Web Hosting Talk






PDA

View Full Version : PHP script help

WoodShedd
11-17-2002, 08:24 PM
I only have rudimentary knowledge of php. I've learned what I know mostly by examining other scripts.

Today I had the need to create a form that exports the username and password entered into a dat file. in the format username|password|0 the 0 is always there and is not an option on the forum. It is required by he program that reads that dat file.

So far I've got


<?php
$errors=0;
$error="The following errors occured while processing your form input.<ul>";
if($errors==1) echo $error;
else{
$where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(

strrev($PHP_SELF),"/"));
$message="username: ".$username."
password: ".$password."
";
$make=fopen("admin/data.dat","a");
$to_put="";
$to_put .= $username."|".$password."|"."0
";
fwrite($make,$to_put);
header("Refresh: 0;url=http://url.com/thx.html");
}
?>


that modifies the file fine but there is the problem of someone flooding the form with multiple user:pass combos. What I'm looking to do is make it so that the form will only accept a submission once every 30 seconds. IP logging would be good too, butI can live without it.(probably too hard for me anyways)

Could someone help?

=THanks
Woofcat
11-17-2002, 11:13 PM
the easiest way to do this would be to add to the top of your script something like:


if(filemtime("admin/data.dat")>=time()-30)
$errors=1;
MarkIL
11-17-2002, 11:13 PM
ob_start();
define('FILENAME','./admin/data.dat');
define('IPLOG','./admin/ip.dat');
define('FREQ', 30);
define('REDIR','http://example.com/thankyou.xml');

$diff = time() - @filemtime(FILENAME);
if ($diff < FREQ) die('You may only submit a form once in 30 seconds.');
/* verify $_POST data and set $errors accordingly here */
if ($errors)die('An error occured while processing your input.');

$s = sprintf("%s|%s|0\n",$_POST['username'],$_POST['password']);
$s2 = sprintf("%s -- %s\n",date('r'),$_SERVER['REMOTE_ADDR']);

$fd = fopen(FILENAME,'a+');
fputs($fd,$s); fflush($fd); fclose($fd);

$fd2 = fopen(IPLOG,'a+');
fputs($fd2,$s2); fflush($fd2); fclose($fd);

header('Location: '.REDIR);
ob_end_flush();
WoodShedd
11-18-2002, 01:38 AM
Thanks a lot lewney, thats perfect.

How would I go about making sure that someone can't signup with a username that's already been taken?