Limit posting to every 30 minutes
Thanks for looking.
I'm trying to write a script to set a cookie after the user posts a commen开发者_Python百科t, limiting them from posting again for 30 minutes. I'm so confused on where to start. Please, could you guys help me out on how I do this?
I'm trying to use this jquery plugin – countdown timer.
Don't do it client side (cookies, javascript, whatever); that can be easily circumvented.
If the user must be registered in order to post a comment, you can add a column/table in the database where the time of last comment is stored. Every time before a comment is posted, you then check if 30 minutes have elapsed since that instant that's registered in the database. If not, you abort the operation.
If you don't require registration, you can save the database a tuple (IP, time) and proceed likewise.
Aside from the how to do it with a cookie, why are you doing it? If you want to avoid technically advanced spammers, setting a client side cookie is going to deter them for about 5 seconds before they disable cookies for your site or otherwise work around your restriction.
As for how, you could simply set a cookie with a timeout of 30 minutes. If the cookies exists, block. If not, they're free to post.
Without knowing more about your project, I would do it something like this:
- When a user posts first check to see if your cookie exists
- If it does not exist allow the user to post, and create a cookie with a current timestamp
- If the cookie does exist, check to see if the time stamp is more than 30 minutes prior to the current time.
- If the time is more than 30 minutes, let them post and reset the time.
- If not, give them a pretty message which says they have to wait.
Of course this isn't the best method because they have to have cookies enabled, or they could delete the cookie, or whatnot. Personally I would handle this server side by either a) having each user create an account to post (which isn't too crazy of an idea of you are that worried about a user posting more than once every 30 minutes), or b) checking their IP address.
Take a look at the function setcookie() for setting cookies and $_COOKIE["mycookie"] for getting the value of the setted cookie.
But be aware that the user can simply bypass your "solution" by deleting the cookie.
A more complex (but better) solution would be to implement a user-system (with login and so on) and check the time of the last post in the database.
Use Session
For example, after a post, put the current time + 30 minutes in your session line this
$_SESSION['postTimeFlag'] = time() + 1800;
Then whenever the user is about to post then the session
if(time()>$_SESSION['postTimeFlag']) {
//continue posting
}
Why jquery? You can do it by php.
Store user data in cookies(if he/she is registered user, store id, if not - store ip address), and set time to 30minutes(or whatever you want).then verify, if the cookie is active, don't allow to write a comment.
精彩评论