PHP is open source scripting language. It\'s widely used to develop web applications.  Home Web Programming PHP Stopping Multiple Signups
rss
Your Ad Here

Stopping Multiple Signups

Author: Will More by this author
Added: Mar 20, 2007 Rating:   Level: Experienced Software: PHP Editors  

Stopping Multiple SignupsIntegrating measures to stop bots from exploiting your forms is quite simple and very easy when using this code.

First of all you'll need PHP, I recommend version 5.

Secondly, you'll need it to be compiled with the GD library.

I'm going to have to go through this just brushing on your user systems as I don't know how they've been made, but I'll go through the logic and what you'll have to do.

1. Make a new file, call it generatecode.php and shove this in it:

<?php
header("Content-type: image/png");

$code = $_GET['code'];

$width = 90;

$height = 30;

$im = @imagecreatetruecolor($width, $height)

or die("Image creation b0rked");

for ($i = 0; $i < 250; $i++) {

$rx1 = rand(0,$width);

$rx2 = rand(0,$width);

$ry1 = rand(0,$height);

$ry2 = rand(0,$height);

$rcVal = rand(0,255);

$rc1 = imagecolorallocate($im,

rand(0,255),

rand(0,255),

rand(0,250));

imageline ($im, $rx1, $ry1, $rx2, $ry2, $rc1);

}

$text_color = imagecolorallocate($im, rand(200,255), rand(0,100), rand(0,100));

$white = imagecolorallocate($im,255,255,255);

imagestring($im, 1, 5, 5, "$code", $text_color);

imagettftext($im, 20, -2, 10, 25, $text_color, $font, $code); // Write the text with a font

imageline($im,5,15,80,20,$white);

imagepng($im);

imagedestroy($im);

?>

2. Link to this image in your signup script and put a form field next to it. Something like this:

<?
$unique = rand(100000,999999);
?>
<img src="/img_articles/11148/generatecode.php?code=<?=$unique?>" width="90" height="30" />

3. Make a copy of the unique variable in a hidden input tag:

<input type="hidden" name="uniqt" id="uniqt" value="<?=$unique?>" />

4. Now when the user submits the form, check the value against the hidden input value. If it matches, continue. If it doesn't, exit.

That's about it really, to make it more secure you could also stop the page from loading in itself (i.e. making the process page a different page, not <?=$PHP_SELF?>) and then redirecting it to a different page.

Other methods would be to allow one submission per IP, email address or username. I've used this method on this site and it's so far stopped a few attacks from that Matt guy..



Author's URL: Will
Thank you for voting.
Rate this Materials:
Bad 
1 2 3 4 5 Excellent
print this page subscribe to newsletter subscribe to rss

Web programming � everything from the basics of visual design and architecture to the specifics of applications, graphics, and scripting. More Web Programming: Most Popular Materials | Fresh Materials | More PHP Tutorials at LearnPHP.org

Add comments to "Stopping Multiple Signups"

Only registered users can write comment

No comments yet...