Limit uploads per day Limit uploads per day
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Limit uploads per day

Started by ThunderRed, June 27, 2010, 05:47:14 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

ThunderRed

Hi everyone,

First I hope I'm writing this in the correct place, if isn't, I'm really sorry.

I have been searching in the forum for a possible hack/mod to limit the uploads to the users per day. They only thing I found was this:
http://forum.coppermine-gallery.net/index.php/topic,15874.0.html

Which was for the version 1.3.x and it doesn't work with the 1.5.x (I already tried).

The problems is, that, I would like to upgrade the website that we have, and switch the gallery to Coppermine, but in order to do that, I have to limit the uploads per day, since we have more than 9.000 user, and it will be crazy if all of them can upload all of what they want. The quota limit doesn't really work for us, since (if I understood this well, the quota doesn't have a time limitation, and maybe a single user could use the whole quota).

What I would like is to check if it possible, to just limit how many pictures the users can upload every day.

Thank you so much.

Αndré

What happens if you apply that mod? It should basically work, but you have to consider the different upload methods (flash uploader, simple upload, plugins). Which upload method did you use while testing?

Joachim Müller


ThunderRed

Quote from: Αndré on June 27, 2010, 08:05:15 PM
What happens if you apply that mod? It should basically work, but you have to consider the different upload methods (flash uploader, simple upload, plugins). Which upload method did you use while testing?

I get an error. Can't recognize the "db_query"

Quote from: Joachim Müller on June 28, 2010, 07:47:35 AM
Board rules / Forum policies: Post Links

Sorry, I didn't think you need to see the gallery, since it wasn't anything wrong with it.

This is the link (it just a testing place, so far):
http://focofijo2.webcindario.com/Galeria/

If you need an user to check, you can use the admin one:
user: admin
pass: admin

Joachim Müller

Quote from: ThunderRed on June 28, 2010, 11:13:10 AMIf you need an user to check, you can use the admin one:
Posting an admin account publicly is silly and dangerous and not what I have requested. Any malevolent visitor of this forum could use the admin account data to hack that webspace or leave a backdoor behind. I have logged in with that account and changed the password for security reasons. All you did was causing an extra moderation effort.

Quote from: ThunderRed on June 28, 2010, 11:13:10 AMSorry, I didn't think you need to see the gallery, since it wasn't anything wrong with it.
We need to see it no matter what - that's the meaning of the word "mandatory" in the corresponding board rule thread, for reasons that we're not ready to repeat over and over. If you want to find out why a particular board rules exists, search for previous discussions.

Quote from: ThunderRed on June 28, 2010, 11:13:10 AMI get an error. Can't recognize the "db_query"
the function name has been changed from cpg1.3.x to cpg1.4.x from db_query to cpg_db_query to avoid issues when bridging as discussed in many threads back then. You can't blindly copy stuff from cpg1.3.x and try that in cpg1.5.x, especially when accessing the database; you need to know what you're doing.

ThunderRed

Quote from: Joachim Müller on June 28, 2010, 11:50:56 AM
Posting an admin account publicly is silly and dangerous and not what I have requested. Any malevolent visitor of this forum could use the admin account data to hack that webspace or leave a backdoor behind. I have logged in with that account and changed the password for security reasons. All you did was causing an extra moderation effort.
We need to see it no matter what - that's the meaning of the word "mandatory" in the corresponding board rule thread, for reasons that we're not ready to repeat over and over. If you want to find out why a particular board rules exists, search for previous discussions.
the function name has been changed from cpg1.3.x to cpg1.4.x from db_query to cpg_db_query to avoid issues when bridging as discussed in many threads back then. You can't blindly copy stuff from cpg1.3.x and try that in cpg1.5.x, especially when accessing the database; you need to know what you're doing.

Sorry to give you extra problems. I didn't really matters about the admin user, since it not the same user or pass to get to the website, only to connect to the gallery, which is only up for testing purposes so far in a free hosting place, that's why I give it to you.. but sorry that this suppose an extra work for you, that wasn't my intention.

I knew that the mod wasn't working, but I wanted to answer the other guy that asking what happens.

Anyways, thanks for the help, I would try now with the different name. I would let you know if that works.

ThunderRed

Did something else change from one version to the other? Or did I have to put this in a special place?

I can't make it work so far.

I made an standalone installation now:

user:test
pass: test1

http://focofijo2.webcindario.com/Galeria/index.php


So, if this code correct or need more modification? Anyone tried?

$query = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} WHERE owner_id = ".USER_ID." AND ctime > ".UNIX_TIMESTAMP(NOW())." - (24*60*60)");
if (mysql_num_rows($query) > 0) {
cpg_die(INFORMATION, "You have reached your upload quota of 1 picture per 24hr.");
}



thanks for you time

Αndré

Please try
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} WHERE owner_id = ".USER_ID." AND ctime > UNIX_TIMESTAMP(NOW()) - (24*60*60)");
if (mysql_num_rows($result) > 0) {
cpg_die(INFORMATION, "You have reached your upload quota of 1 picture per 24hr.");
}
mysql_free_result($result);

ThunderRed

it's looks like working!

I will have to try tomorrow if I can upload something, but so far, so good!!

Thank you!!

Αndré

The current solution lets you only upload a file every 24 hours. Detecting 'today' can be difficult with users from different time zones.

E.g. if you have uploaded your last image yesterday 10 PM, you're not allowed to upload your next image until today 10 PM.

Joe Carver

Good one. It would be a good candidate for a plugin IMO.

Αndré

Yes. Concerning to the 'x uploads per day' issue, we could choose the admin to determine the day according to the timezone difference the admin has set or allow only x uploads per 24 hours. I'll try to release such a plugin in the next days.

ThunderRed

That sound really good.

By the way, how we could print how much time you have to keep waiting before upload?

So you get one message like this:

"You have reached your upload quota of 1 picture per 24hr. You have to wait another 3 hours before upload another file."


Thanks!

Αndré

Quote from: ThunderRed on July 01, 2010, 12:40:05 PM
how we could print how much time you have to keep waiting before upload?

So you get one message like this:

"You have reached your upload quota of 1 picture per 24hr. You have to wait another 3 hours before upload another file."
Calculate the difference between MAX(ctime) of that user and time(). Will be added to the plugin as well.

Αndré

#14
Please see here for a first (and later the final) version of the plugin.