SHARE
TWEET

CiviCRM flood control code

a guest Mar 30th, 2011 443 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /**
  2.  * Implmentation of hook_civicrm_postProcess
  3.  * Inserting form submission time into the cache table for flood control checking
  4.  *
  5.  */
  6. function yourmodule_civicrm_postProcess($formName, &$form) {
  7.         if($formName == 'CRM_Contribute_Form_Contribution_Main') {
  8.                 $id = $form->getVar('_id');            
  9.                 // note the ip could be a proxy server ip
  10.                 $ip = ip_address();
  11.                 $data = array(
  12.                         'id' => $id,
  13.                         'ip' => $ip,
  14.                         'timestamp' => time(),
  15.                 );
  16.                
  17.                 $query = "INSERT INTO civicrm_cache
  18.                 (`group_name`, `path`, `data`, `created_date`)
  19.                 VALUES (%1, %2, %3, %4)";
  20.                
  21.                 $params = array(
  22.                         1 => array('contribution flood control', 'String'),
  23.                         2 => array('CRM_Contribute_Form_Contribution_Main_' . session_id(), 'String'),
  24.                         3 => array(serialize($data), 'String'),
  25.                         4 => array(date('Y-m-d H:i:s'), 'String'),
  26.                 );
  27.                
  28.                  CRM_Core_DAO::executeQuery($query, $params);
  29.         }
  30. }
  31.  
  32. /**
  33.  * Implmentation of hook_civicrm_validate
  34.  * Checking timestamp of previous submission time given the ip address
  35.  *
  36.  */
  37. function yourmodule_civicrm_validate($formName, &$fields, &$files, &$form) {
  38.         $errors = array();
  39.        
  40.         // verify that the last submission recorded is the same contribution page id
  41.         // we are only going to check the date range within the same day?
  42.         if($formName == 'CRM_Contribute_Form_Contribution_Main') {
  43.                 $id = $form->getVar('_id');
  44.                 $ip = ip_address();
  45.                 // get the last time a user has submitted the form
  46.                 $query = sprintf("SELECT data FROM civicrm_cache WHERE `data` LIKE '%%%s%%' AND group_name = 'contribution flood control' ORDER BY created_date DESC LIMIT 0, 1", $ip);
  47.                
  48.                 $data = CRM_Core_DAO::singleValueQuery($query);
  49.                 $data = unserialize($data);
  50.                 if($data && !empty($data)) {
  51.                         if($id == $data['id']) {
  52.                                 // check flooding interval
  53.                                 $interval = time() - $data['timestamp'];
  54.                                 if($interval < 60) {
  55.                                         $errors['qfKey'] = 'Maximum attempt reached, please try again later';
  56.                                 }
  57.                         }              
  58.                 }
  59.         }
  60.        
  61.         return (empty($errors)) ? TRUE : $errors;
  62. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top