Solved

How to construct anti-refresh plugin?

Posted on 2009-07-08
10
476 Views
Last Modified: 2012-06-21
We've got situation like this:
1. I'm entering page X,
2. then I click (or hold f5) for 20 seconds

What to do to avoid reloading page? (transfer and statistics)
Limit max pages download to 20 per minute?

Any solutions?
0
Comment
Question by:AndyPSV
  • 4
  • 3
  • 3
10 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24806755
Not sure I understand your issue, but here is how I prevent multiple submissions of form data.
// PREVENT MULTIPLE SUBMISSIONS DUE TO DOUBLE CLICKS ON SUBMIT BUTTON

// EXAMPLE USAGE: 

// if ( multi_submit() ) 

// { /* error */ } 

// else 

// { /* normal processing */ }

// ASSUMES USE OF SESSIONS
 

function multi_submit($type = "post") 

{
 

// CHOOSE AND ENCODE THE REQUEST DATA

   $string = "";

   $input_array = ($type == "get") ? $_GET : $_POST;

   foreach ($input_array as $val) { $string .= $val; }

   $string = md5($string);
 

// SAME AS THE LAST REQUEST DATA?

   if ($_SESSION['_multi_submit'] === $string) 

   {

      return TRUE;

   } else 

   {

      $_SESSION['_multi_submit'] = $string;

      return FALSE;

   }

}

Open in new window

0
 
LVL 14

Accepted Solution

by:
profya earned 500 total points
ID: 24807399
This code demonstrates how to control the number user refreshes a page. You can also use the microtime to control the span of time, however, because I am using windows I couldn't test this part.

create an include file, add the code attached to, then include the file created in your page.
Replace violate.htm with the page the script will redirect visitor to, when he/she exceeds refresh limits.
I hope you find it useful.
<?php

session_start();

$currentIp=$_SERVER['REMOTE_ADDR'];

if (isset($_SESSION['visitors']))

{

	$visitorsCache=$_SESSION['visitors'];
 

	if (isset($visitorsCache[$currentIp]))

	{

		$visitorsCache[$currentIp]->numberOfRefreshes++;

		$visitorsCache[$currentIp]->lastVisit=microtime(true);

	}

	else

	{

		$visitorsCache[$currentIp]=new visitorInfo();

		$visitorsCache[$currentIp]->numberOfRefreshes++;

		$visitorsCache[$currentIp]->lastVisit=microtime(true);

	}

	$datediff=(microtime(true)- $visitorsCache[$currentIp]->lastVisit);

	if ($visitorsCache[$currentIp]->numberOfRefreshes>5)

	{

		$visitorsCache[$currentIp]->numberOfRefreshes=0;

		header("location: violate.htm");

	}

}

else

{

	$visitors=array();

	if (isset($visitors[$currentIp]))

	{

		$visitors[$currentIp]->numberOfRefreshes++;

		$visitors[$currentIp]->lastVisit=microtime(true);

	}

	else

	{

		$visitors[$currentIp]=new visitorInfo();

		$visitors[$currentIp]->numberOfRefreshes++;

		$visitors[$currentIp]->lastVisit=microtime(true);

	}

	$_SESSION['visitors']=$visitors;

}
 

class visitorInfo

{

	public $numberOfRefreshes=0;

	public $lastVisit="";

}

?>

Open in new window

0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24808106
I guess you could also try some combination of ignore_user_abort() and sleep().  Can you please explain a little more about what you are trying to achieve?   Thanks, ~Ray
0
 

Author Comment

by:AndyPSV
ID: 24808660
I just don't want to user make above 20 page refreshes in 1 minute
0
 
LVL 14

Expert Comment

by:profya
ID: 24811514
Try my solution and change lines 19 and 20 to the following:
        $datediff=(microtime(true)- $visitorsCache[$currentIp]->lastVisit)*60;

        if ($visitorsCache[$currentIp]->numberOfRefreshes>20 && $datediff<1)

Open in new window

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Expert Comment

by:profya
ID: 24811536
Or adjust the values to suit your case, as I told you earlier, my machine uses Windows XP there for I can not test the elapsed time properly. I tested the solution as per refresh count, this represents 50% of the fix as I see.
0
 

Author Comment

by:AndyPSV
ID: 24811690
how to transform this code - without class?
0
 
LVL 14

Expert Comment

by:profya
ID: 24811769
The class helps you because many users will visit your website, each user with a specific ip will have its object. You can use arrays by the way to do that.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24814972
"I just don't want to user make above 20 page refreshes in 1 minute"

OK, I get that part.  Why not?
0
 

Author Closing Comment

by:AndyPSV
ID: 31601256
thanks
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now