function flood_is_allowed

1 common.inc flood_is_allowed($name, $threshold, $window = 3600, $identifier = NULL)

Checks whether a user is allowed to proceed with the specified event.

Events can have thresholds saying that each user can only do that event a certain number of times in a time window. This function verifies that the current user has not exceeded this threshold.

Parameters

$name: The unique name of the event.

$threshold: The maximum number of times each user can do this event per time window.

$window: Number of seconds in the time window for this event (default is 3600 seconds, or 1 hour).

$identifier: Unique identifier of the current user. Defaults to their IP address.

Return value

TRUE if the user is allowed to proceed. FALSE if they have exceeded the: threshold and should not be allowed to proceed.

5 calls to flood_is_allowed()

contact_personal_form in core/modules/contact/contact.pages.inc: Form constructor for the personal contact form.
contact_site_form in core/modules/contact/contact.pages.inc: Form constructor for the site-wide contact form.
FloodFunctionalTest::testCleanUp in core/modules/system/tests/system.test: Test flood control mechanism clean-up.
user_login_authenticate_validate in core/modules/user/user.module: Second phase validation handler on the login form.
user_pass_validate in core/modules/user/user.pages.inc: Form validation handler for user_pass().

File

core/includes/common.inc, line 1594: Common functions that many Backdrop modules will need to reference.

Code

function flood_is_allowed($name, $threshold, $window = 3600, $identifier = NULL) {
  if (!isset($identifier)) {
    $identifier = ip_address();
  }
  $number = db_query("SELECT COUNT(*) FROM {flood} WHERE event = :event AND identifier = :identifier AND timestamp > :timestamp", array(
    ':event' => $name,
    ':identifier' => $identifier,
    ':timestamp' => REQUEST_TIME - $window))
    ->fetchField();
  return ($number < $threshold);
}