User's IP Validation
in [General]
|
Prev: Unknown error with imagecreatefromjpeg() on specific GD/PHP versions.
Next: Unit testing in PHP
From: Juan Rodriguez Monti on 16 Jun 2010 14:26 Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan
From: "Bob McConnell" on 16 Jun 2010 14:31 If this is an open site, using the IP won't be any good. We have over 200 people behind our NAT firewall, all of which would show up as coming from the same IP on your server. Many other networks have the same or a similar configuration. If you only allow registered users, add a couple of flags to your user table and set one of them when they fill out the form. Don't show them the form after it is set. Having a couple, you can do a couple of questionnaires simultaneously, and clear the matching flag when you close the form. Bob McConnell -----Original Message----- From: Juan Rodriguez Monti [mailto:juan(a)rodriguezmonti.com.ar] Sent: Wednesday, June 16, 2010 2:26 PM To: php-general(a)lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
From: David Cesal on 16 Jun 2010 14:36 Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. David Sent from my HTC -----Original Message----- From: Juan Rodriguez Monti <juan(a)rodriguezmonti.com.ar> Sent: 16. cervna 2010 20:26 To: php-general(a)lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
From: Ashley Sheridan on 16 Jun 2010 19:36 On Wed, 2010-06-16 at 20:36 +0200, David Cesal wrote: > Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. > > David > > Sent from my HTC > > -----Original Message----- > From: Juan Rodriguez Monti <juan(a)rodriguezmonti.com.ar> > Sent: 16. cervna 2010 20:26 > To: php-general(a)lists.php.net > Subject: [PHP] User's IP Validation > > Hi people, > I would like to know the best way to perform some kind of validation > for an application that I've written. > > I have a system that ask through an HTML Form some questions to users. > I use some cookies to save some information from the user side. > > However, I would like to implement some code in PHP that would let me > limit to 1 the number of times that the page with the questions was > executed. > > I mean, the user fills the HTML's Form, then send it through an HTML > Button, then PHP receives this informations and send an Email > containing the replies to the questions. I would like to limit to one, > the times one single user is able to execute this form. > > I thought getting the IP Address, then doing some kind of validation > with it. However I don't know if using cookies is the best idea. I > don't have access to a DataBase for this. So I thought might be a good > idea write to a file in the server the IP, then perform some if to > know if the user already replied the form. > > As far as I don't know which is the best way to code this, I felt free > to ask you guys. > > Thanks a lot. > > Juan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > > Like others have said, unless you have specific user logins, there's no way to prevent people from viewing the form more than once. As you are emailing them the answers, I assume there is some form of login system being used, so you could use that, with some sort of flag to indicate the email has been sent. If you want to future-proof the system, you could use some sort of binary bit flag to indicate what forms they've been sent answers to, for example: 0 - no answers have been sent 1 - only the first set of answers 4 - the 3rd set of answers only 5 - the 3rd and 1st set of answers etc. This would allow you to use one field to hold sent info on as many forms as you need. Thanks, Ash http://www.ashleysheridan.co.uk
From: Juan Rodriguez Monti on 17 Jun 2010 11:07 2010/6/16 Ashley Sheridan <ash(a)ashleysheridan.co.uk> > On Wed, 2010-06-16 at 20:36 +0200, David Cesal wrote: > > Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. > > David > > Sent from my HTC > > -----Original Message----- > From: Juan Rodriguez Monti <juan(a)rodriguezmonti.com.ar> > Sent: 16. cervna 2010 20:26 > To: php-general(a)lists.php.net > Subject: [PHP] User's IP Validation > > Hi people, > I would like to know the best way to perform some kind of validation > for an application that I've written. > > I have a system that ask through an HTML Form some questions to users. > I use some cookies to save some information from the user side. > > However, I would like to implement some code in PHP that would let me > limit to 1 the number of times that the page with the questions was > executed. > > I mean, the user fills the HTML's Form, then send it through an HTML > Button, then PHP receives this informations and send an Email > containing the replies to the questions. I would like to limit to one, > the times one single user is able to execute this form. > > I thought getting the IP Address, then doing some kind of validation > with it. However I don't know if using cookies is the best idea. I > don't have access to a DataBase for this. So I thought might be a good > idea write to a file in the server the IP, then perform some if to > know if the user already replied the form. > > As far as I don't know which is the best way to code this, I felt free > to ask you guys. > > Thanks a lot. > > Juan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > Like others have said, unless you have specific user logins, there's no way > to prevent people from viewing the form more than once. As you are emailing > them the answers, I assume there is some form of login system being used, so > you could use that, with some sort of flag to indicate the email has been > sent. If you want to future-proof the system, you could use some sort of > binary bit flag to indicate what forms they've been sent answers to, for > example: > > 0 - no answers have been sent > 1 - only the first set of answers > 4 - the 3rd set of answers only > 5 - the 3rd and 1st set of answers > Yes, tha't s true. However I'm not using a DB for this little job. There's no login system. There's a little script that runs the form, and then send an email to some directions, but not for the user's Email address. I thought I should use cookies, however is far from secure. Thanks a lot people!. Juan
|
Next
|
Last
Pages: 1 2 Prev: Unknown error with imagecreatefromjpeg() on specific GD/PHP versions. Next: Unit testing in PHP |