Yes, but it's better than no security 🤔 I already had a case (unfortunately I had no security then) that within a few minutes an automated bot added 500 answers in several topics.
For now, I'm testing:
public static function floodCheck()
{
if ( \IPS\Settings::i()->flood_control and !\IPS\Member::loggedIn()->group['g_avoid_flood'] )
{
if ( \IPS\Member::loggedIn()->member_id === NULL ) {
$topic = \IPS\forums\Topic::load( \IPS\Request::i()->id );
if ( time() - $topic->last_post < \IPS\Settings::i()->flood_control )
{
throw new \DomainException( \IPS\Member::loggedIn()->language()->addToStack('error_flood_control', FALSE, array( 'sprintf' => array( \IPS\Settings::i()->flood_control - ( time() - $topic->last_post ) ) ) ) );
}
}
else {
if ( time() - \IPS\Member::loggedIn()->member_last_post < \IPS\Settings::i()->flood_control )
{
throw new \DomainException( \IPS\Member::loggedIn()->language()->addToStack('error_flood_control', FALSE, array( 'sprintf' => array( \IPS\Settings::i()->flood_control - ( time() - \IPS\Member::loggedIn()->member_last_post ) ) ) ) );
}
}
}
}
It's not the best solution, but it works somehow. Meanwhile, I'm trying to figure out a better way.
hmm, why not cookie seems like a good idea 😉