Adding IP to MySQL DB - And Denying IP's - HELP! :P

[Lukeidiot]

Okay i've been working on my new site:

http://lockpick.lukeidiot.com/?go=apply

 

And I have the Job Application pretty much done, except I want it to be a little more secure. Is it possible to limit the number of 'Submits' a user from a certain IP is capible of submitting a Job Application? (example: user1 from ip: 127.0.0.1 sends in a Job Application Form, and is only allowed one submit per day/week/year) Is this possible?

 

AKA One submit per IP, per time limit?

===================================

Lukeidiots: when one goes to  http://lockpick.lukeidiot.com/resume.php I only want them able to submit once, then the submit button will be disabled for a set amount of time aka day/week/year

friendl: log their IP

friendl: to a list

friendl: and on the process page, compare their ip

friendl: to  the list

friendl: and if they're on it, don't let them go on

 

Is also an idea.

Logging the IP to a MySQL or Writable Text file.

Maybe have 3 Submits, then they cant submit anymore.

=====================================

Basically heres my other help TOPIC:

http://www.vbforums.com/showthread.php?p=3223427#post3223427

 

Read over it, it will better help you understand my problem

 

THANKS!

[JasonLewis]

Just have a database called logged_ips with an id field, and IP field and a num_submits and if you want to do time based, last_submit.

 

Then just plan it out. When they submit the form grab their IP

$ip = $_SERVER['REMOTE_ADDR'];

Then run a query to check if the IP is in the table. If not, add it to the table and set num_submits = 1 and set last_submit = current time/date. Then continue with the form. If they are in the table, then grab there row from the table and check num_submits. If num_submits is greater then a certain value then tell the user they have submitted the form to many times. Also, if they are over their limit check to see if their last_submit was say, 24 hours ago.

 

Easy...

[PFMaBiSmAd]

IP addresses are so easy to change that restricting anything using the IP address will be a waste of your time.

 

You need to record submissions per user account. If you want to limit submissions per any time period, you would create a query to find out how many there are and prevent any more that exceed the limit you set in your logic.

 

If you don't already have it, you need an email verified user registration and login system. You do need to log the IP address that was used to register and for each submission. You can then use this IP history if there is any abuse or if you suspect that different users are the same person.