Guest User

CiviCRM flood control code

a guest
Mar 30th, 2011
493
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /**
  2.  * Implmentation of hook_civicrm_postProcess
  3.  * Inserting form submission time into the cache table for flood control checking
  4.  *
  5.  */
  6. function yourmodule_civicrm_postProcess($formName, &$form) {
  7.     if($formName == 'CRM_Contribute_Form_Contribution_Main') {
  8.         $id = $form->getVar('_id');    
  9.         // note the ip could be a proxy server ip
  10.         $ip = ip_address();
  11.         $data = array(
  12.             'id' => $id,
  13.             'ip' => $ip,
  14.             'timestamp' => time(),
  15.         );
  16.        
  17.         $query = "INSERT INTO civicrm_cache
  18.         (`group_name`, `path`, `data`, `created_date`)
  19.         VALUES (%1, %2, %3, %4)";
  20.        
  21.         $params = array(
  22.             1 => array('contribution flood control', 'String'),
  23.             2 => array('CRM_Contribute_Form_Contribution_Main_' . session_id(), 'String'),
  24.             3 => array(serialize($data), 'String'),
  25.             4 => array(date('Y-m-d H:i:s'), 'String'),
  26.         );
  27.        
  28.          CRM_Core_DAO::executeQuery($query, $params);
  29.     }
  30. }
  31.  
  32. /**
  33.  * Implmentation of hook_civicrm_validate
  34.  * Checking timestamp of previous submission time given the ip address
  35.  *
  36.  */
  37. function yourmodule_civicrm_validate($formName, &$fields, &$files, &$form) {
  38.     $errors = array();
  39.    
  40.     // verify that the last submission recorded is the same contribution page id
  41.     // we are only going to check the date range within the same day?
  42.     if($formName == 'CRM_Contribute_Form_Contribution_Main') {
  43.         $id = $form->getVar('_id');
  44.         $ip = ip_address();
  45.         // get the last time a user has submitted the form
  46.         $query = sprintf("SELECT data FROM civicrm_cache WHERE `data` LIKE '%%%s%%' AND group_name = 'contribution flood control' ORDER BY created_date DESC LIMIT 0, 1", $ip);
  47.        
  48.         $data = CRM_Core_DAO::singleValueQuery($query);
  49.         $data = unserialize($data);
  50.         if($data && !empty($data)) {
  51.             if($id == $data['id']) {
  52.                 // check flooding interval
  53.                 $interval = time() - $data['timestamp'];
  54.                 if($interval < 60) {
  55.                     $errors['qfKey'] = 'Maximum attempt reached, please try again later';
  56.                 }
  57.             }      
  58.         }
  59.     }
  60.    
  61.     return (empty($errors)) ? TRUE : $errors;
  62. }
RAW Paste Data