[HELP] Deny User Form Submit By IP Address If It's Already Exists In Database

androwowor

11-26-2010, 10:51 AM

Hello,

I'm a poor with PHP for Knowledge.

How to deny exists IP Address from which it already logged in Database if someone wants to type and submit a form for a twice or more.

I mean the user only have a chance to submit the form for one time only, by detecting from their IP Address if it has been submitted before.

Is it possible to restrict some user to validating the form again if that user already submitted that form?

I do so much thankful in advanced for your help.

The form code:
<form name="registration_form" method="post" action="register.php">
Email: <input type="text" size"475" name="email">
<input id="ip" name="ip" value='<?php echo $_SERVER["REMOTE_ADDR"]; ?>' type='hidden'>
<input id="date" name="date" value='<?php echo $_SERVER["REMOTE_ADDR"]; ?>' type='hidden'>
<input type="submit" value="Submit">
</form>

The register.php code:
<?php
$con = mysql_connect("localhost","dbuser","dbpass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("dbname", $con);

$sql="INSERT INTO dbtable (ip, email)
VALUES
('$_POST[ip]','$_POST[email]')";

if (!mysql_query($sql,$con))
{
}
echo 'You are now Part of Us.';

mysql_close($con)
?>

<?php

$subject = 'You are now joined with Us';
$headers = "From: Company.Inc noreply@company.com\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$message = '<html><body>';
$message .= '<tr>Thank you 1</tr>';
$message .= '<tr>Thank you 2</tr>';
$message .= '<tr>Thank you 3</tr>';
$message .= "</body></html>";

mail($_POST[email], $subject, $message, $headers);

?>

poyzn

11-26-2010, 11:49 AM

androwowor

11-26-2010, 12:25 PM

<?php
//read IP addresses into the array from the db
$blacklist = array('123.123.123.123',
'124.124.124.124');
//check if a user's IP is in the array then show him a button not a submit
?><input type="<?php echo in_array($_SERVER['REMOTE_ADDR'], $blacklist) ? 'button' : 'submit' ?>" value="Submit" /><?php
Thanks for your reply poyzn, I'm still looking for another alternatives. Anyway, I'm on learning your way while still looking for another methods here.

MattF

11-26-2010, 04:55 PM

androwowor

11-27-2010, 05:44 PM

There's no absolute method for blocking a user from submitting a form twice or more. You can check the I.P, but that may well only be effective in 20% of cases maximum, and you stand a good probability of blocking legitimate users. Cookies can be deleted etc. Most effective way may be to use a triple, (name, email and I.P or suchlike), and just hope they run out of ideas before they abuse the form submission too much.Thanks for your reply MattF, is it really no absolute method for this problem? I have recorded their IP Address into my Database from which to filtering their submitted. I think I have their IP Data's to prepare that filtering from which whom to get block on twice or more submitting.

DrDOS

11-27-2010, 05:58 PM

Thanks for your reply MattF, is it really no absolute method for this problem? I have recorded their IP Address into my Database from which to filtering their submitted. I think I have their IP Data's to prepare that filtering from which whom to get block on twice or more submitting.Many people's IPs change, sometimes three or so times a day, so using that method will have little effect on them, but may effect the next person who is assigned that IP. However it may stop people from making multiple spam posts ( that may be all you want to do ) but you might consider having an expiration time for the blocking.

StrangeCoder

11-27-2010, 07:38 PM

+1 @DrDOS
There are millions of good and free proxies, so this script is kinda useless.

MattF

11-28-2010, 08:40 AM

is it really no absolute method for this problem?

None.