PHP/SQL Login Functionality Issue


#1

Hi All,

As part of a project I have to create a code that logs log in attempts and at 5 attempts locks a username. I couldnt figure out how to exactly do that so I set up a code to just change the password in the db after 5 attempts.

I am getting the following error:
( ! ) Fatal error: Call to a member function fetch_assoc() on boolean in …\login.php on line 25
Call Stack

Time Memory Function Location

1 0.0004 247616 {main}( ) …\login.php:0

Here is the code:

  $attempts = "SELECT attempts FROM failedAttempts";
// Pull username and password from DB 
    $sql = "SELECT * FROM users WHERE user_name='$username' AND user_pw='$user_pw'";
// Change user password when locked out (blocks login)
    $blockUser = "UPDATE users SET user_pw = block WHERE user_id = 1";
    $result = $conn->query($sql);

// If username and/or password validation fails
    if (!$row = mysqli_fetch_assoc($result)) {
// Increment 'attempts' DB field by one each time login fails
      $updateAttempts = "UPDATE failedAttempts SET attempts = attempts + 1";
      $conn->query($updateAttempts);
      $result = $conn->query($attempts);
      while($row = $result->fetch_assoc()) {
// Lock user out after 5 attempts
        if ($row["attempts"] >= 5) {
          $result = $conn->query($blockUser);
          echo 'You have reached the 5 attempt limit and are now locked out.';
        }
// Destroy session when user is locked out
          session_destroy();
        }
    }
// If validation passes
    else {
      $_SESSION['id'] = $row['user_id'];
      header("Location: admin.php");
      echo $_SESSION['id'];
    }

Here is lines 22-25 (included in the above code, just adding here so you can see where the error is triggering without having to count)

      $updateAttempts = "UPDATE failedAttempts SET attempts = attempts + 1";
      $conn->query($updateAttempts);
      $result = $conn->query($attempts);
      while($row = $result->fetch_assoc()) {

Thank you in advance for any and all assistance!