how do you prevent spamming votes and page views

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: how do you prevent spamming votes and page views

Post by flying_circus »

You need to determine what is acceptable in terms of how many times a user may make a page request within an allotted time. Also, are page views restricted only to authenticated users?

If only authenticated users are allowed to view your site, then you can create a traffic table in your database. Insert a new row on each page request and store the user's Id and timestamp (along with any other traffic you want to analyze). On each page request, retrieve the records from the database and count how many page requests have been made. If they've exceeded their allotted views, throttle them.

Code: Select all

<?php
/* psuedo-code */
  # Vars
    $traffic_window = 60;  // 60 seconds
    $traffic_max_requests_per_window = 10;  // Allow the user 10 requests per minute.
 
  # On page Request - Fetch Traffic
    $traffic = "SELECT `timestamp` FROM `traffic` WHERE `user_id`='1' AND `timestamp`>'" . (time() - $traffic_window) . "';";
 
  # Check Activity
    if(num_rows($traffic) > $traffic_max_requests_per_window) {
      // Throttle User.  Redirect them to error page or something.
    } else {
    # Acceptable traffic pattern.  Increment activity.
      "INSERT INTO `traffic` (`user_id`, `timestamp`) VALUES ('1', '" . time() . "')";
    
    # Garbage Collection
      "DELETE FROM `traffic` WHERE `timestamp`<'" . (time() - $traffic_window) . "';";
    }
?>
If anonymous users are allowed to view your site, bind your traffic table based on IP, rather than user id.
scarface222
Forum Contributor
Posts: 354
Joined: Thu Mar 26, 2009 8:16 pm

Re: how do you prevent spamming votes and page views

Post by scarface222 »

Thanks for your help man, I will look into implementing these things and let you know how it goes. I believe that is a really good idea for controlling people who try to kill your bandwidth, but in terms of just page views, I am still going to look into trying to implement some sort of session scheme since it is more precise into limiting views and will not interrupt user experience. It is a good idea to implement your suggestion though for abusive users who try to kill bandwidth through mass requests. I am gonna study the phpbb code for a while. Thanks again for all your suggestions, really appreciate it.
scarface222
Forum Contributor
Posts: 354
Joined: Thu Mar 26, 2009 8:16 pm

Re: how do you prevent spamming votes and page views

Post by scarface222 »

ok this is the last thing I am posting in this topic, for the page view problem, I just set a session variable on the page, so if the user tries to keep refreshing it will not work. It seems to work decently. If anyone knows a better way or modification please let me know. Thanks again everyone, especially circus on this one.

Code: Select all

if ($_SESSION['views']!==$topic_id){
mysql_query ("update counter set views='$views' where topic_id='$topic_id'");
}
$_SESSION['views']=$topic_id;
Post Reply