Programmer-Timmy · Programmer-Timmy · Feb 20, 2023 · Feb 8, 2023 · Feb 8, 2023 · Feb 8, 2023
diff --git a/classes/accounts.php b/classes/accounts.php
@@ -26,15 +26,23 @@ public static function loadaccount($id = 0)
 
     public static function Login($password, $username){
         $account = database::getRow('account', ['username'], 's', [$username]);
-        if (!isset($account['password'])) {
-            return '<script>alert("Wrong username or password")</script>';
-        } elseif (password_verify($password, $account['password'])) {
-            if ($account['admin'] == 1) {
-                $_SESSION['admin'] = $account['id'];
+        if ($account['attempts'] < 3){
+            if (!isset($account['password'])) {
+                return '<script>alert("Wrong username or password")</script>';
+
+            } elseif (password_verify($password, $account['password'])) {
+                if ($account['admin'] == 1) {
+                    $_SESSION['admin'] = $account['id'];
+                }
+                $_SESSION['access'] = $account['id'];
+            } else {
+                $attempts = $account['attempts'];
+                $attempts++;
+                database::update('account', $account['id'], ['attempts'], 's', [$attempts]);
+                return '<script>alert("Wrong username or password")</script>';
             }
-            $_SESSION['access'] = $account['id'];
         } else {
-            return '<script>alert("Wrong username or password")</script>';
+            return '<script>alert("Too many attempts, Contact a admin!")</script>';
         }
     }
 
@@ -51,6 +59,12 @@ public static function add($password, $username, $admin){
     }
 
     public static function update($id, $password, $username, $admin){
+        if ($_POST["password"] == "") {
+            $result = accounts::loadaccount($id);
+            $password = $result['password'];
+        }else {
+            $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
+        }
         database::update('account', $id, ['password', 'username', 'admin'], 'sss', [$password, $username, $admin]);
     }
 

diff --git a/remove.php b/remove.php
@@ -21,7 +21,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <link rel="stylesheet" href="css/styles.css">
     <script src="https://kit.fontawesome.com/65416f0144.js" crossorigin="anonymous"></script>
-    <title>remove</title>
+    <title>Remove</title>
 </head>
 
 <body>

diff --git a/users.php b/users.php
@@ -4,13 +4,9 @@
     header('location: account');
 }
 if ($_POST and isset($_GET['edit'])) {
-    $result = accounts::loadaccount($_GET['edit']);
-    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
-    if ($_POST["password"] == "") {
-        $password = $result['password'];
-    };
-    accounts::update($_GET["edit"], $password, $_POST["username"], $_POST["admin"]);
+    $return = accounts::update($_GET['edit'], $_POST['password'], $_POST['username'], $_POST['admin']);
     header('location: /users');
+
 }
 if ($_POST and $_GET['add'] == 'account') {
     $return = accounts::add($_POST['password'], $_POST['username'], $_POST['admin']);
@@ -33,7 +29,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <link rel="stylesheet" href="css/styles.css">
     <script src="https://kit.fontawesome.com/65416f0144.js" crossorigin="anonymous"></script>
-    <title>Account</title>
+    <title>Users</title>
 </head>
 
 <body>
@@ -49,7 +45,6 @@
                 <i class="fa-solid fa-plus"></i>
             </a>
 
-
             <nav id="nav">
                 <ul>
                     <li><a href="/">Home</a></li>
@@ -83,7 +78,6 @@
         <input type="submit" value="Versturen">
     </form>';
     } elseif (isset($_GET['add']) == 'account') {
-
         echo '<div class="admin"><form method="post">
         <label for="username">Username:</label>
         <input type="text" name="username" required><br>