I want to set a timer on my webpage where if a user fill the contact us page. he could not able to resend e-mail or fill the contact page for admin for next 30 days.
After that he could fill contact us page.
May be email could be unique for this. through the email validation we can hold that particular user for next 30 days.
Please help me.
You can create a database table which looks like so:
CREATE TABLE contact_flood
(
`email_address` TEXT NOT NULL,
`time` INT NOT NULL,
)
When a user submits the contact form, their email address and the time at which the form are saved to this table using a query like so:
"INSERT INTO contact_flood (email_address, time) VALUES ('".$escapedEmailAddress."', '".time()."')"
Then you can set a check on form submit which checks to see if the email is in the table:
"DELETE FROM contact_flood WHERE time < (".time()." - 2592000)"
"SELECT COUNT(*) as count FROM contact_flood WHERE email_address = '".$escapedEmailAddress
The first query deletes all entries in the table older than 30 days and the second query returns any remaining rows with the email address specified. If the count variable resulting from the query is nonzero then don't send the email and give the user an appropriate message. If it is zero go ahead and send the email, then run the insert query from before.
An alternative means of doing this is to only allow one form submit per IP address per 30 days. In which case you would do the same thing just replacing the email_address with ip_address. In that case you can also run the check before the form is loaded and not even load the form if it comes back with a nonzero count variable.