PHP/MySQL Spamming

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
Hello,

I've been trying to create a way for PHP to check if a user is spamming comments.
For instance, the user keeps constantly spamming the same letter or spamming a link, the user will be automatically banned.
Let's say User A sends 5 messages within the space of 3 seconds.
They will be banned.
If you get me.

I'm hoping to be able to accomplish this with jQuery, PHP and MySQL.
But if anyone has a different way, I'd still appreciate it!

Cheers.
 

Heaplink

Developer & Designer
Nov 9, 2011
510
173
I found this useful StackOverflow thread


Basically you set a token for the user when he visit the page with the form. The token is set in a <input type="hidden"> element and once the user submits the form, the token is validated on the server.

However there are many answers with different methods, and libraries - however take your time and read through it :)
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
This isn't really what I was looking for.
If I take another approach at trying to explain.
Like on Habbo, you can flood.
When you type so many messages at one given time, you have to wait 30 or 20 seconds to type another message.
 

Heaplink

Developer & Designer
Nov 9, 2011
510
173
Habbo uses a whole other approach, through their flash client. Since you wan't to prevent spam in an PHP application, it's a whole other story. It's not easy to make sure a user doesn't spam with just Javascript (it's client-side, don't trust your users in anything) so you will use PHP as your server-side to validate the input and timestamp etc.

Something like: If the date of the last message sent by user is < minimum wait date then abort the insertion - otherwise go on.
 

Weasel

👄 I'd intercept me
Nov 25, 2011
4,135
2,461
I got something, I guess it could be improved, but it does the trick:

Add this somewhere at the top:
PHP:
session_start();
$hour = date("H");
$minute = date("i");
$seconds = date("s");
$day = date("d");
$month = date("m");
$year = date("Y");
$extratime = 30;
 
$current = mktime($hour,$minute,$seconds,$month,$day,$year);
$expire =  mktime($hour,$minute,$seconds+$extratime,$month,$day,$year);

Add this on the place where you want the input etc, and at "// All the code here" put the actual code.
PHP:
if ($_SESSION['check_time'] < $current && $_SESSION['check_amount'] < 3)
{
if ($_SESSION['check_time'] > $current && $_SESSION['check_amount'] >= 3)
{
unset($_SESSION['check_amount']);
}
 // All the code here
}
else
{
echo 'Please don\'t spam!';
}

On submit, set the sessions:
PHP:
if (!isset($_SESSION['check_amount']))
{
$_SESSION['check_amount'] = 1;
$_SESSION['check_time'] = $expire;
}
else {
$_SESSION['check_amount']++;
}
 

Ecko

23:37 [autobots] -!- eckostylez [[email protected]]
Nov 25, 2012
1,399
962
Create a function that grabs the last x amount of messages from an IP address where the timestamp is from 10 seconds or less (you will need to modify your $date variable to include seconds) when a message is submitted. If mysql_num_rows is greater or equal to 4-5, then echo they need to wait before sending another message.

sorry if difficult to comprehend, bit stoned.
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
Managed to get this working!

function checkTime(){
$livetime = date('H:i:s', time() - 5);
$name = $_SESSION['chat-username'];
$q = mysql_query("SELECT * FROM chat WHERE name = '$name' AND time >= '$livetime'");
$check = mysql_num_rows($q);
if($check >= 3){
echo "Woah! Slow down there...";
}else{
createChat();
}
}

Thanks,

Issue resolved.
 

Ecko

23:37 [autobots] -!- eckostylez [[email protected]]
Nov 25, 2012
1,399
962
Managed to get this working!

function checkTime(){
$livetime = date('H:i:s', time() - 5);
$name = $_SESSION['chat-username'];
$q = mysql_query("SELECT * FROM chat WHERE name = '$name' AND time >= '$livetime'");
$check = mysql_num_rows($q);
if($check >= 3){
echo "Woah! Slow down there...";
}else{
createChat();
}
}

Thanks,

Issue resolved.
You're welcome. Wasn't sure if you understood my post lol
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
When I echo $check, it gives 60 and it always says "Woah! Slow down there...".

"
60Woah! Slow down there..."
 

Users who are viewing this thread

Top