First of all, you may want to reconsider. Many ISPs (aol.com comes to mind) use proxy farms for their end users' Web traffic. Often they send headers to let you know they are proxying, yet sometimes you get transparent proxies. All this means, you may have 1000s of users for a given ISP who seemingly connect to your site with the same IP address. You may get around this by storing a cookie on the users browser (you could require cookies for getting near the form perhaps.) I would store a GUID of sorts in the cookie which links to a MySQL record with a timestamp (so that the expire date on the cookie cannot be tampered with for example.) If you don't want to be that extreme, perhaps you just use this function I wrote (adapted it from somewhere I think) that has come in handy:
function getRemoteAddr()
{
if ( isset($_SERVER['HTTP_CLIENT_IP']) ) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif ( isset($_SERVER['REMOTE_ADDR']) ) {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
It basically looks for headers that are commonly used for sending the real ip address of the node behind a proxy. If they are not found it simply uses REMOTE_ADDRESS (the standard.) I would store the ip address in a database table with a timestamp again. To check if an ip address can post again is simple.
SELECT `ip` FROM `ips` WHERE `ip` = '{ip_address}' AND DATE_SUB(NOW(), INTERVAL 1 DAY) > `lastpost`
BTW...the above query is an example only. I do realize that you would get no result for either an ip whose last post has not yet expired or no result if the ip had not yet posted (in which case you wanna let him or her post.) But the query does serve to get you on your way.
