We need a php function that stores the last date/time a user has logged in and prevents password guessing attacks
The function signature is
check_password(user's ip address, username, password)
The function
1. Does not allow the same ip address to be used for more than 100 different usernames in any given hour.
2. Does not allow a user to have more than 4 wrong (but different) passwords in 1 minute
3. Does not allow the same username to be associated with 10 different ip addresses in 5 minutes.
4. Does not allow concurrent login requests for the same user
5. Does not allow concurrent login requests for the same ip address
6. Returns a list of failed loggin attempts since last login
7. Returns the last successful login and ip address
8. Returns whether subsequent attempts will be delayed.
The function should never fail if the password is correct. The protections listed above are achieved by just delaying the response of the function by 1 minute after 3 wrong passwords and 2 minutes after 10 different passwords, i.,e., protection is *not* acheived by returning a failure.
Use sqlite (PDO) to store relevant information.
Always salt the passwords with a random value before storing (if you dont understand what "salting" means, this project is not for you).
Two simple test scripts need to be prepared
1. Interactive demo
2. Regression testing (current requests should be made to demonstrate the correct functioning of the scripts).
## Deliverables
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):
a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
## Platform
PHp 5.x