避免“添加朋友”的最佳做法滥用 [英] Best practice to avoid "add friend" abuse
问题描述
当点击添加好友时作为朋友添加的用户通过电子邮件通知他或她已被添加为朋友。这是我的问题所在:我想避免用户发送这些通知电子邮件,如果登录的用户不断点击添加/删除/添加/删除/等。
我的想法是设置一个添加历史记录表,其中记录了2个用户ID和一个时间戳。如果(当前时间 - 时间戳)大于设定值,我只会发送电子邮件。每当用户重新添加一个朋友时,我会将时间戳记更新为当前时间,因此扩展垃圾邮件控制的可视性。使用此方法,我还可以控制用户是否希望在给定的时间间隔内添加太多的朋友。
此表将不时清除具有时间戳记的记录
这是我的想法,如果你有其他的或使用不同的方法,请分享。
感谢阅读。
听起来像我最好的选择。为了简化,如果记录存在,我可能会发出电子邮件(而不是基于时间戳进行检查),然后设置一个cron系统地处理旧的记录 - 这样可以有更多的控制超过时间限制(您的限制逻辑将进入cron脚本,因此您可以根据比只是时间戳更复杂的参数决定是否删除记录 - 例如,如果特定用户具有大量的活动,以阻止垃圾邮件发送者,甚至可能是用户或帐户类型,但我有倾向于超越...)
As据我所知,Facebook已经拥有添加好友 - > 待处理请求。在那里,你不能做任何事情,直到另一个人回应,所以你不能垃圾邮件的请求,但我想这取决于你是否需要另一端的确认,它是受你自己的口味。
I have a PHP / CodeIgniter site with basic social functionality which obviously includes an "Add friend" link. When clicking this link an AJAX call is made in the background, which adds the user associated with the link as a friend of the logged in user. Also the link transforms into "Remove friend" which does what it says on the tin, just the way "Add friend" does.
When "Add friend" is clicked the user who's added as a friend is notified via e-mail that he or she has been added as a friend. This is where my question comes in: I want to avoid spamming the user with these notification e-mails if the logged in user keeps clicking add / remove / add / remove / etc.
My idea is to set up sort of an add history table which records the 2 user ids and a timestamp. And I'd only send out an e-mail if the (current time - timestamp) is bigger than a set value. And every time a user would re-add a friend I'd update the timestamp to the current time so it "extends" the valability of the spam control. With this method I could also control if a user wants to add too many friends in a given interval.
This table would be cleared from time to time for records with the timestamp farther away in the past than a given value.
This is my idea, if you have other ones or used different methods please share.
Thanks for reading.
Sounds to me like the best option. To simplify, I'd probably send out the email if the record exists at all (instead of checking based on a timestamp), and then set up a cron to systematically dispose of the old ones - that way you can have a bit more control over the time limits (your "limiting" logic would go into the cron script, so you could decide whether to remove the records or not based on more complicated parameters than just a timestamp - e.g. don't remove the record if a particular user has a large amount of activity, to stop spammers. You could even be user or account-type specific, but I do have a tendency to go overboard...)
As far as I can tell, Facebook has "Add Friend" -> "Pending request". From there, you can't do anything until the other person responds, so you can't spam requests at all, but I guess that depends if you require confirmation on the other end, and it's subject to your own tastes.
这篇关于避免“添加朋友”的最佳做法滥用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
