0

Please i need your help. I'm scripting a comment functionality on my website, and i'm trying to reduce spamming to the barest minimum.. My issue/problem is that when users/bots(possibly) submit a comment, i have this code to do a HTTP/1.1 303 redirect to the same page so that when the user attempts to refresh the page the previous comment does not re-submit.

Will this be enough for spam reduction.

Thanks for your time, patience and answers. I most appreciate it.

          header("HTTP/1.1 303 See Other");
       header("Location: http://127.0.0.1/     main/forum/

3 Answers3

0

This will have no effect on spam or bots submitting your form. The only thing this is useful for is to avoid accidental resubmission by hitting F5 (refreshing the page), although usually it's done with a 301 or 302 redirect.

I have now read on Wikipedia:

The HTTP response status code 303 See Other is the correct manner in which to redirect web applications to a new URI, particularly after an HTTP POST has been performed.

which suggest that 303 is a correct HTTP response in your situation. But still most people probably use 302.

kuba
  • 7,329
  • 1
  • 36
  • 41
0

I don't think would help you achive your goal which is reduce spamming you can do the following

A. Check if a page as been refresh then redirect and this has been discussed extensively here : see

PHP refresh

B. To prevent proper flooding to need to limit number of request for sec for each IP address See

Prevent PHP script from being flooded

Edit 1

Non OOP version as requested by you : 

$memcache = memcache_connect ( 'localhost', 11211 );
$runtime = memcache_get ( $memcache, 'floodControl' );
if ((time () - $runtime) < 2) {
    die ( "Die! Die! Die!" );
} 
else {
    echo "Welcome";
    memcache_set ( $memcache, "floodControl", time () );
}
Community
  • 1
  • 1
Baba
  • 94,024
  • 28
  • 166
  • 217
  • Thank you very much. Your answer at "Prevent PHP script from being flooded" was written in OOP. Can you, (if you have it), provide a copy in Procedural PHP. I'll mbe most delighted. Thank you very much. –  May 03 '12 at 10:46
0

Short answer: No.

Long answer: No, redirects have nothing to do with spamming. Spammers are making use of the full HTTP protocol of which the various status codes like 303 See Other are part of. Any HTTP client - spammer or not - is able to deal with these.

What actually helps to prevent spamming is to display a secondary page which asks again for posting the content (like a preview). Most spam bots don't get that and it's user-friendly as well.

hakre
  • 193,403
  • 52
  • 435
  • 836