A C asked 6 months ago
Hi!
I would like to limit form entries to 1 per IP address every 5 mins.
I can do it with the Saved Cookie function but I would like to do the same with the IP address.
Is that possible?
Many thanks in advance!
I have added this to my functions.php but it does not work:
add_action('frm_display_form_action', 'limit_form_submissions', 8, 3);
function limit_form_submissions($params, $fields, $form){
remove_filter('frm_continue_to_new', '__return_false', 50);
if($form->id == 2 and !is_admin()){ // Change 2 to the ID of your form
$time_limit = time() - (5 * 60); // 5 minutes in seconds
// Get the count of entries submitted from the current IP address within the last 5 minutes
$count = FrmEntry::getRecordCount(array(
'form_id' => $form->id,
'it.ip' => $_SERVER['REMOTE_ADDR'],
'created_at >' => date('Y-m-d H:i:s', $time_limit)
));
$entry_limit = 1; // Allow only one submission every 5 minutes
if($count >= $entry_limit){
echo 'Only one entry is allowed per IP address every 5 minutes.';
add_filter('frm_continue_to_new', '__return_false', 50);
}
}
}
Do I need to change anything the formidable forms settings?
Victor Font answered 6 months ago
Victor Font
replied 6 months ago Also, your post title says 5-minutes, your message says 10-minutes. Your code is set for 5-minutes.
A C
replied 6 months ago <p>Hi Victor, Many thanks for your answer. I thought that if I add this snippet, I need to also activate form permission in my form. So you can confirm me I don't need to activate the form permission (Limit number of entries ) settings in my form?I tried the correction you sent me and seems to work. Can this snippet creates vulnerability in my website?</p>
A C
replied 6 months ago Hi Victor.
Somehow an IP address could submit 3 times the form even though the snippets working.
How can I prevent this?
Victor Font
replied 6 months ago Vulnerability? No.
IP address submitted 3x? I have know idea whet this means. How are you determining that? Don't forget, IP address are very unreliable when people use VPNs. I could change my VPN location every minute and submit a new entry defeating you security check because the IP changes each time.
A C
replied 6 months ago I meant the same IP address could submit the form 3 times in 3 minutes despite having the snippets set to 1 every 5 minutes.
I tested it and after I submit the form I need to wait 5 mins to submit another.
But how come this user could submit 3 times in 1 minute?
I checked and it's the same IP adress 3 times.
Victor Font
replied 6 months ago I have no idea. Troubleshooting errors on your site requires hands on. I'd only be guessing if I suggested what was happening.
A C
replied 6 months ago So I think I know how this is happening:
I have some radio buttons and looks like if you open sever windows with the same form you can submit it multiple times.
So if I submit my form using one tab in my browser, at the same time I can also submit it in the other open tab in my browser.
Any idea on how to avoid this?
Victor Font
replied 6 months ago I don't understand what the radio buttons have to do with anything, but it's probably because you're opening a new PHP session every time you reload the form in a new tab.
A C
replied 6 months ago Victor sorry I have a question: this limitation only works if entries are saved in Database? I am not saving them but sending them to a Google Shits document.
I noticed this snippet works only when entries are store in DB.
Is it possible to also limit submission when entries are. not stored?
Victor Font
replied 6 months ago No. You’re out of luck. Not saving the entries and doing what you want is outside of Formidable’s design. You can’t even do this with custom code. Work with the way the system is designed and it will work. Save the entries and delete them when you’re done with them.
Please login or Register to submit your answer