Hi everyone!!

Maybe this is a stupid question.

Let's suppose I have a login system for users, and that logged users can insert posts of texts using Ajax requests on the data base. A logged user can use Firebug to post a big amount of posts on the data base.

How can I prevent this? To prevent a user to use client side JavaScript to post a big amount of Ajax requests. I am using PHP as the server language.

I could use a CSFR token, but once the user has the token in the client side, she/he could use the token to perform thousands of Ajax requests.

Thank you very much!!