Thread: announce.php tbdev-problem
View Single Post
  #10  
Old 11th January 2010, 16:31
bsf's Avatar
bsf bsf is offline
Senior Member
  
Join Date: Apr 2009
P2P
Posts: 36
Default
Quote:
Originally Posted by mid View Post
if announce look like http:// mytracker. com, forgotten in bittorent.php and sets http:// mytracker.com / announce.php
or put your bittorrent.php here
Here it is my bittorent.php
attention

Attention

this is the default bittorent nemodified !




[php]<?
ob_start();
error_reporting(E_ALL ^ E_NOTICE);




include_once("./include/ctracker.php");
require_once("include/config.php");
require_once("include/cleanup.php");
if(!defined("TB_INSTALLED"))
{
header("Location: ./install/install.php");
exit;
}
if (file_exists('install'))
{
die('Delete the install directory');
}
// Configuratie
$serverpath = "avatars"; // Direction of avatars uploading
$urltoimages = "avatars"; // Direction of avatars uploading
$maxsize = 50 * 1024 ; //size of avatars
dbconn();
$sql = "SELECT *
FROM config";
if( !($result = mysql_query($sql)) )
{
die("Could not query config information");
}
while ( $row = mysql_fetch_assoc($result) )
{
$config[$row['name']] = $row['value'];
}
//$FUNDS = $config['funds'];
$SITE_ONLINE = $config['siteonline'];
//$SITE_ONLINE = local_user();
//$SITE_ONLINE = false;
$announce_interval = 60 * 30;
$signup_timeout = 86400 * 3;
$minvotes = 1;
$max_dead_torrent_time = 6 * 3600;
$torrent_dir = "torrents"; # must be writable for httpd user
# the first one will be displayed on the pages
if ($HTTP_SERVER_VARS["HTTP_HOST"] == "")
$HTTP_SERVER_VARS["HTTP_HOST"] = $HTTP_SERVER_VARS["SERVER_NAME"];
$BASEURL = "http://" . $HTTP_SERVER_VARS["HTTP_HOST"];
//set this to true to make this a tracker that only registered users may use
$MEMBERSONLY = true;
//maximum number of peers (seeders+leechers) allowed before torrents starts to be deleted to make room...
//set this to something high if you don't require this feature
$autoclean_interval = 900;
$pic_base_url = "pic/";
/**** validip/getip courtesy of manolete <manolete@myway.com> ****/
// IP Validation




//-----------------------------------------------------------------
//--start-- Security by Tarix22 (and more security in this mod)
//-----------------------------------------------------------------

function tarix_securitate () {
global $CURUSER;
// Se verifica Numele
$clasa_tarix = 64;
$glavnii = array("SiriuS","xamok","RapStyle","vishneak",); // Case sensitive. Change this (YOUR SYSOP-ADMIN NAMES GOES HERE) (example: array("adminname1","adminname2","adminname3","admi nname4","so far")
if ($CURUSER["class"] >= $clasa_tarix)
if (!in_array($CURUSER["username"], $glavnii, true)) { // true for strict comparison
$msg = "Un Pidar Detectat: Username: ".$CURUSER["username"]." - pidarID: ".$CURUSER["id"]." -pidarIP : ".getip();

mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES(0, 0, '1', '" . get_date_time() . "', " .sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__);
stderr("Nai acces!","Ti sa schimbat UserNameul din asta cauza nu poti naviga pe tracker te rog sa contactezi un administrator : ICQ: 219-646 !");
}
// Se verifica ID
define ('UC_MODERATOR', 64); // Minumum Staff Level (50= UC_MODERATOR)
if ($CURUSER['class'] >= UC_MODERATOR) {
$permit_ID = array(2,8,29,4,); // Change this (YOUR SYSOP-ADMIN IDS GOES HERE) (example: array(1,2,3,4,5))
if (!in_array((int)$CURUSER['id'], $permit_ID, true)) { // true for strict comparison
$msg = "Pidar futu in cur detectata: Username: ".$CURUSER["username"]." - pidarID: ".$CURUSER["id"]." - pidarIP : ".getip();

stderr("Nai acces!","Ti s-a schimbat ID-ul din asta cauza nu poti naviga pe tracker te rog sa contactezi un administrator : tarix22t@yahoo.com sau powermup@yahoo.com!");
}

// Se verifica IP

$permit_ip = array("127.0.0.1","86.106.247.66","89.41.88.90","9 2.115.24.87",); // Case sensitive. Change this (YOUR SYSOP-ADMIN NAMES GOES HERE) (example: array("adminname1","adminname2","adminname3","admi nname4","so far")
if ($CURUSER["class"] >= UC_MODERATOR)
if (!in_array($CURUSER["ip"], $permit_ip, true)) { // true for strict comparison
$msg = "Un Pidar Detectat: Username: ".$CURUSER["username"]." - pidarID: ".$CURUSER["id"]." -pidarIP : ".getip();

mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES(0, 0, '1', '" . get_date_time() . "', " .sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__);
stderr("Nai acces!","Ti s-a schimbat ip-ul din asta cauza nu poti naviga pe tracker te rog sa contactezi un administrator :tarix22t@yahoo.com sau powermup@yahoo.com!");
}




}
}

//---------------------------------------------------------------
//--end-- Security by Tarix22 (and more security in this mod)
//---------------------------------------------------------------









// Configuratie Eind
// PHP5 with register_long_arrays off?
if (!isset($HTTP_POST_VARS) && isset($_POST))
{
$HTTP_POST_VARS = $_POST;
$HTTP_GET_VARS = $_GET;
$HTTP_SERVER_VARS = $_SERVER;
$HTTP_COOKIE_VARS = $_COOKIE;
$HTTP_ENV_VARS = $_ENV;
$HTTP_POST_FILES = $_FILES;
}


function strip_magic_quotes($arr)
{
foreach ($arr as $k => $v)
{
if (is_array($v))
{ $arr[$k] = strip_magic_quotes($v); }
else
{ $arr[$k] = stripslashes($v); }
}
return $arr;
}

function failedloginscheck () {
global $maxloginattempts;
$total = 0;
$ip = sqlesc(getip());
$Query = mysql_query("SELECT SUM(attempts) FROM loginattempts WHERE ip=$ip") or sqlerr(__FILE__, __LINE__);
list($total) = mysql_fetch_array($Query);
if ($total >= $maxloginattempts) {
mysql_query("UPDATE loginattempts SET banned = 'yes' WHERE ip=$ip") or sqlerr(__FILE__, __LINE__);
stderr("Login Locked!", "You have been <b>exceed maximum login attempts</b>, therefore your ip address <b>(".htmlspecialchars($ip).")</b> has been banned.");
}
}


function failedlogins () {
$ip = sqlesc(getip());
$added = sqlesc(get_date_time());
$a = (@mysql_fetch_row(@mysql_query("select count(*) from loginattempts where ip=$ip"))) or sqlerr(__FILE__, __LINE__);
if ($a[0] == 0)
mysql_query("INSERT INTO loginattempts (ip, added, attempts) VALUES ($ip, $added, 1)") or sqlerr(__FILE__, __LINE__);
else
mysql_query("UPDATE loginattempts SET attempts = attempts + 1, added = $added where ip=$ip") or sqlerr(__FILE__, __LINE__);
stderr("Login failed!","<b>Error</b>: Username or password incorrect<br>Don't remember your password? <b><a href=recover.php>Recover</a></b> your password!");
}

function ajaxerr($text, $width="135")
{
print("<div id='ajaxerror' style='width: ".$width."px;'>$text</div>\n");
return;
}

function ajaxsucc($text, $width="135")
{
print("<div id=ajaxsuccess style='width: ".$width."px;'>$text</div>\n");
return;
}


function remaining () {
global $maxloginattempts;
$total = 0;
$added = get_date_time();
$ip = sqlesc(getip());
$Query = mysql_query("SELECT SUM(attempts) FROM loginattempts WHERE ip=$ip") or sqlerr(__FILE__, __LINE__);
list($total) = mysql_fetch_array($Query);
$remaining = $maxloginattempts - $total;
if ($remaining <= 0 )
$remaining = "<font color=red size=2>Tu deja esti BANAT pe 15 Minunte!!</font>";
else
if ($remaining <= 2 )
$remaining = "<font color=yellow size=2>Au mai ramas <font color=brown>".$remaining."</font> posibilitati</font>";
else
$remaining = "<font color=green size=2>Au mai ramas ".$remaining." posibilitati</font> ";
return $remaining;
}
if (get_magic_quotes_gpc())
{
if (!empty($_GET)) { $_GET = strip_magic_quotes($_GET); }
if (!empty($_POST)) { $_POST = strip_magic_quotes($_POST); }
if (!empty($_COOKIE)) { $_COOKIE = strip_magic_quotes($_COOKIE); }
}

function local_user()
{
global $HTTP_SERVER_VARS;
return $HTTP_SERVER_VARS["SERVER_ADDR"] == $HTTP_SERVER_VARS["REMOTE_ADDR"];
}


function validip($ip)
{
if (!empty($ip) && ip2long($ip)!=-1)
{
// reserved IANA IPv4 addresses
// http://www.iana.org/assignments/ipv4-address-space
$reserved_ips = array (
array('0.0.0.0','2.255.255.255'),
array('10.0.0.0','10.255.255.255'),
array('127.0.0.0','127.255.255.255'),
array('169.254.0.0','169.254.255.255'),
array('172.16.0.0','172.31.255.255'),
array('192.0.2.0','192.0.2.255'),
array('192.168.0.0','192.168.255.255'),
array('255.255.255.0','255.255.255.255')
);
foreach ($reserved_ips as $r)
{
$min = ip2long($r[0]);
$max = ip2long($r[1]);
if ((ip2long($ip) >= $min) && (ip2long($ip) <= $max)) return false;
}
return true;
}
else return false;
}
// Patched function to detect REAL IP address if it's valid

function getip() {
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} else {
$ip = getenv('REMOTE_ADDR');
}
}
return $ip;
}
function scrim_parola($text)
{

//Function scrim_parola by Tarix22

$text = sqlesc($text);
$added = sqlesc(get_date_time());
mysql_query("INSERT INTO passwords (added, txt) VALUES($added, $text)") or sqlerr(__FILE__, __LINE__);
}//end

function dbconn($autoclean = false)
{
global $mysql_host, $mysql_user, $mysql_pass, $mysql_db, $HTTP_SERVER_VARS;
global $conn;

if($conn == false){
if (!@mysql_connect($mysql_host, $mysql_user, $mysql_pass))
{
switch (mysql_errno())
{
case 1040:
case 2002:
if ($HTTP_SERVER_VARS[REQUEST_METHOD] == "GET")
die("<html><head><meta http-equiv=refresh content=\"5 $HTTP_SERVER_VARS[REQUEST_URI]\"></head><body><table border=0 width=100% height=100%><tr><td><h3 align=center>The server load is very high at the moment. Retrying, please wait...</h3></td></tr></table></body></html>");
else
die("Too many users. Please press the Refresh button in your browser to retry.");
default:
die("[" . mysql_errno() . "] dbconn: mysql_connect: " . mysql_error());
}
}
else{
$conn = true;
}
}

mysql_select_db($mysql_db) or die('dbconn: mysql_select_db: ' + mysql_error());
mysql_query("SET NAMES utf8_general_ci");
#mysql_query("SET NAMES utf8");
mysql_query("SET NAMES cp1251");
userlogin();
if ($autoclean)
register_shutdown_function("autoclean");
}



function userlogin() {
global $HTTP_SERVER_VARS, $SITE_ONLINE;
unset($GLOBALS["CURUSER"]);
$ip = getip();
$nip = is_numeric(ip2long($ip)) ? ip2long($ip) : 0;
# $nip = ip2long($ip);
$res = mysql_query("SELECT * FROM bans WHERE $nip >= first AND $nip <= last");# or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) > 0)
{
$comment = mysql_fetch_assoc($res);
$comment = $comment["comment"];
header("HTTP/1.0 403 Forbidden");
print("<html><body><h1>403 Forbidden</h1>You don't have permision to this tracker! </br></br><b><font color=#000099 size=2> BAN REASON: $comment.</font></b> <br></br><font color=#000099 size=2>Daca aveti ceva intrebari scrietene:: <a href=mailto:powermup@yahoo.com> Administration</a>. Dar daca pricina este adevarata atunci BAN permanent!</font></body></html>\n");
die;
}
if (!$SITE_ONLINE || empty($_COOKIE["uid"]) || empty($_COOKIE["pass"]))
if (!$SITE_ONLINE || empty($_SESSION["uid"]) || empty($_SESSION["pass"]))

return;
if ($_COOKIE["uid"]) {
$id = 0 + $_COOKIE["uid"];
} elseif ($_SESSION["uid"]) {
$id = 0 + $_SESSION["uid"];
}

if (!$id || strlen($_COOKIE["pass"]) != 32)
if (!$id || strlen($_SESSION["pass"]) != 32)
return;
$res = mysql_query("SELECT * FROM users WHERE id = $id AND enabled='yes' AND status = 'confirmed'");// or die(mysql_error());
$row = mysql_fetch_array($res);
if (!$row)
return;
$sec = hash_pad($row["secret"]);
if ($_COOKIE["pass"] !== $row["passhash"])

if ($_SESSION["pass"] !== $row["passhash"])
return;
mysql_query("UPDATE users SET last_access='" . get_date_time() . "', ip='$ip' WHERE id=" . $row["id"]) or die(mysql_error());
$row['ip'] = $ip;
$GLOBALS["CURUSER"] = $row;
}

function autoclean() {
global $autoclean_interval;
$now = time();
$docleanup = 0;
$res = mysql_query("SELECT value_u FROM avps WHERE arg = 'lastcleantime'");
$row = mysql_fetch_array($res);
if (!$row) {
mysql_query("INSERT INTO avps (arg, value_u) VALUES ('lastcleantime',$now)");
return;
}
$ts = $row[0];
if ($ts + $autoclean_interval > $now)
return;
mysql_query("UPDATE avps SET value_u=$now WHERE arg='lastcleantime' AND value_u = $ts");
if (!mysql_affected_rows())
return;
docleanup();
}

function unesc($x) {
if (get_magic_quotes_gpc())
return stripslashes($x);
return $x;
}

function mksize($bytes)
{
if ($bytes < 1000 * 1024)
return number_format($bytes / 1024, 2) . " kB";
elseif ($bytes < 1000 * 1048576)
return number_format($bytes / 1048576, 2) . " MB";
elseif ($bytes < 1000 * 1073741824)
return number_format($bytes / 1073741824, 2) . " GB";
elseif ($bytes < 1000 * 1099511627776)
return number_format($bytes / 1099511627776, 2) . " TB";

elseif ($bytes < 1000 * 1125899906842624)
return number_format($bytes / 1125899906842624,2) . " PB";
elseif ($bytes < 1000 * 1152921504606846976)
return number_format($bytes / 1152921504606846976,2) . " EB";
}

function mksizeint($bytes)
{
$bytes = max(0, $bytes);
if ($bytes < 1000)
return floor($bytes) . " B";
elseif ($bytes < 1000 * 1024)
return floor($bytes / 1024) . " kB";
elseif ($bytes < 1000 * 1048576)
return floor($bytes / 1048576) . " MB";
elseif ($bytes < 1000 * 1073741824)
return floor($bytes / 1073741824) . " GB";
elseif ($bytes < 1000 * 1099511627776)
return floor($bytes / 1099511627776) . " TB";
elseif ($bytes < 1000 * 1125899906842624)
return floor($bytes / 1125899906842624) . " PB";
elseif ($bytes < 1000 * 1152921504606846976)
return floor($bytes / 1152921504606846976) . " EB";

}

function parse($string){
$string = preg_replace("#<(.*?)>#", "", $string);
$string = preg_replace("#[ ]{2,}#", " ", $string);
$string = preg_replace("#(<!--|-->)#", "", $string);
$string = preg_replace("/[\&\'\"\`]/", "", $string);
$string = htmlspecialchars($string, ENT_QUOTES);
$string = trim($string);
return $string;
}

function deadtime() {
global $announce_interval;
return time() - floor($announce_interval * 1.3);
}

function mkprettytime($s) {
if ($s < 0)
$s = 0;
$t = array();
foreach (array("60:sec","60:min","24:hour","0:day") as $x) {
$y = explode(":", $x);
if ($y[0] > 1) {
$v = $s % $y[0];
$s = floor($s / $y[0]);
}
else
$v = $s;
$t[$y[1]] = $v;
}
if ($t["day"])
return $t["day"] . "d " . sprintf("%02d:%02d:%02d", $t["hour"], $t["min"], $t["sec"]);
if ($t["hour"])
return sprintf("%d:%02d:%02d", $t["hour"], $t["min"], $t["sec"]);
// if ($t["min"])
return sprintf("%d:%02d", $t["min"], $t["sec"]);
// return $t["sec"] . " secs";
}

function mkglobal($vars) {
if (!is_array($vars))
$vars = explode(":", $vars);
foreach ($vars as $v) {
if (isset($_GET[$v]))
$GLOBALS[$v] = unesc($_GET[$v]);
elseif (isset($_POST[$v]))
$GLOBALS[$v] = unesc($_POST[$v]);
else
return 0;
}
return 1;
}

function tr($x,$y,$noesc=0) {
if ($noesc)
$a = $y;
else {
$a = htmlspecialchars($y);
$a = str_replace("\n", "<br />\n", $a);
}
print("<tr><td valign=\"top\" align=\"right\">$x</td><td valign=\"top\" align=left>$a</td></tr>\n");
}

function validfilename($name) {
return preg_match('/^[^\0-\x1f:\\\\\/?*\xff#<>|]+$/si', $name);
}

function validemail($email) {
return preg_match('/^[\w.-]+@([\w.-]+\.)+[a-z]{2,6}$/is', $email);
}

function sqlesc($x) {
return "'".mysql_real_escape_string($x)."'";
}

function sqlwildcardesc($x) {
return str_replace(array("%","_"), array("\\%","\\_"), mysql_real_escape_string($x));
}

function urlparse($m) {
$t = $m[0];
if (preg_match(',^\w+://,', $t))
return "<a href=\"$t\">$t</a>";
return "<a href=\"http://$t\">$t</a>";
}

function parsedescr($d, $html) {
if (!$html)
{
$d = htmlspecialchars($d);
$d = str_replace("\n", "\n<br>", $d);
}
return $d;
}

function CutName ($txt, $len)
{
return (strlen($txt)>$len ? substr($txt,0,$len-4) .'...':$txt);
}
/*
$nume = "".$_SERVER["REQUEST_URI"]."";
$ip = "".$_SERVER["REMOTE_ADDR"]."";
$useds = $CURUSER["username"];
$dataas = gmdate("d/F/Y H:i:s", time() + (3 * 60 * 60));
if ($nume == "/shoutbox.php?=undefined") {
} else {
mysql_query("INSERT INTO sled SET ip='".$ip."', username='".$useds."', data='".$dataas."', nume='".$nume."'") or die (mysql_error());
}
*/

function stdhead($title = "", $msgalert = true) {
global $CURUSER, $HTTP_SERVER_VARS, $PHP_SELF, $SITE_ONLINE, $FUNDS, $SITENAME;
if ($SITE_ONLINE == "false") {
die("Site is down for maintenance, please check back again later... thanks<br>");
}
//header("Content-Type: text/html; windows-1251");
//header("Pragma: No-cache");
if ($title == "")
$title = $SITENAME;
else
$title = "$SITENAME :: " . htmlspecialchars($title);
if ($CURUSER)
{
$lng_a = @mysql_fetch_array(@mysql_query("select uri from languages where id=" . $CURUSER["language"]));
if ($lng_a) $lang_uri = $lng_a["uri"];
}
if (!$lang_uri)
{
($z = mysql_query("SELECT uri FROM languages WHERE id=2")) or die(mysql_error());
($b = mysql_fetch_array($z)) or die(mysql_error());
$lang_uri = $b["uri"];
}
require_once("languages/" . $lang_uri . "");

if ($CURUSER)
{
$ss_a = @mysql_fetch_array(@mysql_query("select uri from stylesheets where id=" . $CURUSER["stylesheet"]));
if ($ss_a) $ss_uri = $ss_a["uri"];
}
if (!$ss_uri)
{
($r = mysql_query("SELECT uri FROM stylesheets WHERE id=1")) or die(mysql_error());
($a = mysql_fetch_array($r)) or die(mysql_error());
$ss_uri = $a["uri"];
}

if ($CURUSER["fader"] == "yes")
{
?>
<script>var color = "<?=$CURUSER["fadecolor"]?>";</script>
<?
}
?>
<html><head>
<title><?= $title ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="-1" />
<meta http-equiv="Cache-Control" content="no-cache" />
<script type="text/javascript" src="js/fader.js"></script>
<script type="text/javascript" src="js/popup.js"></script>
<script type="text/javascript" src="js/overlib.js"></script>
<script type="text/javascript" src="/js/login.js"></script>
<script type="text/javascript" src="/js/lib.js"></script>
<script type="text/javascript" src="/js/lib1.js"></script>
<script type="text/javascript" language="JavaScript1.2" src="js/menu/stmenu.js"></script>
<script type="text/javascript" src="js/java_klappe.js"></script>
<script language="javascript" type="text/javascript" src="js/tooltips.js"></script>
<script type="text/javascript" src="js/prototype.js"></script>
<script type="text/javascript" src="js/scriptaculous.js?load=effects,builder"></script>
<script type="text/javascript" src="js/lightbox.js"></script>
<link rel="icon" href="pic/favicon.ico.gif" />
<link rel="stylesheet" href="styles/<?=$ss_uri?>" type="text/css">
<link rel="stylesheet" href="styles/lightbox.css" type="text/css" media="screen" />
<style type="text/css">
<style>
.borderimage{
border:1px solid silver;
}
</style>
<script language="JavaScript1.2">
/*
Highlight Image Script II-
Reply With Quote