('hours'). ", ".round($diffminute,0)." ".$Language->Phrase('minutes'). ", ".round($diffsecond,0)." ".$Language->Phrase('seconds').""; } } // End of modification How Long User Should be Allowed Login in the Messages When Failed Login Exceeds the Maximum Limit, by Masino Sinaga, May 12, 2012 - Finally, re-generate your script files using PHPMaker as always.
[/hidepost]
Leave a Reply
You must be logged in to post a comment.