From 0ebb3aa45f09ba1e59ed468ff11b535e0be4e432 Mon Sep 17 00:00:00 2001 From: biglyderv Date: Sat, 25 Jan 2025 18:18:21 -0500 Subject: [PATCH] rate limiting --- docs/api/comment.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/docs/api/comment.php b/docs/api/comment.php index 65225f6..cf6b4b0 100644 --- a/docs/api/comment.php +++ b/docs/api/comment.php @@ -44,12 +44,24 @@ } $poid = bin2hex(random_bytes(16)); - + + $stmt = $db->prepare("SELECT * FROM comment WHERE username = ? ORDER BY date DESC"); + $stmt->execute([ + $username + ]); + $userposts = $stmt->fetchAll(PDO::FETCH_DEFAULT); + + if ($userposts[0]['date'] - (microtime(true) - $ref) > -3) { + echo "You have been rate limited."; + return; + } + $stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)"); $stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,$poid]); $postieP = "https://nbg.dervland.net/comment.php?id=" . $poid; + $user10 = ':system'; if ($postType == 'user') { $postie = "A user commented on your wall: " . $postieP;