Jump to content

Archived

This topic is now archived and is closed to further replies.

xtiancjs

limit form submission

Recommended Posts

Hi all, am trying to figure out a way for a user to submit a form only once, am trying to use an alternative to a javascript disable submit. I know I am being picky but I need this change to be permanent so a session won't work. I also realise that if cookies are turned off then that would not be ideal either. I think what I need to do is store the users ip somewhere and be able to reference it if the user tries to send the form again. Could someone point me in the right direction? My form is a drop down jump menu which calls a javascript to do the submission when an option is pointed to, MY FORM:

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">
<td nowrap align="right"><select name="broker_rating" onClick="DoSubmission1();">
<?php
do {
?>
<option value="<?php echo $row_valueset['value']?>"<?php if (!(strcmp($row_valueset['value'], $row_bprofile['broker_rating']))) {echo "selected=\"selected\"";} ?>><?php echo $row_valueset['value']?></option>
<?php
} while ($row_valueset = mysql_fetch_assoc($valueset));
$rows = mysql_num_rows($valueset);
if($rows > 0) {
mysql_data_seek($valueset, 0);
$row_valueset = mysql_fetch_assoc($valueset);
}
?>
</select></td>
<td></td>
<tr>
</table>
<input type="hidden" name="id" value="<?php echo $row_bprofile['id']; ?>">
<input type="hidden" name="broker_num_votes" value="<?php echo $row_bprofile['broker_num_votes']; ?>">
<input type="hidden" name="MM_update" value="form1">
<input type="hidden" name="id" value="<?php echo $row_bprofile['id']; ?>">

</form>

FORM ACTION CODE:

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE brokers SET broker_rating= broker_rating + %s, broker_num_votes=%s + 1 WHERE id=%s",
GetSQLValueString($_POST['broker_rating'], "int"),
GetSQLValueString($_POST['broker_num_votes'], "int"),
GetSQLValueString($_POST['id'], "int"));

mysql_select_db($database_broker, $broker);
$Result1 = mysql_query($updateSQL, $broker) or die(mysql_error());
}

Hope this code helps,
thanks xtian

Share this post


Link to post
Share on other sites
Guest footballkid4
There's no PERMANENT way to store settings on a user's PC (meaning that there is no way to store a setting that they can't get rid of) from a web script. You can use cookies, however many people know how to delete them. I would say the best way to go about this would be to log their IP address in a database, AND store a cookie on their computer (in case their IP changes). That should greatly lessen the amount of people who can submit to your form multiple times.

BTW: Do NOT use JavaScript to disable the submission of a form! JavaScript can be disabled/bypassed very very easily.

If you don't want the user to be able to use the form, then don't show it at all

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.