Create a column in your users table named login_attempts
. The column increments on each failed login attempt, and resets on successful login.
The basic structure could be as follows:
+-----------+------+------+
| user_id | ip | date |
+-----------+------+------+
To check the number of login attempts, you can use query like below:
SELECT count(ip) AS failed_attempts
FROM login_attempts
WHERE ip = $ip
AND date < (NOW - INTERVAL 24 HOUR)
Now, in your PHP code, you can check if the value is greater than or equal to 3, and display the captcha if so:
if ($data['failed_attempts'] >= 3) {
// display captcha...
}