Hi Mike This is quite an interesting problem that many people face. One issue to be aware of is that often many people share the same public IP. For example I am on NTL (in england) and all of my internet traffic is routed through a local proxy by my ISP. What web servers see is the IP Address of the proxy not the IP Address of my house, or even my machine.
If you do wish to use this approach perhaps consider storing the users's IP along with the time they visited; your scripts can then easily delete any entries that are more than [some amount of time] old. I would suggest that you might make an allowance for a time of 0 and exclude this from the delete query so that you can add a list of IP Addresses to block forever. Most scripts do not use cookies, and do not use the form itself (but rather submit directly themselves). You can use this information to your advantage. When the user visits your form generate a random number (or if your site uses sessions use the session id) and add it hidden to your form, at this point record somewhere that the user has visited the form itself and when they visited. When they submit the form check the database for your random number to find out a) if the user visited the form itself and b) if/when the user last submitted the form. This way scripts must use your form to submit data (rather than submitting it directly). Hope this helps, Phill On 02/08/06, Mike Brandonisio <[EMAIL PROTECTED]> wrote: > > Hi, > > Does anyone have a good technique to prevent someone from hijacking > my web form with a script and posting to it a zillion times. It's a > form script that emails the form content. I've been able to prevent > more than one email per post, but would also like to limit the number > of posts per user IP per hour. Maybe I could write to a MySQL table > and count the entries per hour from a given IP. So the table does not > get full I could empty it daily. > > Ideas? > > Sincerely, > Mike > -- > Mike Brandonisio * Web Hosting > Tech One Illustration * Internet Marketing > tel (630) 759-9283 * e-Commerce > [EMAIL PROTECTED] * http://www.jikometrix.net > > JIKOmetrix - Reliable web hosting > > Community email addresses: Post message: [email protected] Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] Shortcut URL to this page: http://groups.yahoo.com/group/php-list Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-list/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
