Your skill will accomplish what the force of many cannot |
|
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Ignoring it. If you put in the page a js that detect the time interval between get and post, it must pass its result as a post parameter. If I decide to cheat, I can make a post setting the value to anything I like. You can use javascript, cookies, anything you want but in the end the server sees only what I pass it in the post... This is the fundamental reason against the use of client-side only validation of data: one can always bypass them. A working strategy could be to assign (server-side) an unique identifier to every get of every page, store it in a db along with a timestamp, and compute the interval (server-side) between the post time and the get stored timestamp. This is certainly possible, but would be an enormous overhead And, last but not least, cui prodest? Update: bootnote: I don't think that the idea in itself is good: most of my (few) downvotes are to badly formatted and incomprehensible questions. You don't need (and don't want to spend) much time to decide that a question saying "HELP!!! MY PROGRAM DOESN'T WORK!!!!!" doesn't deserve an answer... Careful with that hash Eugene. In reply to Re^3: proposition for Voting system
by psini
|
|