Jump to content

Limit the access of a function to once every 24 hours (PHP and MySQL)


Recommended Posts

I would like to limit the access of a function i've created to once every 24 hour based on the users IP address. I would also like the PHP script to delete the MySQL record if it's older than 24 hours.

If the user already has used the function within 24 hours, show them a message and prevent the script from continue running.

If the user already has used the function but 24 hours has passed since he used the function, delete the MySQL record and let the script continue running.

<?php
$ip
= $_SERVER['REMOTE_ADDR'];
$con=mysqli_connect("domain.com.mysql","domain_com","domain_password","domain_database");
$result = mysqli_query($con,"SELECT * FROM ipblock WHERE ip='".$ip."'");
while($row = mysqli_fetch_array($result));

if($ip == $row['ip']) //and code for checking how old the record is
{
// The user has used the function within 24 hours, kill the script.
echo "Come back in 24 hours";
exit;
}
else
{
// Looks clear, let them use the function
$MyFunction = true;
}
?>

I'm lost and as you can see i am also missing some statements for deleting old records (-24 hours)..

Could anyone provide me with an example of how to do this? Thanks

The solution is not to limit access to a "function", but to the script that is performing the function/task/whatever.  As already pointed out the IP address can be changed/forged(?) so it may not be totally accurate to base your decision on that piece of data.  I would simply create a cookie that had an expiration 24 hours from creation that held the ip address as its value.  If the cookie exists, abort the script.  If not re-create the cookie and proceed.

 

Of course if this is vitally important, you might need to use a db to store a token for the ip address since cookies can be toyed with.  Same idea though - store the datetime and the IP address in a record.  Upon execution of the script, check the db table for that IP and if the record's datetime value is too soon, abort.  If the datetime is over 24 hours old, update the record with the new date/time and proceed.  No need to remove expired recs - any future access attempt will simply update them.  If it's a problem though after too many users have visited, you could create a simple maintenance script to delete any record with a datetime older than a given value. and run it manually on a periodic schedule.

Not positive about the SELECT query, but try something like the following.  Also, look into prepared statements.


<?php
$ip = $_SERVER['REMOTE_ADDR'];
$con=mysqli_connect("domain.com.mysql","domain_com","domain_password","domain_database");
$result = mysqli_query($con,"SELECT (NOW()-INTERVAL DAY > lastvisit) lastvisit FROM ipblock WHERE ip='".$ip."'");
$row = mysqli_fetch_array($result);
if($row && $row['lastvisit'])
{
    //The user has used the function within 24 hours, kill the script.
    echo "Come back in 24 hours";
    exit;
}
else
{
    // Looks clear, let them use the function
    $MyFunction = true;
    mysqli_query($con,"INSERT INTO ipblock SET lastvisit=NOW() WHERE ip='$ip' ON DUPLICATE KEY SET lastvisit=NOW()");
}

IMHO - the easier query is to simply find a record for that IP.  If found you still need to update it, so making the query that complex is not necessary.  You simply get the record, then check the date and either abort or update it.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.