echo "You are already logged in. ";
echo "<script>console.log('i'm here in logged in ');</script>";
echo "<meta http-equiv=\"refresh\" content=\"5;url=index.php\"/>";
//header('Refresh: 10; URL=http://yoursite.com/page.php');
}
if (isset($_POST["submit"])) {
// Attempt login
$username = $_POST["username"];
$password = $_POST["password"];
$safe_username = mysql_prep($username);
// if more then 10 failed attempts in the last 15 minutes, this will happen
check_throttle_all();
if (get_failed_login_attempts_by_username($safe_username) > 3) {
$time_left = username_throttle_time_left($safe_username, 10 * 60);
if ($time_left > 0) {
$wait_time = format_time_since_in_words($time_left);
set_error_output("You have used too many login attempts. Please wait {$wait_time} and try again. ");
}
}
$found_user = attempt_user_login($username, $password);
// Test if there was a query error
if ($found_user) {
// Success
// Mark user as logged in.
$_SESSION["user_id"] = $found_user["id"];
$_SESSION["username"] = $found_user["username"];
update_last_login_date($found_user["id"]);
redirect_to("index.php");
} else {
// Failure
$safe_username = mysql_prep($username);
function check_throttle_all()
{
$throttle = array(10 => 1, 20 => 2, 30 => 15);
foreach ($throttle as $attempts => $delay) {
if (get_total_failed_login_attempts() > $attempts) {
$time_left = throttle_time_left($delay);
if ($time_left > 0) {
$wait_time = format_time_since_in_words($time_left);
set_error_output("'Our servers are being overloaded. Please wait {$wait_time} and try again. ");
}
}
}
}
