I am making a simple web chat application. it looks like this:
<?php
session_start();
if(!isset($_SESSION['login']))
{
Header('Location: /');
die();
}
?>
<head>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script src="http://malsup.github.com/jquery.form.js"></script>
<style>
#update {
width: 550px;
height: 300px;
padding: 10px;
border: 2px groove gray;
overflow:scroll;
margin: 10px;
margin-right: auto;
}
</style>
</head>
<a href="logout.php">Log out</a>
<center>
<h2>Uchat Alpha</h2>
</center>
<script>
$(document).ready(function () {
setInterval(function() {
$.get("chatloader.php", function (result) {
$('#update').html(result);
});
}, 100);
});
$('#ajaxform').submit(function(){
$(':submit', this).click(function() {
return false;
});
});
$(document).ready(function() {
// bind 'myForm' and provide a simple callback function
$('#ajaxform').ajaxForm(function() {
$('#ajaxform')[0].reset();
});
});
</script>
<div id="update">
</div>
<center>
<form name="ajaxform" id="ajaxform" action="http://retroamp.eu/uchat/chathandler.php" method="post">
<input type="text" id="msg" name="msg" maxlength="50" value ="" placeholder="Message"/>
<input type="submit" value="Send"/>
</form>
</center>
What my problem is is that people could like fill up the chat with words or links whatever.
Is there a way to prevent this without having to use a captcha.
My idea was that you have to wait 3 seconds before you can send a new message, but how?
While you can do this in JS to restrict the user in the browser... there is nothing on the server side that will stop them from creating their own requests and spamming the system with it, regardless of what your JS stops them from doing.
You will most likely need a two sided solution in PHP/JS to mitigate things like these. This is more than just a here is some JS to stop it.