Page 1 of 1
prevent cookie spam
Posted: Thu Mar 11, 2010 7:40 pm
by scarface222
Hey guys I just have a quick question, I have a voting system that is supposed to limit votes with a cookie and make it difficult for users to spam, and it works except if you click really fast, it updates the database multiple times. Does anyone know how to prevent this effect, I also have the problem with some jquery forms if clicked really fast.
Code: Select all
setcookie ("$id", "0", time()+(60*60*24*365));
//ok, now update the votes
if (!isset($_COOKIE["$id"])){
if($action=='vote_up') //voting up
{
//vote up
}
else f($action=='vote_down'){
//vote down
}
}
Re: prevent cookie spam
Posted: Fri Mar 12, 2010 11:53 am
by scarface222
anyone got an idea?
Re: prevent cookie spam
Posted: Fri Mar 12, 2010 12:08 pm
by flying_circus
scarface222 wrote:anyone got an idea?
Use sessions? You can't verify that your cookie was actually delivered to the end user, let alone, that the end use accepts cookies from your site.
Re: prevent cookie spam
Posted: Fri Mar 12, 2010 12:12 pm
by AbraCadaver
You could do an onclick event that disables the button, or after you set the cookie:
There is no solid way to do this with anonymous users. The best is to have them authenticate and store the fact that they have voted in the db.
Re: prevent cookie spam
Posted: Fri Mar 12, 2010 12:42 pm
by scarface222
thanks a lot guys for the response. It is ok about using cookies because the user cannot even log in and start their session with cookies set to not accept and thus will not be able to vote in the first place without cookies set on accept so I will just try the sleep function out, since it does apply to other instances where cookies are not even used, but people can spam form inputs. I will let you know if it works when I implement.
Re: prevent cookie spam
Posted: Fri Mar 12, 2010 12:49 pm
by scarface222
k it works, I like the disable button suggestion as well abra so then even though the function is sleeping, it gives user feedback. You da bomb man.