Perfect login module of PHP "Personal Management System"_PHP Tutorial

Introduction

There are many problems with the personal management system. Everyone is welcome to fix bugs and add functions.

Today I will improve the login part. QQ group: 152448006

Address:

Login

The login part is easy to say and difficult to say. ! But it’s not easy to do well.

I considered two factors:

1. Convenience. Users are relatively lazy, so they generally don’t like login interfaces that require too much input.

2. Security: First of all, prevent dos attacks. Many people think of verification codes, and so do I. So when I log in incorrectly for the fourth time, I will verify your verification code in the background.

The verification code still needs to go through your entire PHP application. I personally recommend blocking this attack IP before the PHP application layer. But I don't have such good hardware conditions, so I just made a simple application (in the database, it still needs to be applied through PHP), and wait for the conditions to be placed directly in other applications (such as memcached) in the future.

Login process

1. Open the page:

1) If the user has logged in more than three times, then open When entering the page, the verification code will be displayed.

2) If it exceeds 6 times, the external IP will be blocked directly.

2. Login operation

1) Block the IP. We determine whether the IP has logged in more than 6 times.

2) When verifying an account, we determine whether to perform a verification code based on the number of verifications.

Thank you

http://www.bkjia.com/PHPjc/445656.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/445656.htmlTechArticleIntroduction: There are many problems with the personal management system. Everyone is welcome to fix bugs and add functions. Today I will improve the login part. QQ group: 152448006 Address: 498)this.width=498;...