Limit the amount of times an IP address can click 1 certain link an hour- using MySQL/PHP/JS.

Here's what I'm trying to accomplish and I think it's easier then I'm making it out to be.

I want a link on my homepage that can on开发者_开发技巧ly be clicked by an IP address twice per hour. The link leads to a 'Submit your email' page that has the actual form to send us your details.

I think I'd have to have a MySQL DB to accomplish this- I'm guessing by recording the visitors time/date of visit in a table, then next time they click the button- compare it with the details. Bad details, new page doesn't load. Good details, new page loads.

How would I accomplish this? I've tried Googling for several phrases with no real success- just talk of 'yeah you'd need this, or you'd have to do it this way', but no explanation. Could someone lend another a hand of advice- I'm open ears. Thanks.

You could store your ip_address and time click (datetime field) within a table. I would store ips as integer and I would use inet_aton() and inet_ntoa() functions.

select count(*) as last_hour_clicks
from table 
where ip_address = inet_aton('x.y.z.k') and click_time >= now() - interval 1 hour

if click count is equals to two you deny another click.

If your purpose is to correct a simple user error and not to prevent a DDOS-attack it's realistic to use MySQL. If not use Memcache simple because MySQL will break your server.

However you don't want to use a count(*) as they are very slow. Rather use an INT based structure such as:

CREATE TABLE `clicks` (
`ip` INT UNSIGNED NOT NULL ,
`time1` INT UNSIGNED NOT NULL ,
`time2` INT UNSIGNED NOT NULL ,
PRIMARY KEY ( `ip` )
) ENGINE = MYISAM 

Inserting:

INSERT INTO clicks (ip,time2) VALUES (INET_ATON('{$_SERVER["REMOTE_ADDR"]}'),UNIX_TIMESTAMP()) ON DUPLICATE KEY UPDATE time1=time2, time2=UNIX_TIMESTAMP()

Checking:

SELECT INET_NTOA(ip) FROM clicks WHERE ip=INET_ATON('{$_SERVER["REMOTE_ADDR"]}') AND time1+3600-time2+3600<=UNIX_TIMESTAMP();

You could use cookies to store the time of each click client-side and determine whether to show the link. This could be easily bypassed by the user if they delete/modify the cookies, however no matter what you do they can simply bookmark the "Submit your email" page and access it as much as they want, so cookies would work as well as anything else to keep out non-technical users.

You should then use server-side logic once the form has been submitted to determine whether to accept it.