Axeia Posted April 6, 2009 Share Posted April 6, 2009 I'm writing a script that lets a user create a custom graph and at the end of the ride the graph is created via either GD2 or Imagick, depending on if I figure out how to draw a pie slice with imagick. Anyhow, GD2 and Imagick take their toll on the server as they're both quite 'heavy' processes and I'd like to restrict the user to create a graph at most once every 10 seconds. What's the best approach to this, sessions, sessions in combination with cookies, something completely different? Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/ Share on other sites More sharing options...
dbo Posted April 6, 2009 Share Posted April 6, 2009 Every 10 seconds period or every 10 seconds per user? Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/#findComment-802670 Share on other sites More sharing options...
Axeia Posted April 6, 2009 Author Share Posted April 6, 2009 10 seconds per user, though if it proves to be popular.. once every ~1 second might be interesting as well. Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/#findComment-802828 Share on other sites More sharing options...
corbin Posted April 6, 2009 Share Posted April 6, 2009 Sessions would be easy for malicious users to circumvent, but they are pretty much your only option unless you want to do it by IP address. With sessions it would be something simple like: <?php session_start(); if($_SESSION['last_graphed'] >= time()-10) { //please wait 10 seconds } //Somewhere else, you would do $_SESSION['last_graphed'] = time(). Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/#findComment-802914 Share on other sites More sharing options...
Axeia Posted April 6, 2009 Author Share Posted April 6, 2009 mmh didn't even think of IP addresses, guess that's worth looking into. A real IP address takes a couple of seconds, so that would be a nice way but I've no clue as how long it would take with IP spoofing. But combining it the session bit you just posted it would at least be quite hard to get the server to be make images nonstop not having time for the normal things. Thanks for the help, if anyone else has other/better idea's I'd love to hear them. Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/#findComment-802964 Share on other sites More sharing options...
corbin Posted April 6, 2009 Share Posted April 6, 2009 It wouldn't be user friendly, but you could of course make people wait 10 seconds before making a graph. Kind of like rapidshare (or megaupload or so on) does with downloading. Even if you change IPs or what ever, you still have to wait the time. Quote Link to comment https://forums.phpfreaks.com/topic/152843-best-approach-to-preventing-abuse-of-resource-intensive-script/#findComment-802984 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.