Jump to content

Help! Temporarily Banning ip adresses


Ains

Recommended Posts

Im kinda new to the art of PHP coding but im wondering how its possible to temporarily ban a ip from a site...

The Problem:
I have a site to post jobs but sometimes i get spams as theres no time limit, inbetween adding jobs and it does get annoying when i have to remove them for the mySQL database, So... i want a way to maybe stop them from adding a job for five minutes before they can do it again.

If somone could come out with a script or snippet so i can get the idea, i would be very greatful
Link to comment
Share on other sites

Is this general spam or can you press the post button more than once and it enter multple posts into the database. There are a number of easier ways to stop this from happening rather than use a time method which is a bit more involved. Also consider having a user login before they can reply to these as that will eliminate all the spam in the first place unless it is a user that is doing it.
Link to comment
Share on other sites

I have a script that would check the IP of the previous post and the IP of the person posting and datestamped.

If the date stamp was less than 10mins apart i would not allow them to post again.  Though it seems the people spamming my little site were a bit more patient and would wait out the 10mins.  I was thinking about increasing the 10mins to 24hrs (though this was for a guestbook).

You could also add a 'captcha' type image to stop bots from posting.
Link to comment
Share on other sites

You wouldn't have that problem if you did proper validation on submitting, you are adding unnecessary complexity to the program, when you can build in the feature, with just 3-4 lines of code, instead of throwing in another whole module.  Test for the job, here for a sample

$selectjob = "SELECT * FROM jobs WHERE;";  // on the were part use something that distinguishes the jobs, like the title and description, or something you know would be a double post.
$query = mysql_query($selectjob);
if ($row = mysql_fetch_array($query)) {
echo "This job was already entered into the database, you are attempting to double post it.<br />";
}
you could also add a feature like craigslist has, they use search to test title and description on entry, and don't let any posts that are too similar like.

the search would be based on something, say description adn title.

$title = mysql_real_escape_string($_POST['title']);
$description = mysql_real_escape_string($_POST['description']);
$search = "SELECT * FROM jobs WHERE title LIKE '%$title' OR description LIKE '%$description';";
$query = mysql_query($query);
if ($row = mysql_fetch_array($query)) {
echo "Your posting was already put in the database, please only post once.<br />";
}

THe chances for the posting to have somethign similar already are next to impossible, craigslist using something almost the same.
Link to comment
Share on other sites

Pretty much what I have for checking the previous entry entered by a particular IP is this:

[code]
<?php
if(isset($_POST['submit'])) {
  $errMsg = "";                // Used for keeping track of errors

  // Time 10 mins ago
  $tenMinsAgo = date("Y-m-d h:is:", strototime("-10 minutes");

  // Get last entry from a particular IP
  $strqry = "SELECT * FRMO guestbook WHERE remote_ip = '{$_SERVER['REMOTE_ADDR']}' ORDER BY ID DESC LIMIT 1";
  $query = mysql_query($strqry);

  if($result = mysql_fetch_array($query, MYSQL_ASSOC)) {
      if($result['date_entered'] > $tenMinsAgo) {
        $errMsg .="<li>You must wait at least 10 minutes between posts.</li>\n";
      }
    }
    .
    .
    .
    if($errMsg == "") {
      // No Errors Found -> Insert into database
    }
    if($errMsg != "") {
      // Errors were found display $errMsg to user
    }
}
?>
[/code]

Notice that I tack on any error messages to $errMsg.  If I find that the SQL Query returns a value and the value is less than 10mins make sure I don't leave the $errMsg empty so that it will not get added to the Database.

I'm thinking of increasing the 10mins to 24hrs.  I then will have to BAN particular IPs.  You can keep the Banned IPs in a seperate table to query to see it the REMOTE_ADDR matches on in the ban list.

Link to comment
Share on other sites

in the database where you store the user's information add a field called last_posting.

now everytime they post a job, update that field with the current time.  and then in the page where you process the posting, get the value from that field, check to see if it's more than 5 minutes and if it is then proceed with the posting. if not then display a message telling them to STOP SPAMMING and wait 5 minutes LOL
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.