$php_mysql$ Posted July 7, 2012 Share Posted July 7, 2012 friends whats wrong with this piece of code that one user on my site spams the same thing over and over tho i have added flood control for 6hours but he posts right after posting one. i have tested myself it works for me but why not for that user? if($_SESSION['last_session_request'] > time() - 21600){ header("location: antiflood.php?post=wait"); exit; } $_SESSION['last_session_request'] = time(); Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/ Share on other sites More sharing options...
ManiacDan Posted July 7, 2012 Share Posted July 7, 2012 Because the user clears their session cookie after posting and/or is using a bot. Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359808 Share on other sites More sharing options...
$php_mysql$ Posted July 7, 2012 Author Share Posted July 7, 2012 do you have any piece of code better than this one? Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359809 Share on other sites More sharing options...
jcbones Posted July 7, 2012 Share Posted July 7, 2012 Check the database for the users last post time. That is going to be the most fail proof way. Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359810 Share on other sites More sharing options...
$php_mysql$ Posted July 7, 2012 Author Share Posted July 7, 2012 ok u mean while storing the data i even store their session in a row and use that session? can you please guide me to some simple examples? thanks soo much Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359811 Share on other sites More sharing options...
jcbones Posted July 7, 2012 Share Posted July 7, 2012 No, I suppose (as most forums, chatboxes, or reply post do) you store a user_id to the post as well as the time posted. <?php $sql = "SELECT COUNT(id) FROM forum WHERE user_id = $current_user AND '00:00:30' > TIMEDIFF(NOW(),`timestamp_column`)"; //30 second control. $result = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($result) > 0) { exit(' You can only post 1 time per minute.'); } Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359814 Share on other sites More sharing options...
$php_mysql$ Posted July 7, 2012 Author Share Posted July 7, 2012 oh in my case i do not have registered users there is no login or register on my site its just come and post. how can i implant it for that? Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359817 Share on other sites More sharing options...
jcbones Posted July 7, 2012 Share Posted July 7, 2012 Store a form token, and a timestamp. May I suggest the 5th link. Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1359823 Share on other sites More sharing options...
redarrow Posted July 8, 2012 Share Posted July 8, 2012 add a captcha that slow them down http://www.codewalkers.com/c/a/Miscellaneous/Creating-a-CAPTCHA-with-PHP/ go all the way and only allow registered users use your website. Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1360116 Share on other sites More sharing options...
scootstah Posted July 8, 2012 Share Posted July 8, 2012 Without requiring users to be registered, you are kind of out of luck. You could use a cookie, but they can just delete it. You could use their IP, but they could just change it. You could require an email, but they can just use a different one. You could use a captcha, but they can be bypassed. Quote Link to comment https://forums.phpfreaks.com/topic/265338-even-after-adding-antifloor-some-people-being-able-to-post-same-stuff-again/#findComment-1360118 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.