Quick and easy flood protection?

Question

I have a site where a user submits a message using AJAX to a file called like.php. In this file the users message is submitted to a database and it then sends a

Answer 1

I thought about using sessions, like have a session that contains a timestamp that gets checked every time they send data to like.php

This won't stop bots as they can receive and send the same cookies that users do.

You should really have users logging into such a system. Seems to be worth protecting access. You could also consider limiting posts per minute per ip but multiple bots could still send many spam messages.

If you don't want to implement a login then many sites use captcha to try and cut down on such attempts.

http://www.phpcaptcha.org/