Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi.

I got a message board in my web site and currently I've been having the following problem...

Some users are starting to spam my message board with the same message repeated a million times. What they do, is whenever they have to submit the message, they actually click on the submit button a million times before the next page loads. This causes their message to be added lots of times.

Is there any way I can prevent users from doing this?

Thanks,
Ralph :)

Replies are listed 'Best First'.
Re: Spam on Message Board
by Masem (Monsignor) on May 05, 2001 at 18:55 UTC
    When you present the user with the submission form, create a unique ID, based on several factors, such as the current time, random numbers, user name, or anything else. Bury that id into a hidden field. When the submit button is hit the first time, look at that ID, save the message, and mark that that ID has been used already. If they hit submit again, check to see if the ID has been used already and if so, do nothing.

    If you have a database, saving that ID is easy enough; if you are using flat files, just write each id to a file, one per line, and you can easily read and check those IDs that have already been entered.

    Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain
[reply]
Re: Spam on Message Board
by merlyn (Sage) on May 05, 2001 at 18:56 UTC
    When you generate your form to submit a new posting, include a unique serial number as a hidden field, and store it on a database on server side.

    When the response is submitted, check for the serial number, and if it's absent or already used, then redirect to the form again. If it hasn't been used, process the form and delete the serial number from your database.

    Hmm. That sounds like a good idea for a column. {grin} I've put it in the to-do bucket.

    -- Randal L. Schwartz, Perl hacker

[reply]
Re: Spam on Message Board
by dws (Chancellor) on May 05, 2001 at 23:07 UTC
    I got a message board in my web site and currently I've been having the following problem...

    For dealing with miscreants, Philip Greenspun suggests a subtle denial-of-service counter-attack. This this chapter of Philip and Alex's Guide to Web Publishing, and search for Microsoft Helps Defend Against Bozos.

[reply]
Re: Spam on Message Board
by srawls (Friar) on May 06, 2001 at 01:04 UTC
    Well, all of those solutions are fine, but this one takes the strain off the server's side. It uses JavaScript, and should be relatively easy to follow.
    Here is the JavaScript portion: 
    var flag = 0;
function StopSubmit() {
  if(!flag) { flag++; return 1; } 
  return 0; 
}

    [download]
    And here is the form portion (you need to add the method and action parts): 
    <form onSubmit="return StopSubmit();">

    [download]

    The 15 year old, freshman programmer,
    Stephen Rawls
[reply]
[d/l]
[select]
Re: Spam on Message Board
by Anonymous Monk on May 07, 2001 at 01:04 UTC
    Hi.

    Thanks for all of your answers!! :)

    I think i'm gonna use the javascript version for now, since it doesn't deal with the server. i'll keep all of them in mind though :)

    anyway... i'm 15 as well!! if anyone cares my email's: ralph.a.ch@fibertel.com.ar .

    Thanks,
    Ralph :)
    www.argenteen.com
[reply]
Re: Spam on Message Board
by zakzebrowski (Curate) on Jan 08, 2004 at 13:11 UTC
    Why not just take an md5 checksum of message and before you add it to the database, check to see if that checksum already exists?...


    ----
    Zak
[reply]

Back to Seekers of Perl Wisdom