Limit user access to user identified by IP address only 5 times a day

Question

I need to limit the access to a PHP web page for a user identified by IP address only 5 times a day.

I have done this funcionality with sessions, but in the requirements I have to that with IP Adresses abd not with sessions.

Any idea on the simplest method to do that?

Thanks a lot.

Answer 1

Building on Prisoner's answer:

I'd add a date field to this table and do an insert ... ON DUPLICATE KEY UPDATE

Bonus field: ip_log_page so you can use this on multiple pages.

you can also run a delete query based on the date to delete stuff from yesterday and before - either cron or just part of the script on a web page.

CREATE TABLE ip_log
(
    ip_log_ip VARCHAR(40),
    ip_log_date DATE,
    ip_log_visits TINYINT(1),
    ip_log_page varchar(255),
    PRIMARY KEY(ip_log_page,ip_log_ip,ip_log_date),
);

keep in mind that tinyint(1) has an upper limit of 127/255 (signed/unsigned) so if your needs ever change and you need more than that you'll need to adjust your field

Answer 2

First, create a table with columns such as:

|-----------------------------------|
| IP varchar(15) | Views tinyint(1) |
|-----------------------------------|

Then on each view either insert the IP (if its not already in the database) or increment views by 1. If views = 5 then kill the page and don't allow the user to visit.

You can then run a cron each night at 00:00 that deletes all data in the table (see: truncate).

Answer 3

On every access, save the IP address (UNIQUE field) into a database together with the current date/time and a counter. Increase the counter and update the date/time every access if the IP address already exixts in the database.

Now you can just deny acces when the counter is greater than 5 and date/time is not one day old.

However, consider what Brad said to you. IP address is not a reliable method to identify an user.

Answer 4

You should look into apc cache or Zend cache to stored the IP that you'd get from $_SERVER['REMOTE_HOST']