Using sessions in a mailing script to prevent flooding of mail.

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • atyndall
    New Member
    • Sep 2007
    • 13
    #1

    Using sessions in a mailing script to prevent flooding of mail.

    Ok, I still need help with these session varibles that I started to ask about in my previous post (http://www.thescripts.com/forum/show....php?p=2790429)

    Originally posted by http://www.thescripts. com/forum/post2790083-4.html - Atli
    Sessions are very easy to use. I wrote an article on them, if you want to know the basics.

    In your case, you would simply have to check if a session variable exists before you send your email. If it does not, then create it and set it's value to the current time. If it does, make sure that that the time value it contains is older than the time you want to elapse.

    That could be accomplished somewhat like this:
    [PHP]// Start session

    session_start() ;



    // Check the session variable exists

    if(isset($_SESS ION['LastSent'])) {

    // Check if a post was made in the last 5 seconds

    if($_SESSION['LastSent'] > ***!!!!!time() + 5!!!!!***) {

    die("You have already sent a message in the last 5 seconds!");

    }

    }

    // Set the session variable to the current time

    $_SESSION['LastSent'] = time();



    // Send your mail

    // <your code here>[/PHP]
    I need that one little thing (surrounded by ***!!!!! in the quote above) changed so that it checks to see if the time is between 0 and 500 seconds ago, not just 500.

    Can anyone help me?

    P.S. Here is my revised PHP script code:
    [PHP]<?php
    session_start() ;
    $subject = $_POST['subject'];
    $message = $_POST['message'];
    include 'config.inc.php ';
    $java_ar1 = '
    <script language="Javas cript">
    <!--
    alert ("';

    $java_ar2 = '")
    window.location = "';

    $java_ar3 = '"
    //-->
    </script>';

    $html_r1 = '
    <html>
    <head>
    <title>';

    $html_r2 = '</title>
    </head>
    <body>
    <div align="center">
    <h1>';

    $html_r3 = '</h1>
    <form id="" name="" method="" action="';

    $html_r4 = '">
    <input type="submit" name="" id="" value="OK" />
    </form>
    </div>
    </body>
    </html>';

    if(isset($_SESS ION['LastSent'])) {

    if($_SESSION['LastSent'] > time() + 500) {

    $alert = 'You have sent a message in the last 500 seconds.';
    echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
    echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
    exit();

    }

    }


    if ($subject == "") {

    $alert = 'Your message contained no subject.';
    echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
    echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
    exit();

    }

    elseif (mail($to, $subject, $message, $headers)) {
    $_SESSION['LastSent'] = time();
    $alert = 'Message sent.';
    echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
    echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
    exit();

    } else {

    $alert = 'Error sending message.';
    echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
    echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
    exit();

    }[/PHP]

    Anyone know how to make it less clunky??
    Tags: None
    • pbmods
      Recognized Expert Expert
      • Apr 2007
      • 5821
      #2
      Heya, atyndall.

      So you want to do something like this:
      [code=php]
      if( $_SESSION['LastSent'] > (time() - 5) )
      {
      die("You have already sent a message in the last 5 seconds!");
      }
      [/code]

      This will evaluate to true if the last message sent was between 5 seconds ago and now.

        Comment

        • atyndall
          New Member
          • Sep 2007
          • 13
          #3
          thanks a bunch,

          anyone still know how i could improve my script's code to make it more efficient?

          Revised Code (mail.php):
          [PHP]<?php
          session_start() ;
          $subject = $_POST['subject'];
          $message = $_POST['message'];
          include 'config.inc.php ';
          $java_ar1 = '
          <script language="Javas cript">
          <!--
          alert ("';

          $java_ar2 = '")
          window.location = "';

          $java_ar3 = '"
          //-->
          </script>';

          $html_r1 = '
          <html>
          <head><title> ';

          $html_r2 = '</title>
          </head>
          <body>
          <div align="center">
          <h1>';

          $html_r3 = '</h1>
          <form id="" name="" method="post" action="';

          $html_r4 = '">
          <input type="submit" name="" id="" value="OK" />
          </form>
          </div>
          </body>
          </html>';

          if(isset($_SESS ION['LastSent'])) {

          if( $_SESSION['LastSent'] > (time() - $delay) ) {

          $a1 = 'You have sent a message in the last ';
          $a2 = ' seconds.';
          echo $java_ar1,$a1,$ delay,$a2,$java _ar2,$homepage, $java_ar3;
          echo $html_r1,$a1,$d elay,$a2,$html_ r2,$a1,$delay,$ a2,$html_r3,$ho mepage,$html_r4 ;
          exit();

          }

          }


          if ($subject == "") {

          $alert = 'Your message contained no subject.';
          echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
          echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
          exit();

          }

          elseif (mail($to, $subject, $message, $headers)) {
          $_SESSION['LastSent'] = time();
          $alert = 'Message sent.';
          echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
          echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
          exit();

          } else {

          $alert = 'Error sending message.';
          echo $java_ar1,$aler t,$java_ar2,$ho mepage,$java_ar 3;
          echo $html_r1,$alert ,$html_r2,$aler t,$html_r3,$hom epage,$html_r4;
          exit();

          }[/PHP]

          Revised Code (config.inc.php ):
          [PHP]<?php

          // Edit the below variables but do NOT remove the ' , " , : or ;
          // $to - Who the script sends the emails to.
          // $homepage - The place in which the script redirects the sender after the error/success message.
          // $headers -- From: - Who the email says it is from.
          // Reply-To: - Who the email says you should reply to.
          // $delay - Amount of time (in seconds) until the sender can send another email. Prevents spamming.

          $to = '__MUNGED__';
          $homepage = '__MUNGED__';
          $headers =
          "From: __MUNGED__"
          . "\r\n" .
          "Reply-To: noreply@atyndal l.co.nr";
          $delay = 180

          ?>[/PHP]

            Comment

            • pbmods
              Recognized Expert Expert
              • Apr 2007
              • 5821
              #4
              Heya, Atyndall.

              Only thing that stands out:
              [code=php]
              if ($subject == "") {
              [/code]
              should be
              [code=php]
              if( empty($subject) )
              {
              [/code]
              which keeps you covered in case $subject is undefined.

              You may also find this article to be of some interest.

                Comment

                Previous template Next
                Working...