In certain situations, such as when conducting surveys or accepting competition entries, for example, we may wish to limit the number of submissions that a form user may make. Webform offers some methods for preventing folk from putting through multiple submissions, but it must be said that these methods cannot be guaranteed to be bullet-proof for anonymous users.
Under the heading Submission limit on the Form settings page, we specify that our users are limited to making only one submission by entering Limit to
1
submission(s) ever. In this way we can prevent users of our Speaker Registration form from submitting more than one entry.
In the case of registered and logged-in site users, Webform can easily determine whether or not a submission for this user has already been received. If we have received a previous submission, then the user will not be granted access to the form.
In the case of anonymous users, Webform attempts to find previous submissions based on the user's IP address and presence of a web browser cookie.
As we have seen previously, we may limit the number of submissions made by a particular user. There are also several other limiting options that we could implement.
In cases where users may submit a form multiple times, but we need to limit how often they may make submissions, Webform allows us to alternatively specify how many submissions may be made on an hourly, daily
, or weekly
basis by any given user. This functionality enforces how often a particular user may enter a submission.
We may also limit the total number of submissions that are made to a Webform. If we were selling ticket bookings via a Webform, for example, we would like for the form to automatically close when the prescribed number of bookings has been reached. Alternatively, we could limit the number of submissions that the form would accept every hour, every day
, or every week
.
The IP address of our form users, on its own, cannot be considered to uniquely identify whether an anonymous site visitor has previously submitted a form. Many organizations have configured their outgoing Internet access in such a way that all users on the internal network appear to come from a single IP address.
Adding to the uncertainty, many web browsers can be set to delete cookies when a browsing session has ended. It therefore becomes possible that a particular site visitor can circumvent the attempt to limit their multiple submissions by merely closing and re-opening their browser window.