Hello. I'm developing a payment system where I'll be using PayPal IPN. Its to an e-commerce sites selling lots of goodies.

However, just recently my db was flooded.

My current process is this:
1. user browses my site for a product with a product ID and decides to checkout
2. script validates form (checks if the product is in stock etc.), and then enters the purchase information inside a database with a field called 'paid_or_not'
3. once someone signs up and pays, PayPal will notify a script of mine and this script will then update the product to be 'paid_or_not' status to TRUE.


All is well with this process until someone does something unintended. Of course this goes with many things...

Now the user was able to flood my database by either refreshing many times at checkout or building a script to do it. It would create many fake product info inside my database. Whats the best way to prevent this?

I thought about cookies, but didn't like the idea (can be disabled). I also thought about a simple IP throttle technique?? Would this be good? Or would it be losing on those on AOL, shared proxies, etc.? Perhaps a IP and HTTP_USER_AGENT check? Any light on this topic is welcomed :)

Thank you

In reply to A good way to prevent "spam flooding"? by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.