clown[NOR] Posted May 6, 2007 Share Posted May 6, 2007 I'm making a guestbook but something is very wrong here... Adding the message to the database works perfectly, but the issue comes when it's added. The user can just hit F5 and the message get's added again.. And you can keep on doing that forever spamming the guestbook really bad.. So I wonder if anyone could tell me how to prevent that from happening. Here's the code: <?php if (isset($_REQUEST['Submit'])) { $name = $_REQUEST['name']; $email = $_REQUEST['email']; $website = $_REQUEST['website']; $message = $_REQUEST['message']; $ip = $_SERVER['REMOTE_ADDR']; $added = date("Y-m-d H:i:s"); if (empty($name)) { $name = "Anonymous"; } $name = strip_tags($name); $email = strip_tags($email); $website = strip_tags($website); $message = str_replace("\n", "<br>", strip_tags($message)); c2db(); $name = mysql_real_escape_string($name); $email = mysql_real_escape_string($email); $website = mysql_real_escape_string($website); $message = mysql_real_escape_string($message); $ip = mysql_real_escape_string($ip); $added = mysql_real_escape_string($added); $query = "INSERT INTO `guestbook` VALUES ('', '$name', '$email', '$website', '$message', '$ip', '$added')"; $result = mysql_query($query); if (!$result) { die(mysql_error()); } unset($_REQUEST['Submit']); } ?> Thanks in Advance - Clown Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/ Share on other sites More sharing options...
rallokkcaz Posted May 6, 2007 Share Posted May 6, 2007 you would probly have to set some variable that makes it so the user can only post 2 posts every minute or somthing like that im not sure how it would look in code but i might work Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/#findComment-246898 Share on other sites More sharing options...
ToonMariner Posted May 7, 2007 Share Posted May 7, 2007 using header('location: www.xxx.com'); after the insert query will help also storing their ip address and teh timestamp will allow you to check the last time they posted (and you can deny them if the time is less than a specified period). Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/#findComment-246900 Share on other sites More sharing options...
clown[NOR] Posted May 7, 2007 Author Share Posted May 7, 2007 i'll just try setting a cookie Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/#findComment-246901 Share on other sites More sharing options...
clown[NOR] Posted May 7, 2007 Author Share Posted May 7, 2007 Did it the hardway.. made another file the redirecting back to the guestbook Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/#findComment-246904 Share on other sites More sharing options...
Trium918 Posted May 7, 2007 Share Posted May 7, 2007 Try this! <?php if (isset($_REQUEST['Submit'])) {//Page was submitted if (!$_REQUEST['Submit']) { //value of content is empty header("Location: http:// "); } else { //Submit has value $name = $_REQUEST['name']; $email = $_REQUEST['email']; $website = $_REQUEST['website']; $message = $_REQUEST['message']; $ip = $_SERVER['REMOTE_ADDR']; $added = date("Y-m-d H:i:s"); if (empty($name)) { $name = "Anonymous"; } $name = strip_tags($name); $email = strip_tags($email); $website = strip_tags($website); $message = str_replace("\n", "<br>", strip_tags($message)); c2db(); $name = mysql_real_escape_string($name); $email = mysql_real_escape_string($email); $website = mysql_real_escape_string($website); $message = mysql_real_escape_string($message); $ip = mysql_real_escape_string($ip); $added = mysql_real_escape_string($added); $query = "INSERT INTO `guestbook` VALUES ('', '$name', '$email', '$website', '$message', '$ip', '$added')"; $result = mysql_query($query); if (!$result) { die(mysql_error()); } unset($_REQUEST['Submit']); } } ?> Link to comment https://forums.phpfreaks.com/topic/50299-solved-please-help-me-out-here/#findComment-246906 Share on other sites More sharing options...
![clown[NOR]](data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20viewBox%3D%220%200%201024%201024%22%20style%3D%22background%3A%2362c464%22%3E%3Cg%3E%3Ctext%20text-anchor%3D%22middle%22%20dy%3D%22.35em%22%20x%3D%22512%22%20y%3D%22512%22%20fill%3D%22%23ffffff%22%20font-size%3D%22700%22%20font-family%3D%22-apple-system%2C%20BlinkMacSystemFont%2C%20Roboto%2C%20Helvetica%2C%20Arial%2C%20sans-serif%22%3EC%3C%2Ftext%3E%3C%2Fg%3E%3C%2Fsvg%3E)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.