[kielmaru]

I don't know why but I can't finish my activity on my PHP class on a simple program. Just a login page with only 3 attempts on password-entry. I already got the logic which is pretty easy, if successful login, break the loop, otherwise, continue with the loop with a counter up to 3.

But the problem is, I'm not sure how to form the loop. I tried looping the entire if-else block, but the if statements seem to not work and the text output is displaying 3 times.
Also, I know that some methods besides using loop will be easier, but we're asked to make a simple loop statement since we haven't discussed beyond that topic yet.

<html>
<head>
<title>LOGIN</title>
</head>
<body>

<center>
<h1>LOGIN</h1>

 <form action="" method="post">
 <table>
 <td>
 Name:  <input type="text" name ="Name"><br><br>
 Password: <input type="password" name="Pass"><br><br>
 <center>
 <input type="Submit" value="OK" name="okay">
 <input type="reset" value="Clear">
 </td>
 </table>
 < /form>
 </body>
 </html>


<?php 
 $n = $_POST['Name'];
 $p = $_POST['Pass'];



 if (isset($_POST['okay'])) {

 $ctr=1;

while ($ctr<3){
if(empty($p) || empty($n)){
echo "You have to fill in all the forms!";
exit;
}

else if ($n=="kiel" && $p=="kiel"){
echo "Welcome " .$n. "!";
break;
}

else
$ctr++;
}
echo "Go away hacker";
}
?>

[Kruithne]

I really don't see how it's ever going to work with a while loop. PHP will execute the loop three times each page load, the HTML output is then rendered and displayed to the user, the PHP is not reprocessed anytime until the page is reloaded. PHP does not execute in real-time during user interaction.

What you want to be doing is using Sessions to store how many attempts the user has had. Incrementing this each time they fail to login. If the session value is then 3, don't attempt to login.

Here's some simple mock-up code to give you an idea of what I ment...

<?php
	session_start();
	
	if (isset($_POST["username"]) && isset($_POST["password"]))
	{
		// This checks if the value has ever been set, if not, declares it as zero.
		if (!isset($_SESSION["attempts"]))
			$_SESSION["attempts"] = 0;
			
		if ($_SESSION["attempts"] < 3)
		{
			$username = $_POST["username"];
			$password = $_POST["password"];
			
			if ($username = "test" && $password == "test")
			{
				echo "Hello, you are logged in.";
			}
			else
			{
				echo "You failed to log-in, try again";
				$_SESSION["attempts"] = $_SESSION["attempts"] + 1;
			}
			
		}
		else
		{
			echo "You've failed too many times, dude.";
		}
	}
?>

I have not tested the above code so use it as a reference only.

[kielmaru]

But our professor said it's just a simple loop. Can be any type of loop. I tried the for loop and it displays the message three times. And it seems like it doesn't increment the counter up to 3 and recognized the if statement that if the loop comes to 3, it will stop.
The session thing isn't discussed yet so im not sure if i can do that.

[Kruithne]

As I said in my previous message, the loop will run three times when the page LOADS and only when it loads. It will not wait for them to attempt to log-in again. That's not how PHP runs. As far as I see it you cannot be using a PHP loop for login attempts, it's just not going to work.

If your professor has actually asked you to specifically use a PHP loop for login attempts then I suggest having some words with him.

[kielmaru]

So that's why the message "Try again" is displaying as "Try again Try again Try again"?
Well he only said that the program uses loop and he gave us the logic. So the $_Session is the only way? So I'll just add $_SESSION to my counter (which is $ctr), and the loop structure is just the same? I'll just use the code you gave and modify it.

[kielmaru]

So that's why the message "Try again" is displaying as "Try again Try again Try again"?
Well he only said that the program uses loop and he gave us the logic. So the $_Session is the only way? So I'll just add $_SESSION to my counter (which is $ctr), and the loop structure is just the same? I'll just use the code you gave and modify it.

[kielmaru]

So that's why the message "Try again" is displaying as "Try again Try again Try again"?
Well he only said that the program uses loop and he gave us the logic. So the $_Session is the only way? So I'll just add $_SESSION to my counter (which is $ctr), and the loop structure is just the same? I'll just use the code you gave and modify it.

[Kruithne]

The reason you're getting three outputs is because the loop is running three times before you break it. As I said, PHP is a pre-processor, it will not compute in real-time. Don't throw the $_SESSION code into yours and expect it to work, read up on how sessions work in the PHP manual.