Need an Opinon on Preventing a User from Multiple Entries.

[cooldude832]

I'm working on a script that will be a universal MMoRPG Item databasing system.  The point to it is to allow users to upload item prices without actually having to login.  Instead it will use IP tracking (is this the best method?) to only allow a user to enter their price on a specific item once each day.  My issue i'm seeing is in the database structure.  My though was this Make a table consiting of an ID, IP, and 2 fields per item, 1 is their price, the second is their last update on said item's price. It logs the day they last updated it and only allow one update per day.  The second contains their price of said item.  I'm thinking that an alternative method to this is to only do 1 field and allow users unlimited updates, but then say only allow X price updates per day.  My worry with this is my number of items could be extensive, but if i make my queries select "$itemname" from Pricetable WHERE IP=$ip.  It shouldn't affect times right.  The magnitudes of a table don't affect load times if I'm only taking bits and pieces out of it.  I'm up for any option on this.  Also if someone knows an easy way for me to store the item's price to make a graph of price vs time.  (I think it need a serverside script that executes at time X that would store into a table).

[pocobueno1388]

I hate to break it to you, but an IP method is not going to work. Individual computers IP addresses change all the time, especially AOL users [changes every time they log in]. So there isn't going to be a way to track this unless they are logged in and you make a row in the DB that stores the last time they added an item.

[cooldude832]

can i track MAC Addresses off devices?

[penguin0]

I really doubt that you can, but I may be wrong.

[cooldude832]

Yeah I saw that you can't track macs cause they don't leave the LAN, but I think either I have to make a Session that is destroyed at end of day, unless I can find a better idea without making a login system.  The more I think about it the more i think its not a big deal, but i don't want to have my db queried a billion times

[pocobueno1388]

The problem with setting a session or cookie is that a user can destroy them...so that wouldn't work either. I think your only choice is to use a database while they are logged in...theres no way around it [that I know of].

[cooldude832]

I think i will just keep it unlocked because it won't matter, I'll make a second table saying if IP X queries Y times Today then Ban IP X till Tommorow

[pocobueno1388]

I think i will just keep it unlocked because it won't matter, I'll make a second table saying if IP X queries Y times Today then Ban IP X till Tommorow

 

Thats not going to work because they CAN CHANGE their IP, so they will never be banned.

[cooldude832]

true, but the point is to prevent my DB from crashing from a 12 year old holding down f5. 

[pocobueno1388]

Well, it is ultimately your decision...bad or not.

[cooldude832]

what do you suggest to keep my db from over querying?