function getRemoveItem($id) { include_once "include/bittorrent.php"; //$id="106"; //for test $dbcc = mysql_connect("localhost", "root", "buptnic"); mysql_query("SET NAMES UTF8"); mysql_select_db("nexusphp", $dbcc); $outcome = mysql_query("SELECT * FROM torrents WHERE id='{$id}'", $dbcc); while ($info = mysql_fetch_assoc($outcome)) { $vodhash1 = $info["info_hash"]; $vodsmalldes = $info["small_descr"]; } mysql_close($dbcc); $vodhash = preg_replace_callback('/./s', "hex_esc", hash_pad($vodhash1)); $fields['vodhash'] = $vodhash; $fields['vodsmalldes'] = $vodsmalldes; $url = "211.68.70.177/removeseed.php"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($ch); if ($output === false) { echo curl_error($ch); } curl_close($ch); //echo $output; }
function getfilenames() { $dbconnnexus = mysql_connect("localhost", "root", "buptnic"); mysql_query("SET NAMES UTF8"); mysql_select_db("nexusphp", $dbconnnexus); $result = mysql_query("SELECT * FROM torrents", $dbconnnexus); mysql_close($dbconnnexus); $fileList = array(); while ($info = mysql_fetch_assoc($result)) { $fnamearray = array(); $filename = "/var/lib/transmission/PTtorrents/" . $info["filename"]; $name = $info["save_as"]; array_push($fnamearray, $filename); array_push($fnamearray, $name); $fhash = preg_replace_callback('/./s', "hex_esc", hash_pad($info["info_hash"])); // preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"])) array_push($fnamearray, $fhash); array_push($fileList, $fnamearray); } return $fileList; }
$title .= "[" . $row['cat_name'] . "]"; } $title .= $row['name']; if ($_GET['ismalldescr'] && $row['small_descr']) { $title .= "[" . $row['small_descr'] . "]"; } if ($_GET['isize']) { $title .= "[" . mksize($row['size']) . "]"; } if ($_GET['iuplder']) { $title .= "[" . $author . "]"; } $content = format_comment($row['descr'], true, false, false, false); print ' <item> <title><![CDATA[' . $title . ']]></title> <link>' . $itemurl . '</link> <description><![CDATA[' . $content . ']]></description> '; //print(' <dc:creator>'.$author.'</dc:creator>'); print ' <author>' . $author . '@' . $_SERVER['HTTP_HOST'] . ' (' . $author . ')</author>'; print ' <category domain="' . $url . '/torrents.php?cat=' . $row['cat_id'] . '">' . $row['cat_name'] . '</category> <comments><![CDATA[' . $url . '/details.php?id=' . $row['id'] . '&cmtpage=0#startcomments]]></comments> <enclosure url="' . $itemdlurl . '" length="' . $row['size'] . '" type="application/x-bittorrent" /> <guid isPermaLink="false">' . preg_replace_callback('/./s', 'hex_esc', hash_pad($row['info_hash'])) . '</guid> <pubDate>' . date('r', strtotime($row['added'])) . '</pubDate> </item> '; } print ' </channel> </rss>';
// $md5 = $matches[2]; $id = 0 + $_GET["id"]; $md5 = $_GET["secret"]; if (!$id) { stderr('Villa','ID ekki sett'); httperr(); } $res = mysql_query("SELECT username, email, passhash, editsecret FROM users WHERE id = $id"); $arr = mysql_fetch_array($res) or httperr(); $email = $arr["email"]; $sec = hash_pad($arr["editsecret"]); if (preg_match('/^ *$/s', $sec)) { stderr('Villa','preg_match villa - "'.$sec.'"'); httperr(); } if ($md5 != md5($sec.$email.$arr["passhash"].$sec)) { stderr('Villa','md5 villa'); httperr(); } // generate new password; $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $newpassword = ""; for ($i = 0; $i < 10; $i++) $newpassword .= $chars[mt_rand(0, strlen($chars) - 1)];
require_once "include/bittorrent.php"; require_once "include/user_functions.php"; $lang = array_merge(load_language('global'), load_language('confirm')); $id = isset($_GET['id']) ? intval($_GET['id']) : 0; $md5 = isset($_GET['secret']) ? $_GET['secret'] : ''; if (!is_valid_id($id)) { stderr("{$lang['confirm_user_error']}", "{$lang['confirm_invalid_id']}"); } if (!preg_match("/^(?:[\\d\\w]){32}\$/", $md5)) { stderr("{$lang['confirm_user_error']}", "{$lang['confirm_invalid_key']}"); } dbconn(); $res = @mysql_query("SELECT passhash, editsecret, status FROM users WHERE id = {$id}"); $row = @mysql_fetch_assoc($res); if (!$row) { stderr("{$lang['confirm_user_error']}", "{$lang['confirm_invalid_id']}"); } if ($row['status'] != 'pending') { header("Refresh: 0; url={$TBDEV['baseurl']}/ok.php?type=confirmed"); exit; } $sec = hash_pad($row['editsecret']); if ($md5 != md5($sec)) { stderr("{$lang['confirm_user_error']}", "{$lang['confirm_cannot_confirm']}"); } @mysql_query("UPDATE users SET status='confirmed', editsecret='' WHERE id={$id} AND status='pending'"); if (!mysql_affected_rows()) { stderr("{$lang['confirm_user_error']}", "{$lang['confirm_cannot_confirm']}"); } logincookie($id, $row['passhash']); header("Refresh: 0; url={$TBDEV['baseurl']}/ok.php?type=confirm");
} elseif (substr($pid, 0, 3) == "-UT") { return true; } else { return false; } } if ($_GET['compact'] != 1) { $resp = "d" . benc_str("interval") . "i" . $announce_interval . "e" . (dht_client_recog() ? benc_str("private") . 'i1e' : '') . benc_str('peers') . "l"; } else { $resp = "d" . benc_str("interval") . "i" . $announce_interval . "e5:" . "peers"; } $peer = array(); $peer_num = 0; while ($row = mysql_fetch_assoc($res)) { if ($_GET['compact'] != 1) { $row["peer_id"] = hash_pad($row["peer_id"]); if ($row["peer_id"] === $peer_id) { $self = $row; continue; } $resp .= "d" . benc_str("ip") . benc_str($row["ip"]); if (!$_GET['no_peer_id']) { $resp .= benc_str("peer id") . benc_str($row["peer_id"]); } $resp .= benc_str("port") . "i" . $row["port"] . "e" . "e"; } else { $peer_ip = explode('.', $row["ip"]); $peer_ip = pack("C*", $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]); $peer_port = pack("n*", (int) $row["port"]); $time = intval(time() % 7680 / 60); if ($_GET['left'] == 0) {
dbconn(false); $r = "d" . benc_str("files") . "d"; $fields = "info_hash, times_completed, seeders, leechers"; if (isset($_GET["info_hash"])) $query = "SELECT $fields FROM torrents WHERE " . hash_where("info_hash", $_GET["info_hash"]); //else // $query = "SELECT $fields FROM torrents ORDER BY info_hash"; $r = ''; if(isset($query)) { $res = mysql_query($query); while ($row = mysql_fetch_assoc($res)) { $r .= "20:" . hash_pad($row["info_hash"]) . "d" . benc_str("complete") . "i" . $row["seeders"] . "e" . benc_str("downloaded") . "i" . $row["times_completed"] . "e" . benc_str("incomplete") . "i" . $row["leechers"] . "e" . "e"; } $r .= "ee"; } header("Content-Type: text/plain"); if(!empty($r)) echo $r; ?>
$s = "w00t"; break; } $sr = floor($sr * 1000) / 1000; $sr = "<font color='" . get_ratio_color($sr) . "'>" . number_format($sr, 3) . "</font> <img src=\"pic/smilies/{$s}.gif\" alt=\"\" />"; if ($torrents['free'] >= 1 || $torrents['freetorrent'] >= 1 || $isfree['yep'] || $free_slot or $double_slot != 0 || $CURUSER['free_switch'] != 0) { $HTMLOUT .= "<tr>\n\t\t\t\t<td align='right' class='heading'>Ratio After Download</td>\n\t\t\t\t<td><del>{$sr} Your new ratio if you download this torrent.</del> <b><font size='' color='#FF0000'>[FREE]</font></b> (Only upload stats are recorded)\n\t\t\t\t</td>\n\t\t\t</tr>"; } else { $HTMLOUT .= "<tr>\n\t\t\t\t<td align='right' class='heading'>Ratio After Download</td>\n\t\t\t\t<td>{$sr} Your new ratio if you download this torrent.</td>\n\t\t\t</tr>"; } //==End function hex_esc($matches) { return sprintf("%02x", ord($matches[0])); } $HTMLOUT .= tr("{$lang['details_info_hash']}", preg_replace_callback('/./s', "hex_esc", hash_pad($torrents["info_hash"]))); } else { $HTMLOUT .= "<div><div class='container-fluid'><table class='table table-bordered'><tr><td align='right' class='heading'>Download Disabled!!</td><td>Your not allowed to download presently !!</td></tr>"; } $HTMLOUT .= "</table>"; $HTMLOUT .= "<table class='table table-bordered'>\n"; if (!empty($torrents["description"])) { $HTMLOUT .= tr("{$lang['details_small_descr']}", "<i>" . htmlsafechars($torrents['description']) . "</i>", 1); } else { $HTMLOUT .= "<tr><td>No small description found</td></tr>"; } $HTMLOUT .= "</table>\n"; //== Similar Torrents mod $searchname = substr($torrents['name'], 0, 6); $query1 = str_replace(" ", ".", sqlesc("%" . $searchname . "%")); $query2 = str_replace(".", " ", sqlesc("%" . $searchname . "%"));
function userlogin() { global $lang_functions; global $Cache; global $SITE_ONLINE, $oldip; global $enablesqldebug_tweak, $sqldebug_tweak; unset($GLOBALS["CURUSER"]); $ip = getip(); $nip = ip2long($ip); if ($nip) { $res = sql_query("SELECT * FROM bans WHERE {$nip} >= first AND {$nip} <= last") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) > 0) { header("HTTP/1.0 403 Forbidden"); print "<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"></head><body>" . $lang_functions['text_unauthorized_ip'] . "</body></html>\n"; die; } } if (empty($_COOKIE["c_secure_pass"]) || empty($_COOKIE["c_secure_uid"]) || empty($_COOKIE["c_secure_login"])) { return; } if ($_COOKIE["c_secure_login"] == base64("yeah")) { //if (empty($_SESSION["s_secure_uid"]) || empty($_SESSION["s_secure_pass"])) //return; } $b_id = base64($_COOKIE["c_secure_uid"], false); $id = 0 + $b_id; if (!$id || !is_valid_id($id) || strlen($_COOKIE["c_secure_pass"]) != 32) { return; } if ($_COOKIE["c_secure_login"] == base64("yeah")) { //if (strlen($_SESSION["s_secure_pass"]) != 32) //return; } $res = sql_query("SELECT * FROM users WHERE users.id = " . sqlesc($id) . " AND users.enabled='yes' AND users.status = 'confirmed' LIMIT 1"); $row = mysql_fetch_array($res); if (!$row) { return; } $sec = hash_pad($row["secret"]); //die(base64_decode($_COOKIE["c_secure_login"])); if ($_COOKIE["c_secure_login"] == base64("yeah")) { if ($_COOKIE["c_secure_pass"] != md5($row["passhash"] . $_SERVER["REMOTE_ADDR"])) { return; } } else { if ($_COOKIE["c_secure_pass"] !== md5($row["passhash"])) { return; } } if ($_COOKIE["c_secure_login"] == base64("yeah")) { //if ($_SESSION["s_secure_pass"] !== md5($row["passhash"].$_SERVER["REMOTE_ADDR"])) //return; } if (!$row["passkey"]) { $passkey = md5($row['username'] . date("Y-m-d H:i:s") . $row['passhash']); sql_query("UPDATE users SET passkey = " . sqlesc($passkey) . " WHERE id=" . sqlesc($row["id"])); // or die(mysql_error()); } $oldip = $row['ip']; $row['ip'] = $ip; $GLOBALS["CURUSER"] = $row; if ($_GET['clearcache'] && get_user_class() >= UC_MODERATOR) { $Cache->setClearCache(1); } if ($enablesqldebug_tweak == 'yes' && get_user_class() >= $sqldebug_tweak) { error_reporting(E_ALL & ~E_NOTICE); } }
function userlogin() { global $SITE_ONLINE; unset($GLOBALS["CURUSER"]); $dt = get_date_time(); $ip = getip(); $ipf = $_SERVER['REMOTE_ADDR']; $nip = ip2long($ip); $nip2 = ip2long($ipf); require_once ROOT_PATH . "cache/bans_cache.php"; if (count($bans) > 0) { foreach ($bans as $k) { if ($nip >= $k['first'] && $nip <= $k['last'] || $nip2 >= $k['first'] && $nip2 <= $k['last']) { header("HTTP/1.0 403 Forbidden"); echo "<html><body><h1>403 Forbidden</h1>Unauthorized IP address.</body></html>\n"; exit; } } unset($bans); } if (!$SITE_ONLINE || empty($_COOKIE["uid"]) || empty($_COOKIE["pass"]) || empty($_COOKIE["hashv"])) { return; } $id = 0 + $_COOKIE["uid"]; if (!$id or strlen($_COOKIE["pass"]) != 32 or $_COOKIE["hashv"] != hashit($id, $_COOKIE["pass"])) { return; } // //////////////announcement mod by Retro///////////////////////// $res = sql_query("SELECT u.*, ann_main.subject AS curr_ann_subject, ann_main.body AS curr_ann_body " . "FROM users AS u " . "LEFT JOIN announcement_main AS ann_main " . "ON ann_main.main_id = u.curr_ann_id " . "WHERE u.id = {$id} AND u.enabled='yes' AND u.status = 'confirmed'") or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_assoc($res); if (!$row) { return; } $sec = hash_pad($row["secret"]); if ($_COOKIE["pass"] !== md5($row["passhash"] . $_SERVER["REMOTE_ADDR"])) { return; } if ($row['logout'] == 'yes' && $row['last_access'] > $row['last_login'] && $row['last_access'] < time() - 900) { logoutcookie(); return; } if ($row['last_access'] != '0000-00-00 00:00:00' and strtotime($row['last_access']) < strtotime($dt) - 300 || $row['ip'] !== $ip || $row['ipf'] !== '' && $row['ipf'] !== $ipf) { $add_set = isset($add_set) ? $add_set : ''; sql_query("UPDATE users SET last_access=" . sqlesc($dt) . ", ip=" . sqlesc($ip) . $add_set . ", uptime=uptime+300 WHERE id=" . $row['id']); // or die(mysql_error()); } if ($row['ip'] !== $ip || $row['ipf'] !== '' && $row['ipf'] !== $ipf) { sql_query('INSERT INTO iplog (ip, userid, access) VALUES (' . sqlesc($ip) . ', ' . $row['id'] . ', \'' . $row['last_access'] . '\') on DUPLICATE KEY update access=values(access)'); } // If curr_ann_id > 0 but curr_ann_body IS NULL, then force a refresh if ($row['curr_ann_id'] > 0 and $row['curr_ann_body'] == null) { $row['curr_ann_id'] = 0; $row['curr_ann_last_check'] = '0000-00-00 00:00:00'; } // If elapsed > 10 minutes, force a announcement refresh. if ($row['curr_ann_last_check'] != '0000-00-00 00:00:00' and strtotime($row['curr_ann_last_check']) < strtotime($dt) - 300) { $row['curr_ann_last_check'] = '0000-00-00 00:00:00'; } if ($row['curr_ann_id'] == 0 and $row['curr_ann_last_check'] == '0000-00-00 00:00:00') { // Force an immediate check... $query = sprintf('SELECT m.*,p.process_id FROM announcement_main AS m ' . 'LEFT JOIN announcement_process AS p ON m.main_id = p.main_id ' . 'AND p.user_id = %s ' . 'WHERE p.process_id IS NULL ' . 'OR p.status = 0 ' . 'ORDER BY m.main_id ASC ' . 'LIMIT 1', sqlesc($row['id'])); $result = mysql_query($query); if (mysql_num_rows($result)) { // Main Result set exists $ann_row = mysql_fetch_array($result); $query = $ann_row['sql_query']; // Ensure it only selects... if (!preg_match('/\\ASELECT.+?FROM.+?WHERE.+?\\z/', $query)) { die; } // The following line modifies the query to only return the current user // row if the existing query matches any attributes. $query .= ' AND u.id = ' . sqlesc($row['id']) . ' LIMIT 1'; $result = mysql_query($query); if (mysql_num_rows($result)) { // Announcement valid for member $row['curr_ann_id'] = $ann_row['main_id']; // Create two row elements to hold announcement subject and body. $row['curr_ann_subject'] = $ann_row['subject']; $row['curr_ann_body'] = $ann_row['body']; // Create additional set for main UPDATE query. $add_set = ', curr_ann_id = ' . sqlesc($ann_row['main_id']); $status = 2; } else { // Announcement not valid for member... $add_set = ', curr_ann_last_check = ' . sqlesc($dt); $status = 1; } // Create or set status of process if ($ann_row['process_id'] === null) { // Insert Process result set status = 1 (Ignore) $query = sprintf('INSERT INTO announcement_process (main_id, ' . 'user_id, status) VALUES (%s, %s, %s)', sqlesc($ann_row['main_id']), sqlesc($row['id']), sqlesc($status)); } else { // Update Process result set status = 2 (Read) $query = sprintf('UPDATE announcement_process SET status = %s ' . 'WHERE process_id = %s', sqlesc($status), sqlesc($ann_row['process_id'])); } mysql_query($query); } else { // No Main Result Set. Set last update to now... $add_set = ', curr_ann_last_check = ' . sqlesc($dt); //$add_set = ', curr_ann_last_check = '.sqlesc($dt).', curr_ann_id = curr_ann_id'; } unset($result); unset($ann_row); } session_cache_limiter('private'); session_start(); if (!isset($_SESSION['browsetime']) || $row['ip'] !== $ip) { $_SESSION['browsetime'] = strtotime($row['last_access']); } $row['ip'] = $ip; $GLOBALS["CURUSER"] = $row; if ($row['override_class'] < $row['class']) { $row['class'] = $row['override_class']; } // Override class and save in GLOBAL array below. $GLOBALS["CURUSER"] = $row; }
$s .= "<tr" . $sphighlight . "><td class=\"rowfollow nowrap\" valign=\"middle\" style='padding: 0px'>" . return_category_image($copy_row["catid"], "torrents.php?allsec=1&") . "</td><td class=\"rowfollow\" align=\"left\"><a href=\"" . htmlspecialchars(get_protocol_prefix() . $BASEURL . "/details.php?id=" . $copy_row["id"] . "&hit=1") . "\">" . $dispname . "</a>" . $sp_info . "</td>" . "<td class=\"rowfollow\" align=\"left\">" . rtrim(trim($other_source_info . $other_medium_info . $other_codec_info . $other_standard_info . $other_processing_info), ",") . "</td>" . "<td class=\"rowfollow\" align=\"center\">" . mksize($copy_row["size"]) . "</td>" . "<td class=\"rowfollow nowrap\" align=\"center\">" . str_replace(" ", "<br />", gettime($copy_row["added"], false)) . "</td>" . "<td class=\"rowfollow\" align=\"center\">" . $copy_row["seeders"] . "</td>" . "<td class=\"rowfollow\" align=\"center\">" . $copy_row["leechers"] . "</td>" . "</tr>\n"; } $s .= "</table>\n"; tr("<a href=\"javascript: klappe_news('othercopy')\"><span class=\"nowrap\"><img class=\"" . ($copies_count > 5 ? "plus" : "minus") . "\" src=\"pic/trans.gif\" alt=\"Show/Hide\" id=\"picothercopy\" title=\"" . $lang_detail['title_show_or_hide'] . "\" /> " . $lang_details['row_other_copies'] . "</span></a>", "<b>" . $copies_count . $lang_details['text_other_copies'] . " </b><br /><div id='kothercopy' style=\"" . ($copies_count > 5 ? "display: none;" : "display: block;") . "\">" . $s . "</div>", 1); } } if ($row["type"] == "multi") { $files_info = "<b>" . $lang_details['text_num_files'] . "</b>" . $row["numfiles"] . $lang_details['text_files'] . "<br />"; $files_info .= "<span id=\"showfl\"><a href=\"javascript: viewfilelist(" . $id . ")\" >" . $lang_details['text_see_full_list'] . "</a></span><span id=\"hidefl\" style=\"display: none;\"><a href=\"javascript: hidefilelist()\">" . $lang_details['text_hide_list'] . "</a></span>"; } function hex_esc($matches) { return sprintf("%02x", ord($matches[0])); } if ($enablenfo_main == 'yes') { tr($lang_details['row_torrent_info'], "<table><tr>" . ($files_info != "" ? "<td class=\"no_border_wide\">" . $files_info . "</td>" : "") . "<td class=\"no_border_wide\"><b>" . $lang_details['row_info_hash'] . ":</b> " . preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"])) . "</td>" . (get_user_class() >= $torrentstructure_class ? "<td class=\"no_border_wide\"><b>" . $lang_details['text_torrent_structure'] . "</b><a href=\"torrent_info.php?id=" . $id . "\">" . $lang_details['text_torrent_info_note'] . "</a></td>" : "") . "</tr></table><span id='filelist'></span>", 1); } tr($lang_details['row_hot_meter'], "<table><tr><td class=\"no_border_wide\"><b>" . $lang_details['text_views'] . "</b>" . $row["views"] . "</td><td class=\"no_border_wide\"><b>" . $lang_details['text_hits'] . "</b>" . $row["hits"] . "</td><td class=\"no_border_wide\"><b>" . $lang_details['text_snatched'] . "</b><a href=\"viewsnatches.php?id=" . $id . "\"><b>" . $row["times_completed"] . $lang_details['text_view_snatches'] . "</td><td class=\"no_border_wide\"><b>" . $lang_details['row_last_seeder'] . "</b>" . gettime($row["last_action"]) . "</td></tr></table>", 1); $bwres = sql_query("SELECT uploadspeed.name AS upname, downloadspeed.name AS downname, isp.name AS ispname FROM users LEFT JOIN uploadspeed ON users.upload = uploadspeed.id LEFT JOIN downloadspeed ON users.download = downloadspeed.id LEFT JOIN isp ON users.isp = isp.id WHERE users.id=" . $row['owner']); $bwrow = mysql_fetch_array($bwres); if ($bwrow['upname'] && $bwrow['downname']) { tr($lang_details['row_uploader_bandwidth'], "<img class=\"speed_down\" src=\"pic/trans.gif\" alt=\"Downstream Rate\" /> " . $bwrow['downname'] . " <img class=\"speed_up\" src=\"pic/trans.gif\" alt=\"Upstream Rate\" /> " . $bwrow['upname'] . " " . $bwrow['ispname'], 1); } /* // Health $seedersTmp = $row['seeders']; $leechersTmp = $row['leechers']; if ($leechersTmp >= 1) // it is possible that there's traffic while have no seeders { $progressPerTorrent = 0; $i = 0;
$s = "w00t"; break; } $sr = floor($sr * 1000) / 1000; $sr = "<font color='" . get_ratio_color($sr) . "'>" . number_format($sr, 3) . "</font> <img src=\"pic/smilies/{$s}.gif\" alt=\"\" />"; if ($torrents['free'] >= 1 || $torrents['freetorrent'] >= 1 || $isfree['yep'] || $free_slot or $double_slot != 0 || $CURUSER['free_switch'] != 0) { $HTMLOUT .= "<tr>\n\t\t<td align='right' class='heading'>Ratio After Download</td>\n\t\t<td class='details-text-ellipsis'><del>{$sr} Your new ratio if you download this torrent.</del> <b><font size='' color='#FF0000'>[FREE]</font></b> (Only upload stats are recorded)</td></tr>"; } else { $HTMLOUT .= "<tr>\n\t\t<td align='right' class='heading'>Ratio After Download</td>\n\t\t<td>{$sr} Your new ratio if you download this torrent.</td></tr>"; } //==End function hex_esc($matches) { return sprintf("%02x", ord($matches[0])); } $HTMLOUT .= tr("{$lang['details_info_hash']}", '<div class="details-text-ellipsis">' . preg_replace_callback('/./s', "hex_esc", hash_pad($torrents["info_hash"])) . '</div>', true); $HTMLOUT .= "</table>\n"; } else { $HTMLOUT .= "<div><div class='container-fluid'><table class='table table-bordered'><tr><td align='right' class='heading'>Download Disabled!!</td><td>Your not allowed to download presently !!</td></tr></table></div></div>"; } $HTMLOUT .= "</div><!-- closnig col-md-8 --> </div><!-- closing row -->"; $HTMLOUT .= "</div><!-- closing tab pane -->"; $HTMLOUT .= "<div class='tab-pane fade' id='tab_b'>"; $HTMLOUT .= "<br><div class='row'>\n<div class='col-md-12'>"; if (!empty($torrents_txt["descr"])) { $HTMLOUT .= "\n\t<table class='table table-bordered'>\n\t<tr><td><b>{$lang['details_description']}</b></td></tr>\n\t<tr>\n\t<td>\n\t" . str_replace(array("\n", " "), array("<br />\n", " "), format_comment($torrents_txt["descr"])) . "<!--</div>--></td></tr></table>"; } $HTMLOUT .= '</div><!-- closing col md 12 --></div><!-- closing row -->'; $HTMLOUT .= "<div class='row'>\n<div class='col-md-12'>"; //== Similar Torrents mod $searchname = substr($torrents['name'], 0, 6);
$id = (int) $_GET["id"]; $confirm_md5 = $_GET["secret"]; if (!$id) { httperr(); } dbconn(); $res = sql_query("SELECT passhash, secret, editsecret, status FROM users WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_assoc($res); if (!$row) { httperr(); } if ($row["status"] != "pending") { header("Refresh: 0; url=ok.php?type=confirmed"); exit; } $confirm_sec = hash_pad($row["secret"]); if ($confirm_md5 != md5($confirm_sec)) { httperr(); } sql_query("UPDATE users SET status='confirmed', editsecret='' WHERE id=" . sqlesc($id) . " AND status='pending'") or sqlerr(__FILE__, __LINE__); if (!mysql_affected_rows()) { httperr(); } if ($securelogin == "yes") { $securelogin_indentity_cookie = true; $passh = md5($row["passhash"] . $_SERVER["REMOTE_ADDR"]); } else { $securelogin_indentity_cookie = false; $passh = md5($row["passhash"]); } logincookie($row["id"], $passh, 1, 0x7fffffff, $securelogin_indentity_cookie);
function userlogin() { global $HTTP_SERVER_VARS, $SITE_ONLINE; unset($GLOBALS["CURUSER"]); $ip = getip(); // $nip = ip2long($ip); // $res = mysql_query("SELECT * FROM bans WHERE first <= $nip AND last >=$nip") or sqlerr(__FILE__, __LINE__); // if (mysql_num_rows($res) > 0) // { // header("HTTP/1.0 403 Forbidden"); // print("<html><body><h1>Ip talan þín hefur verið bönnuð!</h1>Þú getur haft samband við okkur á -> <a href=\"mailto:torrent@torrent.is\">torrent@torrent.is</a>.</body></html>\n"); // die; // } if (!$SITE_ONLINE || empty($_COOKIE["uid"]) || empty($_COOKIE["pass"])) return; $id = 0 + $_COOKIE["uid"]; if (!$id || strlen($_COOKIE["pass"]) != 32) return; $res = mysql_query("SELECT * FROM users WHERE id = $id AND enabled='yes' AND status = 'confirmed'");// or die(mysql_error()); $row = mysql_fetch_array($res); if (!$row) return; if($row['deleted'] == '1') return; $sec = hash_pad($row["secret"]); if ($_COOKIE["pass"] !== $row["passhash"]) return; if (($ip != $row["ip"]) && $row["ip"]) mysql_query("INSERT INTO iplog (ip, userid, access) VALUES (" . sqlesc($row["ip"]) . ", " . $row["id"] . ", '" . $row["last_access"] . "')"); mysql_query("UPDATE users SET last_access='" . get_date_time() . "', ip='$ip' WHERE id=" . $row["id"]);// or die(mysql_error()); $row['ip'] = $ip; $GLOBALS["CURUSER"] = $row; if(!isset($_SESSION['lasttorrent'])) $_SESSION['lasttorrent'] = $row['lasttorrent']; }
$url .= $addthis; $keepget .= $addthis; } $editlink = "a href=\"{$url}\" class=\"sublink\""; // $s = "<b>" . htmlspecialchars($row["name"]) . "</b>"; // if ($owned) // $s .= " $spacer<$editlink>[Edit torrent]</a>"; // tr("Name", $s, 1); $download_href = "download.php/{$id}/" . rawurlencode($row["filename"]); print '<tr><td class="rowhead_big" width="1%">Download</td><td width="99%"><a class="biglink" href="' . $download_href . '">' . htmlspecialchars($row["filename"]) . "</a>" . '<a href="http://www.bitlet.org?torrent=' . "{$BASEURL}/{$download_href}" . '" style="color: #666; font-weight:bold; border: 1px solid #09f; background-color: #fec" >BitLet<span style="color:#09f">.org</span></a>' . "</td></tr>"; // tr("Downloads as", $row["save_as"]); function hex_esc($matches) { return sprintf("%02x", ord($matches[0])); } tr("Info hash", preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"]))); #Morgan: Add version details $version = $row["version"]; if (isset($row["version"]) && $row["version"]) { $ver_res = mysql_query("SELECT id,name FROM torrents WHERE version= {$version} AND id !={$id} ORDER BY added DESC"); $ver_list = ""; while ($ver_row = mysql_fetch_array($ver_res)) { $ver_list .= "<a href=details.php?id=" . $ver_row["id"] . ">" . $ver_row["name"] . "</a><br/>"; } if ($ver_list == "") { $ver_list = "(None Selected)"; } $ver_list .= "<a href=\"rss.php?ver=" . $version . "\" ><img align=center border=0 src=\"pic/rss_small.png\" alt=\"RSS\" /></a>"; tr("Alternative Versions", $ver_list, 1); } else { tr("Alternative Versions", "(None Selected)");
<?php require_once 'include/bittorrent_announce.php'; require_once 'include/benc.php'; dbconn_announce(); // BLOCK ACCESS WITH WEB BROWSERS AND CHEATS! block_browser(); preg_match_all('/info_hash=([^&]*)/i', $_SERVER["QUERY_STRING"], $info_hash_array); $fields = "info_hash, times_completed, seeders, leechers"; if (count($info_hash_array[1]) < 1) { $query = "SELECT {$fields} FROM torrents ORDER BY id"; } else { $query = "SELECT {$fields} FROM torrents WHERE " . hash_where_arr('info_hash', $info_hash_array[1]); } $r = "d" . benc_str("files") . "d"; $res = sql_query($query); if (mysql_num_rows($res) < 1) { err("Torrent not registered with this tracker."); } while ($row = mysql_fetch_assoc($res)) { $r .= "20:" . hash_pad($row["info_hash"]) . "d" . benc_str("complete") . "i" . $row["seeders"] . "e" . benc_str("downloaded") . "i" . $row["times_completed"] . "e" . benc_str("incomplete") . "i" . $row["leechers"] . "e" . "e"; } $r .= "ee"; benc_resp_raw($r);
} if (!empty($_GET['requested']) && !empty($_GET['secret'])) { $confirmname = safeChar($_GET['requested']); $secretsauce = $_GET["secret"]; $added = sqlesc(get_date_time()); if (!$confirmname) { httperr(); } dbconn(); $res23 = mysql_query("SELECT eticket,ip FROM secureiptable WHERE username = "******"ip"]; if (!$row23) { stderr("Ok", "query not matchin"); } $sec = hash_pad($row23["eticket"]); if ($secretsauce != md5($sec)) { stderr("Ok", "eticket not matching"); } mysql_query("INSERT INTO ipsecureip (added, addedby, first, last, ipof, temp) VALUES({$added}, 0, " . sqlesc($userip) . ", " . sqlesc($userip) . ", " . sqlesc($confirmname) . ", 'yes')") or sqlerr(__FILE__, __LINE__); mysql_query("DELETE FROM secureiptable WHERE username="******"Success", "Your IP is good for 12 hours"); } else { // //change next line to your server specs header("HTTP/1.0 404 Not Found"); print "<html><body><h1>Not Found</h1><br>The requested URL /conipadd.php was not found on this server.<hr><address>Apache/2.0.53 (Fedora) Server at www.sitenamehere.com Port 80</address></body></html>\n"; die; }
require_once "include/bittorrent.php"; if (!preg_match(':^/(\\d{1,10})/([\\w]{32})/(.+)$:', $_SERVER["PATH_INFO"], $matches)) { httperr(); } $id = 0 + $matches[1]; $md5 = $matches[2]; $email = urldecode($matches[3]); //print($email); //die(); if (!$id) { httperr(); } dbconn(); $res = sql_query("SELECT editsecret FROM users WHERE id = {$id}"); $row = mysql_fetch_array($res); if (!$row) { httperr(); } $sec = hash_pad($row["editsecret"]); if (preg_match('/^ *$/s', $sec)) { httperr(); } if ($md5 != md5($sec . $email . $sec)) { httperr(); } sql_query("UPDATE users SET editsecret='', email=" . sqlesc($email) . " WHERE id={$id} AND editsecret=" . sqlesc($row["editsecret"])); if (!mysql_affected_rows()) { httperr(); } header("Refresh: 0; url=" . get_protocol_prefix() . "{$BASEURL}/usercp.php?action=security&type=saved");
err('Torrent skra ekki skrad a '.$BASEURL); $torrentid = $torrent['id']; if(!is_numeric($torrentid)) err($torrentid); $fields = 'seeder,peer_id,ip,port,uploaded,downloaded,userid'; $limit = ''; //if ($torrent['numpeers'] > $rsize) $limit = ' ORDER BY RAND() LIMIT '.$rsize; $sql = 'SELECT '.$fields.' FROM peers WHERE torrent='.$torrentid.' AND connectable = \'yes\' '.$limit; $res = mysql_query($sql) or sqlerr(__FILE__,__LINE__); $resp = 'd'.benc_str('interval').'i'.$announce_interval.'e'.benc_str('peers').'l'; unset($self); while ($row = mysql_fetch_assoc($res)) { $row['peer_id'] = hash_pad($row['peer_id']); if ($row['peer_id'] === $peer_id) { $userid = $row['userid']; $self = $row; continue; } $resp .= 'd'. benc_str('ip').benc_str($row['ip']). benc_str('peer id').benc_str($row['peer_id']). benc_str('port').'i'.$row['port'].'e'. 'e'; } $resp .= 'ee';