I want to make a PHP file, that get some information about user information (browser, platform, version ...) and if user comes from mobile, I'll output a mp3 file with average size: 20 MB.
I expect on average 30,000 users/day, I register with DreamHost Shared Hosting plan, do you think this plan can load such traffic, requests and processing?
what is the best way on PHP to fetch such information, insert into database and output a file based on condition?
分享 To detect if the user is on a mobile device you can use the php-mobile-detect class. It's a lot easier than writing your own to accommodate all of the devices.
You'll need to watch the traffic patterns to determine whether you need a larger hosting plan or not. 30,000 visitors is a lot of visitors. 30,000 pageviews might be more likely to begin with (or even 30,000 visits). That being said the server load will all depend on when they come. 500 visitors connecting to your machine downloading the same file all at once can bring it down. On shared hosting as DS they'll likely try to have you upgrade to a VPS plan or a box where you're by yourself if you're receiving enough traffic to compromise the other people on the cluster. They will also enable throttling if the site requires too much resources.
In terms of providing the link and limiting legitimate traffic, you can verify their IP address ($_SERVER['REMOTE_ADDR']), their session id (SESSION()), a viewtime, and then pass that to a script for header redirection to prevent people accessing a shared link:
http://domain.com/download.php?f=04293D&ts=1367827755&t=25d55ad283aa400af464c76d713c07ad
On the page delivering the file you can verify that it's the same user, the same session (in case it's linking on a local network) and the timestamp.
<?php
session_start();
if(!empty($_GET['f'])){
$f = $_GET['f'];
} else {
exit();
}
if(!empty($_GET['ts'])&&preg_match('!^[0-9]+$!',$_GET['ts'])){
$tsIn = $_GET['ts'];
} else {
exit();
}
$testHash = md5($_SERVER['REMOTE_ADDR'].session_id().$tsIn.'s@lt3d');
if(!empty($_GET['t'])&&$testHash==$_GET['t']){
// We'll be outputting an MP3
header('Content-type: audio/mpeg');
// It will be called audio.mp3
header('Content-Disposition: attachment; filename="audio.mp3"');
// To prevent mining the MP3 source is in the safe folder named '/._mp3s_safe/'
readfile($_SERVER['DOCUMENT_ROOT'].'/._mp3s_safe/original.mp3');
} else {
exit();
}
?>
I've not included it in this code, but you can even check to see if the file was requested within a certain amount of time. You can also verify users by requiring them to provide their email address, then email them the link to download the file if traffic is an issue. Also you can use the timestamp hashing method to see if someone is using a program for downloads. If they've downloaded the file too quickly or have too many other downloads open then you can make them wait for the file or make the script stop with an error about too much traffic from their machine.
分享
