PHP programmer requires PHP expert in something simple

Discussion in 'PHP' started by Objects, Mar 5, 2009.

  1. #1
    Hello guys,
    I have a problem in my PHP code. I have file downloading script that uses PHP to serve the download but when I turn it on (PHP serving download) Website crashes after 10min but if I use apache to serve downloads everything becomes ok
    I want to hide my files and links for security and this to be done by using PHP to serve my files
    cab anyone help me in this? I can pay some bucks to get this done perfect
     
    Objects, Mar 5, 2009 IP
  2. Objects

    Objects Well-Known Member

    Messages:
    388
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    140
    #2
    no one is answering
    where are you experts?
    Here is the page code I'm talking about to get this easier
    
    <?
    require_once("include/conf.php");
    
    require_once("include/mysql.php");
    require_once("include/accounts.lib.php");
    
    
    if(!accounts_loggedin())
    
    {
    
    	require_once("login.php");
    
    	die();
    
    }
    
    //sets output buffering to 0 incase it's turned on
    ini_set("zlib.output_compression", "0"); 
    ini_set("zlib.output_handler", ""); 
    ini_set("output_buffering", "0"); 
    
    //max execution time, 4 hours
    set_time_limit(4 * 60 * 60);
    
    //checks for hotlinking
    if($hotlinkprotection)
    {
    	@($referer = $_SERVER["HTTP_REFERER"]) || header("Location: http://$domain/");
    	if(strpos($referer, $domain) === false) header("Location: http://$domain/");
    }
    
    //gets and validates info
    
    @($path = $_SERVER['PATH_INFO']) || die("Error no parameters");
    
    $path = split('/', $path);
    
    if(count($path) != 3) die("Error parameters");
    
    $fileid = $path[1];
    
    $filename = $path[2];
    
    $fileEx = substr($path[2],-3);
    
    $fileEx = strtolower($fileEx);
    
    
    $fileloc = "";
    
    if($fileEx=="zip"){
    
    	$dbh = mysql_query("SELECT file FROM fullalbums WHERE fid = $fileid");
    
    }elseif($fileEx=="wmv"){
    
    	$dbh = mysql_query("SELECT file FROM videos WHERE vid = $fileid");
    
    }elseif($fileEx=="jpg"){
    
    	$dbh = mysql_query("SELECT file FROM wallpapers WHERE wid = $fileid");
    
    }elseif($fileEx=="mp3"){
    
    	$dbh = mysql_query("SELECT file FROM tracks WHERE tid = $fileid");
    
    }
    
    
    
    if($result = mysql_fetch_assoc($dbh))
    
       $fileloc = $result['file'];
    
    else
    
    	die("Unable to locate file");
    
    
    
    	
    
    	
    if($fileEx=="zip"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 1)");
    
    			mysql_query("UPDATE zipcounter SET count = count + 1 WHERE zip_id=$fileid");
    
    			}
    
    			if($fileEx=="wmv"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 2)");
    
    			mysql_query("UPDATE videos SET count = count + 1 WHERE file = \"" . addslashes($fileloc) . "\"");
    
    			}
    
    			if($fileEx=="jpg"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 3)");
    
    			mysql_query("UPDATE wallpapers SET count = count + 1 WHERE file = \"" . addslashes($fileloc) . "\"");
    
    			}
    
    			if($fileEx=="mp3"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 0)");
    
    			mysql_query("UPDATE mp3counter SET count = count + 1 WHERE track_id = $fileid");
    
    			}
    	
    mysql_close();
    
    $FILENAME = $fileloc;
    
    if (!$FILENAME || !file_exists($FILENAME)) {
    	header("location:http://www.ghaneli.com");
    	}
    	
    header("Content-Disposition: attachment; filename=" . urlencode(basename($FILENAME)));   
    header("Pragma: public"); // required
    header("Expires: 0");
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    header("Cache-Control: private",false); // required for certain browsers 
    
    if($fileEx=="zip"){
    header("Content-Type: application/zip");
    }elseif($fileEx=="mp3"){
    header("Content-Type: audio/mpeg");
    }elseif($fileEx=="wmv"){
    header("Content-Type: audio/x-ms-wmv");
    }else{
    header("Content-Type: image/jpeg");
    }
    header("Content-Transfer-Encoding: binary");
    
    header("Content-Description: File Transfer");            
    header("Content-Length: " . filesize($FILENAME));
    flush(); // this doesn't really matter.
    
    $fp = fopen($FILENAME, "r");
    
    while (!feof($fp))
    {
        echo fread($fp, 65536);
        flush(); // this is essential for large downloads
    }
    if($fileEx=="zip"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 1)");
    
    			mysql_query("UPDATE zipcounter SET count = count + 1 WHERE zip_id=$fileid");
    
    			}
    
    			if($fileEx=="wmv"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 2)");
    
    			mysql_query("UPDATE videos SET count = count + 1 WHERE file = \"" . addslashes($fileloc) . "\"");
    
    			}
    
    			if($fileEx=="jpg"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 3)");
    
    			mysql_query("UPDATE wallpapers SET count = count + 1 WHERE file = \"" . addslashes($fileloc) . "\"");
    
    			}
    
    			if($fileEx=="mp3"){
    
    			mysql_query("INSERT INTO logs (accountid, file, thetime, file_id, type) VALUES ($userid, \"" . addslashes($fileloc) . "\", UNIX_TIMESTAMP(), $fileid, 0)");
    
    			mysql_query("UPDATE mp3counter SET count = count + 1 WHERE track_id = $fileid");
    
    			}
    			
    fclose($fp); 
    mysql_close();
    exit();
    	/*include_once "include/class.httpdownload.php";
    	$object = new httpdownload;
    	$object->set_byurl("http://www.ghaneli.com/".$FILENAME);
    	
    	$object->download();*/
    	
    
    ?>
    
    
    Code (markup):
     
    Objects, Mar 6, 2009 IP
  3. exodus

    exodus Well-Known Member

    Messages:
    1,900
    Likes Received:
    35
    Best Answers:
    0
    Trophy Points:
    165
    #3
    Looks like everything is fine. I would edit this portion 'echo fread($fp, 65536);' to something smaller. 2048 or 4096 if all is well with those for a while then try 8192, but be caution if lots of people downloading. The large number could be causing a lot of overhead. php will have to read each portion into memory then send it out to the person. With it doing it several times a second and 10+ people downloading at a time it could be using to much cpu cycles and memory and crashing the server. If all else fails then 'class.httpdownload.php' looks to be great. I looked it over at the phpclass's and it looks to be 100% at doing a php download.
     
    exodus, Mar 6, 2009 IP
  4. Objects

    Objects Well-Known Member

    Messages:
    388
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    140
    #4
    The problem is in large number of clients downloading through my site. I think the memory can't stand on all these requests and temp storing of php data so it crashes.

    I think load can be decreased if I disabled multi connections from download agents since download agents execute this file many times with many portions downloaded at the same time.
    How can I disable this thing specially in IDM which is using same user-agent like IE
     
    Objects, Mar 7, 2009 IP
  5. exodus

    exodus Well-Known Member

    Messages:
    1,900
    Likes Received:
    35
    Best Answers:
    0
    Trophy Points:
    165
    #5
    You can look at the user agent in php and then deny the download for them.

    $_SERVER['HTTP_USER_AGENT'] returns the user agents.
     
    exodus, Mar 7, 2009 IP