[SOLVED] PHP Flood Protection scripts that uses flat file databases?

[RickyF]

Hey,

 

Does anyone know of any php flood protection scripts that use a flat file database rather than mysql, and if so could you provide the link to it or something please?

 

I found a free flood protection class, but it uses mysql, i was wondering, is it possible for flat file database to remove an ip after a period of time, as can be done with mysql?

 

This is the mysql one i found: http://www.phpclasses.org/browse/package/2595.html

 

 

Thanks for any help!

[MadTechie]

can you post the code for the flat file system you have..

 

maybe sessions will work..

 

set the last post time and refuse posts until x time has passed

[RickyF]

Hi,

 

The code i have is only for a mysql based script, it is a flat file version of the code i have that am in search for.

 

The code can be implemented into scripts easily (http://www.phpclasses.org/browse/package/2595.html) i was wondering if the same thing is available elsewhere but uses flat file.

[MadTechie]

heres a quick example it may help

 

<?php
session_start();
?>
<form method="post">
<textarea name="msg">test</textarea>
<input name="submit" type="submit" value="ok">
</form>

<?php
$delay = 10; //seconds
if(isset($_POST['submit']))
{
//protection
$wait = ($_SESSION['posttime']+$delay) - time();
if(!isset($_SESSION['posttime']) || $wait <=0 )
{
	$_SESSION['posttime'] = time();
	echo $_POST['msg'];
}else{
	die("flood protections active..<br>wait $wait seconds");
}
}


?>

 

 

 

Edit:

As a side note if you don't use a login system then you can't truely stop flooding, only make it harder.

[RickyF]

I was thinking perhaps of a 24 hour time limit, would using sessions be wise for this?

[MadTechie]

in which case

$delay = 60*60*24; //seconds = 1 day

 

BUT your session will probably only last 15 minutes.. you could store the ip in another file with a time stamp

[xyn]

If you use sessions use cookies....

so they mightt urn cookies off. but the session ends when

all browsers are closed.

[MadTechie]

i think we need to know more about the system as.. we can all add ideas until the cows come home.. but it depends on the needs!

[ToonMariner]

only practcal method is force any posting to login.

 

When they post store the user id and time of post. Next post search for the last occurence of that user name in the file string and you should be able to grab the whole record - extract the time of post and compare it to the present then allow/deny based on time between...

[MadTechie]

totally agree with you ToonMariner.. but if its a simple comment box at the bottom of a artical then a captcha would work.... maybe add a timestamp to stop repeats but more people just click the submit button 200times.. thus i put the sesssion code  :-\

[RickyF]

Hi, the sctip is actually a plug board, which i am coding my self, i have decided to use mysql, as its much easier.

 

Thanks for all your help!