AyKay47 Posted September 12, 2011 Share Posted September 12, 2011 can we see the relevant code please.. Quote Link to comment Share on other sites More sharing options...
rockinaway Posted September 12, 2011 Author Share Posted September 12, 2011 If it will make any sense on it's own: // We want to prevent quick signups $query = $db->query('SELECT joined FROM members WHERE ip_address = "'.$_SERVER['REMOTE_ADDR'].'"'); // Have they JUST registered? if ($db->num_rows($query) > 0) { $t = $db->fetch_assoc($query); echo 'yes'; echo time().'<br />'; echo $t['joined'].'<br />'; $last_signup = (time() - $t['joined']); echo $last_signup; if ($last_signup < 120) $core->error('Error', 'A registration has recently occurred'); } // Trim and clean vars $fname = $core->cleanVar(trim($_POST['fname'])); $lname = $core->cleanVar(trim($_POST['lname'])); $password = $core->cleanVar(trim($_POST['password'])); $email = $core->cleanVar(trim($_POST['email'])); $sex = $_POST['sex']; $dob = $_POST['birth_day'].$_POST['birth_month'].$_POST['birth_year']; // Create salt and hash password $salt = $core->create_salt(); $hash_pass = hash('sha256', $salt.$password); // Generate an activation code for the user $code = $core->keygen(20); // Add the user to the database $db->query('INSERT INTO members (first_name, last_name, password, salt, ip_address, email, joined, last_visit, sex, dob, group_id, status, code) VALUES ("'.$fname.'", "'.$lname.'", "'.$hash_pass.'", "'.$salt.'", "'.$_SERVER['REMOTE_ADDR'].'", "'.$email.'", "'.time().'", "'.time().'", "'.$sex.'", "'.$dob.'", "1", "0", "'.$code.'");'); Quote Link to comment Share on other sites More sharing options...
rockinaway Posted September 12, 2011 Author Share Posted September 12, 2011 Sorted, needed to add ORDER BY id DESC to my database query .. thanks for all the help! Quote Link to comment Share on other sites More sharing options...
Pandemikk Posted September 12, 2011 Share Posted September 12, 2011 Why are you potentially grabbing multiple results? I told you before you should be checking based on dateline as well. <?php // We want to prevent quick signups if ($db->query(' SELECT joined FROM members WHERE ip_address = "' . $_SERVER['REMOTE_ADDR'] . '" AND joined >= ' . (time() - 3600) . ' # Current time minus an hour. Can change this value to whatever you want. LIMIT 1 ') { $core->error('Error', 'A registration has recently occurred'); } ?> Much cleaner code. More efficient as well. Quote Link to comment Share on other sites More sharing options...
rockinaway Posted September 12, 2011 Author Share Posted September 12, 2011 That's awesome.. what I'm doing just shortened nicely. Thank you! Quote Link to comment Share on other sites More sharing options...
AyKay47 Posted September 13, 2011 Share Posted September 13, 2011 what happens if a user signs on from another IP? Quote Link to comment Share on other sites More sharing options...
rockinaway Posted September 13, 2011 Author Share Posted September 13, 2011 I've found another way to deal with the issues. Thanks for the help though Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.