How to protect a PHP script?

Question

How to protect a PHP script?

I have a PHP script. In this script, I will be connected to the FTP server and show the file. What would be the best way to protect this script, so you can only register 5 times in 1 hour or something like that?

My script:

<?php
session_start();

$_SESSION["ftp_user"] = $_POST["user"];    
$_SESSION["ftp_pass"] = $_POST["pass"];
$ftp_pass = $_POST["pass"];
$ftp_server = "ftp.guusvanwalstijn.nl";

function test()    
{ 
echo "Do whatever i want";
}


// Verbinding maken
$conn_id = ftp_connect($ftp_server) or die("Couldn't connect to $ftp_server"); 


// Error die je krijgt als je het wachtwoord verkeerd hebt ingetypt
function error_while_connecting() {
echo "Error while connecting to the server";
echo "<br />Probably the password is wrong or the server is offline";
}

// Inloggen met de gegeven inloggegevens
if (@ftp_login($conn_id, $ftp_user, $ftp_pass)) {
    test();

} else {
    error_while_connecting();
    print("<br />Debug: " . $_POST["pass"] . "<br />");
    print("<br />Debug: " . $_POST["user"] . "<br />");
}

ftp_close($conn_id);
?>

+4

security php ftp

Guus van walstijn Nov 05 '13 at 8:28

source share

1 answer

sebapalus · Accepted Answer · 2013-11-05T08:34:01+0000

You can add a log table (timestamps) to the database or save it to a file. Extract the last 5 entries from it and check if the oldest is older than 1 hour. If so, you can allow the connection to the database. If not, deny it because the limit has been reached. You can also periodically flush the contents of this / db file table to avoid too much growth.

How to protect a PHP script?

More articles: