If you're interested, I've made some changes to the code. Mainly they are clarity improvements in the form of better error checking, and speed improvements by avoiding DB access if the user isn't interested in throttling. So there are two config vars which let the user enable/disable the speed and upload limits.
I also removed a bunch of debug code, and a SQL query which failed every time by default.
Code:
diff -u webseed-0.9a/addseed.php webseed-0.9a.new/addseed.php
--- webseed-0.9a/addseed.php 2003-10-13 12:42:20.000000000 -0600
+++ webseed-0.9a.new/addseed.php 2009-01-05 17:44:57.000000000 -0700
@@ -1,5 +1,4 @@
<?php
-
require_once("config.php");
if ($username == "USERNAME" || $password == "PASSWORD")
@@ -11,7 +10,7 @@
?>
-<HTML><HEAD><TITLE>Tortune device for DeHackEd and TheSHAD0W</TITLE></HEAD>
+<HTML><HEAD><TITLE>Torture device for DeHackEd and TheSHAD0W</TITLE></HEAD>
<BODY>
<H1>Add to Web-seed</H1>
<FORM METHOD="POST" ENCTYPE="multipart/form-data">
@@ -30,8 +29,8 @@
BitTorrent adds an extra directory based on what the torrent file says is
used. This script does not. Oh, and use forward-slashes <TT>/</TT> as a
separator.
-<P>
-</BODY></HTML>
+<P>The current working directory is:<br>
+<tt><?php echo getcwd(); ?></tt>
<?php
error_reporting(E_ALL);
@@ -58,8 +57,10 @@
if (strlen($_FILES["torrent"]["tmp_name"]) > 0)
{
- is_uploaded_file($_FILES["torrent"]["tmp_name"]) or die("File upload error 1\n");
- $fd = fopen($_FILES["torrent"]["tmp_name"], "rb") or die("File upload error 2\n");
+ is_uploaded_file($_FILES["torrent"]["tmp_name"])
+ or die("File upload error 1\n");
+ $fd = fopen($_FILES["torrent"]["tmp_name"], "rb")
+ or die("File upload error 2\n");
$alltorrent = fread($fd, filesize($_FILES["torrent"]["tmp_name"]));
fclose($fd);
}
@@ -69,7 +70,11 @@
$info_hash = sha1(BEncode($info));
- mysql_query("INSERT INTO phpseed_torrents (info_hash, piecelength, numpieces) values (\"$info_hash\", ".$info["piece length"].", ". (strlen($info["pieces"]) / 20) . ")");
+ if (!mysql_query("INSERT INTO phpseed_torrents ".
+ "(info_hash, piecelength, numpieces) values ".
+ "(\"$info_hash\", ".$info["piece length"].", ".
+ (strlen($info["pieces"]) / 20) . ")"))
+ trigger_error("Failed Query ".mysql_error(), E_USER_ERROR);
if (isset($info["files"])) // Multi-file
{
@@ -93,7 +98,6 @@
while (true)
{
$sub = min($info["piece length"]-$piecelen, $filesize);
-// error_log("Sub: $sub");
$piecelen += $sub;
$filesize -= $sub;
@@ -103,38 +107,51 @@
{
$pieceno++;
$piecelen = 0;
-// error_log("Restarted piece length");
}
if ($piecelen > $info["piece length"])
- {
die("Logic error in script. Please report to the author.");
- }
-
-
}
+
+ //Construct file name
$filename = $fsbase;
if (isset($info["files"][$fileno]["path"][1]))
{
- $filename .= $file["path"][0];
+ $filename .= $info["files"][$fileno]["path"][0];
for ($i=1; isset($info["files"][$fileno]["path"][$i]); $i++)
$filename .= "/".$info["files"][$fileno]["path"][$i];
}
else
$filename .= $info["files"][$fileno]["path"][0];
+
+ //Error checking
+ if(!file_exists($filename))
+ echo '<p>Warning: File doesn\'t exist: '.$filename.'</p>';
+
+ if(file_exists($filename) &&
+ filesize($filename) != $info["files"][$fileno]["length"])
+ echo '<p>Warning: File sizes don\'t match: '.$filename.'</p>';
+
+ //Insert file info
$filename = mysql_real_escape_string($filename);
- mysql_query("INSERT INTO phpseed_files (info_hash,filename,startpiece,endpiece, startpieceoffset, fileorder) values (\"$info_hash\", \"$filename\", $startpiece, $pieceno, $startoffset, $fileno)");
+ if (!mysql_query("INSERT INTO phpseed_files ".
+ "(info_hash,filename,startpiece,endpiece, ".
+ "startpieceoffset, fileorder) values ".
+ "(\"$info_hash\", \"$filename\", $startpiece, ".
+ "$pieceno, $startoffset, $fileno)"))
+ trigger_error("Failed Query ".mysql_error(), E_USER_ERROR);
$fileno++;
- }
- // end of nasty work
+ } // end of nasty work
} // end of multi-file section
else
{
- mysql_query("INSERT INTO phpseed_files (info_hash,filename,startpiece,endpiece, startpieceoffset, fileorder) values (\"$info_hash\", \"".mysql_real_escape_string($fsbase)."\", 0, ". (strlen($array["info"]["pieces"])/20 - 1).", 0, 0)");
+ if (!mysql_query("INSERT INTO phpseed_files ".
+ "(info_hash,filename,startpiece,endpiece, ".
+ "startpieceoffset, fileorder) values ".
+ "(\"$info_hash\", \"".mysql_real_escape_string($fsbase).
+ "\", 0, ". (strlen($array["info"]["pieces"])/20 - 1).", 0, 0)"))
+ trigger_error("Failed Query ".mysql_error(), E_USER_ERROR);
}
-
-
} // end of "WORK ON POST" section
-
-
-?>
\ No newline at end of file
+?>
+</BODY></HTML>
\ No newline at end of file
diff -u webseed-0.9a/config.php webseed-0.9a.new/config.php
--- webseed-0.9a/config.php 2003-10-13 10:27:02.000000000 -0600
+++ webseed-0.9a.new/config.php 2009-01-19 00:19:47.000000000 -0700
@@ -4,23 +4,27 @@
// Max upload rate is in bytes, not kilobytes,
// so 50kb/sec is 50000
+$GLOBALS["enable_speedlimit"] = true;
$GLOBALS["max_upload_rate"] = 15000 ;
+
+$GLOBALS["enable_uploadlimit"] = true;
$GLOBALS["max_uploads"] = 2 ;
diff -u webseed-0.9a/seed.php webseed-0.9a.new/seed.php
--- webseed-0.9a/seed.php 2003-09-05 14:55:00.000000000 -0600
+++ webseed-0.9a.new/seed.php 2009-01-19 13:57:28.000000000 -0700
@@ -1,5 +1,4 @@
<?php
-
/* I would like to take this opportunity to say that TheSHAD0W is a sick,
twisted and evil person for doing this. Normally I would approve of that,
but since I'm writing this code, I would like to make my point known.
@@ -8,7 +7,6 @@
*/
header("Content-Type: text/plain");
-//error_log("One");
if (!isset($_GET["info_hash"]) || !isset($_GET["piece"]))
reject("400 Bad Request");
@@ -17,35 +15,34 @@
else
$info_hash=$_GET["info_hash"];
-$piece = $_GET["piece"];
-//error_log("Two");
+$piece = (int) $_GET["piece"];
if (!is_numeric($piece) || strlen($info_hash) != 20)
reject("400 Bad Request");
$info_hash = bin2hex($info_hash);
-//error_log("Info hash=$info_hash, piece numnber=$piece");
-
require_once("config.php");
function Lock($hash, $time = 0)
{
- $results = mysql_query("SELECT GET_LOCK('$hash', $time)");
- $string = mysql_fetch_row($results);
- if (strcmp($string[0], "1") == 0)
- {
-// error_log("Got lock $hash");
- return true;
+ $results = mysql_query("SELECT GET_LOCK('$hash', $time)");
+ if (!$results)
+ {
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
}
-// error_log("Failed to lock $hash");
- return false;
-
+ $string = mysql_fetch_row($results);
+ return (strcmp($string[0], "1") == 0);
}
function Unlock($hash)
{
- mysql_query("SELECT RELEASE_LOCK('$hash')");
+ if (!mysql_query("SELECT RELEASE_LOCK('$hash')"))
+ {
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
+ }
}
function reject($error = "503 Service Temporarily Unavailable", $message="")
@@ -58,58 +55,77 @@
mysql_connect($dbhost, $dbuser, $dbpass) or die;
mysql_select_db($database) or die;
-if (!Lock("WebSeedLock", 2))
- reject();
-
-$result = mysql_query("SELECT (UNIX_TIMESTAMP() - started) FROM phpseed_speedlimit");
-$row = mysql_fetch_row($result);
-
-// If nothing has happened for a little while, do NOT
-// let that average enable massive bursts.
-if ($row[0] > 180)
- mysql_query("UPDATE phpseed_speedlimit SET started=UNIX_TIMESTAMP()-1, total_uploaded=total_uploaded+uploaded, uploaded=0");
+if($GLOBALS["enable_speedlimit"])
+ checkspeed();
-$result = mysql_query("SELECT uploaded / (UNIX_TIMESTAMP() - started) FROM phpseed_speedlimit");
-$row = mysql_fetch_row($result);
-
-if ((float)($row[0]) > $GLOBALS["max_upload_rate"])
+function checkspeed()
{
- $result = mysql_query("SELECT (uploaded/".$GLOBALS["max_upload_rate"]. "+started) - UNIX_TIMESTAMP() FROM phpseed_speedlimit");
+ if (!Lock("WebSeedLock", 2))
+ reject();
+
+ $result = mysql_query("SELECT (UNIX_TIMESTAMP() - started) FROM phpseed_speedlimit");
+ if (!$result)
+ {
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
+ }
$row = mysql_fetch_row($result);
- reject("503 Service Temporarily Unavailable", (int)$row[0] + mt_rand(1,30));
+
+ // If nothing has happened for a little while, do NOT
+ // let that average enable massive bursts.
+ if ($row[0] > 180)
+ mysql_query("UPDATE phpseed_speedlimit SET started=UNIX_TIMESTAMP()-1, total_uploaded=total_uploaded+uploaded, uploaded=0");
+
+ $result = mysql_query("SELECT uploaded / (UNIX_TIMESTAMP() - started) FROM phpseed_speedlimit");
+ if (!$result)
+ {
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
+ }
+ $row = mysql_fetch_row($result);
+
+ if ((float)($row[0]) > $GLOBALS["max_upload_rate"])
+ {
+ $result = mysql_query("SELECT (uploaded/".
+ $GLOBALS["max_upload_rate"]. "+started) - ".
+ "UNIX_TIMESTAMP() FROM phpseed_speedlimit");
+ if (!$result)
+ {
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
+ }
+ $row = mysql_fetch_row($result);
+ reject("503 Service Temporarily Unavailable", (int)$row[0] + mt_rand(1,30));
+ }
+
+ Unlock("WebSeedLock");
}
-$result = mysql_query("SELECT seeds FROM summary WHERE info_hash=$info_hash");
-if ($result)
+if($GLOBALS["enable_uploadlimit"])
{
-// error_log("Doing PHPBT check");
- $row = mysql_fetch_assoc($result);
- if ($row["seeds"] > 10)
+ // Max uploads check
+ for ($lockno=0; $lockno < $GLOBALS["max_uploads"]; $lockno++)
+ if (Lock("WebSeed--$lockno", 0))
+ break;
+
+ if ($lockno == $GLOBALS["max_uploads"])
reject();
}
-Unlock("WebSeedLock");
-
-// Max uploads check
-for ($lockno=0; $lockno < $GLOBALS["max_uploads"]; $lockno++)
- if (Lock("WebSeed--$lockno", 0))
- break;
-// error_log("Lockno=$lockno");
-if ($lockno == $GLOBALS["max_uploads"])
- reject();
-
// Get to work!
-$result = mysql_query("SELECT * FROM phpseed_torrents WHERE info_hash=\"$info_hash\"");
+$result = mysql_query('SELECT * FROM phpseed_torrents '.
+ 'WHERE info_hash="'.mysql_escape_string($info_hash).'"');
if (!$result)
+{
+ trigger_error("Failed Query");
reject("500 Internal Server Error");
+}
$config = mysql_fetch_assoc($result);
if (!$config)
reject("403 Forbidden");
-$result = mysql_query("SELECT * FROM phpseed_files WHERE info_hash=\"$info_hash\" ORDER BY fileorder");
-//print_r($config);
if ($config["numpieces"] < $piece || $piece < 0)
reject("400 Bad Request");
@@ -117,13 +133,18 @@
// Data to return, and accounting.
$xmit = "";
$xmitbytes = 0;
+$result = mysql_query('SELECT * FROM phpseed_files '.
+ 'WHERE info_hash="'.mysql_escape_string($info_hash).'" AND '.
+ $piece.' >= startpiece AND '.$piece.' <= endpiece '.
+ 'ORDER BY fileorder');
+if (!$result)
+{
+ trigger_error("Failed Query");
+ reject("500 Internal Server Error");
+}
while ($row = mysql_fetch_assoc($result))
{
- if (!($piece >= $row["startpiece"] && $piece <= $row["endpiece"]))
- continue;
-
-// $offset = $row["startpieceoffset"] + $config["piecelength"] * ($piece - $row["startpiece"]);
$offset = ($row["startpiece"] == $piece) ? 0 : (($piece - $row["startpiece"])*$config["piecelength"] - $row["startpieceoffset"]);
$fd = fopen($row["filename"], "rb") or reject("500 Internal Server Error");
if (fseek($fd, $offset) != 0)
@@ -140,10 +161,6 @@
// Header is most likely already: 200 Ok
-//mysql_query("UPDATE phpseed_speedlimit SET uploaded=uploaded+$xmitbytes");
-
-//error_log("Send length: $xmitbytes == ".strlen($xmit));
-
if (isset($_GET["ranges"]))
{
$myxmit = "";
@@ -151,9 +168,9 @@
foreach ($ranges as $blocks)
{
$startstop = explode("-", $blocks);
- if (!is_numeric($startstop[0]) || !is_numeric($startstop[1]))
- reject("400 Bad Request");
- if (isset($startstop[2]))
+ if (!is_numeric($startstop[0]) ||
+ !is_numeric($startstop[1]) ||
+ isset($startstop[2]))
reject("400 Bad Request");
$start = $startstop[0];
$stop = $startstop[1];
@@ -162,17 +179,19 @@
$myxmit .= substr($xmit, $start, $stop-$start+1);
}
header("Content-Length: ".strlen($myxmit));
- mysql_query("UPDATE phpseed_speedlimit SET uploaded=uploaded+".strlen($myxmit));
+ if($GLOBALS["enable_speedlimit"])
+ mysql_query("UPDATE phpseed_speedlimit SET uploaded=uploaded+".strlen($myxmit));
echo $myxmit;
}
else
{
- mysql_query("UPDATE phpseed_speedlimit SET uploaded=uploaded+$xmitbytes");
+ if($GLOBALS["enable_speedlimit"])
+ mysql_query("UPDATE phpseed_speedlimit SET uploaded=uploaded+$xmitbytes");
header("Content-Length: $xmitbytes");
echo $xmit;
}
-Unlock("WebSeed--$lockno");
+if($GLOBALS["enable_uploadlimit"])
+ Unlock("WebSeed--$lockno");
exit;
-
?>
\ No newline at end of file