API tools faq
paste
Advertisement
Guest User

ann

a guest
Dec 1st, 2014
180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 16.25 KB | None | 0 0
raw download clone embed print report
  1. // DO NOT EDIT BELOW UNLESS YOU KNOW WHAT YOU'RE DOING!!
  2.  
  3. $agent = $_SERVER["HTTP_USER_AGENT"];
  4.  
  5. // Deny access made with a browser...
  6. if (
  7.     ereg("^Mozilla\\/", $agent) ||
  8.     ereg("^Opera\\/", $agent) ||
  9.     ereg("^Links ", $agent) ||
  10.     ereg("^Lynx\\/", $agent) ||
  11.     isset($_SERVER['HTTP_COOKIE']) ||
  12.     isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ||
  13.     isset($_SERVER['HTTP_ACCEPT_CHARSET'])
  14.     )
  15.     err("torrent not registered with this tracker CODE 1");
  16.  
  17. /////////////////////// FUNCTION DEFS ///////////////////////////////////
  18.  
  19. //== Banned Clients - By Petr1fied
  20. $filename = "cache/banned_clients.txt";
  21. if ( filesize( $filename ) == 0 || !file_exists( $filename ) )
  22.     $banned_clients = array();
  23. else {
  24.     $handle = fopen( $filename, "r" );
  25.     $banned_clients = unserialize( fread( $handle, filesize( $filename ) ) );
  26.     fclose( $handle );
  27. }
  28.  
  29. foreach ( $banned_clients as $c ) {
  30.     if ( substr( bin2hex( $peer_id ), 0, 16 ) == $c["peer_id"] || substr( bin2hex( $peer_id ),
  31.                 0, 6 ) == $c["peer_id"] )
  32.         err( $c["user_agent"] . " is banned. Reason : " . $c["reason"] );
  33. }
  34.  
  35. function dbconn()
  36. {
  37.     global $TBDEV;
  38.  
  39.     if (!@($GLOBALS["___mysqli_ston"] = mysqli_connect($TBDEV['mysql_host'],  $TBDEV['mysql_user'],  $TBDEV['mysql_pass'])))
  40.     {
  41.       err('Please call back later');
  42.     }
  43.     ((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE $TBDEV['mysql_db']")) or err('Please call back later');
  44. }
  45.  
  46. function err($msg)
  47. {
  48.     benc_resp(array('failure reason' => array('type' => 'string', 'value' => $msg)));
  49.    
  50.     exit();
  51. }
  52.  
  53. function benc_resp($d)
  54. {
  55.     benc_resp_raw(benc(array('type' => 'dictionary', 'value' => $d)));
  56. }
  57.  
  58. function benc_resp_raw($x)
  59. {
  60.     header( "Content-Type: text/plain" );
  61.     header( "Pragma: no-cache" );
  62.  
  63.     if ( $_SERVER['HTTP_ACCEPT_ENCODING'] == 'gzip' )
  64.     {
  65.         header( "Content-Encoding: gzip" );
  66.         echo gzencode( $x, 9, FORCE_GZIP );
  67.     }
  68.     else
  69.         echo $x ;
  70. }
  71.  
  72. function benc($obj) {
  73.     if (!is_array($obj) || !isset($obj["type"]) || !isset($obj["value"]))
  74.         return;
  75.     $c = $obj["value"];
  76.     switch ($obj["type"]) {
  77.         case "string":
  78.             return benc_str($c);
  79.         case "integer":
  80.             return benc_int($c);
  81.         case "list":
  82.             return benc_list($c);
  83.         case "dictionary":
  84.             return benc_dict($c);
  85.         default:
  86.             return;
  87.     }
  88. }
  89.  
  90. function benc_str($s) {
  91.     return strlen($s) . ":$s";
  92. }
  93.  
  94. function benc_int($i) {
  95.     return "i" . $i . "e";
  96. }
  97.  
  98. function benc_list($a) {
  99.     $s = "l";
  100.     foreach ($a as $e) {
  101.         $s .= benc($e);
  102.     }
  103.     $s .= "e";
  104.     return $s;
  105. }
  106.  
  107. function benc_dict($d) {
  108.     $s = "d";
  109.     $keys = array_keys($d);
  110.     sort($keys);
  111.     foreach ($keys as $k) {
  112.         $v = $d[$k];
  113.         $s .= benc_str($k);
  114.         $s .= benc($v);
  115.     }
  116.     $s .= "e";
  117.     return $s;
  118. }
  119.  
  120. function hash_where($name, $hash) {
  121.     $shhash = preg_replace('/ *$/s', "", $hash);
  122.     return "($name = " . sqlesc($hash) . " OR $name = " . sqlesc($shhash) . ")";
  123. }
  124.  
  125. function sqlesc($x) {
  126.     return "'".((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $x) : ((trigger_error("Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : ""))."'";
  127. }
  128.  
  129. function portblacklisted($port)
  130. {
  131.     // direct connect
  132.     if ($port >= 411 && $port <= 413) return true;
  133.  
  134.     // bittorrent
  135.     if ($port >= 6881 && $port <= 6889) return true;
  136.  
  137.     // kazaa
  138.     if ($port == 1214) return true;
  139.  
  140.     // gnutella
  141.     if ($port >= 6346 && $port <= 6347) return true;
  142.  
  143.     // emule
  144.     if ($port == 4662) return true;
  145.  
  146.     // winmx
  147.     if ($port == 6699) return true;
  148.  
  149.     return false;
  150. }
  151. /////////////////////// FUNCTION DEFS END ///////////////////////////////
  152.  
  153. $parts = array();
  154. $pattern = '[0-9a-fA-F]{32}';
  155. if( !isset($_GET['passkey']) OR !ereg($pattern, $_GET['passkey'], $parts) )
  156.         err("Invalid Passkey");
  157.     else
  158.         $GLOBALS['passkey'] = $parts[0];
  159.        
  160. foreach (array("info_hash","peer_id","event","ip","localip") as $x)
  161. {
  162. if(isset($_GET["$x"]))
  163. $GLOBALS[$x] = "" . $_GET[$x];
  164. }
  165.  
  166. foreach (array("port","downloaded","uploaded","left") as $x)
  167. {
  168. $GLOBALS[$x] = 0 + $_GET[$x];
  169. }
  170.  
  171.  
  172. foreach (array("passkey","info_hash","peer_id","port","downloaded","uploaded","left") as $x)
  173.  
  174. if (!isset($x)) err("Missing key: $x");
  175.  
  176.  
  177.  
  178. foreach (array("info_hash","peer_id") as $x)
  179.  
  180. if (strlen($GLOBALS[$x]) != 20) err("Invalid $x (" . strlen($GLOBALS[$x]) . " - " . urlencode($GLOBALS[$x]) . ")");
  181.  
  182. unset($x);
  183.  
  184. $info_hash = bin2hex($info_hash);
  185.  
  186. $ip = $_SERVER['REMOTE_ADDR'];
  187.  
  188. $port = 0 + $port;
  189. $downloaded = 0 + $downloaded;
  190. $uploaded = 0 + $uploaded;
  191. $left = 0 + $left;
  192.  
  193. $rsize = 50;
  194. foreach(array("num want", "numwant", "num_want") as $k)
  195. {
  196.     if (isset($_GET[$k]))
  197.     {
  198.         $rsize = 0 + $_GET[$k];
  199.         break;
  200.     }
  201. }
  202.  
  203.  
  204. if (!$port || $port > 0xffff)
  205.     err("invalid port");
  206.  
  207. if (!isset($event))
  208.     $event = "";
  209.  
  210. $seeder = ($left == 0) ? "yes" : "no";
  211.  
  212. dbconn();
  213.  
  214. $user_query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id, uploaded, downloaded, class, free_switch, downloadpos, enabled FROM users WHERE passkey=".sqlesc($passkey)) or err("Tracker error 2");
  215.  
  216. if ( mysqli_num_rows($user_query) != 1 )
  217.  
  218.  err("Unknown passkey. Please redownload the torrent from {$TBDEV['baseurl']}.");
  219.  
  220.         $user = mysqli_fetch_assoc($user_query);
  221.         if( $user['enabled'] == 'no' ) err('Permission denied, you\'re not enabled');
  222.        
  223. ////Start IP logger ////
  224.         $userid = (int)$user['id'];
  225.         $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM ips WHERE ip = '$ip' AND userid = '$userid'") or die(((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
  226.         if (mysqli_num_rows($res) == 0 ) {
  227.         mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO ips (userid, ip, lastannounce, type) VALUES ('$userid', '$ip' ,'".time()."','announce')") or err("Ip fail");
  228.         }
  229.         else
  230.         {
  231.         mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE ips SET lastannounce = ".time()." WHERE ip = '$ip' AND userid = '$userid'") or err("Ip insert fail");
  232.         } //// End Ip logger /////
  233.        
  234.        
  235. $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT torrents.id, torrents.banned, torrents.free, torrents.seeders + torrents.leechers AS numpeers, torrents.added AS ts, freeslots.free AS freeslot, freeslots.double AS doubleslot FROM torrents LEFT JOIN freeslots ON (torrents.id=freeslots.tid AND freeslots.uid=".sqlesc($user['id']).") WHERE info_hash = ".sqlesc($info_hash));//" . hash_where("info_hash", $info_hash));
  236.    
  237.    
  238. $torrent = mysqli_fetch_assoc($res);
  239. if (!$torrent)
  240.     err("torrent not registered with this tracker CODE 2");
  241.  
  242. $torrentid = $torrent["id"];
  243.  
  244. $fields = 'seeder, peer_id, ip, port, uploaded, downloaded, userid, ('.time().' - last_action) AS announcetime';
  245.  
  246. $numpeers = $torrent["numpeers"];
  247. $limit = "";
  248. if ($numpeers > $rsize)
  249.     $limit = "ORDER BY RAND() LIMIT $rsize";
  250. $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT $fields FROM peers WHERE torrent = $torrentid AND connectable = 'yes' $limit");
  251.  
  252. //////////////////// START NEW COMPACT MODE/////////////////////////////
  253.  
  254. if($_GET['compact'] != 1)
  255.  
  256. {
  257.  
  258. $resp = "d" . benc_str("interval") . "i" . $TBDEV['announce_interval'] . "e" . benc_str("private") . 'i1e' . benc_str("peers") . "l";
  259.  
  260. }
  261.  
  262. else
  263.  
  264. {
  265.  
  266. $resp = "d" . benc_str("interval") . "i" . $TBDEV['announce_interval'] ."e" . benc_str("min interval") . "i" . 300 ."e5:"."peers" ;
  267.  
  268. }
  269.  
  270. $peer = array();
  271.  
  272. $peer_num = 0;
  273. while ($row = mysqli_fetch_assoc($res))
  274.  
  275. {
  276.  
  277.     if($_GET['compact'] != 1)
  278.  
  279. {
  280.  
  281.  
  282.  
  283. $row["peer_id"] = str_pad($row["peer_id"], 20);
  284.  
  285.  
  286.  
  287. if ($row["peer_id"] === $peer_id)
  288.  
  289. {
  290.  
  291.  $self = $row;
  292.  
  293.  continue;
  294.  
  295. }
  296.  
  297.  
  298.  
  299. $resp .= "d" .
  300.  
  301.  benc_str("ip") . benc_str($row["ip"]);
  302.  
  303.        if (!$_GET['no_peer_id']) {
  304.  
  305.   $resp .= benc_str("peer id") . benc_str($row["peer_id"]);
  306.  
  307.  }
  308.  
  309.  $resp .= benc_str("port") . "i" . $row["port"] . "e" .
  310.  
  311.  "e";
  312.  
  313.       }
  314.  
  315.       else
  316.  
  317.       {
  318.  
  319.          $peer_ip = explode('.', $row["ip"]);
  320.  
  321. $peer_ip = pack("C*", $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]);
  322.  
  323. $peer_port = pack("n*", (int)$row["port"]);
  324.  
  325. $time = intval((time() % 7680) / 60);
  326.  
  327. if($_GET['left'] == 0)
  328.  
  329. {
  330.  
  331. $time += 128;
  332.  
  333. }
  334.  
  335. $time = pack("C", $time);
  336.  
  337.  
  338.  
  339.    $peer[] = $time . $peer_ip . $peer_port;
  340.  
  341. $peer_num++;
  342.  
  343.  
  344.       }
  345.  
  346. }
  347.  
  348.  
  349.  
  350. if ($_GET['compact']!=1)
  351.  
  352. $resp .= "ee";
  353.  
  354. else
  355.  
  356. {
  357. $o = "";
  358. for($i=0;$i<$peer_num;$i++)
  359.  
  360.  {
  361.  
  362.   $o .= substr($peer[$i], 1, 6);
  363.  
  364.  }
  365.  
  366. $resp .= strlen($o) . ':' . $o . 'e';
  367.  
  368. }
  369.  
  370. $selfwhere = "torrent = $torrentid AND " . hash_where("peer_id", $peer_id);
  371.  
  372. ///////////////////////////// END NEW COMPACT MODE////////////////////////////////
  373.  
  374.  
  375.  
  376. if (!isset($self))
  377. {
  378.     $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT $fields FROM peers WHERE $selfwhere");
  379.     $row = mysqli_fetch_assoc($res);
  380.     if ($row)
  381.     {
  382.         $userid = $row["userid"];
  383.         $self = $row;
  384.     }
  385. }
  386.  
  387. //// Up/down stats ////////////////////////////////////////////////////////////
  388.  
  389.  
  390.  
  391. if (!isset($self))
  392.  
  393. {
  394.  
  395. $valid = @mysqli_fetch_row(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT COUNT(*) FROM peers WHERE torrent=$torrentid AND passkey=" . sqlesc($passkey)));
  396.  
  397. if ($valid[0] >= 1 && $seeder == 'no') err("Connection limit exceeded! You may only leech from one location at a time.");
  398.  
  399. if ($valid[0] >= 3 && $seeder == 'yes') err("Connection limit exceeded!");
  400.  
  401.  
  402.     if ($left > 0 && $user['class'] < UC_VIP && $TBDEV['user_ratios'])
  403.     {
  404.         $gigs = $user["uploaded"] / (1024*1024*1024);
  405.         $elapsed = floor((time() - $torrent["ts"]) / 3600);
  406.         $ratio = (($user["downloaded"] > 0) ? ($user["uploaded"] / $user["downloaded"]) : 1);
  407.         if ($ratio < 0.5 || $gigs < 5) $wait = 0;
  408.         elseif ($ratio < 0.65 || $gigs < 6.5) $wait = 0;
  409.         elseif ($ratio < 0.8 || $gigs < 8) $wait = 0;
  410.         elseif ($ratio < 0.95 || $gigs < 9.5) $wait = 0;
  411.         else $wait = 0;
  412.         if ($elapsed < $wait)
  413.                 err("Not authorized (" . ($wait - $elapsed) . "h) - READ THE FAQ!");
  414.     }
  415. }
  416. else
  417. {
  418.     $upthis = max(0, $uploaded - $self["uploaded"]);
  419.     $downthis = max(0, $downloaded - $self["downloaded"]);
  420.     $upspeed = ($upthis > 0 ? $upthis / $self["announcetime"] : 0);
  421.     $downspeed = ($downthis > 0 ? $downthis / $self["announcetime"] : 0);
  422.     $announcetime = ($self["seeder"] == "yes" ? "seedtime = seedtime + $self[announcetime]" : "leechtime = leechtime + $self[announcetime]");
  423.  
  424.         if ($upthis > 0 || $downthis > 0)
  425.     {
  426.     /** free addon start **/
  427.     $isfree =   '';
  428.     $isdouble = '';
  429.     include 'cache/free_cache.php';
  430.     if (isset($free))
  431.     {
  432.     foreach ($free as $fl) {
  433.     $isfree =   ($fl['modifier'] == 1 || $fl['modifier'] == 3) && $fl['expires'] > TIME_NOW;
  434.     $isdouble = ($fl['modifier'] == 2 || $fl['modifier'] == 3) && $fl['expires'] > TIME_NOW;
  435.     }
  436.     }
  437.      
  438.     if (!($user['free_switch'] != 0 || $isfree || $torrent['free'] != 0 || ($torrent['freeslot'] != 0)
  439.     ))
  440.     $updq[0] = "downloaded = downloaded + $downthis";
  441.      
  442.     $updq[1] = "uploaded = uploaded + ".(($torrent['doubleslot'] != 0 || $isdouble) ? ($upthis*2) : $upthis);
  443.      
  444.     $udq=implode(',',$updq);
  445.     mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE users SET $udq WHERE id=".$user['id']) or err('Tracker error 3');
  446.     }
  447. }
  448.  
  449. ///////////////////////////////////////////////////////////////////////////////
  450.  
  451. if (portblacklisted($port))
  452.         {
  453.             err("Port $port is blacklisted.");
  454.         }
  455.         elseif ( $TBDEV['connectable_check'] )
  456.         {
  457.             $sockres = @fsockopen($ip, $port, $errno, $errstr, 5);
  458.             if (!$sockres)
  459.                 $connectable = "no";
  460.             else
  461.             {
  462.                 $connectable = "yes";
  463.                 @fclose($sockres);
  464.             }
  465.         }
  466.  
  467. $updateset = array();
  468.  
  469.     if (isset($self) && $event == "stopped") {
  470.      mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM peers WHERE $selfwhere") or err("D Err");
  471.      
  472.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  473.      $updateset[] = ($self["seeder"] == "yes" ? "seeders = seeders - 1" : "leechers = leechers - 1");
  474.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = uploaded + $upthis, downloaded = downloaded + $downthis, to_go = $left, upspeed = $upspeed, downspeed = $downspeed, $announcetime, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent)." WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 1");
  475.      }
  476.      } elseif (isset($self)) {
  477.      
  478.      if ($event == "completed") {
  479.      $updateset[] = "times_completed = times_completed + 1";
  480.      $finished = ", finishedat = ".time()."";
  481.      $finished1 = ", complete_date = ".time()."";
  482.      }
  483.      
  484.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE peers SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = $uploaded, downloaded = $downloaded, to_go = $left, last_action = " . time() . ", seeder = '$seeder', agent = ".sqlesc($agent)." $finished WHERE $selfwhere") or err("PL Err 1");
  485.      
  486.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  487.      if ($seeder <> $self["seeder"])
  488.      $updateset[] = ($seeder == "yes" ? "seeders = seeders + 1, leechers = leechers - 1" : "seeders = seeders - 1, leechers = leechers + 1");
  489.      $anntime = "timesann = timesann + 1";
  490.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', uploaded = uploaded + $upthis, downloaded = downloaded + $downthis, to_go = $left, upspeed = $upspeed, downspeed = $downspeed, $announcetime, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent)." $finished1, $anntime WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 2");
  491.      }
  492.      } else {
  493.      if ($az["parked"] == "yes") //== uncommet if you use parked
  494.      err("Your account is parked! (Read the FAQ)"); //== uncommet if you use parked
  495.      if ($user["downloadpos"] == 0 OR $user["downloadpos"] > 1 )
  496.      err("Your downloading priviledges have been disabled! (Read the rules)");
  497.      
  498.      mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO peers (torrent, userid, peer_id, ip, port, connectable, uploaded, downloaded, to_go, started, last_action, seeder, agent, downloadoffset, uploadoffset, passkey) VALUES ($torrentid, {$user['id']}, ".sqlesc($peer_id).", ".sqlesc($ip).", $port, '$connectable', $uploaded, $downloaded, $left, ".time().", ".time().", '$seeder', ".sqlesc($agent).", $downloaded, $uploaded, ".sqlesc($passkey).")") or err("PL Err 2");
  499.      
  500.      if (mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
  501.      $updateset[] = ($seeder == "yes" ? "seeders = seeders + 1" : "leechers = leechers + 1");
  502.      $anntime = "timesann = timesann + 1";
  503.      mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE snatched SET ip = ".sqlesc($ip).", port = $port, connectable = '$connectable', to_go = $left, last_action = ".time().", seeder = '$seeder', agent = ".sqlesc($agent).", $anntime WHERE torrentid = $torrentid AND userid = {$user['id']}") or err("SL Err 3");
  504.      
  505.      if (!mysqli_affected_rows($GLOBALS["___mysqli_ston"]) && $seeder == "no")
  506.      mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO snatched (torrentid, userid, peer_id, ip, port, connectable, uploaded, downloaded, to_go, start_date, last_action, seeder, agent) VALUES ($torrentid, {$user['id']}, ".sqlesc($peer_id).", ".sqlesc($ip).", $port, '$connectable', $uploaded, $downloaded, $left, ".time().", ".time().", '$seeder', ".sqlesc($agent).")") or err("SL Err 4");
  507.      }
  508.      }
  509.  
  510. if ($seeder == "yes")
  511. {
  512.     if ($torrent["banned"] != "yes")
  513.         $updateset[] = "visible = 'yes'";
  514.     $updateset[] = "last_action = ".time();
  515. }
  516.  
  517. if (count($updateset))
  518.     mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE torrents SET " . join(",", $updateset) . " WHERE id = $torrentid");
  519.  
  520. benc_resp_raw($resp);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!