Support ⇒ Modules & Blocks ⇒ Forums - Double posting + Flood protection ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexModules & Blocks

Forums - Double posting + Flood protection Reply to topic

Go to page 1, 2 Next

Hi all,
of late I have had ongoing issues with users double posting. I'm almost sure it's users of smart phones using the back button in the browser instead of navigating properly.

I normally have flood protection turned off on my sites as I have seen it be a bit intrusive at times.

Has anyone else used the flood protection to stop double posts, and if so, what settings did you use?

I have thought about coding a mod to the forums post file that checks the database for an exact text match in the last x min by the same user to stop double posting, but I will only do that in case there is nothing suitable to use already.

Test Signature

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):


Double posting can occur whenever the server response is slow - eg over a mobile network. User hits Submit, nothing happens, user hits Submit again. But if the first submit had taken - but the confirmation was delayed (likely because little data volume in the submit compared to the refresh) - then you get a double post.

Pro_News has some double posting detection built in. (Added by Masino Sinaga.) Similar to what you describe.

Flood Protection gets turned off on my sites, as it annoys me intensely. Eg. Was triggered trying to read your post! Evil or Very Mad

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


layingback, flood protection has changed few times since your 9.2.1.

I use it in all my sites and it does a great work, sure I had to upgrade ...

Going back to the original issue, double posting, Forums has another built in flood protection: one post every 15 seconds. So if a double post happens within 15 seconds time I believe to be a server issue probably associated with a slow link rather then a software problem, the server it's probably taking it's time processing the new input.

Try optimizing your database tables please.

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS


layingback wrote
Eg. Was triggered trying to read your post!

ie. here @ DF.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


layingback has a point. the flood protection is disabled for admins.
This should be investigated as well but should be in a different forum topic.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial


It shouldn't be server performance. It's a dedicated server that just runs a few websites.


So are you saying that there should be already a function to stop users posting more than once every 15 seconds, or does this need to be turned on?

The DB tables are optimised, and it's still happening on a regular basis. It has NEVER happened to me personally. It always seems to be the same few users doing it, which is why I can't help thinking they are doing something strange.

Either way, it's a pain in the ass to keep deleting their double posts.

I will see if I can find some and see what the time difference is between the posts.

Test Signature

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):


The "most correct" way to fix double-posting is to use Post/Redirect/Get pattern. But it seems like a lot of work (to maintain the updates later), unless you want the code changes to get into the core repository.

EDIT: Oh, it seems it does that already - showing the "your message was posted successfully" and redirect after that.

Your users probably refresh on the success message page, though most browsers ask about re-sending form data.

I guess better approach would be to use header('Location: ...'); to skip the success page.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
-


So I have pretty much determined that it is iphone users who do the vast majority of the double posts. They do not navigate properly and just keep hitting the back navigation on the phone.

The best way to fix this is probably to display a different template for phones to make the site easier to navigate. I think this is coming in V10?

But for now, I think I will put some checking code in the forums that checks the post text, username and topic against the database. If the exact post already exists, I won't even warn the user, I will just ignore it completely.

Test Signature

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):


You probably do want to warn, else they'll never break the habit - ie. trust that your site will respond to just 1 click.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


I'd also be interested in the code if/when you develop it, please. I occasionally see double entries for forums posts.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


I changed v10 to resolve this issue.
The only problem is that v9 templates need to be changed on upgrade to support the notifications in html.

The trick here is that you get redirected to your post and a notification is shown at the top of this page.
In v9 you had the choice to go there or just back to the forums.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

Last edited by DJ Maze on Fri Jan 30, 2015 1:06 pm; edited 1 time in total


If you can explain what and where (in say default theme) I can add in reDesign4 now - it already has v10/v9 switches in it, from way back in reDesign(1).

That way you'll only need to worry about 'standard' themes. Wink

I'd still be interested in hybrid's solution as I see a lot of life left in v9 (as a Production system) before v10 fully matures.

BTW, on Flood protection i got a FP warning 😖 today by ... just logging in! At the top of Forums, clicked login in side panel, and warning came up immediately. Not user friendly and no way to avoid.

Also the 'Last post' field/date in Search (eg. Forums > Newest Posts) results has lost its link again. So there's no way to jump to last/newest post. have to go to top of post or page and read through to look for a green bubble.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


Below is the code I used.
There might be a better way to do it, but this worked for me.

First we check the POSTS_TEXT_TABLE for the same post text and subject.
If we have a match, then we check the POSTS_TABLE for the matching post_id and then check if the user is the same and the post was within 10 mins.
If it's the same, it dies and prints a Double_Post message.
You also need to update your language file to include the double post message.

My message is this:
Prevented Double Posting. If you are using a smart phone, navigate the website properly!


Insert the code below to line 112 of includes/phpBB/functions_post.php.
It should be just after the flood code.
# Check for double posting - JM $sql = "SELECT post_id from ".POSTS_TEXT_TABLE." WHERE post_text = '$post_message' AND post_subject = '$post_subject'"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $doublepost = $row['post_id']; $sql = "SELECT poster_id, post_time FROM ".POSTS_TABLE." WHERE post_id = $doublepost"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($row['poster_id'] == $userdata['user_id'] && $current_time < ($row['post_time'] + 600)) { message_die(GENERAL_MESSAGE, $lang['Double_Post']); } } } # End double post checking - JM

I do not claim this is the best way to solve the issue, but I was getting sick of the iphone users double posting. We would have to clear many every day.
The time (600sec/10mins) is also debatable. Should a user ever post the exact same text and subject?
The other check you could add is that the post is to the same topic ID. I wonder why I didn't add that also. Probably slipped my mind at the time.

Now as for using the "die" instead of continuing to the thread with a warning - I really don't care if I inconvenience these users. They have inconvenienced the admins for the last few years by having to delete thousands of double posts!
If you don't want to use the die message, you could modify the code so that instead of dying, you just skip the database INSERT and move on. The user will not even notice it's happened.

Test Signature

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Last edited by hybrid on Tue Feb 24, 2015 1:56 am; edited 1 time in total


@hybrid Thanks so much for the code. But looking at it I saw that limiting your first sql call with LIMIT 1 would save some time.

But then I got carried away and made lots of changes. Hope you don't mind. Here's the revised code.

# Check for double posting - layingback based on method by JM/Hybrid
	$time_window = $current_time - 6000;		// last 100 mins
	$sql = "SELECT p.post_id";
	$sql .=" FROM ".POSTS_TABLE." p, ".POSTS_TEXT_TABLE." pt
		WHERE pt.post_id = p.post_id
			AND ".$userdata['user_id']." = p.poster_id
			AND '$time_window' < p.post_time
			AND post_text = '$post_message'
			AND post_subject = '$post_subject'
		LIMIT 1";
	$result = $db->sql_query($sql);
	if ($db->sql_numrows($result)) {
		message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
	}
# End double post checking - LB/JM


The LIMIT 1 on the call to POST_TEXTS_TABLE was because you only need to find a match so might as well stop as soon as. But the POST_TEXTS_TABLE call is a serial search so it's going to be slow, reading through much of the db to get a relatively recent post, likely to be near the far end of the file ...

So I combined the 2 sql calls, so although the SQL Join is potentially more expensive, the search is now by indices up until the current time - 100minutes.

Reason I made it 100mins - perhaps too long - is related to your 'omission' of topic_id, which I think is brilliant. It means that a spammer who tries to stuff the same message all over the Forums is going to get caught as well!

That last tweak is also why I used the existing 'Flood_Error' message. Should impart enough info to the accidental double poster (on a slow connection) while giving minimal clues to the intentional spammer. ( And saves me having to do the translations for my multi-lingual / auto translating site. )

On my dev site both methods resulted in a total of .0004 secs for the 2 calls and for the join. On my live site the difference was the same .004 vs .1303

Thanks again.

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


Ahhh yes - you joining the queries together into one is much better, because you can check the username directly.

That is where my SQL is not great, so I had to separate the queries first to be able to compare the username.

I wasn't able to LIMIT the results in my case, because another user could have posted the same text.

I will change my code to use your method, but using my double post message.

Test Signature

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

All times are UTC
Go to page 1, 2 Next


Jump to: