PHP 或 Javascript - 如何设置表单提交之间的最短时间

Question

令人惊讶的是，我在 Internet/stackoverflow 上找不到任何相关内容，但我认为它经常被使用。

我的表单基本上是一个文件上传表单，我想设置使用 Javascript 或 PHP（首选 PHP）的表单提交之间的最短时间，以保护表单免受机器人等攻击。

我唯一能想到的是一个 cookie/会话，但可以删除/清除/修改它们。

Answer 1

最后，我使用了一个简单的 MySQLi 表。

MySQLi 表包含三列，

1. 'ID'（用户的登录 ID），
2. TimesUploaded（指定时间上传，默认15分钟），
3. TimeLastUploaded（用户上传其第一个最大值的时间，TimesUploaded，文档）

代码：

1.函数getuploaduse()

function getuploaduse(){
    require('connect.php'); //Connect with the MySQL database
    $theid = mysqli_fetch_array(mysqli_query($link, "SELECT COUNT(*) FROM `UploadUse` WHERE ID=\"".$_SESSION['id']."\""));
    if($theid[0] == 0){
        return 'makenew'; //Make a new row
    } else {
        return mysqli_fetch_array(mysqli_query($link, "SELECT TimesUploaded,TimeLastUploaded FROM `UploadUse` WHERE ID=\"".$_SESSION['id']."\"")); //Pass on TimesUploaded and TimeLastUploaded
    }
}

2.上传页面中的PHP

//Set variables
$block = 'false';
$mintime = 15; //A minimum of 15 minutes between $maxuploads
$maxuploads = 3;
$contents = getuploaduse();// [0] => TimesUploaded, [1] => TimeLastUploaded


if(isset($_POST['thetitle'])){ //If users uploads

if($contents != 'makenew'){
    if($contents[0] == $maxuploads){
        $block = (time() - $contents[1]);
        if($block < ($mintime * 60)){
            $block= 'false';
            mysqli_query($link, "UPDATE `UploadUse` SET `TimesUploaded`=1,`TimeLastUploaded`='".time()."' WHERE `ID`='".$_SESSION['id']."'"); //Reset
        } else {
            $block = $mintime - round($block / 60);
        }
    } else {
        $block = (time() - $contents[1]);
        if($block >= ($mintime * 60)){
            $block= 'false';
            mysqli_query($link, "UPDATE `UploadUse` SET `TimesUploaded`=1,`TimeLastUploaded`='".time()."' WHERE `ID`='".$_SESSION['id']."'"); //Reset
        } else {

            $increased = ($contents[0] + 1);
            mysqli_query($link, "UPDATE `UploadUse` SET `TimesUploaded`='".$increased."' WHERE `ID`='".$_SESSION['id']."'"); //Increase
            if($increased == $maxuploads){
                $block = $mintime - round($block / 60);
            } else {
                $block = 'false';
            }
        }
    }
} else {
    mysqli_query($link, "INSERT INTO UploadUse(ID,TimesUploaded,TimeLastUploaded)   VALUES('".$_SESSION['id']."','1','".time()."')");
}

//Place your upload script here and set $success to something to show your success and not the 'Maximum uploaded'

}

//Block if user doesn't upload (so when he tries to access the upload page)

if($contents != 'makenew' && $block == 'false'){
$contents = getuploaduse();// [0] => TimesUploaded, [1] => TimeLastUploaded
if($contents[0] == $maxuploads){
    $block = (time() - $contents[1]);
    if($block < ($mintime * 60)){
        $block = $mintime - round($block / 60);
    } else {
        $block = 'false';
    }
}
} 

3.使用您的上传表单

<? if($block == 'false'): ?>
<!-- Your upload form here -->
<?php elseif(isset($success)): ?>
<!-- Success here-->
<?php else: ?>
<div class="alert alert-block alert-danger fade in">
    <h4>You exceeded the maximum uploads per <?php echo $mintime; ?> min.</h4>
    <p>You may upload maximum <?php echo $maxuploads ?> documents per <?php echo $mintime; ?> minutes. You have to wait for <span class="label label-danger"><span id="updatemin"><?php echo $block; ?></span> minute<? if($block > 1){echo 's';} ?></span>.</p><br />        
  </div>
<? endif; ?>

4.在我的 HTML Header 中（所以当用户被阻止时，它会更新剩余分钟数）

<?php if($block != 'false'):?><meta HTTP-EQUIV="REFRESH" content="60; url=/Upload"><? endif; ?>

如果您认为此代码有用，请投票给我（自己的）答案，因为我确实花时间在此代码上。 （我是初学者，对我来说，这段代码值得骄傲，特别是因为我没有使用教程或其他答案）

Answer 2

存储您可以使用的提交者 ip：

• 在最短时间后过期的内存缓存键
• 临时文件“标志”
• 使用验证码让机器人的生活更加艰难