Home > Developer > ASP

Asp effectively prevents spam messages/comments on website message boards

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1. On the form filling page: <Input name = "intime1" type = "hidden" value = "<% = Now () %>">
On the submit processing page, set the submission time Copy codeThe Code is as follows: If DateDiff ("s", request. form ("intime1"), Now () <5 then
Response. write "<SCRIPT language = JavaScript> alert ('your message is too fast. Do not leave a message! ');"
Response. write "this. location. href = 'vbscript: history. back () '; </SCRIPT>"
Response. end
End if

2. Verification Code Copy codeThe Code is as follows: yz = cstr (request. Form ("yz "))
Yz1 = cstr (session ("yz1 "))
If yz1 <> yz then
Response. Write ("<script language = javascript> alert ('enter the verification code correctly! '); </Script> ")
Response. redirect ("sign. asp ")
End if

3. Judging the road Copy codeThe Code is as follows: server_v1 = Cstr (Request. ServerVariables ("HTTP_REFERER "))
'Response. Write (server_v1)
Server_v2 = Cstr (Request. ServerVariables ("SERVER_NAME "))
'Response. Write (server_v2)
If mid (server_v1, 8, len (server_v2) <> server_v2 then
Response. Write ("<script language = javascript> alert ('prohibit external data submission! '); </Script> ")
Response. end
End if

4. Set the number of daily submissions Copy codeThe Code is as follows: 'Each time a user submits
If request. cookies ("postnum") = "" then
Response. cookies ("postnum") = 1
Response. cookies ("postnum"). expires = DateAdd ("h", 24, Now ())
Else
Response. cookies ("postnum") = request. cookies ("postnum") + 1
End if
If request. cookies ("postnum")> 3 then
Response. write "<SCRIPT language = JavaScript> alert ('the number of messages today exceeds the limit. Do not leave a message! ');"
Response. write "this. location. href = 'vbscript: history. back () '; </SCRIPT>"
Response. end
End if

5. Disable IP addresses Copy codeThe Code is as follows: server_ip = Cstr (Request. ServerVariables ("REMOTE_ADDR "))
If right (server_ip, 8) = "194.165." then
Response. write "Do Not Overwrite 194.165 ."
Response. End ()
End if

1. Determine whether the publish information is reliable. As long as it is released by a natural person, it must come through the submission page we provide to the user. If it is released by a machine, there will be no information.
'Judging the origin, forbidding external submissionsCopy codeThe Code is as follows: dim server_v1, server_v2
Server_v1 = Cstr (Request. ServerVariables ("HTTP_REFERER "))
Server_v2 = Cstr (Request. ServerVariables ("SERVER_NAME "))
If server_v1 = "" or instr (server_v1, "/add. asp") <= 0 or mid (server_v1, 8, len (server_v2) <> server_v2 then
Response. write "<SCRIPT language = JavaScript> alert ('external submission is prohibited because the source is invalid! ');"
Response. write "this. location. href = 'vbscript: history. back () '; </SCRIPT>"
Response. end
End if

Note that the above/add. asp is the source page for submission. Of course, machines can also forge routes, which must be dealt with in the following ways.
2. Verification code. The verification code has always been a feasible method for dealing with spam messages. Different verification codes have different capabilities to deal with messages from machines. The more complicated the verification codes, the more difficult the machine is to crack. This requires selecting a balance between user experience and dealing with machines. I will not talk much about the use of verification codes. There will be many introductions in Google and Baidu searches.
3. determine the time when the source is submitted. If the time spent on the submission page is too short, for example, 20 seconds, it is generally not necessary for an individual to type. For example, when a user opens a page (such as add. asp), we write down the time and add a hidden object in the form submission form, for example:
<Input name = "intime1" type = "hidden" value = "<% = Now () %>">
Then, after the user writes a comment, the user submits it to the specific processing page (such as addok. asp), we get the current time, and add. this intime1 time comparison in asp. If the time difference is less than the set time, for example, 20 seconds, the message is prohibited and the result is regarded as a machine. The code can be written as follows:Copy codeThe Code is as follows: If DateDiff ("s", request. form ("intime1"), Now () <20 then
Response. write "<SCRIPT language = JavaScript> alert ('your message speed is too fast. Do not leave a message! ');"
Response. write "this. location. href = 'vbscript: history. back () '; </SCRIPT>"
Response. end
End if

The above three methods can be used to block most of the spam comments from machines. If there are a large number of comments, most of them are human messages. But how can we deal with human messages? Flymorn also provides methods.
The method is simple, that is, by recording users' cookies and IP addresses to limit the number of messages posted by the same user. For example, within 24 hours a day, only five pieces of information can be published by the same user. We can achieve this through the following methods.Copy codeThe Code is as follows: <% 'when each user submits
If request. cookies ("postnum") = "" then
Response. cookies ("postnum") = 1
Response. cookies ("postnum"). expires = DateAdd ("h", 24, Now ())
Else
Response. cookies ("postnum") = request. cookies ("postnum") + 1
End if
If request. cookies ("postnum")> 5 then
Response. write "<SCRIPT language = JavaScript> alert ('the number of messages today exceeds the limit. Do not leave a message! ');"
Response. write "this. location. href = 'vbscript: history. back () '; </SCRIPT>"
Response. end
End if
%>

Through the preceding restrictions, manual posting is also restricted. The above method is based on cookies. Of course, users can clear COOKIES through the browser, but this increases the difficulty of posting spam and increases the threshold. We can continue to judge the publisher's IP address, and achieve our goal by limiting the number of posts under the same IP address. Here, we will no longer expand. You can design your own methods to determine IP addresses to restrict posting. If you have any opinions or suggestions on the topics discussed in this article, you are welcome to leave a comment so that we can discuss them together.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More