tags:

views:

149

answers:

6
+1  Q: 

Limit posting to every 30 minutes

Hey.

Thanks for looking.

I'm trying to write a script to set a cookie after the user posts a comment, limiting them from posting again for 30 minutes. I'm so confused on where to start. Please, could you guys help me out on how I do this?

I'm trying to use this jquery plugin – countdown timer.

A: 

Take a look at the function setcookie() for setting cookies and $_COOKIE["mycookie"] for getting the value of the setted cookie.

But be aware that the user can simply bypass your "solution" by deleting the cookie.

A more complex (but better) solution would be to implement a user-system (with login and so on) and check the time of the last post in the database.

bb-generation  2010-06-21 16:54:28
+1  A: 

Aside from the how to do it with a cookie, why are you doing it? If you want to avoid technically advanced spammers, setting a client side cookie is going to deter them for about 5 seconds before they disable cookies for your site or otherwise work around your restriction.

As for how, you could simply set a cookie with a timeout of 30 minutes. If the cookies exists, block. If not, they're free to post.

Kendrick  2010-06-21 16:55:05
+12  A: 

Don't do it client side (cookies, javascript, whatever); that can be easily circumvented.

If the user must be registered in order to post a comment, you can add a column/table in the database where the time of last comment is stored. Every time before a comment is posted, you then check if 30 minutes have elapsed since that instant that's registered in the database. If not, you abort the operation.

If you don't require registration, you can save the database a tuple (IP, time) and proceed likewise.

Artefacto  2010-06-21 16:55:12
@Artefacto: I agree cookies can be easily circumvented, but it takes much less effort building a client side solution using cookies rather than a server side solution that moreover requitres a DB.
Marco Demajo  2010-06-21 21:18:10
+1  A: 

Without knowing more about your project, I would do it something like this:

  1. When a user posts first check to see if your cookie exists
  2. If it does not exist allow the user to post, and create a cookie with a current timestamp
  3. If the cookie does exist, check to see if the time stamp is more than 30 minutes prior to the current time.
  4. If the time is more than 30 minutes, let them post and reset the time.
  5. If not, give them a pretty message which says they have to wait.

Of course this isn't the best method because they have to have cookies enabled, or they could delete the cookie, or whatnot. Personally I would handle this server side by either a) having each user create an account to post (which isn't too crazy of an idea of you are that worried about a user posting more than once every 30 minutes), or b) checking their IP address.

Tim C  2010-06-21 16:56:38
@Tim C: +1 I like this, cause actually deleting the cookie is not that basic cause most browser won't let you delete only one cookie but all of them, so if the user probably uses cookie to keep himself looged in Yahoo mail (for instance) and in another bunch of sites, in order to try to cheat the site and send another comment in less than 30 mins he would have to delete all cookies forcing himslef later to log in again in all websites were he was kept logged in by a cookies. (Unless he goes in broWser cache and deletes them by hand, but the average user don't know how to do it).
Marco Demajo  2010-06-21 21:24:46
@ Marco: The user can easily use several browsers (e.g. FF, IE, Safari, Opera, ...) to do multiple posts. Also Firefox allows users to delete cookies for a selected domain.
Majid  2010-06-21 21:45:55
I think the logic is there if you really must only use a client side solution. @Majid there is no doubt that you can get around it in many browsers easily. But if you have to use a client side, I guess this would do it. I still agree to go with a server side solution though.
Tim C  2010-06-21 22:08:47
@Majid: true what you say, but the average user don'y user three browsers at a time. Anyway I agree that the good path is to perform the control on server side, but still performing it on client side is much less effort to be coded.
Marco Demajo  2010-06-22 11:30:42
A: 

why jquery? you can do it by php.

store user data in cookies(if he/she is registered user, store id, if not - store ip address), and set time to 30minutes(or whatever you want).then verify, if the cookie is active, don't allow to write a comment.

Syom  2010-06-21 16:57:07
A: 

Use Session

For example, after a post, put the current time + 30 minutes in your session line this $_SESSION['postTimeFlag'] = time() + 1800; Then whenever the user is about to post then the session

if(time()>$_SESSION['postTimeFlag']) { 
   //continue posting
}
Starx  2010-06-21 17:10:19
User can still clear their session cookie.
Lotus Notes  2010-06-21 17:15:22

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases