Forum Discussion
NimbostratusiRule to limit duplicate submissions to form
I am looking at creating an iRule that will limit the amount of times an email address can be used in a username lookup page. Would like to make sure that the email is only posted to the page x amount of time in y minutes. Once the limit has been reached the email address would not be able to be submitted to the site for the next z minutes.
Any ideas on how this would be able to be accomplished would be appreciated.
2 Replies
- Kevin_Stewart
Employee
This may be over simplistic for what you're looking for, but I believe the basic functionality is there:
when RULE_INIT { user-defined: time to wait after failure set static::wait_time 30 user-defines: max query attempts set static::max_attempts 3 } when HTTP_REQUEST { if { [HTTP::method] equals "POST" } { HTTP::collect [HTTP::header Content-Length] } } when HTTP_REQUEST_DATA { set user [URI::query ?[HTTP::payload] user] if { $user ne "" } { if { [table lookup -subtable USERQUERY $user] eq "" } { table add -subtable USERQUERY $user 1 $static::wait_time } elseif { [expr [table lookup -subtable USERQUERY $user] >= $static::max_attempts] } { HTTP::respond 200 content "Queries exceeded" } else { table incr -subtable USERQUERY $user } } }If the request is a POST, collect the payload. If the user value is in this POST request, grab it. If there's no table entry for this user, create a table entry and give it an idle timeout value as specified by the "static::wait_time" value. Else if the table entry exists and its value is greater than or equal to the specified "static::max_attempts" value, respond to the client with an error message. Otherwise increment the value attributed to that user query in the table.
- Kevin_Stewart
Just URI decode the input:
set user [URI::decode [URI::query ?[HTTP::payload] user]]
