Validation before inserting into mysql

[cardoso]

Hi all, someone seems to be spamming a forum of mine.  I setup a field that captures ip, host, etc. on the database when a new record is added.  I noticed that my "ip catching" field has a NULL value when those spam messages get inserted.  The other records (the real ones) all get populated with the IP address and other info.  So, I figured I'd validate the user's ip as they are about to insert a record... I figured I could stop the insert if the user doesn't show an IP address.  So I use the following if statement to check for user info...

 

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form_add") && ($_SERVER['REMOTE_ADDR'] != NULL) && ($_SERVER['REMOTE_ADDR'] != 'NULL') && ($_SERVER['REMOTE_ADDR'] != "NULL") && ($_SERVER['REMOTE_ADDR'] != '') && (gethostbyaddr($_SERVER['REMOTE_ADDR']) != "")) {

  $insertSQL = sprintf("INSERT INTO...... etc.

}

 

Notice my overkill of checking for a NULL or empty value... but none of these seem to work.  Can someone explain to me what check I have to do to avoid a record insert when the user doesn't show an IP address?

 

Thanks a million... I know this might be easy, but I'm new.

 

Nelson

[PC Nerd]

well embed your ifs, instead of all in one, so that you can display ( eg if no IP diaplsy " you did not have an IP, please try again")

 

also, simply go if(empty($IP)) {}

 

um, its really hard to read, can you past each condition in a new line, so its easy to seperate......

 

 

gdlk

 

[rcorlew]

It is a psambot and won't show an ip address persay. Try setting a total number of submits in 24 hrs to 1 by $_SESSION like

 

if(empty($_SESSION['submit'])) { $_SESSION['submit'] = 1;}

 

if(isset($submit)) { $_SESSION['submit']++;}

 

if($_SESSION['submit'] > 2) {die;}

 

Something like that should work

[cardoso]

Thank you for the replies... I will try these solutions and let you know how it goes.  Thank you.