Page 1 of 1
Best way to prevent forms from being submitted too often?
Posted: Tue Aug 23, 2005 2:20 pm
by ezenu
For a feedback type form that directly emails me, what is the best way to prevent a user from spamming 'Submits'?
-Cookies? (browser could disable...)
-Track IPs in a log file & use that to check when form was last submitted?
-PHP Sessions?
And how would I go about doing that?
Thanks

Posted: Tue Aug 23, 2005 3:20 pm
by feyd
sessions are a fairly good way, however if the user simply closes their browser they could begin anew. Combining that with IP logging is another good way.
I'd also make a flood control on overall rate as well, to make sure the influx isn't too high.
the sessions way is a simple counter like so
Code: Select all
<?php
session_start();
$_SESSION['sendCount'] = (isset($_SESSION['sendCount']) ? $_SESSION['sendCount']+1 : 1);
?>
IP logging is a bit more tricky, but not as hard as you may think. You can use a database (my preference) or flat files to store the information.
Posted: Tue Aug 23, 2005 3:33 pm
by ezenu
ok, thanks
it seems as if the only way to be 100% secure is to log IPs & the time which each IP last submitted. So then I'd be able to check if its been < 60 minutes since last submission (for example).
I also need a way for me to easily keep track of these submissions other than through sending emails. Some possibilities for that:
-make mySQL table for it & put everything in there then somehow export just that table to excel
-make plain text file as .csv for importing to excel
-use submissions to create a plain text .html file with them organized in a table
sorry I'm still learning php & mysql. this is my first practical application of it.
my web host only supplies me with 1 mySQL DB. I'm using it for php-nuke, but I suppose I could also create some non-nuke related tables in that database...