I've got a little question on how you would solve this issue. I've made a pretty straight forward form for posting comments. if (!$submit) { echo ' <form method="POST"> <textarea name="message"></textarea> <input type="submit" name="submit" value="Add Comment" /> </form> '; } else { $sql = 'INSERT INTO table SET text="'.strip_tags($message).'", poster="'.$_SESSION['user_id'].'", post="'.$post.'", time="'.mktime().'"'; $DB->query($sql); PHP: Ok, now this works fine, but it obviously allows a user to double post since another row is inserted. How should I make it UPDATE instead of INSERT? I don't think getting all comments for this post, sorting them by time and then checking if the last user who commented is the same one who is sending the message right now is the most efficient way to solve it. Sorry if I'm not clear enough... I always have problems explaining what I'm trying to do Thank You EDIT Well, I guess I'll just add the information who was the last user to comment on a post and then just check if I should INSERT or UPDATE. Guess that'll do just fine. EDIT2 Hehe, yea, so that wasn't the best idea. I've found an easier solution. I'm just checking if the poster of the last comment is the same as the one who is logged in Couldn't be simpler
Yea, but what if your on a website which gets a lot of hit, this guy could easily spam you. I'd recommand you to add another column containing the time info. If the user has posted less than 30 sec ago. Give him a warning message, this would be programmed through a IF statement.
You could do it by Ip and if there was a message posted by that Ip they can not post again until someone else posts, But maybe have a edit link so they could edit there comment for spelling etc!
Tying anything to IP addresses are a bad idea. For instance, AOL users are based on a roating proxy server. Thus, each time they load the page, a new ip address is served up, and their will be no match.
Well, temporary tying a IP address is fine, but then it should be removed otherwise it's useless. After 1 or 2 hours, a IP should not be valid anymore (user could have logged off or whatever). It's up to you to determine after how much time an IP should become invalid, but tying an ip is fine for a certain amount of time, not for eternity.
Then what about the aol users and the rotating proxy? Each time a new page is loaded, the new ip address is sent along in the request for the page... ?? Or is this not as big of a deal no-a-days??
First of all I would put some javascript on the button. onclick=document.getelementbyid["name"].disable blah blah blah [CODE] sorry you will nee dto get the exact code. that is step one. step 2 is to either place a cookie with last post time and read that, though wont work on the same page. so I would referenece a database field or "session table" and use that I use a session table on my site where I record the user who is logged in and update their "last post" everytime the make one then if it has not been x amount of time since their last post, it fails out and informs them. Code (markup):