Get "PHP 8 in a Nuthshell" (Now comes with PHP 8.3)
Amit Merchant

Amit Merchant

A blog on PHP, JavaScript, and more

Throttling submission of form in Laravel

You might face a scenario where you’d want to restrict a user from submitting a form within a certain time limit. i.e to prevent spamming by users.

For instance, let’s say, you want to restrict a user to submit a form only once in a timeframe of five minutes. This could be a public message board. If he/she tries to submit the form again in the next five minutes, they won’t be able to. How would you do that?

Well, Laravel’s custom validation rules or rule objects can be put to use here.

Create a new rule

For this, we can create a new rule called ThrottleSubmission using the following command like so.

$ php artisan make:rule ThrottleSubmission

This will create a new class called ThrottleSubmission in the app/Rules directory. Here’s in the passes() method, you can write the logic that will check if the user is submitting the form in 5 minutes multiple times like so.

<?php

namespace App\Rules;

use Illuminate\Contracts\Validation\Rule;
use App\User;

class ThrottleSubmission implements Rule
{
    protected $user;

    public function __construct(User $user)
    {
        $this->user = $user;
    }

    /**
     * Determine if the validation rule passes.
     *
     * @param  string  $attribute
     * @param  mixed  $value
     * @return bool
     */
    public function passes($attribute, $value)
    {
        return $this->user->latestMessage != null ? $this->user->latestMessage->created_at->lt(
            now()->subMinutes(5)
        ): null;
    }

    /**
     * Get the validation error message.
     *
     * @return string
     */
    public function message()
    {
        return 'Try submitting after some time.';
    }
}

Applying the rule

Once done, you can attach this rule to a validator by passing an instance of the rule object with your other validation rules on the input field like so.

use App\Rules\ThrottleSubmission;

$request->validate([
    'message' => [
        'required', 
        'string', 
        new ThrottleSubmission
    ],
]);

And this will essentially prevent the user from submitting a message multiple times in the span of five minutes!

I learned about this slick trick from The 6 Stages of Spam Protection by Jeffrey Way.

Learn the fundamentals of PHP 8 (including 8.1, 8.2, and 8.3), the latest version of PHP, and how to use it today with my new book PHP 8 in a Nutshell. It's a no-fluff and easy-to-digest guide to the latest features and nitty-gritty details of PHP 8. So, if you're looking for a quick and easy way to PHP 8, this is the book for you.

Like this article? Consider leaving a

Tip

👋 Hi there! I'm Amit. I write articles about all things web development. You can become a sponsor on my blog to help me continue my writing journey and get your brand in front of thousands of eyes.

Comments?