November 23rd, 2012, 04:45 AM
Posting Comments (Security)
Hi, how do Facebook posts (status updates) / comments work in terms of security...
I was surprised to see that Facebook allowed me to post 3 status updates one after the other and then also allow me to post 20 comments on a status update all within 5 seconds
I have a comment feature on my website and i need a way of preventing users from spamming with comments (without use a captcha)
Users must be logged in to post a comment... so when a comments is being posted, should i just check to see if the same $ user_id posted a comment within the last 20 seconds... or can someone think of a more suitable method...
Thanks in advance for your help...
November 23rd, 2012, 06:14 AM
a time limit is certainly a good idea. But I'd rather make it a minute or such.
You could also try hidden fields to fight off bots. And you might use a (Bayesian) spam filter. Unfortunately, the major ones are all written for e-mail spam, but there are also some PHP implementations. Just google for "bayesian spam filter".
November 23rd, 2012, 06:22 AM