I have a script that allows anyone to upload a file under 200 MB and after the file is downloaded once it will delete it, and after 24 hours all files are deleted from the server. My question is how can I limit the number of times someone can upload a file for example. If someone were to upload 3 files in one hour, if they were to upload a 4th file, they would need to put in a captcha code to ensure they are not a robot. But how would I go about doing this?
Code for uploading:
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script>
function _(el){
return document.getElementById(el);
}
function uploadFile(){
var file = _("file1").files[0];
//alert(file.name+" | "+file.size+" | "+file.type);
var formdata = new FormData();
formdata.append("file1", file);
var ajax = new XMLHttpRequest();
ajax.upload.addEventListener("progress", progressHandler, false);
ajax.addEventListener("load", completeHandler, false);
ajax.addEventListener("error", errorHandler, false);
ajax.addEventListener("abort", abortHandler, false);
ajax.open("POST", "upload.php");
ajax.send(formdata);
}
function progressHandler(event){
//_("loaded_n_total").innerHTML = "Uploaded "+event.loaded+" bytes of "+event.total;
var percent = (event.loaded / event.total) * 100;
var percent = (event.loaded / event.total) * 100;
_("progressBar").value = Math.round(percent);
_("status").innerHTML = Math.round(percent)+'%';
}
function completeHandler(event){
_("completed").innerHTML = event.target.responseText;
_("progressBar").value = 100;
}
function errorHandler(event){
_("status").innerHTML = "Upload Failed";
}
function abortHandler(event){
_("status").innerHTML = "Upload Aborted";
}
</script>
<body>
<input type="button" value="Upload File" onclick="uploadFile()" class="UploadButton">
<progress id="progressBar" value="0" max="100">
</progress>
</body>
php upload script:
<?php
include('connect.php');
$file = $_FILES["file1"]["name"];
if ($file == "") {
// if file not chosen
exit();
}
$ogname = $_FILES["file1"]["name"];
// The file name
$length = 20;
$randomString = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
$num = rand () ;
$key = md5($num);
$info = pathinfo( $ogname );
$ext = $info['extension'];
$fileName = $randomString . "." .$ext;
//gets ip address of client
//Test if it is a shared client
if (!empty($_SERVER['HTTP_CLIENT_IP'])){
$ip=$_SERVER['HTTP_CLIENT_IP'];
//Is it a proxy address
}elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}else{
$ip=$_SERVER['REMOTE_ADDR'];
}
//returns ip to be stored later
$downloads = 0;
$time = 0;
$fileTmpLoc = $_FILES["file1"]["tmp_name"];
// File in the PHP tmp folder
$fileType = $_FILES["file1"]["type"];
// The type of file it is
$fileSize = $_FILES["file1"]["size"];
if($fileSize > 209715201){
// if too large
exit();
}
// File size in bytes
$fileErrorMsg = $_FILES["file1"]["error"]; // 0 for false... and 1 for true
if (!$fileTmpLoc) {
// if file not chosen
exit();
}
if(move_uploaded_file($fileTmpLoc, "files/$fileName"))
{
//success
mysql_query("INSERT INTO file(name, ogname, type, size, tmp_name, keyID, ip, time, downloads)
VALUES('$fileName', '$ogname', '$fileType', '$fileSize', '$fileTmpLoc', '$key', '$ip', '$downloads', '$time')");
}else {
//not uploaded
}
?>
