Alex,
Doing the MD5 of the message + a check by the username would the best approach. To eliminate the flooding, you would really only need to limit the session to about 60-90 seconds.
The chances of two messages having the same MD5 hash is about 10000000000000000000000000 : 1 - so it is definately a better idea then checking against the entire message.
That way no one user can post the same message within the alloted time frame.
Cheers,
Michael Bray
Doing the MD5 of the message + a check by the username would the best approach. To eliminate the flooding, you would really only need to limit the session to about 60-90 seconds.
The chances of two messages having the same MD5 hash is about 10000000000000000000000000 : 1 - so it is definately a better idea then checking against the entire message.
That way no one user can post the same message within the alloted time frame.
Cheers,
Michael Bray