PHP: avoid Flood/Spam system by session?

can开发者_如何转开发 I use Session avoid Flood/Spam ? ( spam in form ). I only need avoid use can repeat action as 3,4 action /s .

---

No, you can't use session mechanism to avoid flood.
Because you can't force a client to keep a session.

You can use session to support CAPTCHA test though.

---

You could track an IP+UserAgent on the server over a short duration, but you couldn't depend on tracking a cookie (as a user agent like cURL could just disregard saving it) unless a valid cookie matching a session was required to interact with your site.

If the IPs or UserAgents spamming your site/app were constantly changing then there's no sense in even storing them on the server to simulate a cookie. You'd want to create a CAPTCHA to gate whatever is being spammed.

We'd need more information to be any less general. ;)