ankur0101 Posted August 26, 2013 Share Posted August 26, 2013 Hi, Suppose I have a form where I am accepting mobile number from users and showing such as show.php?m=9999999999 Now what I want is that any person / visitor can submit form or go to above URL with different numbers only 10 times, after that he will get error message stating Visitors maximum quota reached. And I want to restrict any queries from that IP for next 6 hours. I am confused, how to do that ? Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/ Share on other sites More sharing options...
Andy-H Posted August 26, 2013 Share Posted August 26, 2013 I assume you're sending text messages, are you sure restrictions on IP addresses are the best way to go? You may be better off restricting on a per-user basis, as multiple users could use the same computer. Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/#findComment-1446882 Share on other sites More sharing options...
AbraCadaver Posted August 26, 2013 Share Posted August 26, 2013 The only way to do this without the user being able to get around it is to make them login. Even making them login can be gotten around if they signup multiple times with different ids. You could use a session var or a cookie, however the user can delete their cookies. IPs may be shared by many people and it will change if you go from your house to Starbucks. Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/#findComment-1446883 Share on other sites More sharing options...
ankur0101 Posted August 28, 2013 Author Share Posted August 28, 2013 I assume you're sending text messages, are you sure restrictions on IP addresses are the best way to go? You may be better off restricting on a per-user basis, as multiple users could use the same computer. IPs may be shared by many people and it will change if you go from your house to Starbucks. You got a point. We can restrict on IP and visitor's Web Browser. I am going to provide specific service which registered users can use n number of times but free users can use only 10 times then they would have to wait for 30 minutes. After than they can again use for 10 times and again wait. Using java scripts, we can gather users' OS, Screen resolution. This is not going to be exact way to differentiate users sitting on same IP. What are other options ? Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/#findComment-1447106 Share on other sites More sharing options...
Andy-H Posted August 29, 2013 Share Posted August 29, 2013 (edited) Javascript can be disabled, so I wouldn't recommend relying on it for something like this, how important is it that each person only gets 10 hits every 30 minutes? No matter what you do you're always going to get the odd few. You could use a combination of IP address and user agent (you don't need javascript for this), i.e. access_logs id ip_address user_agent created_at Then do something like: <?phpfunction clientIP() { if ( filter_var($_SERVER['HTTP_CLIENT_IP'], FILTER_VALIDATE_IP) ) { return $_SERVER['HTTP_CLIENT_IP']; } elseif ( filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP) ) { return $_SERVER['HTTP_X_FORWARDED_FOR']; } return $_SERVER['REMOTE_ADDR'];} // if user is logged in don't do this, they can use more than 10 timestry { // create mysql connection $dbh = new PDO('mysql:dbname=test;host=127.0.0.1', 'root', ''); $dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, true); // prepare statement $stmt = $dbh->prepare('SELECT COUNT(*) FROM access_logs WHERE ip_address = ? AND user_agent = ? AND created_at >= (NOW() - INTERVAL 30 MINUTE) LIMIT 10'); $stmt->execute(array(clientIP(), $_SERVER['HTTP_USER_AGENT'])); $row = $stmt->fetch(PDO::FETCH_NUM); // now we have times used in last 30 minutes $times_used = (int)$row[0]; if ( $times_used == 10 ) { $errors[] = 'You can only use this 10 times every 30 minutes, to remove this restriction <a href="/register.php">Register now!</a>'; } else { // allow it // insert new record for IP / user agent }} catch ( PDOException $e ) { // handle error} Not tested. Edited August 29, 2013 by Andy-H Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/#findComment-1447377 Share on other sites More sharing options...
ankur0101 Posted September 1, 2013 Author Share Posted September 1, 2013 You could use a combination of IP address and user agent (you don't need javascript for this), i.e. access_logs id ip_address user_agent created_at I was thinking about the same. Practically we cannot detect unique visitor. There might be a case where 2 users are under same IP, using same browser and user_agent will show same text. So in that case, I thought of detecting user's screen resolution. I know again there is a possibility of 2 guys using same IP, same user_agent and same size of monitors. Quote Link to comment https://forums.phpfreaks.com/topic/281578-restrict-form-submission-for-n-times/#findComment-1447626 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.