Jump to content

Archived

This topic is now archived and is closed to further replies.

redarrow

flood controll

Recommended Posts

advane thank you.

can you advise me if i am doing this correctly.

flood is in the database ok like $record['flood'];
[code]
<?php

$time_now=time();

$flood=time()+3600;

if($flood<$time_now){

echo "sorry you next post is in 1 hour sorry";

}

?>

[/code]


my concept off a flood system
when a user post information from a form
insert into the database a flood set to time() now with the users id and so on
then select the $flood from the database and then use the above code format where flood<time()+3600;
meaning can not post untill 1 hour time.

does that seem correct cheers.

Share this post


Link to post
Share on other sites
Not really as if you run that check each time the script runs flood will ALWAYS be greater than time now.

You need to store the time the person last posted in the database, check it and if its greater than the current time MINUS the period you do not wish them to be able to post again then prohibit the post

Share this post


Link to post
Share on other sites
Does this look better not tested coded on here for advise ,and cheers and thank you for all your replys.

[code]
<?php session_start();

database_connection

$time_posted=addslashes($_POST['time_posted']);
$flood=addslashes($_POST['flood']);
$message=addslashes($_POST['message']);


$time_posted=time();
$time_posted=strtotime($time_posted);
$time_posted=$_SESSION['time_posted']=$time_posted;

$flood=time()+3600;
$flood=strtotime($flood);
$flood=$_SESSION['flood']=$flood;

if($_POST['submit']){

$query2="SELECT * FROM flood WHERE id='$id'":
$result2=mysql_query($query2)or die("database is dead query2");

while($record=mysql_fetch_assoc($result2)){

if($flood-$record['time_posted']){

echo "Sorry you have to wait 1 hour before posting agin";
exit;

}else{

$query1="INSERT INTO flood (id,time_posted,message)VALUES('$id','$time_posted','$message')";
$result1=mysql_query($query1)or die("database is dead query1");

echo "Please be warned that your next post is in one hour";
exit;
}
}
?>

<form method="POST" action="">
<input type=hidden" name=<?echo $id;?>">
<br>
Please write  message
<br>
<textarea name="message" col="20" rows="20">
<br>
<input type="submit" name="submit" value="send message">
</form>
[/code]

Share this post


Link to post
Share on other sites
well i tried it and i dont see why it shouldnt work maybe someone on here can see why cheers.

Share this post


Link to post
Share on other sites
[code]<?php
// we have $last_post_time defined as when the user last posted
if($last_post_time+3600 > time())
{
// user may not post
}
else {
// user may post
}
?>[/code]

Share this post


Link to post
Share on other sites
[code]<?php session_start();

database_connection //I would imagine this giving you an error

$time_posted=addslashes($_POST['time_posted']);
$flood=addslashes($_POST['flood']);
$message=addslashes($_POST['message']);


$time_posted=time(); //You're overwriting the previously created variable $time_posted
$time_posted=strtotime($time_posted);
$time_posted=$_SESSION['time_posted']=$time_posted; //Not sure what you're trying to do here - It's valid syntax though.

$flood=time()+3600;
$flood=strtotime($flood);
$flood=$_SESSION['flood']=$flood; //Again, valid syntax, but what are you trying to do?

if($_POST['submit']){

$query2="SELECT * FROM flood WHERE id='$id'":
$result2=mysql_query($query2)or die("database is dead query2");

while($record=mysql_fetch_assoc($result2)){

if($flood-$record['time_posted']){ //Will never evaluate to true

echo "Sorry you have to wait 1 hour before posting agin";
exit;

}else{

$query1="INSERT INTO flood (id,time_posted,message)VALUES('$id','$time_posted','$message')";
$result1=mysql_query($query1)or die("database is dead query1");

echo "Please be warned that your next post is in one hour";
exit;
}
}
?>

<form method="POST" action="">
<input type=hidden" name=<?echo $id;?>">
<br>
Please write  message
<br>
<textarea name="message" col="20" rows="20">
<br>
<input type="submit" name="submit" value="send message">
</form>[/code]

[b]EDIT:[/b] I have outlined some potential issues in your code, but Daniel0 has offered you a solution to your problem.

Share this post


Link to post
Share on other sites
i got this going to as for test 1 min and works but does it look ok.

thanks dan good code cheers semi

[code]
<?php session_start();

$db=mysql_connect("localhost","xxx","xxx");
mysql_select_db("tester",$db);

$id="00005";

$time_posted=addslashes($_POST['time_posted']);
$flood=addslashes($_POST['flood']);
$message=addslashes($_POST['message']);


$time_posted=time();
$time_posted=$_SESSION['time_posted']=$time_posted;


$flood=$_SESSION['flood']=$flood;



$query2="SELECT * FROM flood WHERE id='$id'";

$result2=mysql_query($query2)or die("database is dead query2");


while($record=mysql_fetch_assoc($result2)){

if($record['time_posted']+60 >time()){

echo "Sorry you have to wait 1 hour before posting agin";
exit;
}
}
if($_POST['submit']){

$query1="INSERT INTO flood (id,time_posted,message)VALUES('$id','$time_posted','$message')";
$result1=mysql_query($query1)or die("database is dead query1");

echo "Please be warned that your next post is in one hour";
exit;

}
?>
<html>
<body>
<form method="POST" action="">
<input type="text" name="id" value="<?echo $id;?>">
<br>
Please write  message
<br>
<input type="text" name="message" >
<br>
<input type="submit" name="submit" value="send message">
</form>
</html>
</body>
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.