How can i put limit to something user does in one minute? I have got this php code
if(isset($_POST['new_post'])){
$Text=htmlspecialchars($_POST['new_post'],ENT_QUOTES);
$Text=trim($Text);
if (is_uploaded_file($_FILES['Upload_f']['tmp_name'])) {
$fileP=$_FILES['Upload_f'];
$fileP_name=$fileP['name'];
$fileP_tmp=$fileP['tmp_name'];
$fileP_size=$fileP['size'];
$fileP_error=$fileP['error'];
$fileP_extension=explode('.', $fileP_name);
$fileP_extension=strtolower(end($fileP_extension));
$allowed=array('jpg','png');
if (in_array($fileP_extension, $allowed)){
if ($fileP_error===0) {
if ($fileP_size<=2097152){
$fileP_new_name=uniqid().'.'.$fileP_extension;
}
}
$NotInarray=false;
}else{
$fileP_new_name="";
$NotInarray=true;
}
$Fileuploaded=true;
}else{
$fileP_new_name="";
$fileP=0;
$Fileuploaded=false;
$NotInarray=false;
}
$Posts=$con->query("SELECT Posts FROM user_opt WHERE Username='$NameId'");
$row=$Posts->fetch_row();
if (strlen($Text)>400) {
$Res="Error occurred.Please try again";
$PostNum=$row[0];
}elseif(strlen($Text)==0 && $fileP==0){
$Res="Both fields are empty";
$PostNum=$row[0];
}elseif($Fileuploaded===true){
if ($NotInarray==true) {
$Res="Only jpg and png files are allowed";
$PostNum=$row[0];
}elseif ($fileP_error!=0) {
$Res="Error occurred.Please try again";
$PostNum=$row[0];
}else{
$Res="Success";
$PostNum=$row[0]+1;
$upladed++;
}
}else{
function generateRandomString($length) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$Rand=generateRandomString(100);
$query=$con->query("INSERT INTO uploads (Rand,Username,image,`Text`,`Date`) VALUES('$Rand','$NameId','$fileP_new_name','$Text',NOW())");
$querya=$con->query("UPDATE user_opt SET posts=posts+1 WHERE Username='$NameId'");
$PostNum=$row[0]+1;
$Res="Success";
$upladed++;
}
echo json_encode(array($Res,$PostNum,$upladed));
}
This code is called by ajax.How can i make this code execute maximum 5 times in one minute?I have tried making it this way
$upladed=0;
if(isset($_POST['new_post'])){
if ($upladed<=5) {
code
}
}
But every time new ajax comes $upladed becomes 0 again
You may want to use the session to store the $uploaded variable's value, and retrieve it every time an Ajax call happens. You may also want to store the actual minute when the first post happened, to make sure that no more posts should arrive in THAT minute. And you should invalidate the $uploaded (set it to 0 ) when another minute is started.
More better if you are storing the actual second of the first post, and give 60 seconds to the other potential uploads (up to your limit)
The modified code could look like this:
<?php
session_start();
function generateRandomString($length) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
function isFileUploadAllowed() {
$isAllowed = true;
$timeNow = time();
$timeFrameInSeconds = 60;
$maxUploadsInTimeFrame = 5;
$firstUploadTime = $_SESSION['firstUploadTime'] ? intval($_SESSION['firstUploadTime']) : $timeNow;
$numberOfUploadsInTimeFrame = $_SESSION['numberOfUploadsInTimeFrame'] ? intval($_SESSION['numberOfUploadsInTimeFrame']) : 0;
$givenTimeFrameExpired = (($firstUploadTime + $timeFrameInSeconds) < $timeNow);
// when there would be more time to allow upload
if (!$givenTimeFrameExpired) {
// disallowing only when the limit is reached
if ($numberOfUploadsInTimeFrame + 1 > $maxUploadsInTimeFrame) {
$isAllowed = false;
}
}
// if there is no need to restrict this upload
if ($isAllowed === true) {
// if previous time frame is expired, reset 'firstUploadTime' and 'numberOfUploadsInTimeFrame'
if ($givenTimeFrameExpired) {
$_SESSION['firstUploadTime'] = $timeNow;
$_SESSION['numberOfUploadsInTimeFrame'] = 0;
}
// increasing the number of uploaded files
$_SESSION['numberOfUploadsInTimeFrame']++;
}
return $isAllowed;
}
if(isset($_POST['new_post'])){
$Text=htmlspecialchars($_POST['new_post'],ENT_QUOTES);
$Text=trim($Text);
if (is_uploaded_file($_FILES['Upload_f']['tmp_name'])) {
if (isFileUploadAllowed()) {
$fileP=$_FILES['Upload_f'];
$fileP_name=$fileP['name'];
$fileP_tmp=$fileP['tmp_name'];
$fileP_size=$fileP['size'];
$fileP_error=$fileP['error'];
$fileP_extension=explode('.', $fileP_name);
$fileP_extension=strtolower(end($fileP_extension));
$allowed=array('jpg','png');
if (in_array($fileP_extension, $allowed)){
if ($fileP_error===0) {
if ($fileP_size<=2097152){
$fileP_new_name=uniqid().'.'.$fileP_extension;
}
}
$NotInarray=false;
}else{
$fileP_new_name="";
$NotInarray=true;
}
$Fileuploaded=true;
}
}else{
$fileP_new_name="";
$fileP=0;
$Fileuploaded=false;
$NotInarray=false;
}
$Posts=$con->query("SELECT Posts FROM user_opt WHERE Username='$NameId'");
$row=$Posts->fetch_row();
if (strlen($Text)>400) {
$Res="Error occurred.Please try again";
$PostNum=$row[0];
}elseif(strlen($Text)==0 && $fileP==0){
$Res="Both fields are empty";
$PostNum=$row[0];
}elseif($Fileuploaded===true){
if ($NotInarray==true) {
$Res="Only jpg and png files are allowed";
$PostNum=$row[0];
}elseif ($fileP_error!=0) {
$Res="Error occurred.Please try again";
$PostNum=$row[0];
}else{
$Res="Success";
$PostNum=$row[0]+1;
$upladed++;
}
}else{
$Rand=generateRandomString(100);
$query=$con->query("INSERT INTO uploads (Rand,Username,image,`Text`,`Date`) VALUES('$Rand','$NameId','$fileP_new_name','$Text',NOW())");
$querya=$con->query("UPDATE user_opt SET posts=posts+1 WHERE Username='$NameId'");
$PostNum=$row[0]+1;
$Res="Success";
$upladed++;
}
echo json_encode(array($Res,$PostNum,$upladed));
}