Page 1 of 1
Shoutbox help
Posted: Tue Feb 22, 2005 3:37 am
by Nisroc
Im very new to php and I have just go a small shoutbox to work. It is nothing big. Now that I got it working im trying to prevent it from being flooded. Im also logging ipaddresses and times to the mysql db. I was told I hate to validate the ipaddress for 120 second or so but i have no idea evactly how to do this. Anyone? ... please
Posted: Tue Feb 22, 2005 7:07 am
by Chris Corbyn
Log the time it was sent and then make sure the next submission is not less than 120 seconds from the last one. There are MySQL date functions for this, or you could do it using the unix timestamp (the same way PHP handles dates [which is already in seconds])....
What format are the times being logged in the moment?
Posted: Tue Feb 22, 2005 10:07 pm
by Nisroc
Im currently using
Code: Select all
<?php $date = Date('Y-d-m G:i:s'); echo $date ?>
for the time and date
Posted: Tue Feb 22, 2005 10:12 pm
by shiznatix
why dont you just set a cookie that expires in 15 seconds? that way you dont have to build into your database at all so its super simple. just use somtin like
Code: Select all
if (isset($_COOKIEї'flood'])){
echo 'Dont flood jerkface';
}else{
//insert my stuff into the db
setcookie('flood', 'super flood of doom', time()+15);
}
check my time()+15 i THINK thats 15 seconds but i could be super wrong
Posted: Tue Feb 22, 2005 11:24 pm
by Nisroc
ok the code worked but then i refresh page I get
Column 'ip' cannot be null
If I set ip to null it will do the same thing for link,etc etc. Im guessing the the else statement is conflicting. Am I right and if so how do i go about it?
Code: Select all
if ((isset($_POSTї"MM_insert"])) && ($_POSTї"MM_insert"] == "Shout") && ($_COOKIEї'flood'])) {
echo 'Dont flood jerkface';
}else{
$insertSQL = sprintf("INSERT INTO shout (ip, link, name_id, text, `time`) VALUES (%s, %s, %s, %s, %s)",
GetSQLValueString($_POSTї'IP'], "text"),
GetSQLValueString($_POSTї'Link'], "text"),
GetSQLValueString($_POSTї'Name'], "text"),
GetSQLValueString($_POSTї'Message'], "text"),
GetSQLValueString($_POSTї'Time'], "text"));
setcookie('flood', 'super flood of doom', time()+15);
mysql_select_db($database_Website, $Website);
$Result1 = mysql_query($insertSQL, $Website) or die(mysql_error());
}
[/quote]
Posted: Wed Feb 23, 2005 4:33 pm
by shiznatix
make collum ip in ur db NULL instead of NOT NULL. But there seam to be bigger problems than that somewere. I dunno what this %s stuff is (ya i know i should know) but why not just do.
Code: Select all
//set $ip, $link, $name_id, and $text
$ip = $HTTP_SERVER_VARSї'REMOTE_ADDR'];
$link = $_POSTї'link'];
$name_id = //however you are setting your name_id;
$text = $_POSTї'text'];
$query = "INSERT INTO shout (ip, link, name_id, text) VALUES ('$ip', '$link', '$name_id', '$text')";
mysql_select_db($database_Website, $Website);
$result = mysql_query($query) or die(mysql_error());