0

I've never implemented something like this before but I'm in need of a simple way of modifying my searchdb.php file. My site is already live and I'm in need of a quick fix (minimal changes, preferably to one file (newbie developer here).

searchdb.php is called when a form is submitted to look up and return some json object:

//connect do database
//parse post
//sql
//return as json
//mysql_close();

What are my options? I know I can wrap it in a if statement and use die() but I'm not sure what condition to use.

EDIT: After reading http://en.wikipedia.org/wiki/Query_flooding

Query flooding is a method to search for a resource on a P2P network. It is simple but scales very poorly and thus is rarely used.

Do I really need to prevent this?

meiryo
  • 11,157
  • 14
  • 47
  • 52
  • What part of your code is being flooded? If you posted your code then it would be easier for us to understand. Right now we have no clue what your code looks like or what could be wrong with it. – Rujikin Apr 10 '13 at 22:36
  • I'm not sure what you mean by which part. I don't want malicious users to repeatedly query my database on purpose (server costs etc). My code is basically like this: http://csk157.hubpages.com/hub/Simple-search-PHP-MySQL – meiryo Apr 10 '13 at 22:38

1 Answers1

0

check this out:

http://php.net/manual/en/function.register-shutdown-function.php

When you initiate your db connection, do something like read a lock dir and count the number of lock files in the dir. If it exceeds your threshold, die. Otherwise, touch a lockfile with your process ID, , and use the register shutdown function to clean it up at the end of your process lifetime..

That's just a quick shot in the dark...

Zak
  • 24,947
  • 11
  • 38
  • 68