hi...
just now i'm working on a file-upload system with which users get the possibility to upload jpg-pictures on the homepage.
it will also be possible to send pictures per http which are loaded by fopen() and are processed on the server.
i want to set a timeout of about 30 seconds for each upload, so that if user1 uploads a file nobody else should be able to upload anything within these 30 seconds. this should prevent the server from getting bombed with queries, for example. 😉
no long words:
get_actual_timestamp() loads a textfile containing the blocking timestamp
upload_pic() handles the file upload.
function upload_pic() {
$timestamp = get_actual_timestamp();
// get_actual_timestamp lets die the whole
// function if $timestamp is not an integer
// or $timestamp is not 10+ chars long
$now = time();
$stop_time = 30;
if($timestamp > $now) {
// stop uploading process, send message to browser, delete all files
return FALSE;
}
// set timestamp-file 30 seconds later
update_timestamp(($now + $stop_time));
// continue
// [...]
}
is this secure enough? does anybody know a safer way for my purpose?
many thanks 🙂
