Advertisement
Guest User

ann

a guest
Dec 1st, 2014
172
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 16.25 KB | None | 0 0
  1. // DO NOT EDIT BELOW UNLESS YOU KNOW WHAT YOU'RE DOING!!
  2.  
  3. $agent = $_SERVER["HTTP_USER_AGENT"];
  4.  
  5. // Deny access made with a browser...
  6. if (
  7.     ereg("^Mozilla\\/", $agent) ||
  8.     ereg("^Opera\\/", $agent) ||
  9.     ereg("^Links ", $agent) ||
  10.     ereg("^Lynx\\/", $agent) ||
  11.     isset($_SERVER['HTTP_COOKIE']) ||
  12.     isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ||
  13.     isset($_SERVER['HTTP_ACCEPT_CHARSET'])
  14.     )
  15.     err("torrent not registered with this tracker CODE 1");
  16.  
  17. /////////////////////// FUNCTION DEFS ///////////////////////////////////
  18.  
  19. //== Banned Clients - By Petr1fied
  20. $filename = "cache/banned_clients.txt";
  21. if ( filesize( $filename ) == 0 || !file_exists( $filename ) )
  22.     $banned_clients = array();
  23. else {
  24.     $handle = fopen( $filename, "r" );
  25.     $banned_clients = unserialize( fread( $handle, filesize( $filename ) ) );
  26.     fclose( $handle );
  27. }
  28.  
  29. foreach ( $banned_clients as $c ) {
  30.     if ( substr( bin2hex( $peer_id ), 0, 16 ) == $c["peer_id"] || substr( bin2hex( $peer_id ),
  31.                 0, 6 ) == $c["peer_id"] )
  32.         err( $c["user_agent"] . " is banned. Reason : " . $c["reason"] );
  33. }
  34.  
  35. function dbconn()
  36. {
  37.     global $TBDEV;
  38.  
  39.     if (!@($GLOBALS["___mysqli_ston"] = mysqli_connect($TBDEV['mysql_host'],  $TBDEV['mysql_user'],  $TBDEV['mysql_pass'])))
  40.     {
  41.       err('Please call back later');
  42.     }
  43.     ((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE $TBDEV['mysql_db']")) or err('Please call back later');
  44. }
  45.  
  46. function err($msg)
  47. {
  48.     benc_resp(array('failure reason' => array('type' => 'string', 'value' => $msg)));
  49.    
  50.     exit();
  51. }
  52.  
  53. function benc_resp($d)
  54. {
  55.     benc_resp_raw(benc(array('type' => 'dictionary', 'value' => $d)));
  56. }
  57.  
  58. function benc_resp_raw($x)
  59. {
  60.     header( "Content-Type: text/plain" );
  61.     header( "Pragma: no-cache" );
  62.  
  63.     if ( $_SERVER['HTTP_ACCEPT_ENCODING'] == 'gzip' )
  64.     {
  65.         header( "Content-Encoding: gzip" );
  66.         echo gzencode( $x, 9, FORCE_GZIP );
  67.     }
  68.     else
  69.         echo $x ;
  70. }
  71.  
  72. function benc($obj) {
  73.     if (!is_array($obj) || !isset($obj["type"]) || !isset($obj["value"]))
  74.         return;
  75.     $c = $obj["value"];
  76.     switch ($obj["type"]) {
  77.         case "string":
  78.             return benc_str($c);
  79.         case "integer":
  80.             return benc_int($c);
  81.         case "list":
  82.             return benc_list($c);
  83.         case "dictionary":
  84.             return benc_dict($c);
  85.         default:
  86.             return;
  87.     }
  88. }
  89.  
  90. function benc_str($s) {
  91.     return strlen($s) . ":$s";
  92. }
  93.  
  94. function benc_int($i) {
  95.     return "i" . $i . "e";
  96. }
  97.  
  98. function benc_list($a) {
  99.     $s = "l";
  100.     foreach ($a as $e) {
  101.         $s .= benc($e);
  102.     }
  103.     $s .= "e";
  104.     return $s;
  105. }
  106.  
  107. function benc_dict($d) {
  108.     $s = "d";
  109.     $keys = array_keys($d);
  110.     sort($keys);
  111.     foreach ($keys as $k) {
  112.         $v = $d[$k];
  113.         $s .= benc_str($k);
  114.         $s .= benc($v);
  115.     }
  116.     $s .= "e";
  117.     return $s;
  118. }
  119.  
  120. function hash_where($name, $hash) {
  121.     $shhash = preg_replace('/ *$/s', "", $hash);
  122.     return "($name = " . sqlesc($hash) . " OR $name = " . sqlesc($shhash) . ")";
  123. }
  124.  
  125. function sqlesc($x) {
  126.     return "'".((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $x) : ((trigger_error("Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : ""))."'";
  127. }
  128.  
  129. function portblacklisted($port)
  130. {
  131.     // direct connect
  132.     if ($port >= 411 && $port <= 413) return true;
  133.  
  134.     // bittorrent
  135.     if ($port >= 6881 && $port <= 6889) return true;
  136.  
  137.     // kazaa
  138.     if ($port == 1214) return true;
  139.  
  140.     // gnutella
  141.     if ($port >= 6346 && $port <= 6347) return true;
  142.  
  143.     // emule
  144.     if ($port == 4662) return true;
  145.  
  146.     // winmx
  147.     if ($port == 6699) return true;
  148.  
  149.     return false;
  150. }
  151. /////////////////////// FUNCTION DEFS END ///////////////////////////////
  152.  
  153. $parts = array();
  154. $pattern = '[0-9a-fA-F]{32}';
  155. if( !isset($_GET['passkey']) OR !ereg($pattern, $_GET['passkey'], $parts) )
  156.         err("Invalid Passkey");
  157.     else
  158.         $GLOBALS['passkey'] = $parts[0];
  159.        
  160. foreach (array("info_hash","peer_id","event","ip","localip") as $x)
  161. {
  162. if(isset($_GET["$x"]))
  163. $GLOBALS[$x] = "" . $_GET[$x];
  164. }
  165.  
  166. foreach (array("port","downloaded","uploaded","left") as $x)
  167. {
  168. $GLOBALS[$x] = 0 + $_GET[$x];
  169. }
  170.  
  171.  
  172. foreach (array("passkey","info_hash","peer_id","port","downloaded","uploaded","left") as $x)
  173.  
  174. if (!isset($x)) err("Missing key: $x");
  175.  
  176.  
  177.  
  178. foreach (array("info_hash","peer_id") as $x)
  179.  
  180. if (strlen($GLOBALS[$x]) != 20) err("Invalid $x (" . strlen($GLOBALS[$x]) . " - " . urlencode($GLOBALS[$x]) . ")");
  181.  
  182. unset($x);
  183.  
  184. $info_hash = bin2hex($info_hash);
  185.  
  186. $ip = $_SERVER['REMOTE_ADDR'];
  187.  
  188. $port = 0 + $port;
  189. $downloaded = 0 + $downloaded;
  190. $uploaded = 0 + $uploaded;
  191. $left = 0 + $left;
  192.  
  193. $rsize = 50;
  194. foreach(array("num want", "numwant", "num_want") as $k)
  195. {
  196.     if (isset($_GET[$k]))
  197.     {
  198.         $rsize = 0 + $_GET[$k];
  199.         break;
  200.     }
  201. }
  202.  
  203.  
  204. if (!$port || $port > 0xffff)
  205.     err("invalid port");
  206.  
  207. if (!isset($event))
  208.     $event = "";
  209.  
  210. $seeder = ($left == 0) ? "yes" : "no";
  211.  
  212. dbconn();
  213.  
  214. $user_query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id, uploaded, downloaded, class, free_switch, downloadpos, enabled FROM users WHERE passkey=".sqlesc($passkey)) or err("Tracker error 2");
  215.  
  216. if ( mysqli_num_rows($user_query) != 1 )
  217.  
  218.  err("Unknown passkey. Please redownload the torrent from {$TBDEV['baseurl']}.");
  219.  
  220.         $user = mysqli_fetch_assoc($user_query);
  221.         if( $user['enabled'] == 'no' ) err('Permission denied, you\'re not enabled');
  222.        
  223. ////Start IP logger ////
  224.         $userid = (int)$user['id'];
  225.         $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM ips WHERE ip = '$ip' AND userid = '$userid'") or die(((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
  226.         if (mysqli_num_rows($res) == 0 ) {
  227.         mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO ips (userid, ip, lastannounce, type) VALUES ('$userid', '$ip' ,'".time()."','announce')") or err("Ip fail");
  228.         }
  229.         else
  230.         {
  231.         mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE ips SET lastannounce = ".time()." WHERE ip = '$ip' AND userid = '$userid'") or err("Ip insert fail");
  232.         } //// End Ip logger /////
  233.        
  234.        
  235. $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT torrents.id, torrents.banned, torrents.free, torrents.seeders + torrents.leechers AS numpeers, torrents.added AS ts, freeslots.free AS freeslot, freeslots.double AS doubleslot FROM torrents LEFT JOIN freeslots ON (torrents.id=freeslots.tid AND freeslots.uid=".sqlesc($user['id']).") WHERE info_hash = ".sqlesc($info_hash));//" . hash_where("info_hash", $info_hash));
  236.    
  237.    
  238. $torrent = mysqli_fetch_assoc($res);
  239. if (!$torrent)
  240.     err("torrent not registered with this tracker CODE 2");
  241.  
  242. $torrentid = $torrent["id"];
  243.  
  244. $fields = 'seeder, peer_id, ip, port, uploaded, downloaded, userid, ('.time().' - last_action) AS announcetime';
  245.  
  246. $numpeers = $torrent["numpeers"];
  247. $limit = "";
  248. if ($numpeers > $rsize)
  249.     $limit = "ORDER BY RAND() LIMIT $rsize";
  250. $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT $fields FROM peers WHERE torrent = $torrentid AND connectable = 'yes' $limit");
  251.  
  252. //////////////////// START NEW COMPACT MODE/////////////////////////////
  253.  
  254. if($_GET['compact'] != 1)
  255.  
  256. {
  257.  
  258. $resp = "d" . benc_str("interval") . "i" . $TBDEV['announce_interval'] . "e" . benc_str("private") . 'i1e' . benc_str("peers") . "l";
  259.  
  260. }
  261.  
  262. else
  263.  
  264. {
  265.  
  266. $resp = "d" . benc_str("interval") . "i" . $TBDEV['announce_interval'] ."e" . benc_str("min interval") . "i" . 300 ."e5:"."peers" ;
  267.  
  268. }
  269.  
  270. $peer = array();
  271.  
  272. $peer_num = 0;
  273. while ($row = mysqli_fetch_assoc($res))
  274.  
  275. {
  276.  
  277.     if($_GET['compact'] != 1)
  278.  
  279. {
  280.  
  281.  
  282.  
  283. $row["peer_id"] = str_pad($row["peer_id"], 20);
  284.  
  285.  
  286.  
  287. if ($row["peer_id"] === $peer_id)
  288.  
  289. {
  290.  
  291.  $self = $row;
  292.  
  293.  continue;
  294.  
  295. }
  296.  
  297.  
  298.  
  299. $resp .= "d" .
  300.  
  301.  benc_str("ip") . benc_str($row["ip"]);
  302.  
  303.        if (!$_GET['no_peer_id']) {
  304.  
  305.   $resp .= benc_str("peer id") . benc_str($row["peer_id"]);
  306.  
  307.  }
  308.  
  309.  $resp .= benc_str("port") . "i" . $row["port"] . "e" .
  310.  
  311.  "e";
  312.  
  313.       }
  314.  
  315.       else
  316.  
  317.       {
  318.  
  319.          $peer_ip = explode('.', $row["ip"]);
  320.  
  321. $peer_ip = pack("C*", $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]);
  322.  
  323. $peer_port = pack("n*", (int)$row["port"]);
  324.  
  325. $time = intval((time() % 7680) / 60);
  326.  
  327. if($_GET['left'] == 0)
  328.  
  329. {
  330.  
  331. $time += 128;
  332.  
  333. }
  334.  
  335. $time = pack("C", $time);
  336.  
  337.  
  338.  
  339.    $peer[] = $time . $peer_ip . $peer_port;
  340.  
  341. $peer_num++;
  342.  
  343.  
  344.       }
  345.  
  346. }
  347.  
  348.  
  349.  
  350. if ($_GET['compact']!=1)
  351.  
  352. $resp .= "ee";
  353.  
  354. else
  355.  
  356. {
  357. $o = "";
  358. for($i=0;$i<$peer_num;$i++)
  359.  
  360.  {
  361.  
  362.   $o .= substr($peer[$i], 1, 6);
  363.  
  364.  }
  365.  
  366. $resp .= strlen($o) . ':' . $o . 'e';
  367.  
  368. }
  369.  
  370. $selfwhere = "torrent = $torrentid AND " . hash_where("peer_id", $peer_id);
  371.  
  372. ///////////////////////////// END NEW COMPACT MODE////////////////////////////////
  373.  
  374.  
  375.  
  376. if (!isset($self))
  377. {
  378.     $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT $fields FROM peers WHERE $selfwhere");
  379.     $row = mysqli_fetch_assoc($res);
  380.     if ($row)
  381.     {
  382.         $userid = $row["userid"];
  383.         $self = $row;
  384.     }
  385. }
  386.  
  387. //// Up/down stats ////////////////////////////////////////////////////////////
  388.  
  389.  
  390.  
  391. if (!isset($self))
  392.  
  393. {
  394.  
  395. $valid = @mysqli_fetch_row(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT COUNT(*) FROM peers WHERE torrent=$torrentid AND passkey=" . sqlesc($passkey)));
  396.  
  397. if ($valid[0] >= 1 && $seeder == 'no') err("Connection limit exceeded! You may only leech from one location at a time.");
  398.  
  399. if ($valid[0] >= 3 && $seeder == 'yes') err("Connection limit exceeded!");
  400.  
  401.  
  402.     if ($left > 0 && $user['class'] < UC_VIP && $TBDEV['user_ratios'])
  403.     {
  404.         $gigs = $user["uploaded"] / (1024*1024*1024);
  405.         $elapsed = floor((time() - $torrent["ts"]) / 3600);
  406.         $ratio = (($user["downloaded"] > 0) ? ($user["uploaded"] / $user["downloaded"]) : 1);
  407.         if ($ratio < 0.5 || $gigs < 5) $wait = 0;
  408.         elseif ($ratio < 0.65 || $gigs < 6.5) $wait = 0;
  409.         elseif ($ratio < 0.8 || $gigs < 8) $wait = 0;
  410.         elseif ($ratio < 0.95 || $gigs < 9.5) $wait = 0;
  411.         else $wait = 0;
  412.         if ($elapsed < $wait)
  413.                 err("Not authorized (" . ($wait - $elapsed) . "h) - READ THE FAQ!");
  414.     }
  415. }
  416. else
  417. {
  418.     $upthis = max(0, $uploaded - $self["uploaded"]);
  419.     $downthis = max(0, $downloaded - $self["downloaded"]);
  420.     $upspeed = ($upthis > 0 ? $upthis / $self["announcetime"] : 0);
  421.     $downspeed = ($downthis > 0 ? $downthis / $self["announcetime"] : 0);
  422.     $announcetime = ($self["seeder"] == "yes" ? "seedtime = seedtime + $self[announcetime]" : "leechtime = leechtime + $self[announcetime]");
  423.  
  424.         if ($upthis > 0 || $downthis > 0)
  425.     {
  426.     /** free addon start **/
  427.     $isfree =   '';
  428.     $isdouble = '';
  429.     include 'cache/free_cache.php';
  430.     if (isset($free))
  431.     {
  432.     foreach ($free as $fl) {
  433.     $isfree =   ($fl['modifier'] == 1 || $fl['modifier'] == 3) && $fl['expires'] > TIME_NOW;
  434.     $isdouble = ($fl['modifier'] == 2 || $fl['modifier'] == 3) && $fl['expires'] > TIME_NOW;
  435.     }
  436.     }
  437.      
  438.     if (!($user['free_switch'] != 0 || $isfree || $torrent['free'] != 0 || ($torrent['freeslot'] != 0)
  439.     ))
  440.     $updq[0] = "downloaded = downloaded + $downthis";
  441.      
  442.     $updq[1] = "uploaded = uploaded + ".(($torrent['doubleslot'] != 0 || $isdouble) ? ($upthis*2) : $upthis);
  443.      
  444.     $udq=implode(',',$updq);
  445.     mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE users SET $udq WHERE id=".$user['id']) or err('Tracker error 3');
  446.     }
  447. }
  448.  
  449. ///////////////////////////////////////////////////////////////////////////////
  450.  
  451. if (portblacklisted($port))
  452.         {
  453.             err("Port $port is blacklisted.");
  454.         }
  455.         elseif ( $TBDEV['connectable_check'] )
  456.         {
  457.             $sockres = @fsockopen($ip, $port, $errno, $errstr, 5);
  458.             if (!$sockres)
  459.                 $connectable = "no";
  460.             else
  461.             {
  462.                 $connectable = "yes";
  463.                 @fclose($sockres);
  464.             }
  465.         }
  466.  
  467. $updateset = array();
  468.  
  469.     if (isset($self) && $event == "stopped") {
  470.      mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM peers WHERE $selfwhere") or err("D Err");
  471.      
  472.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  473.      $updateset[] = ($self["seeder"] == "yes" ? "seeders = seeders - 1" : "leechers = leechers - 1");
  474.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = uploaded + $upthis, downloaded = downloaded + $downthis, to_go = $left, upspeed = $upspeed, downspeed = $downspeed, $announcetime, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent)." WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 1");
  475.      }
  476.      } elseif (isset($self)) {
  477.      
  478.      if ($event == "completed") {
  479.      $updateset[] = "times_completed = times_completed + 1";
  480.      $finished = ", finishedat = ".time()."";
  481.      $finished1 = ", complete_date = ".time()."";
  482.      }
  483.      
  484.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE peers SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = $uploaded, downloaded = $downloaded, to_go = $left, last_action = " . time() . ", seeder = '$seeder', agent = ".sqlesc($agent)." $finished WHERE $selfwhere") or err("PL Err 1");
  485.      
  486.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  487.      if ($seeder <> $self["seeder"])
  488.      $updateset[] = ($seeder == "yes" ? "seeders = seeders + 1, leechers = leechers - 1" : "seeders = seeders - 1, leechers = leechers + 1");
  489.      $anntime = "timesann = timesann + 1";
  490.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = uploaded + $upthis, downloaded = downloaded + $downthis, to_go = $left, upspeed = $upspeed, downspeed = $downspeed, $announcetime, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent)." $finished1, $anntime WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 2");
  491.      }
  492.      } else {
  493.      if ($az["parked"] == "yes") //== uncommet if you use parked
  494.      err("Your account is parked! (Read the FAQ)"); //== uncommet if you use parked
  495.      if ($user["downloadpos"] == 0 OR $user["downloadpos"] > 1 )
  496.      err("Your downloading priviledges have been disabled! (Read the rules)");
  497.      
  498.      mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO peers (torrent, userid, peer_id, ip, port, connectable, uploaded, downloaded, to_go, started, last_action, seeder, agent, downloadoffset, uploadoffset, passkey) VALUES ($torrentid, {$user['id']}, ".sqlesc($peer_id).", ".sqlesc($ip).", $port, '$connectable', $uploaded, $downloaded, $left, ".time().", ".time().", '$seeder', ".sqlesc($agent).", $downloaded, $uploaded, ".sqlesc($passkey).")") or err("PL Err 2");
  499.      
  500.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  501.      $updateset[] = ($seeder == "yes" ? "seeders = seeders + 1" : "leechers = leechers + 1");
  502.      $anntime = "timesann = timesann + 1";
  503.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', to_go = $left, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent).", $anntime WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 3");
  504.      
  505.      if (!mysqli_affected_rows($GLOBALS["___mysqli_ston"]) && $seeder == "no")
  506.      mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO snatched (torrentid, userid, peer_id, ip, port, connectable, uploaded, downloaded, to_go, start_date, last_action, seeder, agent) VALUES ($torrentid, {$user['id']}, ".sqlesc($peer_id).", ".sqlesc($ip).", $port, '$connectable', $uploaded, $downloaded, $left, ".time().", ".time().", '$seeder', ".sqlesc($agent).")") or err("SL Err 4");
  507.      }
  508.      }
  509.  
  510. if ($seeder == "yes")
  511. {
  512.     if ($torrent["banned"] != "yes")
  513.         $updateset[] = "visible = 'yes'";
  514.     $updateset[] = "last_action = ".time();
  515. }
  516.  
  517. if (count($updateset))
  518.     mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE torrents SET " . join(",", $updateset) . " WHERE id = $torrentid");
  519.  
  520. benc_resp_raw($resp);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement