0

I want to block a user for 5-10 minutes after he add some data to server.... It is just like for security...A user can not insert data more than 1 time for 5 to 10 minutes. Or if I insert something then the javascript function which calls the inserting code will blocked for 5-10 minutes...

Thank in advance..

Rohan Kumar
  • 40,431
  • 11
  • 76
  • 106

4 Answers4

1

First off, function to get their IP:

function get_ip() {
    return trim($_SERVER['REMOTE_ADDR']);
}

Secondly, I recommend you have a table in your database, maybe called user_log... You then log a timestamp of when a user adds data. - You can then run some PHP like this the next time they try to...

$ip = '\''.get_ip().'\'';
$res = mysql_query('SELECT COUNT(*) FROM `user_log` WHERE (CURRENT_TIMESTAMP - `timestamp`) < 10 AND `ip` = '.$ip.';');
if (mysql_result($res,0) > 0) die('Added data too recently');
// add the data
Alex Coplan
  • 13,211
  • 19
  • 77
  • 138
  • Maybe just insert a field into the existing `users` table? – Nick Shvelidze Dec 15 '11 at 11:33
  • @Flukey thanks - if you see obvious typos in peoples code I wouldn't mind if you edited it :) – Alex Coplan Dec 15 '11 at 12:44
  • This function makes **absolutely no sense** – Your Common Sense Dec 15 '11 at 13:06
  • @Col.Shrapnel the one to get the IP? Not my code, although I use it on various sites - I got it off someone's blog and it seems to do the job :) – Alex Coplan Dec 15 '11 at 13:23
  • Yeah, it is luckily doing the job right, because it doesn't work as intended due to some error. You can substitute it with just `$_SERVER["REMOTE_ADDR"]` with the same result. – Your Common Sense Dec 15 '11 at 13:25
  • @Col.Shrapnel seems to be sligtly [more complex](http://stackoverflow.com/a/2031935/840973) than that – Alex Coplan Dec 15 '11 at 14:40
  • This one will allow anyone to post whatever number of posts they want with no restrictions. I don't understand why you all too fond in using whatever nonsense instead of an IP address. – Your Common Sense Dec 15 '11 at 14:46
  • I just checked the question you referred to. Note the final part. It seems the author finally realized (it took him 2 years!) that nothing can be trusted but REMOTE_ADDR only. It is really easy to spoof everything else, you need but Opera browser out of the box. – Your Common Sense Dec 15 '11 at 15:11
  • @Col.Shrapnel - I never knew that... I just presumed that these people who wrote long functions to get a user IP knew what they were talking about! - I guess I'll go and update one of my sites on which the CMS sends an email to the user if they access from a new IP, and then lets them on under that IP if they click the link. (I did this as an extra security precaution on top of the user/pass) - it's worked well so far, but I guess I should change it so it only checks the REMOTE_ADDR! Thanks – Alex Coplan Dec 15 '11 at 15:16
0

When user updates the data, store his IP and time for click and even his session . Again when any other use tries to update any data check for the user url and session (if necessary) in the data . If you get the IP in the db then check for the time duration other wise insert the records in the mail table and insert one more record in this table was well.

Md Jawed Shamshedi
  • 314
  • 1
  • 15
0

If i understood your question correctly.

When user inserts some data to DB there should be a column with timestamp showing when that data was inserted. If user tries to insert some more data use DB select where you're searching for a row which was inserted by that user in past 5 minutes. If there's a row, then you stop everything and show user error message.

No reason to block javascript function. When it does ajax callback to the server trying to add new data, server should do what described above and send an error message to javascript.

Kane Cohen
  • 1,790
  • 12
  • 17
-1

set the cookies for the time 10 minutes on the data submitting time and check cookies on the every page refresh if it set the page will not accessed, and if it will not set then the page will accessed.

jogesh_pi
  • 9,762
  • 4
  • 37
  • 65