http://www.phpbuilder.com/board/showthread.php?s=&threadid=10212055

Any other opinions?

programming is

70% coding to prevent users from f****ing up
30% to do the job

if the user can screw things up, they will...

i suppose it is a rather cynical view of people, but unfortunately also true...

I recently wrote an ASP application (yeah I know:D ) where about 30 lines of code did the actual work, 200 or so lines were dedicated to checking inputs and preventing errors or stopping malicious users from trying to access the DB


Note: Humans on average use 13% of our brainpower, half of that is dedicated to finding better ways to blow each other up...

I like the last idea listed of using a sequence that you stick in each form for posting, so that once you've posted from that form, the sequence number is used up. Then you have to post from a newly produced form which should cut down on duplicates a fair bit.

The method I have always used is that I check if the user has: a) Posted anything in the last minute by doing a SELECT on anything with the timestamp greater that a minute ago from the current time.
b) checks if the same user has posted in the same topic with the same message. There is obviously no need for anyone to ever need to post an identical post in the same thread for any reason. I'd identify that as spam. However if you think there is a valid reason for it then you can always just put a timecheck on it as well.

THe sequence ID is a clever idea, and I implement that in other applications in a similar manner. In my forums though it'd only mean more tables or columns and more information that needs to be sent through pages.

Or you could use a java script that disables the submit button after it is clicked the first time.