We are moving our forum in GitHub Discussions. For questions about Phalcon v3/v4 you can visit here and for Phalcon v5 here.

IP validator


I have to make an IP adress validator to prevent users refrshing profile and rising hit counter on page. Is it good solution to use this Phalcon\Validation. Basicly I have counter column in my db that rise on profile opening and I wont to stop users abuseing it. Any1 have an example or use this Phalcon Validation in this case?

edited Aug '16

I'm not sure how IP validator would help you in this task?

Example solutions:

1) The most promising solution would be to store something unique for this Visitor in database table profile_visits. However it is up to you to decide which is this unique info.. be it IP or UserId e.t.c.. I dont know what are your project requirements :) Please note that if you limit them by IP whole office network can count as 1 visitor... Funny fact is that there are small villages in Bulgaria which all computers are on one IP address :)

2) A more simple solution would be to store visited profile pages in session. Something like:

$this->session->visitedProfiles = [13, 14, 15, 16]; // List of Visited profile Ids
// If $currentProfileId is not in visitedProfiles array then user visits page for first time - INCREMENT!
if (!in_array($currentProfileId, $this->session->visitedProfiles)) {
    // Your increment query

    // Add current profile id to session so it wont be incremented on refresh 
    $this->session->visitedProfiles[] = $currentProfileId;

3) Same like (2) but store ids in cookie.

4) Easiest and most secure option is if your application requires login.. then you know currnet user ID and this is your best option.

Note: options (2) and (3) are not 100% secure as visitor can abuse by opening new browser, deletes cookies e.t.c.