ASP effectively prevent web site message board spam message/comment implementation ideas

I. Fill in the form page: <input name= "intime1" type= "hidden" value= "<%=now ()%>" >
On the Submit processing page, set the submission time
The code is as follows:
If DateDiff ("s", Request.Form ("intime1"), now ()) < 5 Then
Response.Write "<script Language=javascript>alert (' Your message is too fast, no message! ');"
Response.Write "This.location.href= ' Vbscript:history.back () ';</script>"
Response.End
End If

Two. Verification code
The code is as follows:
YZ=CSTR (Request. Form ("YZ"))
YZ1=CSTR (Session ("YZ1"))
If Yz1<>yz Then
Response.Write ("<script language=javascript>alert" ("Please enter the verification code correctly!") ');</script> ")
Response.Redirect ("sign.asp")
End If

Three. Judging the antecedents
The code is as follows:
Server_v1=cstr (Request.ServerVariables ("Http_referer"))
' Response.Write (SERVER_V1)
Server_v2=cstr (Request.ServerVariables ("SERVER_NAME"))
' Response.Write (SERVER_V2)
If Mid (Server_v1,8,len (SERVER_V2)) <>server_v2 Then
Response.Write ("<script Language=javascript>alert" prohibits external submission of data!) ');</script> ")
Response.End
End If

Four. Set the number of daily submissions
The code is as follows:
' When the user submits every time
If Request.Cookies ("postnum") = "" Then
Response.Cookies ("Postnum") =1
Response.Cookies ("Postnum"). Expires=dateadd ("H", and Now ())
Else
Response.Cookies ("Postnum") =request.cookies ("Postnum") +1
End If
If Request.Cookies ("Postnum") > 3 Then
Response.Write "<script Language=javascript>alert" (' Today the number of messages exceeds the limit, no message! ');"
Response.Write "This.location.href= ' Vbscript:history.back () ';</script>"
Response.End
End If

Five. Prohibit IP
The code is as follows:
Server_ip=cstr (Request.ServerVariables ("REMOTE_ADDR"))
If Right (server_ip,8) = "194.165." Then
Response.Write "No overlapping submissions 194.165."
Response. End ()
End If

1, to determine whether the release information has reliable antecedents. As long as it is issued by a natural person, then he must be through the submission page we provide to the user, there must be an antecedents; If the machine is released, there will be no routing information.
' Judge the antecedents, prohibit external submissions
The code is as follows:
Dim server_v1,server_v2
Server_v1=cstr (Request.ServerVariables ("Http_referer"))
Server_v2=cstr (Request.ServerVariables ("SERVER_NAME"))
If server_v1= "" or InStr (SERVER_V1, "/add.asp") <=0 or mid (Server_v1,8,len) SERVER_V2
Response.Write "<script Language=javascript>alert (' source illegal, prohibit external submissions!") ');"
Response.Write "This.location.href= ' Vbscript:history.back () ';</script>"
Response.End
End If

Note that the/add.asp above is the submission page source page. Of course, the machine can also forge the route, which should be combined with the following ways to deal with.
2, verification code. Verification code is always a feasible way to deal with machine spam messages. Different authentication codes have different ability to deal with machine messages, the more complex the verification code, the more difficult the machine to crack. This requires a balance between considering the user's feelings and dealing with the machine. About the use of verification code, I do not say more, Google, Baidu Search will appear in a lot of introductions.
3, the time to determine the source submission. If the time to stay on the submission page is too short, such as 20 seconds, generally as long as the individual, he does not need to type a small amount of time. For example, when a user opens a page (such as add.asp), we write down this time and add a hidden object to the form submission form, such as:
<input name= "intime1 type=" hidden "value=" <%= Now ()%>
Then, When the user wrote a good message comments submitted to the specific processing page (such as addok.asp), we get the current time, and add.asp in this intime1 time comparison, if this time difference is less than the set period, such as 20 seconds, then prohibit the message, judge for the machine. Code can be written like this:
code as follows:
If DateDiff ("s", Request.Form ("intime1"), now ()) < then
Response.Write "<script" Language=javascript>alert (' Your message is too fast, no message! ');"
Response.Write ' this.location.href= ' vbscript:history.back () ';</script> '
Response.End
End If

Through the above three methods can block most of the machine spam comments, if there are a large number of messages, it is mostly human flesh message. But how do we deal with human-flesh messages? Flymorn also provides methods to deal with.
The simple approach is to limit the number of messages that the same user posts by recording the user's cookies and IP. For example, within 24 hours of a day, only the same user is allowed to publish 5 messages. We can do this in the following ways.
The code is as follows:
<% ' When the user submits each time
If Request.Cookies ("postnum") = "" Then
Response.Cookies ("Postnum") =1
Response.Cookies ("Postnum"). Expires=dateadd ("H", and Now ())
Else
Response.Cookies ("Postnum") =request.cookies ("Postnum") +1
End If
If Request.Cookies ("Postnum") > 5 Then
Response.Write "<script Language=javascript>alert" (' Today the number of messages exceeds the limit, no message! ');"
Response.Write "This.location.href= ' Vbscript:history.back () ';</script>"
Response.End
End If
%>

Through the above restrictions, manual posting has also been a certain limit. The above method is based on cookies to judge, of course, users can empty cookies through the browser, but this increases the difficulty of sending spam posts, raising the threshold. We can also continue to judge the publisher's IP, through the same IP post limit number to achieve our goal. Here, will no longer expand, you can design their own how to determine the IP to limit the way the post. If you have comments or suggestions on the topics discussed in this article, please leave a comment so that we can discuss it together.