Jump to content
Darkness

Form Editing

Recommended Posts

Hey.There are people on my site who are using page editing to cheat. On my site, I use a this.disabled function to disable a button when clicked, so people can not click it multiple times. However, people are editing the source, and taking out the disabled part. Is there a way I can disable this or track it?I'm guessing that this can be achieved via Javascript, HTML, PHP, or a combination of them, however I am not sure.Thanks.

Share this post


Link to post
Share on other sites

You can probably track it somehow, depending what your application does when the button is clicked. If it sends an AJAX request to PHP then the PHP script can keep track of when the button was clicked using the session.

Share this post


Link to post
Share on other sites

That was just an example of one thing you could do to track. What you will want to do will depend on what the button does.

Share this post


Link to post
Share on other sites

Well, here's an example of the form.

<form action='pagehere.php' method='POST'><input type='hidden' name='Submit' value='1'>Input stuff here.<input type='submit' value='Continue' onclick="this.disabled='true'; this.value='Please Wait...'; this.form.submit();\"></form>

The hidden input field is there because disabled submit fields can not have names.Basically, the form goes to a certain page, of course. That page adds data to the MySQL database. However, people can use source editing to change it to...

<input type='submit' value='Submit'>

That way, they can keep clicking the button rapidly, and the data will be added each time; which allows them to spam.

Share this post


Link to post
Share on other sites

The PHP page should use the session to keep track of the last time the form was submitted, and take the appropriate action.

Share this post


Link to post
Share on other sites

Granted I'm not an expert, but it's possible that they're simply disabling javascript for their browser, which I'm guessing would throw a wrench into the way the script works. That's just a guess, but it's something you may want to look into.

Share this post


Link to post
Share on other sites

How about if they submit data you not let them go back to the page? What exactly is the issue with this though? If they go to a page through they form, it shouldn't matter if they click it that much, and even if they do, make it send you an email if a user posts more than 1 thing within a few seconds of each other, and also flag them so they can't do it... It's not that hard a process(well, then again, I am a relatively good PHP user... so i guess whats not so hard for me may be for others...). I'm sure we could all help you much more if we knew what else was going on. Is there any more Javascript involved? or what?

Share this post


Link to post
Share on other sites

Justsomeguy's idea will work all the time (unless they write a script to click, delete cookies, click, delete cookies, etc).

Share this post


Link to post
Share on other sites

Right. And if they want to go through that much trouble there's not a lot you can do to stop them other then by associating a database record with their IP or something, and they can get around that too.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...