Making a form to add users that can't be misused.
I'm trying to create a program that will add a user from an HTML form. However, I don't want someone to be able to create a script that will fill the database with users.
Making a lag of a second, or so, will cut down on the quantity of users that somone can add, but that's not really a solution.
Making it so one IP can't add more than one user every so often might work, but can someone spoof their IP and add as many as they want? Since this is over TCP, which has a three-way handshake, would they have to actually be at that IP or could they spoof it?
How should I do this?
Thanks.
|