如何限制在表单上使用或限制访问 [英] How to limit use on a form or restrict access

查看:185
本文介绍了如何限制在表单上使用或限制访问的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个基本的注册表格,用于我拥有的游戏,基本上它是非常新手,它允许用户根据自己的喜好创建尽可能多的帐户。我搜索了四周,但无法找到任何具体答案。



我基本上需要一种方法来限制使用表单或将帐户创建限制为每IP 1个。



这里是基本的表单代码:

 <?php 

/ * if($ _ SERVER ['REMOTE_ADDR']!=':: 1'){
$ inRegister = true;
包含'index.php';
die();


if(isset($ _ GET ['username'])){
function sendBack($ func_value){
$ func_data = array(' false'=>'REGISTER','fail'=>'DATABASE_ERROR','true'=>'USERNAME_TAKEN');
包含Pages / {$ func_data [$ func_value]}。page.php;
}

包含'checkName.php';
die();
}

from; include'settings.php'; uses; {
$ pMin = PLAYER_MINLEN;
$ pMax = PLAYER_MAXLEN;
$ pChr = PLAYER_MAXLEN;

$ aMin = PASSWORD_MINLEN;
$ aMax = PASSWORD_MAXLEN;

$ eMin = EMAIL_MINLEN;
$ eMax = EMAIL_MAXLEN;
};

?>
<!DOCTYPE html>
< html>
< head>
< meta http-equiv ='Content-Type'content ='text / html; charset = iso-8859-1'/>

< title> CpBroadcast:Club Penguin私人服务器注册< / title>

< link type ='text / css'href ='CSS / ui-lightness / jquery-ui-1.8.2.custom.css'rel ='stylesheet'/>
< link type ='text / css'href ='CSS / register.css'rel ='stylesheet'/>

< script type ='text / javascript'src ='JS / MD5.js'>< / script>
< script type ='text / javascript'src ='JS / jquery-1.4.2.min.js'>< / script>

< script type ='text / javascript'src ='JS / jquery-ui-1.8.2.custom.min.js'>< / script>

< script type ='text / javascript'>

函数LTrim(value){
var re = / \s *((\ S + \s *)*)/;
返回value.replace(re,$ 1);


函数RTrim(value){
var re = /((\ s * \ S +)*)\ s * /;
返回value.replace(re,$ 1);


函数trim(value){
return LTrim(RTrim(value));
}

var moderatorTimer = 0;
var isLoggedIn = false;
var suggestValues = {
playerName:'Playername',
passwordA:'',
passwordB:'',
emailAddress:'EMail@Address.com',推荐
:'谁告诉你这件事?'
};

var states = {
noticePasswords:0,
noticePlayerName:0,
noticeEMail:0
};
$ b $ function updateStatus(classString,messageString){
$('#statusBar')。removeClass('ui-state-error');
$('#statusBar')。removeClass('ui-state-highlight');
$('#statusBar')。addClass(classString);

var iconString = classString =='ui-state-error'? 'ui-icon-alert':'ui-icon-info';
$('#statusBar')。html('< p>< span class =ui-icon'+ iconString +'style =float:left; margin-right:.3em;> ;< / span>'+ messageString +'< / p>');
}

function showLoader(message){
$('#content')。html('< div align = \'center''>< img src = \'Images / Loader.gif \'/>< br />'+ message +'< / div>');
}

函数loadContent(url,container){
url = url.split('?');
data = url [1];
url = url [0];
$ .ajax({
url:url,
data:data,
success:function(data){
$(container).html(data);
}
});
}

函数updateNotice(fieldID,fieldData,fieldMessage){
states [fieldID] = Number(fieldData =='fieldNoticeFail');
fieldID ='#'+ fieldID;

$(fieldID).removeClass('fieldNoticeOkay');
$(fieldID).removeClass('fieldNoticeFail');

$(fieldID).addClass(fieldData);

$(fieldID).html(fieldMessage);

$ b $(function(){
$('#playerName,#recommended')。keyup(function(){
var playerName = this.value ;
var noticeID = this.id =='playerName'?'noticePlayerName':'noticeEMail';

if(playerName.length == 0)
if(this。 id ='recommended')return updateNotice(noticeID,'fieldNoticeOkay','你不必编辑该字段,但它是推荐的!');
else return updateNotice(noticeID, 'fieldNoticeFail','请输入用户名!');

if(playerName.length< 3)return updateNotice(noticeID,'fieldNoticeFail','PlayerName太短! !');
if(playerName.length> 12)return updateNotice(noticeID,'fieldNoticeFail','PlayerName is too long!12 Chars at Maximum!');

var count = 0;
代表(var i = 0; i< playerName.len gth; ++ i)if((chr = playerName.charCodeAt(i))&&(chr> 64&& chr< 91 || chr> 96&& chr< 123))++ count;
if(!count)return updateNotice(noticeID,'fieldNoticeFail','哇,你至少需要在你的名字中包含一个字母');

return updateNotice(noticeID,'fieldNoticeOkay','您的球员名字没问题,非常有创意!:)'); ($)$。$}}。trigger('keyup')。blur(function(){
if(states.noticePlayerName)return; $ b $ .ajax({
url:'checkName。 php',
data:'username ='+ this.value,
success:function(data){
if(data =='true')return updateNotice('noticePlayerName',' );
if(data =='fail')return updateNotice('noticePlayerName','fieldNoticeFail','哇,好像我们有' ');
if(data =='false')return updateNotice('noticePlayerName','fieldNoticeOkay','我喜欢那个玩家的名字!为你幸运,它');
alert(
['Debug TraceBack',
'CpBroadcast',
'Register.php',
在AJAX.success回调',
'调用Parameter',
'#0:['+ typeof(data)+']'+ data,
'checkName.php?username = ...',
'',
''] .join(\\\
));
return updateNotice('noticePlayerName','fieldNoticeFail','Something is wrong!');
}
});
});
$('#passwordA,#passwordB')。keyup(function(){

this.value = trim(this.value);
if(this.value。如果(this.id =='passwordB'&& $('#passwordA').val().length!= 0)return updateNotice('noticePasswords','fieldNoticeFail' ,'你必须重复密码!');
else返回updateNotice('noticePasswords','fieldNoticeFail','你必须输入密码!');

if(this ('#passwordB')。val())
return updateNotice('noticePasswords','fieldNoticeFail' ,'密码不匹配!');

if(this.value.length< 6)return updateNotice('noticePasswords','fieldNoticeFail','密码太短!'6);
if(this.value.length> 32)return updateNotice('noticePasswords','fieldNoti ('#passwordB')。val()。length == 0)return updateNotice('noticePasswords','The Password is too long!32 Chars at Maximum!');

if ','fieldNoticeFail','你必须重复密码!'); $(b)if(this.id =='passwordA'&& $('#passwordA')。val()!= $('#passwordB').val())
return updateNotice 'noticePasswords','fieldNoticeFail','密码不匹配!');

return updateNotice('noticePasswords','fieldNoticeOkay','密码无误:)');
})。trigger('keyup');
$('#emailAddress')。keyup(function(){
this.value = trim(this.value);

var email = this.value;

if(email.length< 6)return updateNotice('noticeEMail','fieldNoticeFail','The EMail Address is too short!6 Chars at Minimum!');
if(email。 (email.split('@'));返回updateNotice('noticeEMail','fieldNoticeFail','电子邮件地址太长!128字符最大!');

if(email.split('@') ('电子邮件地址无效!它必须包含< b> 1'< / b> @!');
if(email 。'split('。')[1] .split('。').length< 2)return updateNotice('noticeEMail','fieldNoticeFail','电子邮件地址无效!域名错误');

var emailName = email.split('@')[0];
var emailDomain = email.split('@')[1] .split('。');
var emailTLD = emailDomain.pop();
emailDomain = emailDomain.join('。');

if(emailName.length< 1)return updateNotice('noticeEMail','fieldNoticeFail','您必须在电子邮件地址中指定一个用户名!
if(emailDomain.length< 1)return updateNotice('noticeEMail','fieldNoticeFail','您必须在电子邮件地址中指定一个域!');
if(emailTLD.length< 2)return updateNotice('noticeEMail','fieldNoticeFail','您必须在电子邮件地址中指定一个有效的TLD!');

return updateNotice('noticeEMail','fieldNoticeOkay','电子邮件是好的:)');
})。trigger('keyup');
$('document')。ready(function(){
updateStatus('ui-state-highlight','< strong> Welcome!< / strong>要注册CpBroadcast,请单击(注册按钮!');

for(var i in suggestValues)$('#'+ i).addClass('suggestBox');
$('。suggestBox') .focus(function(){
if(this.value == suggestValues [this.id])this.value ='';
this.style.color ='#000000';
)};
$('。suggestBox')。blur(function(){
if(this.value =='')this.value = suggestValues [this.id];
(if.value == suggestValues [this.id])this.style.color ='#DADADA';
});
$('。suggestBox')。trigger('blur' );
});
$('#registerBox')。dialog({
modal:true,
autoOpen:false,
width:320,
beforeclose:function(){updateStatus ('ui-state-highlight','< strong>欢迎!< / strong>注册中止!');},
按钮:{
'提交':function(){
var sum = 0;
for(var i in states)sum + = states [i];

if(sum){
var s = sum == 1 ''';'s';
var is = sum == 1''is':'are';
var error ='There'+ is +'still'+ sum +'Mistake' + s +'在注册表中!';

return(updateStatus('ui-state-error','< strong> Regristration failed:< / strong>'+ error)| alert (错误))&& false;
} else {
$(this).dialog('close');
$(this).dialog('close');
updateStatus('ui-state-highlight','< strong>状态:< / strong>发送重新注册...');
loadContent('register.php?'+
'username ='+ $('#playerName')。val()+
'& password ='+ $('#passwordA ').val()+
'& email ='+ $('#emailAddress').val()+
'& color ='+ $('#color').val (),'#content');

},
'取消':function(){
$(this).dialog('close');
}
}
});
'('#registerLink')。click(function(){
$('#registerBox')。dialog('open');
return false;
}) ;
$('#registerLink,ul#图标li')。hover(
function(){$(this).addClass('ui-state-hover');},
function (){$(this).removeClass('ui-state-hover');}
);
});

< / script>
< / head>
< body>
< div class ='ui-widget'>< div id ='statusBar'class ='ui-corner-all'>< / div>< / div>
< div align ='right'>< a href ='#'id ='registerLink'class ='ui-state-default ui-corner-all'>< span class ='ui -icon ui-icon-newwin'>< / span>注册< / a>< / div>
< div id ='registerBox'title ='注册CpBroadcast'>
< div id ='noticePlayerName'class ='fieldNotice'>< / div>
< input type ='text'id ='playerName'maxlength ='<?= $ pMax?>'/>< br />
< div id ='noticePasswords'class ='fieldNotice>< / div>
< input type ='password'id ='passwordA'maxlength ='<?= $ aMax?>'/>< br />
< input type ='password'id ='passwordB'maxlength ='<?= $ aMax?>'/>< br />
< div id ='noticeEMail'class ='fieldNotice>< / div>
< input type ='text'id ='emailAddress'maxlength ='<?= $ eMax?>'/>< br />
< input type ='text'id ='recommended'maxlength ='<?= $ pMax?>'/>< br />
< div class ='fieldNotice'>如果您不选择颜色,我们会随机挑选一个颜色给您带来惊喜!< / div>
< select id ='color'>
< option value ='0'>挑选颜色< / option>
< option value ='1'>蓝色< /选项>
< option value ='2'>绿色< / option>
< option value ='3'> Pink< / option>
< option value ='4'>黑色< / option>
< option value ='5'>红色< / option>
< option value ='6'>橙色< /选项>
< option value ='7'>黄色< / option>
< option value ='8'>深紫色< / option>
< option value ='9'> Brown< / option>
< option value ='10'> Peach< / option>
< option value ='11'>深绿色< / option>
< option value ='12'>浅蓝色< / option>
< option value ='13'>柠檬绿< / option>
< option value ='15'> Aqua< / option>
< / select>
< / div>
< div id ='content'class ='ui-corner-all'>
<?php
?>
欢迎来到CpBroadcast,一个惊人而强大的Club Penguin私人服务器!我们很高兴您决定注册我们的服务器,我们希望您在这里有一段愉快的时光。< br>
< a href =http://www.cpbroadcast.com/h4-club-penguin-private-server-2011>点击此处播放!< / a>< br>
< a href =http://www.cpbroadcast.com/t3480-how-to-register>如何注册< / a>
< center>< script type =text / javascript><! -
google_ad_client =ca-pub-5148796547228631;
/ * CPB 1 * /
google_ad_slot =9834355448;
google_ad_width = 250;
google_ad_height = 250;
// - >
< / script>
< script type =text / javascript
src =http://pagead2.googlesyndication.com/pagead/show_ads.js>
< / script>< / center>
< / div>
< / body>
< / html>

注册成功后,它会发送到这个表单:

 <?php 

函数updateStatus($ func_classString,$ func_messageString){
?>< script type =文本/ JavaScript的>
updateStatus(<?= $ func_classString?>,<?= $ func_messageString?>);
< / script><?php
}

$ password = $ _GET ['password'];
$ username = trim($ _ GET ['username']);
$ email = trim($ _ GET ['email']);
$ color =(integer)$ _GET ['color'];
if($ color< 1 || $ color> 15)$ color = rand(1,15);
if(strlen($ username)< PLAYER_MINLEN)die('Username Too Short');

$ uppername = strtoupper($ username);
if(str_replace(str_split('ABCDEFGHIJKLMNOPQRSTUVWXYZ'),'',$ uppername)== $ uppername)die('Username Error');


// if(!Utils :: CheckString('0123456789ABCDEF',32,32,$ password))die('Password Error');
if(!Utils :: CheckString(PLAYER_CHARS,PLAYER_MINLEN,PLAYER_MAXLEN,$ username))die('用户名错误');
if(!Utils :: CheckString(EMAIL_CHARS,EMAIL_MINLEN,EMAIL_MAXLEN,$ email))die('Email Error');

$ query = sprintf(SELECT * FROM`accs` WHERE`name` ='%s',
mysql_real_escape_string($ username));
$ checkuser = mysql_query($ query);
$ username_exist = mysql_num_rows($ checkuser);
if($ username_exist> 0){
die(Name Take!);


$ player = array(
'email'=> $ email,$ b $'registerIP'=> $ _SERVER ['REMOTE_ADDR'],
'registertime'=> time(),
'color'=> $ color,
'head'=> 0,
'face'=> 0,
'neck'=> 0,
'body'=> 0,
'hands'=> 0,
'feet'=> 0,
'pin'=> 413,
'photo'=> 0,
'items'=> array(1,444),
'coins'=> 50000 ,
'isModerator'=> false,
'isBanned_'=> false,
'buddies'=> array(),
'ignore'=> array (),
'stamps'=> array(),
'stampColor'=> 1,
'stampHighlight'=> 1,
'stampPattern'=> ; -1,
'stampIcon'=> 1,
'stampIcon'=> 1,
'igloo'=> 1,
'music'=> 0,
'floor'=> 0,
'furniture'=> array(),
'roomFurniture'=> ,
'mood'=> 我是CpBroadcast的新手,
);


$ query = sprintf(INSERT INTO`accs`(`ID`,`name`,`crumbs`,`password`)
VALUES('NULL', '%s','%s','%s');,
mysql_real_escape_string($ username),
mysql_real_escape_string(serialize($ player)),
mysql_real_escape_string(md5($密码)));
mysql_query($ query)或者死(Player DB Error:.mysql_error());
//获取最后一个ID
$ playerID = mysql_insert_id(); ?>
< p>< strong>您已成功注册< / strong>< br />
感谢您在CpBroadcast上注册!< br />< / p>
< a href =http://www.cpbroadcast.com/h4-club-penguin-private-server-2011>点击这里播放!< / a>
< br />
< a href =http://www.cpbroadcast.com/t3480-how-to-register>如何注册< / a> < br />
< p>< small>如果您想知道,您的PlayerID为< strong><?= $ playerID?>< / strong>< / small> :)LT; / p为H.

<?php updateStatus('ui-state-highlight','< strong> CpBroadcast Registration Done:< / strong> Successful!'); ?>

结果如下: http://cpcsy.co.cc/register/



如果用户尝试使用采取用户名或电子邮件我希望这也适用于IP地址。



我可以添加任何东西以增加安全性并减少垃圾邮件帐户。

解决方案

限制1个IP不是要走的路。由于代理服务器的缘故,许多用户使用完全相同的IP地址。这只会让你的真实用户失望。此外,大多数互联网用户都是DHCP'd,这意味着他们的IP地址会定期更改。如果您通过IP封锁,则充其量只是暂时的,意味着下一个获得该地址的人将无法播放。您可能看不到很多冲突,但这是一种可能性。



有三种常见方式:


  1. 在帐户可以激活之前,向他们发送电子邮件。在您的代码中验证电子邮件地址不能重复。

  2. 添加一个简单的验证码。这会消除很多机器人。

  3. 完全忽略问题。

这里的第三个选项并不是口齿伶俐,而是真实的回应。很多人喜欢在给定的游戏中运行多个帐户。这通常是一种战术性的事情,可能导致该人的粘性增加。意思是说,他们会继续回来。



这真的归结为你开发这款游戏的原因。你是否希望从中赚钱?如果是这样,怎么样?如果它是通过付费订阅,那么一个人拥有的账户越多,他们就越多。在应用程序购买中也一样。如果是通过广告,那么他们在游戏中就越多(不管选择哪个账户),你就有更多的机会从他们身上取得一些东西。

总之,看看一些事情。一个人创建多个账户时有什么优势?其次,这个优势真的不可接受吗?如果否,则忽略它。如果是,那么通过消除这个优势来确定如何重新平衡游戏,问题就会消失。


I have a basic register form for a game I have and basically it's extremely novice and it allows users to make as many accounts as they please. I've searched around but couldn't really find any specific answer.

I basically need a way to either limit use of the form or limit account creation to 1 per IP.

Here is the basic form code:

<?php

/*if($_SERVER['REMOTE_ADDR'] != '::1') {
    $inRegister = true;
    include 'index.php';
    die();
  } */

  if(isset($_GET['username'])) {
    function sendBack($func_value) {
      $func_data = array('false' => 'REGISTER', 'fail' => 'DATABASE_ERROR', 'true' => 'USERNAME_TAKEN');
      include "Pages/{$func_data[$func_value]}.page.php";
    }

    include 'checkName.php';
    die();
  }

  from ;include 'settings.php' ;uses ;{
    $pMin = PLAYER_MINLEN;
    $pMax = PLAYER_MAXLEN;
    $pChr = PLAYER_MAXLEN;

    $aMin = PASSWORD_MINLEN;
    $aMax = PASSWORD_MAXLEN;

    $eMin = EMAIL_MINLEN;
    $eMax = EMAIL_MAXLEN;
  };

?>
<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' />

    <title>CpBroadcast: Club Penguin Private Server Registration</title>

    <link type='text/css' href='CSS/ui-lightness/jquery-ui-1.8.2.custom.css' rel='stylesheet' />  
    <link type='text/css' href='CSS/register.css' rel='stylesheet' />  

    <script type='text/javascript' src='JS/MD5.js'></script>
    <script type='text/javascript' src='JS/jquery-1.4.2.min.js'></script>

    <script type='text/javascript' src='JS/jquery-ui-1.8.2.custom.min.js'></script>

    <script type='text/javascript'>

      function LTrim(value) {
        var re = /\s*((\S+\s*)*)/;
        return value.replace(re, "$1");
      }

      function RTrim(value) {
        var re = /((\s*\S+)*)\s*/;
        return value.replace(re, "$1");
      }

      function trim(value) {
        return LTrim(RTrim(value));
      }

      var moderatorTimer = 0;
      var isLoggedIn = false;
      var suggestValues = {
        playerName:   'Playername',
        passwordA:    '',
        passwordB:    '',
        emailAddress: 'EMail@Address.com',
        recommended:  'Who told you about this?'
      };

      var states = {
        noticePasswords:  0,
        noticePlayerName: 0,
        noticeEMail:      0
      };

      function updateStatus(classString, messageString) {
        $('#statusBar').removeClass('ui-state-error');
        $('#statusBar').removeClass('ui-state-highlight');
        $('#statusBar').addClass(classString);

        var iconString = classString == 'ui-state-error' ? 'ui-icon-alert' : 'ui-icon-info';
        $('#statusBar').html('<p><span class="ui-icon ' + iconString + '" style="float: left; margin-right: .3em;"></span>' + messageString + '</p>');
      }

      function showLoader(message) {
        $('#content').html('<div align=\'center\'><img src=\'Images/Loader.gif\' /><br />' + message + '</div>');
      }

      function loadContent(url, container) {
        url = url.split('?');
        data = url[1];
        url = url[0];
        $.ajax({
          url: url,
          data: data,
          success: function(data) {
            $(container).html(data);
          }
        });
      }

      function updateNotice(fieldID, fieldData, fieldMessage) {
        states[fieldID] = Number(fieldData == 'fieldNoticeFail');
        fieldID = '#' + fieldID;

        $(fieldID).removeClass('fieldNoticeOkay');
        $(fieldID).removeClass('fieldNoticeFail');

        $(fieldID).addClass(fieldData);

        $(fieldID).html(fieldMessage);
      }

      $(function() {
        $('#playerName, #recommended').keyup(function() {
          var playerName = this.value;
          var noticeID = this.id == 'playerName' ? 'noticePlayerName' : 'noticeEMail';

          if(playerName.length == 0)
           if(this.id == 'recommended') return updateNotice(noticeID, 'fieldNoticeOkay', 'You don\'t have to edit that Field, but it\'s recommended!');
           else return updateNotice(noticeID, 'fieldNoticeFail', 'Please enter a Username!');

          if(playerName.length < 3) return updateNotice(noticeID, 'fieldNoticeFail', 'The PlayerName is too short! 3 Chars at Minimum!');
          if(playerName.length > 12) return updateNotice(noticeID, 'fieldNoticeFail', 'The PlayerName is too long! 12 Chars at Maximum!');

          var count = 0;
          for(var i = 0; i < playerName.length; ++i) if((chr = playerName.charCodeAt(i)) && (chr > 64 && chr < 91 || chr > 96 && chr < 123)) ++count;
          if(!count) return updateNotice(noticeID, 'fieldNoticeFail', 'Woah, you need to at least have one letter in your name.');

          return updateNotice(noticeID, 'fieldNoticeOkay', 'Your player name is okay, and very creative! :)');
        }).trigger('keyup').blur(function() {
          if(states.noticePlayerName) return;
          $.ajax({
            url:  'checkName.php',
            data: 'username=' + this.value,
            success: function(data) {
              if(data == 'true')  return updateNotice('noticePlayerName', 'fieldNoticeFail', 'We are sorry, a member has already taken that name.');
              if(data == 'fail')  return updateNotice('noticePlayerName', 'fieldNoticeFail', 'Wow, it seems we have lost database connection. Please look at our blog for updates.');
              if(data == 'false') return updateNotice('noticePlayerName', 'fieldNoticeOkay', 'I like that playername! Lucky for you, it is available!');
              alert(
               ['Debug TraceBack',
                ' at CpBroadcast',
                '  at Register.php',
                '   at AJAX.success Callback',
                '    called with Parameter',
                '    #0: [' + typeof(data) + '] ' + data,
                '     at checkName.php?username=...',
                '',
                ''].join("\n"));
              return updateNotice('noticePlayerName', 'fieldNoticeFail', 'Something is wrong!');
            }
          });
        });
        $('#passwordA, #passwordB').keyup(function() {

          this.value = trim(this.value);
          if(this.value.length == 0)
           if(this.id == 'passwordB' && $('#passwordA').val().length != 0) return updateNotice('noticePasswords', 'fieldNoticeFail', 'You have to repeat the Password!');
           else return updateNotice('noticePasswords', 'fieldNoticeFail', 'You have to enter a Password!');

          if(this.id == 'passwordB' && $('#passwordA').val() != $('#passwordB').val())
           return updateNotice('noticePasswords', 'fieldNoticeFail', 'The Passwords don\'t match!');

          if(this.value.length < 6) return updateNotice('noticePasswords', 'fieldNoticeFail', 'The Password is too short! 6 Chars at Minimum!');
          if(this.value.length > 32) return updateNotice('noticePasswords', 'fieldNoticeFail', 'The Password is too long! 32 Chars at Maximum!');

          if($('#passwordB').val().length == 0) return updateNotice('noticePasswords', 'fieldNoticeFail', 'You have to repeat the Password!');
          if(this.id == 'passwordA' && $('#passwordA').val() != $('#passwordB').val())
           return updateNotice('noticePasswords', 'fieldNoticeFail', 'The Passwords don\'t match!');

          return updateNotice('noticePasswords', 'fieldNoticeOkay', 'The Passwords are okay :)');
        }).trigger('keyup');
        $('#emailAddress').keyup(function() {
          this.value = trim(this.value);

          var email = this.value;

          if(email.length < 6) return updateNotice('noticeEMail', 'fieldNoticeFail', 'The EMail Address is too short! 6 Chars at Minimum!');
          if(email.length > 128) return updateNotice('noticeEMail', 'fieldNoticeFail', 'The EMail Address is too long! 128 Chars at Maximum!');

          if(email.split('@').length != 2) return updateNotice('noticeEMail', 'fieldNoticeFail', 'The EMail Address is invalid! It has to contain exactly <b>one</b> @!');
          if(email.split('@')[1].split('.').length < 2) return updateNotice('noticeEMail', 'fieldNoticeFail', 'The EMail Address is invalid! The Domain is wrong!');

          var emailName   = email.split('@')[0];
          var emailDomain = email.split('@')[1].split('.');
          var emailTLD    = emailDomain.pop();
          emailDomain = emailDomain.join('.');

          if(emailName.length < 1)   return updateNotice('noticeEMail', 'fieldNoticeFail', 'You have to specify a Username in the EMail Address!');
          if(emailDomain.length < 1) return updateNotice('noticeEMail', 'fieldNoticeFail', 'You have to specify a Domain in the EMail Address!');
          if(emailTLD.length < 2)    return updateNotice('noticeEMail', 'fieldNoticeFail', 'You have to specify a valid TLD in the EMail Address!');

          return updateNotice('noticeEMail', 'fieldNoticeOkay', 'The EMail is okay :)');
        }).trigger('keyup');
        $('document').ready(function() {
          updateStatus('ui-state-highlight', '<strong>Welcome!</strong> To register for CpBroadcast, click the "Register" button!');

          for(var i in suggestValues) $('#' + i).addClass('suggestBox');
          $('.suggestBox').focus(function() {
            if(this.value == suggestValues[this.id]) this.value = '';
            this.style.color = '#000000';
          });
          $('.suggestBox').blur(function() {
            if(this.value == '') this.value = suggestValues[this.id];
            if(this.value == suggestValues[this.id]) this.style.color = '#DADADA';
          });
          $('.suggestBox').trigger('blur');
        });
        $('#registerBox').dialog({
          modal:    true,
          autoOpen: false,
          width:    320,
          beforeclose: function() { updateStatus('ui-state-highlight', '<strong>Welcome!</strong> Registration aborted!'); },
          buttons: {
            'Submit': function() {
              var sum = 0;
              for(var i in states) sum += states[i];

              if(sum) {
                var s = sum == 1 ? '' : 's';
                var is = sum == 1 ? 'is' : 'are';
                var error = 'There ' + is + ' still ' + sum + ' Mistake' + s + ' in the Regristration Form!';

                return (updateStatus('ui-state-error', '<strong>Regristration failed:</strong> ' + error) | alert(error)) && false;
              } else {
                $(this).dialog('close');
                $(this).dialog('close');
                updateStatus('ui-state-highlight', '<strong>Status:</strong> Sending Regristration...');
                loadContent('register.php?' +
                'username=' + $('#playerName').val() +
                '&password=' + $('#passwordA').val() +
                '&email=' + $('#emailAddress').val() +
                '&color=' + $('#color').val(), '#content');
              }
            }, 
            'Cancel': function() {
              $(this).dialog('close'); 
            } 
          }
        });
        $('#registerLink').click(function() {
          $('#registerBox').dialog('open');
          return false;
        });
        $('#registerLink, ul#icons li').hover(
          function() { $(this).addClass('ui-state-hover'); }, 
          function() { $(this).removeClass('ui-state-hover'); }
        );        
      });

    </script> 
  </head>
  <body>
    <div class='ui-widget'><div id='statusBar' class='ui-corner-all'></div></div>
    <div align='right'><a href='#' id='registerLink' class='ui-state-default ui-corner-all'><span class='ui-icon ui-icon-newwin'></span>Register</a></div>
    <div id='registerBox' title='Register for CpBroadcast'>
      <div id='noticePlayerName' class='fieldNotice'></div>
      <input type='text' id='playerName' maxlength='<?= $pMax ?>' /><br />
      <div id='noticePasswords' class='fieldNotice'></div>
      <input type='password' id='passwordA' maxlength='<?= $aMax ?>' /><br />
      <input type='password' id='passwordB' maxlength='<?= $aMax ?>' /><br />
      <div id='noticeEMail' class='fieldNotice'></div>
      <input type='text' id='emailAddress' maxlength='<?= $eMax ?>' /><br />
      <input type='text' id='recommended'  maxlength='<?= $pMax ?>'  /><br />
      <div class='fieldNotice'>If you don't pick a Color, we will surprise you by picking one randomly!</div>
      <select id='color'>
        <option value='0'>Pick a Color</option>
        <option value='1'>Blue</option>
        <option value='2'>Green</option>
        <option value='3'>Pink</option>
        <option value='4'>Black</option>
        <option value='5'>Red</option>
        <option value='6'>Orange</option>
        <option value='7'>Yellow</option>
        <option value='8'>Dark Purple</option>
        <option value='9'>Brown</option>
        <option value='10'>Peach</option>
        <option value='11'>Dark Green</option>
        <option value='12'>Light Blue</option>
        <option value='13'>Lime Green</option>
        <option value='15'>Aqua</option>
      </select>
    </div>
    <div id='content' class='ui-corner-all'>
    <?php
    ?>
      Welcome to CpBroadcast, an amazing and powerful Club Penguin Private Server! We're glad you decided to register for our server, and we hope you have a good stay here.<br>
<a href="http://www.cpbroadcast.com/h4-club-penguin-private-server-2011">Click here to play!</a><br>
<a href="http://www.cpbroadcast.com/t3480-how-to-register">How to register</a>
<center><script type="text/javascript"><!--
google_ad_client = "ca-pub-5148796547228631";
/* CPB 1 */
google_ad_slot = "9834355448";
google_ad_width = 250;
google_ad_height = 250;
//-->
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script></center>
    </div>
  </body>
</html>

When the registration is successful, it sends to this form:

<?php

  function updateStatus($func_classString, $func_messageString) {
    ?><script type="text/javascript">
      updateStatus("<?= $func_classString ?>", "<?= $func_messageString ?>");
    </script><?php
  }

  $password = $_GET['password'];
  $username = trim($_GET['username']);
  $email    = trim($_GET['email']);
  $color    = (integer) $_GET['color'];
  if($color < 1 || $color > 15) $color = rand(1, 15);
  if(strlen($username) < PLAYER_MINLEN) die('Username Too Short');

  $uppername = strtoupper($username);
  if(str_replace(str_split('ABCDEFGHIJKLMNOPQRSTUVWXYZ'), '', $uppername) == $uppername) die('Username Error');


  //if(!Utils::CheckString('0123456789ABCDEF', 32, 32, $password)) die('Password Error');
  if(!Utils::CheckString(PLAYER_CHARS,PLAYER_MINLEN,PLAYER_MAXLEN, $username))  die('Username Error');
  if(!Utils::CheckString(EMAIL_CHARS,EMAIL_MINLEN,EMAIL_MAXLEN, $email)) die('Email Error');

  $query = sprintf("SELECT * FROM `accs` WHERE `name` = '%s'",
  mysql_real_escape_string($username));
 $checkuser = mysql_query($query);
$username_exist = mysql_num_rows($checkuser);
if($username_exist > 0){
    die("Name Taken!");
}

$player = array(
        'email' => $email,
        'registerIP' => $_SERVER['REMOTE_ADDR'],
        'registertime' => time(),
        'color' => $color,
        'head'  => 0,
        'face'  => 0,
        'neck'  => 0,
        'body'  => 0,
        'hands' => 0,
        'feet'  => 0,
        'pin'   => 413,
        'photo' => 0,
        'items' => array(1, 444),
        'coins' => 50000,
        'isModerator'   =>  false,
        'isBanned_' => false,
        'buddies' => array(),
        'ignore' => array(),
        'stamps' => array(),
        'stampColor' => 1,
        'stampHighlight' => 1,
        'stampPattern' => -1,
        'stampIcon' => 1,
        'stampIcon' => 1,
        'igloo' => 1,
        'music' => 0,
        'floor' => 0,
        'furniture' => array(),
        'roomFurniture' => "",
        'mood' => "I am new to CpBroadcast",
);


$query = sprintf("INSERT INTO  `accs` (`ID`,`name`,`crumbs`,`password`)
 VALUES ('NULL', '%s', '%s', '%s');",
 mysql_real_escape_string($username),
 mysql_real_escape_string(serialize($player)),
 mysql_real_escape_string(md5($password)));
 mysql_query($query) or die("Player DB Error: " .mysql_error());
 // Get Last ID
 $playerID = mysql_insert_id(); ?>
<p><strong>You've been registered succesfully</strong><br />
Thank you for signing up at CpBroadcast!<br /></p>
<a href="http://www.cpbroadcast.com/h4-club-penguin-private-server-2011">Click here to play!</a> 
<br />
<a href="http://www.cpbroadcast.com/t3480-how-to-register">How to register</a> <br />
<p><small>In case you were wondering, your PlayerID is <strong><?= $playerID ?></strong></small> :)</p>

<?php updateStatus('ui-state-highlight', '<strong>CpBroadcast Registration Done:</strong> Successful!'); ?>

Here is the result: http://cpcsy.co.cc/register/

The form basically responds if a user tries to use a taken username or email. I would like this to work for IP addresses as well.

Anything I can add to add a little more security and decrease spam accounts.

解决方案

Limiting on 1 per IP is NOT the way to go. There are lots of users using the exact same IP address due to proxy servers. This is just going to piss your real users off. Also, most internet users are DHCP'd, which means their IP address changes on a regular basis. If you block by IP, it's temporary at best and means the next person to get that address will be unable to play. You might not see many collisions, but it is a possibility.

There are three common ways around this:

  1. Before an account can be "activated", send them an email. Verify in your code that email addresses can't be duplicated.
  2. Add a simple captcha. This will eliminate a lot of bots.
  3. Ignore the problem completely.

The third option here isn't tongue in cheek, it's a real response. A lot of people like running multiple accounts within a given game. It's generally a tactical thing that can lead to increased stickiness of that person. Meaning, they'll keep coming back.

It really boils down to why you are developing this game. Are you hoping to make money off of it? If so, how? If it's through paid subscription, then the more accounts a person has the more you make off of them. Same for in app purchases. If it's through advertising, then the more they are in the game (regardless of account chosen), the more opportunities you have to make something off of them.

In short, take a look at a couple things. What advantage does a person get when they create multiple accounts? Second, is this advantage really unacceptable? If no, then ignore it. If yes, then determine how to rebalance the game by removing that advantage and the problem will go away.

这篇关于如何限制在表单上使用或限制访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆