[OWASP_PHPSEC] Login Controller

rahul chaudhary rahul300chaudhary400 at gmail.com
Tue Sep 10 11:24:01 UTC 2013


Oh yes....the captcha part is just for show...a whole engine will be there
to handle what we have discussed earlier. I am a little busy with
controller, otherwise after controllers I will do that thing only.


On Tue, Sep 10, 2013 at 7:18 AM, Shivam Dixit <shivamd001 at gmail.com> wrote:

> Hello Rahul,
>
> Controllers seems to be good, however on brute force issue as we discussed
> earlier, we can also implement temporary account locking. As we discussed
> if 1 is returned (level 1) from brute force function *show captcha* , if *level
> 2 brute force attempt is made then lock account*. I think, for disabling
> accounts we will require one more column in USERS table to check if account
> is enabled or disabled and we will be required to add one more condition to
> check if user is enabled or disabled when we authenticate user.
>
>
> On Tue, Sep 10, 2013 at 4:33 PM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
>> Hello All,
>>
>> Here is the structure of the login controller that I made. Please comment
>> and notify me if any mistakes are there.
>>
>> --
>> Regards,
>> Rahul Chaudhary
>> Ph - 412-519-9634
>>
>> _______________________________________________
>> OWASP_PHP_Security_Project mailing list
>> OWASP_PHP_Security_Project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>
>>
>
>
> --
> *Cheers,*
> *Shivam*
>



-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130910/5c5bb379/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list