limits posts per 10 minutes

[quickstopman]

im working on a homemade forum for my site

and im trying to make a way to stop a person from being able to post

more than 10 posts in 4 minutes (or what ever is a good time frame).

and if the user does this more than 3 times there account gets deleted

can someone instruct me on how to do this

??

thanks

[BillyBoB]

i dont think you would want to delete them just notify them that they cant post for 20 mins but just use the time then add a certain amount of time and then check it with the current time

[quickstopman]

so should i make a mysql row in the user database with the amount of posts??

and make another that tells if that user can post or not???

 

and then in the header file

it checks to see the time each time it refreshes the page?

 

[BillyBoB]

um i wouldnt make either

 

do somin like:

 

<?php
$access = "Allow";
$i = 0;
$time = time();
$query = mysql_query("SELECT * FROM posts WHERE timeposted<($time-(60*4))");
while($info = mysql_fetch_array($query)) {
  $i++;
  if($i>=10) {
    $access = "Deny";
  }
}

if($access="Deny") {
  echo("Sorry you can't post you have posted to many times.");
}else{
  \\go ahead
}
?>

[quickstopman]

so i should but that in the header file?

or on the post page?

[quickstopman]

i understand what you doing but i keep getting this error now

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/pokebash/public_html/getmetola/tests/gamecoders/post.php on line 13

 

here is the code i have:

<?php
ob_start();
session_start();
include("ZZcode.h");
include("header.php");
include("config.php");
if(isset($_SESSION['email'])) {

$access = "Allow";
$i = 0;
$time = time();
$query = mysql_query("SELECT * FROM posts WHERE time_posted<($time-(60*4) posted_by = '{$_SESSION['id']}'");
while($timeinfo = mysql_fetch_array($query)) {
  $i++;
  if($i>=10) {
    $access = "Deny";
  }
}

if($access="Deny") {
  echo("Sorry you can't post you have posted to many times.");
}else{


if($_POST['submit']) {


$errors = array();
$topic = $_POST['topic'];
$content = $_POST['content'];
if (empty($topic) && empty($content)) {
echo '
<font color="red">Please Fill in All the forms!</font><br><br>
';
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
} else {
if(isset($_SESSION['email'])) {
$query = "INSERT INTO post (topic, content, time_posted , reply_to, posted_by) VALUES ('$topic', '$content', '', '$topic', '{$_SESSION['id']}')";
$result = @mysql_query($query) or die(mysql_error());
echo "Thanks for posting your topic!<br>
you can view your topic <a href='posts.php'>here</a><br>";
} else {
echo "you can't remotly access this form!!! SUX FOR YOU HAXOR!!!!!";
}
}
} else {
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
}
}
} else {
echo "You must be logged in to post a forum topic";
}
?>

anyideas?

i think its in the while statement

[BillyBoB]

fix the query:

 

$query = mysql_query("SELECT * FROM posts WHERE time_posted<($time-(60*4) posted_by = '{$_SESSION['id']}'");

 

to

 

$query = mysql_query("SELECT * FROM posts WHERE time_posted<($time-(60*4)) AND posted_by = '{$_SESSION['id']}'");

[quickstopman]

im still getting the same error

i think it might be because in the while statement

you never use the declared variable

what do you think other than that?

[BillyBoB]

can i see the updated php and where you are runing this at?

[quickstopman]

oh!!!!!!!!!

you had the wrong table name

it was post not posts

thanks

but now it says even if i haven't posted anything that

ive posted too many

 

[BillyBoB]

can i see the code?

[quickstopman]

<?php
ob_start();
session_start();
include("ZZcode.h");
include("header.php");
include("config.php");
if(isset($_SESSION['email'])) {

$access = "Allow";
$i = 0;
$time = time();
$query2 = mysql_query("SELECT * FROM post WHERE time_posted<($time-(60*4)) AND posted_by = '{$_SESSION['id']}'");
while($time = mysql_fetch_array($query2)) {
  $i++;
  if($i>=10) {
    $access = "Deny";
  }
}

if($access="Deny") {
  echo("Sorry you can't post you have posted to many times.");
} else if($access="Allow") {

if($_POST['submit']) {


$errors = array();
$topic = $_POST['topic'];
$content = $_POST['content'];
if (empty($topic) && empty($content)) {
echo '
<font color="red">Please Fill in All the forms!</font><br><br>
';
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
} else {
if(isset($_SESSION['email'])) {
$query = "INSERT INTO post (topic, content, time_posted , reply_to, posted_by) VALUES ('$topic', '$content', '', '$topic', '{$_SESSION['id']}')";
$result = @mysql_query($query) or die(mysql_error());
echo "Thanks for posting your topic!<br>
you can view your topic <a href='posts.php'>here</a><br>";
} else {
echo "you can't remotly access this form!!! SUX FOR YOU HAXOR!!!!!";
}
}
} else {
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
}
}
} else {
echo "You must be logged in to post a forum topic";
}
?>

[BillyBoB]

sorry if i misslead you but the query should be

$query2 = mysql_query("SELECT * FROM post WHERE time_posted>($time-(60*4)) AND posted_by = '{$_SESSION['id']}'");

 

i might have typed it in wrong the first time but the time has to be greater than the time 4 mins ago

[quickstopman]

its still not working

but i also am gonna call it a night

its 12:55 here

night guys

[quickstopman]

does anyone have a clue how to make this work?

[no_one]

Maybe something like this?

 

<?php

$qry = mysql_query("SELECT COUNT(*) as pcount FROM post WHERE time_posted<(ADDTIME(NOW(),'00:04:00.00')) AND posted_by = '{$_SESSION['id']}'");

$qr = mysql_fetch_row($qry);

if ( $qr['pcount'] > 4 ) 
{
// deny
}

?>

 

I didn't test this, of course.

[quickstopman]

i get that code

cause it looks like it works

but what is pcount

should i add that into my users table?

[no_one]

Nah, pcount is an alias to COUNT(*), basically just a count of how many rows (posts) were found that matched your where condition.

[quickstopman]

cool

[quickstopman]

now when i submit i get this error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

here is the code so far

<?php
ob_start();
session_start();
include("ZZcode.h");
include("header.php");
include("config.php");
if(isset($_SESSION['email'])) {

$qry = mysql_query("SELECT COUNT(*) as pcount FROM post WHERE time_posted<(ADDTIME(NOW(),'00:04:00.00')) AND posted_by = '{$_SESSION['id']}'");

$qr = mysql_fetch_row($qry);

if ( $qr['pcount'] > 4 ) 
{
echo "You cannot post any more posts for the next 10 minutes, you may have been spamming!!";
} else if ($qr['pcount'] < 4) {

if($_POST['submit']) {


$errors = array();
$topic = $_POST['topic'];
$content = $_POST['content'];
if (empty($topic) && empty($content)) {
echo '
<font color="red">Please Fill in All the forms!</font><br><br>
';
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
} else {
if(isset($_SESSION['email'])) {
$query = "INSERT INTO post (topic, content, time_posted , reply_to, posted_by) VALUES ('$topic', '$content', '', '$topic', '{$_SESSION['id']}'";
$result = @mysql_query($query) or die(mysql_error());
echo "Thanks for posting your topic!<br>
you can view your topic <a href='posts.php'>here</a><br>";
} else {
echo "you can't remotly access this form!!! SUX FOR YOU HAXOR!!!!!";
}
}
} else {
echo '
<form action="'. $_SERVER['PHP_SELF'] .'" method="POST">
Topic: <input name="topic" type="text"><br><br>
Post Content:<br>
<textarea cols="32" rows="10px" name="content"></textarea><br>
<input type="submit" name="submit" value="Post Topic">
</form>
';
}
}
} else {
echo "You must be logged in to post a forum topic";
}
?>

[no_one]

Not sure what that's about, but another note, I used mysql_fetch_row, might want to try mysql_fetch_assoc(), and change 4 to 10.. I dunno, I'm tired, sorry 

 

Hmm, I also changed the 'time_posted' check. Checking all posted less than 4 minutes from now was wrong. Should check all posted -4 minutes from now, hah.

 

<?php

$qry = mysql_query("SELECT COUNT(*) as pcount FROM post WHERE time_posted>DATE_SUB(NOW(), INTERVAL 4 MINUTES) AND posted_by = '{$_SESSION['id']}'");

$qr = mysql_fetch_assoc($qry);

if ( $qr['pcount'] > 10 )
{
// deny
}

?>

[quickstopman]

it said that that your have an invalid argument for mysql_fetch_assoc

so i changed it back to its original state and fixed the other error

that was in my code not yours

but now it still doesn't work

 

 

[no_one]

okay, fetch_array or something :'( I'd think the query is fine though, for the most part.