| Birkoff |
12th February 2014 18:32 |
Announce: Tracker seeding invalid data <null>
Source base -> http://www.bvlist.com/template-share...fouine022.html
Tracker seeding invalid data
http://s28.postimg.org/k3e773c31/null.jpg
announce.php
PHP Code:
<?
/***********************************************/
/*=========[TS Special Edition v.5.6]==========*/
/*=============[Special Thanks To]=============*/
/* DrNet - wWw.SpecialCoders.CoM */
/* Vinson - wWw.Decode4u.CoM */
/* MrDecoder - wWw.Fearless-Releases.CoM */
/* Fynnon - wWw.BvList.CoM */
/***********************************************/
function checkconnect ($host, $port)
{
global $checkconnectable;
if ((!$checkconnectable OR $checkconnectable == 'no'))
{
return 'yes';
}
if ($fp = @fsockopen ($host, $port, $errno, $errstr, 5))
{
fclose ($fp);
return 'yes';
}
return 'no';
}
function stop ($msg)
{
global $db;
if ($db)
{
mysql_close ($db);
}
header ('Content-Type: text/plain');
header ('Pragma: no-cache');
exit ('d14:failure reason' . strlen ($msg) . ':' . $msg . 'e');
}
function sqlesc ($value)
{
if (get_magic_quotes_gpc ())
{
$value = stripslashes ($value);
}
if (!is_numeric ($value))
{
$value = '\'' . mysql_real_escape_string ($value) . '\'';
}
return $value;
}
function send_action ($actionmessage, $resetpasskey = false)
{
global $announce_actions;
global $Tid;
global $Result;
global $ip;
global $passkey;
if ($announce_actions != 'yes')
{
return null;
}
@mysql_query ('INSERT DELAYED INTO announce_actions (torrentid, userid, ip, passkey, actionmessage, actiontime) VALUES (' . @implode (',', @array_map ('sqlesc', array ($Tid, $Result['userid'], $ip, $passkey, $actionmessage, $_SERVER['REQUEST_TIME']))) . ')');
if ($resetpasskey)
{
@mysql_query ('UPDATE users SET passkey = \'\' WHERE id = ' . @sqlesc ($Uid) . ' AND passkey = ' . @sqlesc ($passkey));
}
}
error_reporting (E_ALL & ~E_NOTICE);
set_magic_quotes_runtime (0);
ini_set ('magic_quotes_sybase', 0);
define ('IN_ANNOUNCE', true);
define ('TSDIR', dirname (__FILE__));
require TSDIR . '/include/config_announce.php';
require TSDIR . '/include/languages/' . $defaultlanguage . '/announce.lang.php';
$compact = (isset ($_GET['compact']) ? 0 + $_GET['compact'] : 0);
$peer_id = (isset ($_GET['peer_id']) ? $_GET['peer_id'] : '');
$port = (isset ($_GET['port']) ? 0 + $_GET['port'] : '');
$event = (isset ($_GET['event']) ? $_GET['event'] : '');
$downloaded = (isset ($_GET['downloaded']) ? 0 + $_GET['downloaded'] : '');
$uploaded = (isset ($_GET['uploaded']) ? 0 + $_GET['uploaded'] : '');
$left = (isset ($_GET['left']) ? 0 + $_GET['left'] : '');
$numwant = min ((isset ($_GET['numwant']) ? 0 + $_GET['numwant'] : (isset ($_GET['num_want']) ? 0 + $_GET['num_want'] : (isset ($_GET['num want']) ? 0 + $_GET['num want'] : 50))), 50);
$update_user = $update_torrent = $update_snatched = array ();
if (strpos ($_GET['passkey'], '?'))
{
$chop = $_GET['passkey'];
$delim = '?';
$half = strtok ($chop, $delim);
$onehalf = array ();
while (is_string ($half))
{
if ($half)
{
$onehalf[] = $half;
}
$half = strtok ($delim);
}
unset ($chop);
unset ($delim);
unset ($half);
$_GET['passkey'] = $onehalf[0];
$delim2 = '=';
$hash = strtok ($onehalf[1], $delim2);
$onehash = array ();
while (is_string ($hash))
{
if ($hash)
{
$onehash[] = $hash;
}
$hash = strtok ($delim2);
}
$_GET['info_hash'] = $onehash[1];
unset ($onehalf);
unset ($delim2);
unset ($hash);
unset ($onehash);
}
$passkey = (isset ($_GET['passkey']) ? $_GET['passkey'] : '');
$info_hash = (isset ($_GET['info_hash']) ? $_GET['info_hash'] : '');
if (get_magic_quotes_gpc ())
{
$info_hash = stripslashes ($info_hash);
$peer_id = stripslashes ($peer_id);
}
if (((((strlen ($passkey) === 32 AND strlen ($info_hash) === 20) AND strlen ($peer_id) === 20) AND 0 < $port) AND $port < 65535))
{
if (($passkey AND $passkey == 'tssespecialtorrentv1byxamsep2007'))
{
stop ($l['registerfirst'] . $BASEURL . '/signup.php');
}
}
else
{
stop ($l['error']);
}
$ip = htmlspecialchars ($_SERVER['REMOTE_ADDR']);
$agent = htmlspecialchars ($_SERVER['HTTP_USER_AGENT']);
$seeder = ($left == 0 ? 'yes' : 'no');
if (($db = @mysql_connect ($mysql_host, $mysql_user, $mysql_pass) AND $select = @mysql_select_db ($mysql_db, $db)))
{
}
else
{
stop ($l['cerror']);
}
($Query = mysql_query ('
SELECT t.id as tid, t.name, t.category, t.size, t.added, t.visible, t.banned, t.free, t.silver, t.doubleupload,
u.id as userid, u.enabled, u.uploaded, u.downloaded, u.usergroup, u.birthday, u.ip,
g.isbanned, g.candownload, g.canviewviptorrents, g.isvipgroup, g.canfreeleech, g.waitlimit, g.slotlimit,
c.vip as isviptorrent
FROM torrents t
INNER JOIN users u ON (u.passkey = ' . sqlesc ($passkey) . ')
INNER JOIN usergroups g ON (u.usergroup = g.gid)
LEFT JOIN categories c ON (t.category=c.id)
WHERE (t.info_hash = ' . sqlesc ($info_hash) . ' OR t.info_hash = ' . sqlesc (preg_replace ('' . '/ *$/s', '', $info_hash)) . ')
LIMIT 1') OR stop ($l['sqlerror'] . ' TU1'));
if ((((!$Result = mysql_fetch_assoc ($Query) OR !$Tid = $Result['tid']) OR $Result['enabled'] != 'yes') OR !$Result['userid']))
{
stop ($l['tuerror']);
}
if (($checkip == 'yes' AND $Result['ip'] != $ip))
{
stop ($l['invalidip']);
}
if (($detectbrowsercheats == 'yes' AND ((isset ($_SERVER['HTTP_COOKIE']) AND isset ($_SERVER['HTTP_ACCEPT_LANGUAGE'])) AND isset ($_SERVER['HTTP_ACCEPT_CHARSET']))))
{
send_action ('This user tried to cheat with a browser!', true);
stop ($l['invalidagent']);
}
if ($bannedclientdetect == 'yes')
{
$Stop = false;
if (((isset ($_SERVER['HTTP_ACCEPT']) AND 'text/html, */*' == $_SERVER['HTTP_ACCEPT']) OR ((isset ($_SERVER['HTTP_CONNECTION']) AND 'Close' == $_SERVER['HTTP_CONNECTION']) AND 'gzip, deflate' != $_SERVER['HTTP_ACCEPT_ENCODING'])))
{
$Stop = true;
}
else
{
if (((isset ($_SERVER['HTTP_ACCEPT']) AND $_SERVER['HTTP_ACCEPT'] == 'text/html, */*') AND $_SERVER['HTTP_ACCEPT_ENCODING'] == 'identity'))
{
$Stop = true;
}
else
{
$userclient = substr ($peer_id, 0, 8);
$allowed_clients = explode (',', $allowed_clients);
if (!in_array ($userclient, $allowed_clients))
{
$Stop = true;
}
}
}
if ($Stop === true)
{
stop ($l['bannedclient']);
}
}
$fields = 'peer_id, ip, port, uploaded, downloaded, seeder, last_action, (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_action)) AS announcetime, UNIX_TIMESTAMP(prev_action) AS prevts, connectable, userid';
unset ($self);
$gp_eq = ($nc == 'yes' ? ' AND connectable = \'yes\'' : '');
$wantseeds = ($seeder == 'yes' ? ' AND seeder = \'no\'' : '');
if ($compact != 1)
{
$resp = 'd8:intervali' . $announce_interval . ($privatetrackerpatch == 'yes' ? 'e7:privatei1' : '') . 'e5:peersl';
}
else
{
$resp = 'd8:intervali' . $announce_interval . 'e5:peers';
}
$peer = array ();
$peer_num = 0;
$query_peers = mysql_query ('SELECT ' . $fields . ' FROM peers WHERE torrent = ' . $Tid . $gp_eq . $wantseeds . ' ORDER BY last_action DESC LIMIT ' . $numwant);
if ($compact != 1)
{
while ($result_peers = mysql_fetch_assoc ($query_peers))
{
if ($result_peers['userid'] === $Result['userid'])
{
$self = $result_peers;
continue;
}
$resp .= 'd2:ip' . strlen ($result_peers['ip']) . ':' . $result_peers['ip'] . '4:porti' . $result_peers['port'] . 'ee';
}
$resp .= 'ee';
}
else
{
while ($result_peers = mysql_fetch_assoc ($query_peers))
{
$peer_ip = explode ('.', $result_peers['ip']);
$peer_ip = pack ('C*', $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]);
$peer_port = pack ('n*', (int)$result_peers['port']);
$time = intval (time () % 7680 / 60);
if ($left == 0)
{
$time += 128;
}
$time = pack ('C', $time);
$peer[] = $time . $peer_ip . $peer_port;
++$peer_num;
}
$o = '';
$i = 0;
while ($i < $peer_num)
{
$o .= substr ($peer[$i], 1, 6);
++$i;
}
$resp .= strlen ($o) . ':' . $o . 'e';
unset ($peer);
}
$selfwhere = 'torrent = ' . $Tid . ' AND userid = ' . $Result['userid'];
if (!isset ($self))
{
$Query = mysql_query ('SELECT ' . $fields . ' FROM peers WHERE ' . $selfwhere . ' LIMIT 1');
if (mysql_num_rows ($Query))
{
$self = mysql_fetch_assoc ($Query);
}
}
if (((isset ($self) AND 0 < $announce_wait) AND $_SERVER['REQUEST_TIME'] - $announce_wait < $self['prevts']))
{
stop ($l['antispam'] . $announce_wait);
}
if (!isset ($self))
{
if (($Result['canviewviptorrents'] != 'yes' AND $Result['isviptorrent'] == 'yes'))
{
send_action ('This user tried to download a VIP torrent!', true);
stop ($l['dlerror']);
}
else
{
if ($Result['candownload'] != 'yes')
{
stop ($l['dlerror']);
}
}
if (($Result['isvipgroup'] != 'yes' AND ($waitsystem == 'yes' OR $maxdlsystem == 'yes')))
{
$gigs = $Result['uploaded'] / (1024 * 1024 * 1024);
$ratio = (0 < $Result['downloaded'] ? $Result['uploaded'] / $Result['downloaded'] : 0);
if ($waitsystem == 'yes')
{
$elapsed = floor (($_SERVER['REQUEST_TIME'] - strtotime ($Result['added'])) / 3600);
if ($waitsystemtype == 1)
{
if (($ratio < $ratio1 OR $gigs < $upload1))
{
$wait = $delay1;
}
else
{
if (($ratio < $ratio2 OR $gigs < $upload2))
{
$wait = $delay2;
}
else
{
if (($ratio < $ratio3 OR $gigs < $upload3))
{
$wait = $delay3;
}
else
{
if (($ratio < $ratio4 OR $gigs < $upload4))
{
$wait = $delay4;
}
else
{
$wait = 0;
}
}
}
}
}
else
{
$wait = $Result['waitlimit'];
}
if (($elapsed < $wait AND 0 < $wait))
{
stop ($l['werror'] . ' (' . ($wait - $elapsed) . $l['hour'] . ')');
}
}
if ($maxdlsystem == 'yes')
{
if ($waitsystemtype == 1)
{
if (($ratio < $ratio5 OR $gigs < $upload5))
{
$max = $slot1;
}
else
{
if (($ratio < $ratio6 OR $gigs < $upload6))
{
$max = $slot2;
}
else
{
if (($ratio < $ratio7 OR $gigs < $upload7))
{
$max = $slot3;
}
else
{
if (($ratio < $ratio8 OR $gigs < $upload8))
{
$max = $slot4;
}
else
{
$max = 0;
}
}
}
}
}
else
{
$max = $Result['slotlimit'];
}
if (0 < $max)
{
($res = @mysql_query ('SELECT userid FROM peers WHERE userid = \'' . $Result['userid'] . '\' AND seeder = \'no\' LIMIT 1') OR stop ($l['sqlerror'] . ' P1'));
if ($max < mysql_num_rows ($res))
{
stop ($l['merror'] . $max);
}
}
}
}
}
else
{
require_once TSDIR . '/' . $cache . '/freeleech.php';
$TIMENOW = date ('Y-m-d H:i:s');
if (($__F_START < $TIMENOW AND $TIMENOW < $__F_END))
{
switch ($__FLSTYPE)
{
case 'freeleech':
{
$Result['free'] = 'yes';
$Result['canfreeleech'] = 'yes';
break;
}
case 'silverleech':
{
$Result['silver'] = 'yes';
break;
}
case 'doubleupload':
{
$Result['doubleupload'] = 'yes';
}
}
}
unset ($__F_START);
unset ($__F_END);
unset ($__FLSTYPE);
unset ($TIMENOW);
if ((($bdayreward == 'yes' AND $bdayrewardtype) AND $Result['birthday']))
{
$curuserbday = explode ('-', $Result['birthday']);
if (date ('j-n') === $curuserbday[0] . '-' . $curuserbday[1])
{
switch ($bdayrewardtype)
{
case 'freeleech':
{
$Result['free'] = 'yes';
$Result['canfreeleech'] = 'yes';
break;
}
case 'silverleech':
{
$Result['silver'] = 'yes';
break;
}
case 'doubleupload':
{
$Result['doubleupload'] = 'yes';
}
}
}
}
unset ($curuserbday);
unset ($bdayreward);
unset ($bdayrewardtype);
$realupload = max (0, $uploaded - $self['uploaded']);
$upthis = ($Result['doubleupload'] == 'yes' ? $realupload * 2 : $realupload);
$downthis = max (0, $downloaded - $self['downloaded']);
$upspeed = (0 < $realupload ? $realupload / $self['announcetime'] : 0);
$downspeed = (0 < $downthis ? $downthis / $self['announcetime'] : 0);
$announcetime = ($self['seeder'] == 'yes' ? 'seedtime = seedtime + \'' . $self['announcetime'] . '\'' : 'leechtime = leechtime + \'' . $self['announcetime'] . '\'');
if ((0 < $upthis OR 0 < $downthis))
{
if ((536870912 < $realupload AND $aggressivecheat == 'yes'))
{
send_action ('There was no Leecher on this torrent however this user uploaded ' . $realupload . ' bytes, which might be a cheat attempt with a cheat software such as Ratio Maker, Ratio Faker etc..');
}
$dled = ($Result['silver'] == 'yes' ? $downthis / 2 : $downthis);
if (0 < $upthis)
{
$update_user[] = 'uploaded = uploaded + \'' . $upthis . '\'';
}
if (((0 < $dled AND $Result['free'] != 'yes') AND $Result['canfreeleech'] != 'yes'))
{
$update_user[] = 'downloaded = downloaded + \'' . $dled . '\'';
}
}
if ($max_rate < $upspeed)
{
(mysql_query ('INSERT DELAYED INTO cheat_attempts (added, uid, agent, transfer_rate, beforeup, upthis, timediff, ip, torrentid) VALUES(NOW(), ' . $Result['userid'] . ', ' . sqlesc ($agent) . ', ' . sqlesc ($upspeed) . ', ' . sqlesc ($Result['uploaded']) . ', ' . sqlesc ($realupload) . ', ' . sqlesc ($self['announcetime']) . ', ' . sqlesc ($ip) . ', ' . sqlesc ($Tid) . ')') OR stop ($l['sqlerror'] . ' C1'));
}
}
if ($event == 'stopped')
{
if (isset ($self))
{
if ($snatchmod == 'yes')
{
mysql_query ('UPDATE snatched seeder = \'no\' WHERE torrentid = \'' . $Tid . '\' AND userid = \'' . $Result['userid'] . '\'');
}
mysql_query ('DELETE FROM peers WHERE ' . $selfwhere);
if (mysql_affected_rows ())
{
$update_torrent[] = ($self['seeder'] == 'yes' ? 'seeders = IF(seeders > 0, seeders - 1, 0)' : 'leechers = IF(leechers > 0, leechers - 1, 0)');
}
}
}
else
{
if ($event == 'completed')
{
if ($snatchmod == 'yes')
{
$update_snatched[] = 'finished = \'yes\'';
$update_snatched[] = 'completedat = NOW()';
}
$update_torrent[] = 'times_completed = times_completed + 1';
}
if (isset ($self))
{
$connectable = ($self['connectable'] == 'yes' ? 'yes' : checkconnect ($ip, $port));
if ($snatchmod == 'yes')
{
$update_snatched[] = '' . 'seeder = \'' . $seeder . '\'';
$update_snatched[] = '' . 'connectable = \'' . $connectable . '\'';
$update_snatched[] = 'last_action = NOW()';
$update_snatched[] = '' . 'port = \'' . $port . '\'';
$update_snatched[] = 'agent = ' . sqlesc ($agent);
$update_snatched[] = $announcetime;
if (0 < $upspeed)
{
$update_snatched[] = '' . 'upspeed = \'' . $upspeed . '\'';
}
if (0 < $downspeed)
{
$update_snatched[] = '' . 'downspeed = \'' . $downspeed . '\'';
}
$update_snatched[] = 'ip = ' . sqlesc ($ip);
$update_snatched[] = '' . 'uploaded = uploaded + \'' . $realupload . '\'';
$update_snatched[] = '' . 'downloaded = downloaded + \'' . $downthis . '\'';
$update_snatched[] = '' . 'to_go = \'' . $left . '\'';
}
mysql_query ('' . 'UPDATE peers SET uploaded = ' . $uploaded . ', downloaded = ' . $downloaded . ', to_go = ' . $left . ', last_action = NOW(), prev_action = \'' . $self['last_action'] . ('' . '\', seeder = \'' . $seeder . '\'') . (($seeder == 'yes' AND $self['seeder'] != $seeder) ? ', finishedat = ' . $_SERVER['REQUEST_TIME'] : '') . ('' . ' WHERE ' . $selfwhere));
if ((mysql_affected_rows () AND $self['seeder'] != $seeder))
{
if ($seeder == 'yes')
{
$update_torrent[] = 'seeders = seeders + 1';
$update_torrent[] = 'leechers = IF(leechers > 0, leechers - 1, 0)';
}
else
{
$update_torrent[] = 'leechers = leechers + 1';
$update_torrent[] = 'seeders = IF(seeders > 0, seeders - 1, 0)';
}
}
}
else
{
if (in_array ($port, array (21, 22, 411, 412, 413, 6881, 6882, 6883, 6884, 6885, 6886, 6887, 6889, 1214, 6346, 6347, 4662, 6699, 65535)))
{
stop ($l['invalidport']);
}
else
{
$connectable = checkconnect ($ip, $port);
if (($connectable == 'no' AND $nc == 'yes'))
{
stop ($l['conerror']);
}
}
if ($snatchmod == 'yes')
{
$res = @mysql_query ('SELECT 1 FROM snatched WHERE torrentid = \'' . $Tid . '\' AND userid = \'' . $Result['userid'] . '\'');
if (@mysql_num_rows ($res) == 0)
{
mysql_query ('' . 'INSERT DELAYED INTO snatched (torrentid, userid, port, startdat, last_action, agent, ip) VALUES (' . $Tid . ', ' . $Result['userid'] . ('' . ', ' . $port . ', NOW(), NOW(), ') . sqlesc ($agent) . ', ' . sqlesc ($ip) . ')');
}
}
$ret = mysql_query ('' . 'INSERT DELAYED INTO peers (connectable, torrent, peer_id, ip, port, uploaded, downloaded, to_go, started, last_action, seeder, userid, agent, uploadoffset, downloadoffset, passkey) VALUES (\'' . $connectable . '\', ' . $Tid . ', ' . sqlesc ($peer_id) . ', ' . sqlesc ($ip) . ('' . ', ' . $port . ', ' . $uploaded . ', ' . $downloaded . ', ' . $left . ', NOW(), NOW(), \'' . $seeder . '\', ') . $Result['userid'] . ', ' . sqlesc ($agent) . ('' . ', ' . $uploaded . ', ' . $downloaded . ', ') . sqlesc ($passkey) . ')');
if ($ret)
{
$update_torrent[] = ($seeder == 'yes' ? 'seeders = seeders + 1' : 'leechers = leechers + 1');
}
}
}
if ((((0 < $kpsseed AND $seeder == 'yes') AND $announce_interval - 10 < $self['announcetime']) AND ($bonus == 'enable' OR $bonus == 'disablesave')))
{
$update_user[] = 'seedbonus = seedbonus + \'' . $kpsseed . '\'';
}
if ($seeder == 'yes')
{
if (($Result['banned'] != 'yes' AND $Result['visible'] == 'no'))
{
$update_torrent[] = 'visible = \'yes\'';
}
$update_torrent[] = 'last_action = NOW()';
}
if (count ($update_torrent))
{
mysql_query ('UPDATE torrents SET ' . implode (',', $update_torrent) . ' WHERE id = \'' . $Tid . '\'');
unset ($update_torrent);
}
if (count ($update_user))
{
mysql_query ('UPDATE users SET ' . implode (',', $update_user) . ' WHERE id = \'' . $Result['userid'] . '\'');
unset ($update_user);
}
if (count ($update_snatched))
{
mysql_query ('UPDATE snatched SET ' . implode (',', $update_snatched) . ' WHERE torrentid = \'' . $Tid . '\' AND userid = \'' . $Result['userid'] . '\'');
unset ($update_snatched);
}
header ('Expires: Sat, 1 Jan 2000 01:00:00 GMT');
header ('Last-Modified: ' . gmdate ('D, d M Y H:i:s') . 'GMT');
header ('Cache-Control: no-cache, must-revalidate');
header ('Pragma: no-cache');
header ('Content-type: text/html; charset=' . $charset);
if (((($compact != 1 AND isset ($_SERVER['HTTP_ACCEPT_ENCODING'])) AND $_SERVER['HTTP_ACCEPT_ENCODING'] == 'gzip') AND $gzipcompress == 'yes'))
{
header ('Content-Encoding: gzip');
echo gzencode ($resp, 9, FORCE_GZIP);
}
else
{
if ($compact)
{
header ('Content-Type: text/plain');
echo $resp;
}
else
{
echo $resp;
}
}
mysql_close ($db);
exit ();
?>
solved that at line 78
PHP Code:
if(phpversion() < '5.3.0') {
set_magic_quotes_runtime(0);
}
:) |
