PHP FORM - Using Sessions

Question

virtuali 0 Newbie Poster

13 Years Ago

Hi All,

I am trying to create a form using sessions so that the submit button is only submitted once in a two minute duration. I need the form to still complete the onclick action so that a calculation happens, but I only want the mail() function to send an email only once in that two minute duration.. even if the submit button is clicked more than once... here is what I got so far.. but doesnt work..?? What am I missing..??

<?php session_start();?>

if (!isset($_SESSION))
$_SESSION = time();

if (time()-$_SESSION < 120)
die('Post limit exceeded. Please wait at least 120 seconds');
else
$_SESSION = time();

php session

2 Contributors
12 Replies
298 Views
2 Days Discussion Span
Latest Post 13 Years Ago Latest Post by Stefano Mtangoo

Stefano Mtangoo 455 Senior Poster

13 Years Ago

http://www.daniweb.com/web-development/php/threads/388998

Stefano Mtangoo 455 Senior Poster

13 Years Ago

Thanks.. but I tried this, but still nogo.. for some reason when the user clicks the submit button again it is still allowing the form to send again.. and not checking the time interval...?? What might I be missing here..?? Thanks in advance..
<?php
$_SESSION = time();
if ($_SESSION + 10 * 60 < time()) {
// session timed out
} else {
// session ok
}
?>

actually you are not doing anything here. check an example. Also use code tags

<?php
  $_SESSION['timeout'] = time(); 

  if ($_SESSION['timeout'] + 10 * 60 < time()) {
     // session timed out --log him out. For now we will just kill the script
     die("Session have timed out");
     exit(1);
  } 
?>

Stefano Mtangoo 455 Senior Poster

13 Years Ago

<?php
  $_SESSION['timeout'] = time(); 
  $_SESSION['mail_send_allowed'] = true;   

  if ($_SESSION['mail_send_allowed']&& !$_SESSION['timeout'] + 10 * 60 < time()) {
     // do validation and checks and send email here
     $_SESSION['mail_send_allowed'] = false;
     $_SESSION['timeout'] = time(); 
  } else{ die("No Spamming with my contact box...");}
?>

Edited 13 Years Ago by Stefano Mtangoo because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

virtuali 0 Newbie Poster · Answer 1 · 2011-10-26T18:09:07+00:00

Thanks.. but I tried this, but still nogo.. for some reason when the user clicks the submit button again it is still allowing the form to send again.. and not checking the time interval...?? What might I be missing here..?? Thanks in advance..

<?php
$_SESSION = time();
?>

<?php
if ($_SESSION + 10 * 60 < time()) {
// session timed out
} else {
// session ok
}
?>

virtuali 0 Newbie Poster · Answer 2 · 2011-10-26T18:32:53+00:00

Opps.. thanks.. will use the code tags... but I am still not sure what I am missing... All I want to do is have the session only send one email when the user clicks the submit button instead of if they click it 3 or 4 times sending an email everytime... and If I can limit the interval to something like 2 or 3 minutes so that after that time has elapsed the email can be sent again..

Sorry.. I am abit of a nubie here...:) Thanks for your help so far though...

virtuali 0 Newbie Poster · Answer 3 · 2011-10-26T18:57:29+00:00

This is what I got thus far..but when I add your code it doesnt send for some reason... Can you see what I am missing..?? Thanks again..??

<?php
  $_SESSION['timeout'] = time(); 
  $_SESSION['mail_send_allowed'] = true;   
 

// Database settings
$db_host = "localhost";
$db_name = "connect";
$db_user = "connect";
$db_password = "connect";
//

$db = mysql_connect($db_host, $db_user, $db_password);
if(!$db)
	die("Could not connect to database.");
if(!mysql_select_db($db_name))
	die("Could not load database.");

if($_REQUEST["action"] == "form1")
{
	$query = "INSERT INTO db (UserEmail,
	UserFirstName, UserLastName, UserAddress, UserCity, UserState, UserPC, UserPhone, UserPurchaseType, UserLoanAmount, UserInterestRate,
	UserTermLoan, UserBalloon, UserPercentage, UserPaymentAmount, UserIP, UserEnquiryDate, UserSiteReferer) VALUES (
	'".mysql_real_escape_string($_REQUEST["email"])."',
	'".mysql_real_escape_string($_REQUEST["first_name"])."',
	'".mysql_real_escape_string($_REQUEST["last_name"])."',
	'".mysql_real_escape_string($_REQUEST["address"])."',
	'".mysql_real_escape_string($_REQUEST["city"])."',
	'".mysql_real_escape_string($_REQUEST["state"])."',
	'".mysql_real_escape_string($_REQUEST["postal_code"])."',
	'".mysql_real_escape_string($_REQUEST["phone"])."',
	'".mysql_real_escape_string($_REQUEST["purchase_type"])."',
	".$_REQUEST["amount"].",
	'".mysql_real_escape_string($_REQUEST["rate"])."',
	'".mysql_real_escape_string($_REQUEST["term"])."',
	'".mysql_real_escape_string($_REQUEST["balloon"])."',
	'".mysql_real_escape_string($_REQUEST["percentage"])."',
	".$_REQUEST["monthly"].",
	'".$_SERVER["REMOTE_ADDR"]."',
	NOW(),
	'".$_SERVER["HTTP_REFERER"]."'
	)";
	mysql_query($query);
	
    if ($_SESSION['mail_send_allowed']&& !$_SESSION['timeout'] + 10 * 60 < time()) {

     	
	// Send e-mail
	$message = "
	E-mail: ".$_REQUEST["email"]."\n 
	First Name: ".$_REQUEST["first_name"]."\n 
	Last Name: ".$_REQUEST["last_name"]."\n 
	Address: ".$_REQUEST["address"]."\n 
	City: ".$_REQUEST["city"]."\n 
	State: ".$_REQUEST["state"]."\n 
	Postal Code: ".$_REQUEST["postal_code"]."\n 
	Phone: ".$_REQUEST["phone"]."\n 
	Purchase Type: ".$_REQUEST["purchase_type"]."\n 
	Loan Amount: ".$_REQUEST["amount"]."\n 
	Interest Rate: ".$_REQUEST["rate"]."\n 
	Length of Loan: ".$_REQUEST["term"]." months\n 
	Balloon Final Payment: ".$_REQUEST["balloon"]."\n 
	Percentage: ".$_REQUEST["percentage"]."\n 
	Monthly Amount Payable: ".$_REQUEST["monthly"]."\n 
	IP Address: ".$_SERVER["REMOTE_ADDR"]."\n 
	Referrer: ".$_SERVER["HTTP_REFERER"]."\n 
	Date: ".date("F j, Y, g:i a"); 
	
	$to = "mymail@mail.com";
	$subject = "Enquiry - From ".$_REQUEST["email"];
    $headers .= "X-Priority: 1 (Higuest)\n";
    $headers .= "X-MSMail-Priority: High\n";
    $headers .= "Importance: High\n"; 
	$headers = "From: mail@mail.com" . "\r\n" .
	mail($to, $subject, $message, $headers);
        $_SESSION['mail_send_allowed'] = false;
        $_SESSION['timeout'] = time(); 
        } else{ die("No Spamming with my contact box...");}

?>

Stefano Mtangoo 455 Senior Poster · Answer 4 · 2011-10-26T19:13:13+00:00

Just test Sending email with no DB stuffs and when it is working you can add DB support
BTW don't use REQUEST. Either POST or GET!

virtuali 0 Newbie Poster · Answer 5 · 2011-10-26T19:19:22+00:00

virtuali 0 Newbie Poster

13 Years Ago

ok.... but does the code look ok..??

virtuali 0 Newbie Poster · Answer 6 · 2011-10-26T19:26:39+00:00

ok.. just tried the below with "request" and "post" and still doesnt send..??

<?php
  $_SESSION['timeout'] = time(); 
  $_SESSION['mail_send_allowed'] = true;   
 
	
    if ($_SESSION['mail_send_allowed']&& !$_SESSION['timeout'] + 10 * 60 < time()) {
	
	// Send e-mail
	$message = "
	E-mail: ".$_REQUEST["email"]."\n 
	First Name: ".$_REQUEST["first_name"]."\n 
	Last Name: ".$_REQUEST["last_name"]."\n 
	Address: ".$_REQUEST["address"]."\n 
	City: ".$_REQUEST["city"]."\n 
	State: ".$_REQUEST["state"]."\n 
	Postal Code: ".$_REQUEST["postal_code"]."\n 
	Phone: ".$_REQUEST["phone"]."\n 
	Purchase Type: ".$_REQUEST["purchase_type"]."\n 
	Loan Amount: ".$_REQUEST["amount"]."\n 
	Interest Rate: ".$_REQUEST["rate"]."\n 
	Length of Loan: ".$_REQUEST["term"]." months\n 
	Balloon Final Payment: ".$_REQUEST["balloon"]."\n 
	Percentage: ".$_REQUEST["percentage"]."\n 
	Monthly Amount Payable: ".$_REQUEST["monthly"]."\n 
	IP Address: ".$_SERVER["REMOTE_ADDR"]."\n 
	Referrer: ".$_SERVER["HTTP_REFERER"]."\n 
	Date: ".date("F j, Y, g:i a"); 
	
    $to = "jmail@mail.com";
    $subject = "Enquiry - From ".$_REQUEST["email"];
    $headers .= "X-Priority: 1 (Higuest)\n";
    $headers .= "X-MSMail-Priority: High\n";
    $headers .= "Importance: High\n";  
    $headers = "From: mail@mail.com" . "\r\n" .
    mail($to, $subject, $message, $headers);
    $_SESSION['mail_send_allowed'] = false;
    $_SESSION['timeout'] = time(); 
    } else{ die("No Spamming with my contact box...");}

?>

Stefano Mtangoo 455 Senior Poster · Answer 7 · 2011-10-26T19:40:19+00:00

Ignore above examples they don't do what I think of. I have rolled simple example for you because I will be offline soon. Toy with it and make it suite your need

<?php
session_start();

if(!isset($_SESSION['mail_send_allowed'])){    
    $_SESSION['mail_send_allowed'] = true;  
}

if($_SESSION['mail_send_allowed']){
    $_SESSION['timeout'] = time(); 
}

$form = <<<EOT
<form action={$_SERVER["PHP_SELF"]} method="post">
    <label for="heading"><strong>Email Title</strong></label>
    <input type="text" name="heading" />
    <br /><br />
    <label for="body"><strong>Email Body</strong></label>
    <input type="text" name="body" " />
    <br />
    <input type="submit" name="submit" value="Submit" />
</form>

EOT;

if(isset($_POST["submit"])){
  if ($_SESSION['mail_send_allowed']) {
     // do validation and checks and send email here
    //check for valid values and send email, for now I will just echo output
    echo "Heading is: " . $_POST['heading'] ."<br />and body is <br />". $_POST['body'];
    //next time don't come here until time is expired    
     $_SESSION['mail_send_allowed'] = false;     
     
  } else{ 
    die("No Spamming with my contact box...");
    if(!$_SESSION['timeout'] + 10 * 60 < time()){
        $_SESSION['mail_send_allowed'] = false;
    }
  }
  
}else{
echo $form;
}

virtuali 0 Newbie Poster · Answer 8 · 2011-10-27T07:44:47+00:00

Ok.. the below works to stop multiple email submissions which is great, but it doesnt seem to pick up on the time set before the email can be allowed to be sent again? Also... It is currently add a DB entry everytime the submit is clicked.. I would like it to only add one entry in the db as well... so it does the entry at the same time the email send.. but not after... Just so I dont have dups in the DB.

Thanks for any advice.. Cheers.

<?php
session_start();

if(!isset($_SESSION['mail_send_allowed'])){    
    $_SESSION['mail_send_allowed'] = true;  
}

if($_SESSION['mail_send_allowed']){
    $_SESSION['timeout'] = time(); 
}

// Database settings
$db_host = "localhost";
$db_name = "connect";
$db_user = "connect";
$db_password = "connect";
//

$db = mysql_connect($db_host, $db_user, $db_password);
if(!$db)
	die("Could not connect to database.");
if(!mysql_select_db($db_name))
	die("Could not load database.");

if($_REQUEST["action"] == "form1")
{
	$query = "INSERT INTO calc (UserEmail,
	UserFirstName, UserLastName, UserAddress, UserCity, UserState, UserPC, UserPhone, UserPurchaseType, UserLoanAmount, UserInterestRate,
	UserTermLoan, UserBalloon, UserPercentage, UserPaymentAmount, UserIP, UserEnquiryDate, UserSiteReferer) VALUES (
	'".mysql_real_escape_string($_REQUEST["email"])."',
	'".mysql_real_escape_string($_REQUEST["first_name"])."',
	'".mysql_real_escape_string($_REQUEST["last_name"])."',
	'".mysql_real_escape_string($_REQUEST["address"])."',
	'".mysql_real_escape_string($_REQUEST["city"])."',
	'".mysql_real_escape_string($_REQUEST["state"])."',
	'".mysql_real_escape_string($_REQUEST["postal_code"])."',
	'".mysql_real_escape_string($_REQUEST["phone"])."',
	'".mysql_real_escape_string($_REQUEST["purchase_type"])."',
	".$_REQUEST["amount"].",
	'".mysql_real_escape_string($_REQUEST["rate"])."',
	'".mysql_real_escape_string($_REQUEST["term"])."',
	'".mysql_real_escape_string($_REQUEST["balloon"])."',
	'".mysql_real_escape_string($_REQUEST["percentage"])."',
	".$_REQUEST["monthly"].",
	'".$_SERVER["REMOTE_ADDR"]."',
	NOW(),
	'".$_SERVER["HTTP_REFERER"]."'
	)";
	mysql_query($query);
	
}
	

    if ($_SESSION['mail_send_allowed']) {
	$message = "
	E-mail: ".$_REQUEST["email"]."\n 
	First Name: ".$_REQUEST["first_name"]."\n 
	Last Name: ".$_REQUEST["last_name"]."\n 
	Address: ".$_REQUEST["address"]."\n 
	City: ".$_REQUEST["city"]."\n 
	State: ".$_REQUEST["state"]."\n 
	Postal Code: ".$_REQUEST["postal_code"]."\n 
	Phone: ".$_REQUEST["phone"]."\n 
	Purchase Type: ".$_REQUEST["purchase_type"]."\n 
	Loan Amount: ".$_REQUEST["amount"]."\n 
	Interest Rate: ".$_REQUEST["rate"]."\n 
	Length of Loan: ".$_REQUEST["term"]." months\n 
	Balloon Final Payment: ".$_REQUEST["balloon"]."\n 
	Percentage: ".$_REQUEST["percentage"]."\n 
	Monthly Amount Payable: ".$_REQUEST["monthly"]."\n 
	IP Address: ".$_SERVER["REMOTE_ADDR"]."\n 
	Referrer: ".$_SERVER["HTTP_REFERER"]."\n 
	Date: ".date("F j, Y, g:i a"); 
	
	$to = "mail@mail.com";
	$subject = "Enquiry - From ".$_REQUEST["email"];
    $headers .= "X-Priority: 1 (Higuest)\n";
    $headers .= "X-MSMail-Priority: High\n";
    $headers .= "Importance: High\n"; 
	$headers = "From: mail@mail.com" . "\r\n" .
    $headers .= 'Bcc: mail@mail.com' . "\r\n";
	"Reply-To: mail@mail.com";
	mail($to, $subject, $message, $headers);
    //next time don't come here until time is expired    
     $_SESSION['mail_send_allowed'] = false; }    
     
    else{ 
    die("No Spamming with my contact box...");
    if(!$_SESSION['timeout'] + 10 * 60 < time()){
        $_SESSION['mail_send_allowed'] = false;
    }
  }
?>

Stefano Mtangoo 455 Senior Poster · Answer 9 · 2011-10-28T10:59:17+00:00

if ($_SESSION['mail_send_allowed']) {

this code stops multiple submission, so move your data there! Also wrap your connection in function and call that function each time you want to connect. Also you can make those insert stuffs can be also wrapped in function. And last warning, stop using REQUEST use either POST or GET explicitly!