eg. A registration form can only be used x amount of times?
If you're submitting the form via ajax this is a pretty good resource.
Yes. Have the form processing page record to a database how many times it's been used, and have it disable the form when x uses are recorded.
By used x amount of times I presume you actually mean submitted x amount of times. You could have a session counter that increments each time the form is submitted and does not pass validation, and prevents further submission attempts when the limit is reached.
Unfortunately, there isn't a solid method here. The best way would be to store a cookie, but obviously they can clear cookies. You could try making another unique string/id of some sort by combining (md5) their IP address with their user-agent (browser,etc), then storing that in the database, but that will probably deny some people who shouldn't be denied.
Quick and Dirty Solution For PHP.
Everytime they visit a page, it increments the counter. Too many times means the page die()
s. You can choose to put this code in a spot where it will only be executed when someone submits the form.
It resets the count every so often.
Known Bugs: Clearing Cookies breaks it, having cookies off breaks it.
<?php
session_start();
if(!isset($_SESSION['count']))
{
$_SESSION['count'] = 1;
$_SESSION['first'] = time();
}
else
{
// Increase the Count
$_SESSION['count']++;
// Reset every so often
if($_SESSION['first'] < (time() - 500))
{
$_SESSION['count'] = 1;
$_SESSION['first'] = time();
}
// Die if they have viewed the page too many times
if($_SESSION['count'] > 100)
{
die("You have submitted to many times");
}
}
This is given you want a per user solution. If it is a whole site thing, just comment and I'll delete.