I need to limit the access to a PHP web page for a user identified by IP address only 5 times a day.
I have done this funcionality with sessions, but in the requirements I have to that with IP Adresses abd not with sessions.
Any idea on the simplest method to do that?
Thanks a lot.
First, create a table with columns such as:
|-----------------------------------|
| IP varchar(15) | Views tinyint(1) |
|-----------------------------------|
Then on each view either insert the IP (if its not already in the database) or increment views by 1. If views = 5 then kill the page and don't allow the user to visit.
You can then run a cron each night at 00:00 that deletes all data in the table (see: truncate).
On every access, save the IP address (UNIQUE field) into a database together with the current date/time and a counter. Increase the counter and update the date/time every access if the IP address already exixts in the database.
Now you can just deny acces when the counter is greater than 5 and date/time is not one day old.
However, consider what Brad said to you. IP address is not a reliable method to identify an user.
Building on Prisoner's answer:
I'd add a date field to this table and do an insert ... ON DUPLICATE KEY UPDATE
Bonus field: ip_log_page so you can use this on multiple pages.
you can also run a delete query based on the date to delete stuff from yesterday and before - either cron or just part of the script on a web page.
CREATE TABLE ip_log
(
ip_log_ip VARCHAR(40),
ip_log_date DATE,
ip_log_visits TINYINT(1),
ip_log_page varchar(255),
PRIMARY KEY(ip_log_page,ip_log_ip,ip_log_date),
);
keep in mind that tinyint(1) has an upper limit of 127/255 (signed/unsigned) so if your needs ever change and you need more than that you'll need to adjust your field
You should look into apc cache or Zend cache to stored the IP that you'd get from $_SERVER['REMOTE_HOST']
