How to limit repeated user actions (via session, IP or something else)?

D

Dmitry2016-03-12 22:32:49

PHP

Dmitry, 2016-03-12 22:32:49

I am developing a web service that will provide paid services. Because Since there is no way to reveal the details, then we will conditionally assume that there is a certain button, access to which must be restricted. Those. the client can click it twice for free (and get the service), but all subsequent clicks must already be paid.
First question: how to recognize the fact that the client has paid for the service if he is not authorized and not registered in the system (registration is not required)? I see only the option of sending a certain code to the client, after payment, with which he can activate the button on the site (and add more clicks to himself).
The second question is how to control and count the button clicks by the client in general? With sessions/cookies? But after all session it is possible to reset. With IP? What if the IP is dynamic? Can anyone suggest how such things are generally implemented? What are the ways?
I repeat that this is not about an authorized user.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

IceJOKER, 2016-03-12
@IceJOKER

I came up with one idea while reading - after entering the code (after payment), in the session or in cookies, write down the fact of payment (some hash) + after clicking, also generate some hash, after the second click, check whether the hash of the previous step was generated and if was, then delete the data.
In this case, it is already in the interests of the user not to reset anything, because after the reset, he will lose the fact of payment.
And in any other cases, as you described, the user will be able to reset the data