Page 1 of 1

Best way to prevent forms from being submitted too often?

Posted: Tue Aug 23, 2005 2:20 pm
by ezenu
For a feedback type form that directly emails me, what is the best way to prevent a user from spamming 'Submits'?

-Cookies? (browser could disable...)
-Track IPs in a log file & use that to check when form was last submitted?
-PHP Sessions?

And how would I go about doing that?

Thanks ;)

Posted: Tue Aug 23, 2005 3:20 pm
by feyd
sessions are a fairly good way, however if the user simply closes their browser they could begin anew. Combining that with IP logging is another good way.

I'd also make a flood control on overall rate as well, to make sure the influx isn't too high.

the sessions way is a simple counter like so

Code: Select all

<?php
session_start();
$_SESSION['sendCount'] = (isset($_SESSION['sendCount']) ? $_SESSION['sendCount']+1 : 1);
?>
IP logging is a bit more tricky, but not as hard as you may think. You can use a database (my preference) or flat files to store the information.

Posted: Tue Aug 23, 2005 3:33 pm
by ezenu
ok, thanks

it seems as if the only way to be 100% secure is to log IPs & the time which each IP last submitted. So then I'd be able to check if its been < 60 minutes since last submission (for example).

I also need a way for me to easily keep track of these submissions other than through sending emails. Some possibilities for that:

-make mySQL table for it & put everything in there then somehow export just that table to excel
-make plain text file as .csv for importing to excel
-use submissions to create a plain text .html file with them organized in a table

sorry I'm still learning php & mysql. this is my first practical application of it.

my web host only supplies me with 1 mySQL DB. I'm using it for php-nuke, but I suppose I could also create some non-nuke related tables in that database...