Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 13 Jan 2001 01:13:29 +0100
From:      Roelof Osinga <roelof@nisser.com>
To:        "Paul M . Lambert" <plambert@plambert.net>
Cc:        "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Limiting number of downloads per user in Apache??
Message-ID:  <3A5F9DA9.6D806ABC@nisser.com>
References:  <3A5E42FB.D728F40F@i-clue.de> <Pine.BSF.4.21.0101111843050.51405-100000@www.bellnetworks.net> <20010111155028.B316@pinky.plambert.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
"Paul M . Lambert" wrote:
> 
> ...
> It would seem so (and one doesn't need PHP to have access to the remote
> address, by the way).  Unfortunately, hundreds of thousands of people
> are behind internet proxies; AOL, for example, has many millions of
> members, but only a few hundred thousand ip addresses.  It's entirely
> possible that hundreds of different people using browsers on their
> own personal computers could have requests sent from the same IP
> address.  It's more than possible, but in fact quite common.
> 
> There is _no_ way to track users in a foolproof manner.  Sorry.

I'll give you that, but maybe the following will help a little:

   if (!$err) {
      //$ipnr = str_replace(".", "", $REMOTE_ADDR);
      if ($HTTP_CLIENT_IP > "") $ipnr = str_replace(".", "",
$HTTP_CLIENT_IP);
      else $ipnr = str_replace(".", "", $REMOTE_ADDR);

      DoSQL("select count(*) as count from enqvals where enq_pk =
$ENQ_ID and ip\
 = $ipnr;",
        "count", "count", 6);

      if ($count < $MAX_COUNT) {
        DoSQL("insert into enqvals (enq_pk, ip, keuze_pk) values
($ENQ_ID, $ipnr\
, $keuze);",
          "", "", 6);
      }
    }

Don't ask me why I did it this way, this is by now ancient code
building on legacy code <g>. You should leverage off the fact
that IP4 addresses are 32 bit unsigned ints. This code started
life as a Delphi 2.0 (beta release) DLL for IIS somewhere in
1996 or so. Very pre-millennium ;). When the D2 beta cycle was
done it was ported to PHP3 and, somehow, this string thing 
creeped in.

But like you said, nothing is foolproof. But it helps. Especially
with regular users going through nice proxy servers.

Roelof

-- 
Home is where the (@) http://eboa.com/ is.
Nisser home -- http://www.Nisser.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A5F9DA9.6D806ABC>