开发者

how to check connection to php page

开发者 https://www.devze.com 2022-12-13 01:02 出处:网络
I might have written the title wrong. Sorry for that. I just wonder if there is a way to check users connection to a php page.

I might have written the title wrong. Sorry for that.

I just wonder if there is a way to check users connection to a php page.

For example, i have a php page called "download.php" and this page lets user to download sth and insert this action to mysql, like that

$query = "INSERT INTO bla bla ";
$result = mysql_query($query);

header('Content-type: application/zip');
header('Content-Length: ' . filesize($file));
header("Content-Disposition: attachment; filename="file.zip");

readfile($file);

But sometimes, download manager softwares like "orbit" etc... connect this pag开发者_开发知识库e hundreds of time, and blow up the database.

is there a way to prevent this ?

Thanks


You can specify the number of allowed connections in your sql configuration or apache. Set max connections to something you know your database can handle

Edit the file /etc/my.cnf max_connections=1000


The best thing to do is drop the MySQL connection before the download starts, as it remains open during the whole download. Reconnect at the end if necessary - the problem should go away.

That is, after the last use of MySQL, but before the headers, put

mysql_close();


If I understand correctly, you want to filter out requests from download managers or bots and only record the actual user in your database. There are a few methods I can think of to accomplish this:

Filter the User Agent: every request should send a user-agent header, which identifies the browser or software making the request. You could use this method to filter out bots and download managers (if in fact they are using a separate user-agent). Here is an example script that does this.

Use a Cookie: something like this at the top of the page, assuming the download manager shares cookie state with the browser:

if (!isset($_COOKIE['download_check'])) {
    setcookie('download_check', '1', 0, '/');
} else {
    exit();
}

The script will not do anything after the first time. To allow the user to come back and re-download, just destroy the cookie on any other page.

Redirect with JavaScript or meta-tags: Assuming that the downloader or a bot will not execute JavaScript, check for the existence of some parameter in the query string. If it does not exist, then output a short page with a JavaScript or meta-tag redirect to the same page with the parameter and exit, like this:

if (!isset($_GET['download_check'])) {
    echo "<html><script>window.location = 'this_page.php?download_check=1'</script></html>";
    exit();
}

I hope that one or more of these methods helps you filter out incorrect requests to your application.

0

精彩评论

暂无评论...
验证码 换一张
取 消