Prevent spam bots php mysql

Asked Apr 09 '15 at 11:07

Active Apr 09 '15 at 11:13

Viewed 936 times

I have a forum with lots of buttons <button class="vote" data-id="10">Vote up</button> the data-id relates to my thread id of MySQL table.

It can happen as a bot will automatically run the below js and send post request with several random data-id overloading the server. How can I prevent this?

//on click vote
$.post('vote. Php', {
data-id : data-id 
}

Php

$userid=$_SESSION['userid'] ;
//take data-id and insert into mysql

edited Apr 09 '15 at 11:13

ByteHamster

4,884
9
38
53

asked Apr 09 '15 at 11:07

Ohmyholy

I recommend reading: http://stackoverflow.com/questions/2581488/understanding-csrf-simple-question – Robin Valk Apr 09 '15 at 11:22
captcha codes, hidden input tokens, or even simply put cookies for which user voted-up which data-id – Santa's helper Apr 09 '15 at 11:39
For simple spambots, you can just require JavaScript to be run to complete the voting. It seems you are already doing that, so you are probably being spammed by a headless browser-based (e.g. PhantomJS-based) spambot. You can either try to detect a headless browser, or use a human challenge like a CAPTCHA. – PeterK Apr 09 '15 at 12:31

Prevent spam bots php mysql

0 Answers0