如何限制每个用户一个表单提交率 [英] How to limit a form submission rate per user
问题描述
我想一个表单
提交率限制到每了每120个秒用户之一。
I am trying to limit a form's
submission rate to one per user per 120 seconds.
我在想使用 $ _ SESSION
变量,但我不知道如何,将工作和cookie可以只被删除。我猜 $ _ SESSION
变量可以被周围被一个直观的用户仅仅通过在工作日志记录了
和背部。
I was thinking about using a $_SESSION
variable, but I'm not sure how that would work, and cookies can just be deleted. I guess a $_SESSION
variable could be worked around by an intuitive user just by logging out
and back in.
我只是理论化的时刻,所以我没有code。
I'm just theorizing at the moment so I do not have code.
我如何在我的问题得到什么?
How do I get around my problem?
编辑 -
用户将常常查询的原因是因为它是一个项目,寓言数据库。我需要用户查询放慢到可接受的速率,因为要在10查询/分钟或其他应用程序可能被禁止或拒绝了大约一个小时的速率
The reason the user would be querying so often is because it is an item and bestiary database. I need to slow down user queries to an acceptable rate because going over the rate of 10 queries/minute or else the application may be "banned" or denied for about an hour.
推荐答案
$ _ SESSION
和 $ _ COOKIE
变量可能被用户除去,因此由它们滥用。你需要在一些地方保存你的服务器上提交。也许是与MySQL。然后处理表单前做一次检查。
$_SESSION
and $_COOKIE
variables could be removed by the user, and are therefore abused by them. You need to store the submits somewhere on your server. Perhaps with MySQL. Then do a check before processing the form.
像
SELECT COUNT(*) attempts, MAX(submit_time) last
FROM form_submits
WHERE user_id = ?
AND submit_time > NOW - INTERVAL 2 MINUTE
然后
if ($row['attempts'] > 0) {
echo "You must wait " . (time() - strtotime($row['last'])) . " seconds before you can submit this form again.";
return;
}
这篇关于如何限制每个用户一个表单提交率的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!