i have a script named remauth.php
it connects to phpbb database and use some information of users.
its code:
<?php
// standard phpBB setup
if ($_SERVER['REMOTE_ADDR'] == "127.0.0.1" || $_SERVER['REMOTE_ADDR'] == "94.23.147.71" || $_SERVER['REMOTE_ADDR'] == "188.226.149.35")
{
unset($_SERVER['REMOTE_ADDR']);
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
}
if ($_SERVER['HTTP_X_FORWARDED_FOR'] == "127.0.0.1" || $_SERVER['HTTP_X_FORWARDED_FOR'] == "94.23.147.71" || $_SERVER['HTTP_X_FORWARDED_FOR'] == "188.226.149.35")
{
unset($_SERVER['HTTP_X_FORWARDED_FOR']);
}
function get_ip_address()
{
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key)
{
if (array_key_exists($key, $_SERVER) === true)
{
foreach (explode(',', $_SERVER[$key]) as $ip)
{
if ($_SERVER[$key] == "127.0.0.1" || $_SERVER[$key] == "94.23.147.71" || $_SERVER[$key] == "188.226.149.35")
{
unset($_SERVER[$key]);
}
if (valid_ip($ip) !== false)
{
return $ip;
}
}
}
}
}
get_ip_address();
$acm_type = "memcache";
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
define('IN_PHPBB', true);
define('IN_CHECK_BAN', 1);
define('IN_LOGIN', 1);
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
//include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
if (!function_exists('group_memberships'))
{
include_once($phpbb_root_path . 'includes/functions_user.'.$phpEx);
}
function valid_ip($ip)
{
return (!preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $ip)) ? FALSE : TRUE;
}
$user->session_begin();
$auth->acl($user->data);
$canPlay = false;
function isGroup($userid)
{
$groups = group_memberships(false, $userid);
$return = false;
foreach ($groups as $grouprec)
{
if ($grouprec['group_id'] == 2 || $grouprec['group_id'] == 3 || $grouprec['group_id'] == 4 || $grouprec['group_id'] == 5 || $grouprec['group_id'] == 8 || $grouprec['group_id'] == 9 || $grouprec['group_id'] == 10)
{
$return = true;
}
}
return $return;
}
function get_profile_fields($user_id)
{
global $db;
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_DATA_TABLE . '
WHERE ' . $db->sql_in_set('user_id', array_map('intval', $user_id));
$result = $db->sql_query($sql);
$field_data = array();
while ($row = $db->sql_fetchrow($result))
{
$field_data[$row['user_id']] = $row;
}
$db->sql_freeresult($result);
$user_fields = array();
$fields = array('can_has_servers', 'can_play', 'can_play_expire', 'can_play_reason');
foreach ($fields as $used_ident)
{
foreach ($field_data as $user_id => $row)
{
$user_fields[$user_id][$used_ident]['value'] = $row['pf_' . $used_ident];
}
}
return $user_fields;
}
function check_ban($user_id = false, $user_ips = false, $user_email = false, $return = false)
{
global $config, $db;
$banned = false;
$cache_ttl = 3600;
$where_sql = array();
$sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end
FROM ' . BANLIST_TABLE . '
WHERE ';
// determine which entries to check, only return those
if ($user_email === false)
{
$where_sql[] = "ban_email = ''";
}
if ($user_ips === false)
{
$where_sql[] = "(ban_ip = '' OR ban_exclude = 1)";
}
if ($user_id === false)
{
$where_sql[] = '(ban_userid = 0 OR ban_exclude = 1)';
}
else
{
$cache_ttl = ($user_id == ANONYMOUS) ? 3600 : 0;
$_sql = '(ban_userid = ' . $user_id;
if ($user_email !== false)
{
$_sql .= " OR ban_email <> ''";
}
if ($user_ips !== false)
{
$_sql .= " OR ban_ip <> ''";
}
$_sql .= ')';
$where_sql[] = $_sql;
}
$sql .= (sizeof($where_sql)) ? implode(' AND ', $where_sql) : '';
$result = $db->sql_query($sql, $cache_ttl);
$ban_triggered_by = 'user';
while ($row = $db->sql_fetchrow($result))
{
if ($row['ban_end'] && $row['ban_end'] < time())
{
continue;
}
$ip_banned = false;
if (!empty($row['ban_ip']))
{
if (!is_array($user_ips))
{
$ip_banned = preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ips);
}
else
{
foreach ($user_ips as $user_ip)
{
if (preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ip))
{
$ip_banned = true;
break;
}
}
}
}
if ((!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id) ||
$ip_banned ||
(!empty($row['ban_email']) && preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_email'], '#')) . '$#i', $user_email)))
{
if (!empty($row['ban_exclude']))
{
$banned = false;
break;
}
else
{
$banned = true;
$ban_row = $row;
if (!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id)
{
$ban_triggered_by = 'user';
}
else if ($ip_banned)
{
$ban_triggered_by = 'ip';
}
else
{
$ban_triggered_by = 'email';
}
// don't break. Check if there is an exclude rule for this user
}
}
}
$db->sql_freeresult($result);
if ($banned && !$return)
{
global $template;
// if the session is empty we need to create a valid one...
if (empty($this->session_id))
{
// this seems to be no longer needed? - #14971
//$this->session_create(ANONYMOUS);
}
// initiate environment ... since it won't be set at this stage
$this->setup();
// logout the user, banned users are unable to use the normal 'logout' link
if ($this->data['user_id'] != ANONYMOUS)
{
$this->session_kill();
}
// we show a login box here to allow founders accessing the board if banned by IP
if (defined('IN_LOGIN') && $this->data['user_id'] == ANONYMOUS)
{
global $phpEx;
$this->setup('ucp');
$this->data['is_registered'] = $this->data['is_bot'] = false;
// Set as a precaution to allow login_box() handling this case correctly as well as this function not being executed again.
define('IN_CHECK_BAN', 1);
login_box("index.$phpEx");
// The false here is needed, else the user is able to circumvent the ban.
$this->session_kill(false);
}
// ok, we catch the case of an empty session id for the anonymous user...
// this can happen if the user is logging in, banned by username and the login_box() being called "again".
if (empty($this->session_id) && defined('IN_CHECK_BAN'))
{
$this->session_create(ANONYMOUS);
}
// determine which message to output
$till_date = ($ban_row['ban_end']) ? $this->format_date($ban_row['ban_end']) : '';
$message = ($ban_row['ban_end']) ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
$message = sprintf($this->lang[$message], $till_date, '', '');
$message .= ($ban_row['ban_give_reason']) ? '<br /><br />' . sprintf($this->lang['BOARD_BAN_REASON'], $ban_row['ban_give_reason']) : '';
$message .= '<br /><br /><em>' . $this->lang['BAN_TRIGGERED_BY_' . strtoupper($ban_triggered_by)] . '</em>';
// to circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again
$this->session_kill(false);
// a very special case... we are within the cron script which is not supposed to print out the ban message... show blank page
if (defined('IN_CRON'))
{
garbage_collection();
exit_handler();
exit;
}
trigger_error($message);
}
return ($banned && $ban_row['ban_give_reason']) ? $ban_row['ban_give_reason'] : $banned;
}
// session stuff will not be needed as this occurs from a non-client session, but we need $user->setup it seems
if (empty($user->lang))
{
$user->setup();
}
$user->add_lang('ucp');
// get variables
/* $data = request_var('data', '', true);
if (!isset($_GET['username']))
{ */
$data = file_get_contents('php://input');
$data = explode('&&', $data);
$username = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $data[0]), ENT_COMPAT, 'UTF-8'));
$password = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $data[1]), ENT_COMPAT, 'UTF-8'));
/* }
else
{
$username = $_GET['username'];
$password = $_GET['password'];
} */
// perform login from $auth. we don't want autologon, viewonline nor admin access for the session
$result = $auth->login($username, $password, false, false, false);
if ($result['status'] == LOGIN_SUCCESS)
{
$userID = $user->data['user_id'];
$user_id = array($userID);
$canhave = get_profile_fields($user_id);
if ($canhave[$userID]['can_play_expire']['value'] <= time())
{
$canhave[$userID]['can_play']['value'] = 1;
}
if ($canhave[$userID]['can_play']['value'] == 1 || $canhave[$userID]['can_play']['value'] == 0 || $canhave[$userID]['can_play']['value'] == "")
{
$canPlay = true;
if (true || isGroup($user->data['user_id']))
{
$canPlay = true;
$keysql = "UPDATE phpbb_sessions SET session_onlineplay = 1, session_realip = '".htmlspecialchars(get_ip_address(), ENT_QUOTES)."' WHERE session_id = '".$user->session_id."';";
$keyresult = $db->sql_query($keysql);
$db->sql_freeresult($keyresult);
}
else
{
$result['status'] = 'nope';
$result['error_msg'] = 'triobit is currently down for maintenance.';
}
}
else
{
$result['status'] = 'nope';
//$result['error_msg'] = 'User is not allowed to play';
$result['error_msg'] = 'Online playing privileges revoked';
if ($canhave[$userID]['can_play_reason']['value'])
{
$result['error_msg'] .= ' - ' . str_replace('#', '#', $canhave[$userID]['can_play_reason']['value']);
}
if ($canhave[$userID]['can_play_expire']['value'])
{
$result['error_msg'] .= ' (will expire in ' . duration($canhave[$userID]['can_play_expire']['value'] - time()) . ')';
}
}
$banReason = check_ban($userID, '', '', 1);
if ($banReason != "")
{
$result['status'] = 'nope';
$result['error_msg'] = 'User is banned';
$canPlay = false;
}
}
// start buffering (to allow kill)
ob_start();
// output the results
echo (($result['status'] == LOGIN_SUCCESS) ? 'ok' : 'fail') . '#';
echo (($result['error_msg']) ? ((isset($user->lang[$result['error_msg']])) ? $user->lang[$result['error_msg']] : $result['error_msg']) : 'Success.') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['user_id'] : '1') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['username'] : 'Anonymous') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['user_email'] : 'anonymous#example.com') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->session_id : '0') . '#';
//Deleted, used for login verify now
// kill the session
if (!$canPlay)
{
$user->session_kill(false);
}
// and flush the contents
ob_end_flush();
exit;
function format_duration($seconds) {
$periods = array(
'centuries' => 3155692600,
'decades' => 315569260,
'years' => 31556926,
'months' => 2629743,
'weeks' => 604800,
'days' => 86400,
'hours' => 3600,
'minutes' => 60,
'seconds' => 1
);
$durations = array();
foreach ($periods as $period => $seconds_in_period) {
if ($seconds >= $seconds_in_period) {
$durations[$period] = floor($seconds / $seconds_in_period);
$seconds -= $durations[$period] * $seconds_in_period;
}
}
return $durations;
}
function duration($seconds) {
$data = format_duration($seconds);
$data2 = array();
foreach ($data as $unit => $amount)
{
$data2[] = $amount . ' ' . $unit;
}
return implode(', ', $data2);
}
?>
and its error
Notice: Undefined index: HTTP_X_FORWARDED_FOR in C:\xnp\htdocs\remauth.php on line 9
Notice: Undefined index: HTTP_X_FORWARDED_FOR in C:\xnp\htdocs\remauth.php on line 9
Notice: Undefined index: HTTP_X_FORWARDED_FOR in C:\xnp\htdocs\remauth.php on line 9
help me please.
Use HTTP_HOST instead of HTTP_X_FORWARDED_FOR
if ($_SERVER['HTTP_HOST'] == "127.0.0.1" || $_SERVER['HTTP_HOST'] == "94.23.147.71" || $_SERVER['HTTP_HOST'] == "188.226.149.35")
{
unset($_SERVER['HTTP_HOST']);
}
function get_ip_address()
{
foreach (array('HTTP_CLIENT_IP', 'HTTP_HOST', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key)
{
if (array_key_exists($key, $_SERVER) === true)
{
foreach (explode(',', $_SERVER[$key]) as $ip)
{
if ($_SERVER[$key] == "127.0.0.1" || $_SERVER[$key] == "94.23.147.71" || $_SERVER[$key] == "188.226.149.35")
{
unset($_SERVER[$key]);
}
if (valid_ip($ip) !== false)
{
return $ip;
}
}
}
}
}
get_ip_address();
$acm_type = "memcache";
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
define('IN_PHPBB', true);
define('IN_CHECK_BAN', 1);
define('IN_LOGIN', 1);
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
//include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
if (!function_exists('group_memberships'))
{
include_once($phpbb_root_path . 'includes/functions_user.'.$phpEx);
}
function valid_ip($ip)
{
return (!preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $ip)) ? FALSE : TRUE;
}
$user->session_begin();
$auth->acl($user->data);
$canPlay = false;
function isGroup($userid)
{
$groups = group_memberships(false, $userid);
$return = false;
foreach ($groups as $grouprec)
{
if ($grouprec['group_id'] == 2 || $grouprec['group_id'] == 3 || $grouprec['group_id'] == 4 || $grouprec['group_id'] == 5 || $grouprec['group_id'] == 8 || $grouprec['group_id'] == 9 || $grouprec['group_id'] == 10)
{
$return = true;
}
}
return $return;
}
function get_profile_fields($user_id)
{
global $db;
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_DATA_TABLE . '
WHERE ' . $db->sql_in_set('user_id', array_map('intval', $user_id));
$result = $db->sql_query($sql);
$field_data = array();
while ($row = $db->sql_fetchrow($result))
{
$field_data[$row['user_id']] = $row;
}
$db->sql_freeresult($result);
$user_fields = array();
$fields = array('can_has_servers', 'can_play', 'can_play_expire', 'can_play_reason');
foreach ($fields as $used_ident)
{
foreach ($field_data as $user_id => $row)
{
$user_fields[$user_id][$used_ident]['value'] = $row['pf_' . $used_ident];
}
}
return $user_fields;
}
function check_ban($user_id = false, $user_ips = false, $user_email = false, $return = false)
{
global $config, $db;
$banned = false;
$cache_ttl = 3600;
$where_sql = array();
$sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end
FROM ' . BANLIST_TABLE . '
WHERE ';
// determine which entries to check, only return those
if ($user_email === false)
{
$where_sql[] = "ban_email = ''";
}
if ($user_ips === false)
{
$where_sql[] = "(ban_ip = '' OR ban_exclude = 1)";
}
if ($user_id === false)
{
$where_sql[] = '(ban_userid = 0 OR ban_exclude = 1)';
}
else
{
$cache_ttl = ($user_id == ANONYMOUS) ? 3600 : 0;
$_sql = '(ban_userid = ' . $user_id;
if ($user_email !== false)
{
$_sql .= " OR ban_email <> ''";
}
if ($user_ips !== false)
{
$_sql .= " OR ban_ip <> ''";
}
$_sql .= ')';
$where_sql[] = $_sql;
}
$sql .= (sizeof($where_sql)) ? implode(' AND ', $where_sql) : '';
$result = $db->sql_query($sql, $cache_ttl);
$ban_triggered_by = 'user';
while ($row = $db->sql_fetchrow($result))
{
if ($row['ban_end'] && $row['ban_end'] < time())
{
continue;
}
$ip_banned = false;
if (!empty($row['ban_ip']))
{
if (!is_array($user_ips))
{
$ip_banned = preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ips);
}
else
{
foreach ($user_ips as $user_ip)
{
if (preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ip))
{
$ip_banned = true;
break;
}
}
}
}
if ((!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id) ||
$ip_banned ||
(!empty($row['ban_email']) && preg_match('#^' . str_replace('\*', '.*?', preg_quote($row['ban_email'], '#')) . '$#i', $user_email)))
{
if (!empty($row['ban_exclude']))
{
$banned = false;
break;
}
else
{
$banned = true;
$ban_row = $row;
if (!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id)
{
$ban_triggered_by = 'user';
}
else if ($ip_banned)
{
$ban_triggered_by = 'ip';
}
else
{
$ban_triggered_by = 'email';
}
// don't break. Check if there is an exclude rule for this user
}
}
}
$db->sql_freeresult($result);
if ($banned && !$return)
{
global $template;
// if the session is empty we need to create a valid one...
if (empty($this->session_id))
{
// this seems to be no longer needed? - #14971
//$this->session_create(ANONYMOUS);
}
// initiate environment ... since it won't be set at this stage
$this->setup();
// logout the user, banned users are unable to use the normal 'logout' link
if ($this->data['user_id'] != ANONYMOUS)
{
$this->session_kill();
}
// we show a login box here to allow founders accessing the board if banned by IP
if (defined('IN_LOGIN') && $this->data['user_id'] == ANONYMOUS)
{
global $phpEx;
$this->setup('ucp');
$this->data['is_registered'] = $this->data['is_bot'] = false;
// Set as a precaution to allow login_box() handling this case correctly as well as this function not being executed again.
define('IN_CHECK_BAN', 1);
login_box("index.$phpEx");
// The false here is needed, else the user is able to circumvent the ban.
$this->session_kill(false);
}
// ok, we catch the case of an empty session id for the anonymous user...
// this can happen if the user is logging in, banned by username and the login_box() being called "again".
if (empty($this->session_id) && defined('IN_CHECK_BAN'))
{
$this->session_create(ANONYMOUS);
}
// determine which message to output
$till_date = ($ban_row['ban_end']) ? $this->format_date($ban_row['ban_end']) : '';
$message = ($ban_row['ban_end']) ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
$message = sprintf($this->lang[$message], $till_date, '', '');
$message .= ($ban_row['ban_give_reason']) ? '<br /><br />' . sprintf($this->lang['BOARD_BAN_REASON'], $ban_row['ban_give_reason']) : '';
$message .= '<br /><br /><em>' . $this->lang['BAN_TRIGGERED_BY_' . strtoupper($ban_triggered_by)] . '</em>';
// to circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again
$this->session_kill(false);
// a very special case... we are within the cron script which is not supposed to print out the ban message... show blank page
if (defined('IN_CRON'))
{
garbage_collection();
exit_handler();
exit;
}
trigger_error($message);
}
return ($banned && $ban_row['ban_give_reason']) ? $ban_row['ban_give_reason'] : $banned;
}
// session stuff will not be needed as this occurs from a non-client session, but we need $user->setup it seems
if (empty($user->lang))
{
$user->setup();
}
$user->add_lang('ucp');
// get variables
/* $data = request_var('data', '', true);
if (!isset($_GET['username']))
{ */
$data = file_get_contents('php://input');
$data = explode('&&', $data);
$username = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $data[0]), ENT_COMPAT, 'UTF-8'));
$password = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $data[1]), ENT_COMPAT, 'UTF-8'));
/* }
else
{
$username = $_GET['username'];
$password = $_GET['password'];
} */
// perform login from $auth. we don't want autologon, viewonline nor admin access for the session
$result = $auth->login($username, $password, false, false, false);
if ($result['status'] == LOGIN_SUCCESS)
{
$userID = $user->data['user_id'];
$user_id = array($userID);
$canhave = get_profile_fields($user_id);
if ($canhave[$userID]['can_play_expire']['value'] <= time())
{
$canhave[$userID]['can_play']['value'] = 1;
}
if ($canhave[$userID]['can_play']['value'] == 1 || $canhave[$userID]['can_play']['value'] == 0 || $canhave[$userID]['can_play']['value'] == "")
{
$canPlay = true;
if (true || isGroup($user->data['user_id']))
{
$canPlay = true;
$keysql = "UPDATE phpbb_sessions SET session_onlineplay = 1, session_realip = '".htmlspecialchars(get_ip_address(), ENT_QUOTES)."' WHERE session_id = '".$user->session_id."';";
$keyresult = $db->sql_query($keysql);
$db->sql_freeresult($keyresult);
}
else
{
$result['status'] = 'nope';
$result['error_msg'] = 'triobit is currently down for maintenance.';
}
}
else
{
$result['status'] = 'nope';
//$result['error_msg'] = 'User is not allowed to play';
$result['error_msg'] = 'Online playing privileges revoked';
if ($canhave[$userID]['can_play_reason']['value'])
{
$result['error_msg'] .= ' - ' . str_replace('#', '#', $canhave[$userID]['can_play_reason']['value']);
}
if ($canhave[$userID]['can_play_expire']['value'])
{
$result['error_msg'] .= ' (will expire in ' . duration($canhave[$userID]['can_play_expire']['value'] - time()) . ')';
}
}
$banReason = check_ban($userID, '', '', 1);
if ($banReason != "")
{
$result['status'] = 'nope';
$result['error_msg'] = 'User is banned';
$canPlay = false;
}
}
// start buffering (to allow kill)
ob_start();
// output the results
echo (($result['status'] == LOGIN_SUCCESS) ? 'ok' : 'fail') . '#';
echo (($result['error_msg']) ? ((isset($user->lang[$result['error_msg']])) ? $user->lang[$result['error_msg']] : $result['error_msg']) : 'Success.') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['user_id'] : '1') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['username'] : 'Anonymous') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->data['user_email'] : 'anonymous#example.com') . '#';
echo (($result['status'] == LOGIN_SUCCESS) ? $user->session_id : '0') . '#';
//Deleted, used for login verify now
// kill the session
if (!$canPlay)
{
$user->session_kill(false);
}
// and flush the contents
ob_end_flush();
exit;
function format_duration($seconds) {
$periods = array(
'centuries' => 3155692600,
'decades' => 315569260,
'years' => 31556926,
'months' => 2629743,
'weeks' => 604800,
'days' => 86400,
'hours' => 3600,
'minutes' => 60,
'seconds' => 1
);
$durations = array();
foreach ($periods as $period => $seconds_in_period) {
if ($seconds >= $seconds_in_period) {
$durations[$period] = floor($seconds / $seconds_in_period);
$seconds -= $durations[$period] * $seconds_in_period;
}
}
return $durations;
}
function duration($seconds) {
$data = format_duration($seconds);
$data2 = array();
foreach ($data as $unit => $amount)
{
$data2[] = $amount . ' ' . $unit;
}
return implode(', ', $data2);
}
Related
<?php
function import_sales_request(){
$hostname = '****';
$username = '****';
$password = '*****';
global $base_url;
$inbox = imap_open($hostname, $username, $password) or die('Cannot connect to Gmail: ' . imap_last_error());
$emails = imap_search($inbox, 'UNSEEN', SE_UID);
$emailDates = array();
if ($emails) {
//$count = 1;
rsort($emails);
foreach ($emails as $email_number) {
$overview = imap_fetch_overview($inbox, $email_number, FT_UID);
$message = imap_fetchbody($inbox, $email_number, 2, FT_UID);
$structure = imap_fetchstructure($inbox, $email_number, FT_UID);
$emailDates[$email_number] = $overview[0]->date;
$message_header = imap_fetchheader($inbox, $email_number, 1);
$message_body = imap_fetchbody($inbox, $email_number, "1.1", FT_UID);
//file_put_contents(drupal_get_path('module', 'pricecal') . "/mail/" . $email_number . ".htm", nl2br($message_header) . $message_body);
$attachments = array();
if (isset($structure->parts) && count($structure->parts)) {
for ($i = 0; $i < count($structure->parts); $i++) {
$attachments[$i] = array('is_attachment' => false, 'filename' => '', 'name' => '', 'attachment' => '');
if ($structure->parts[$i]->ifdparameters) {
foreach ($structure->parts[$i]->dparameters as $object) {
if (strtolower($object->attribute) == 'filename') {
$attachments[$i]['is_attachment'] = true;
$attachments[$i]['filename'] = $object->value;
}
}
}
if ($structure->parts[$i]->ifparameters) {
foreach ($structure->parts[$i]->parameters as $object) {
if (strtolower($object->attribute) == 'name') {
$attachments[$i]['is_attachment'] = true;
$attachments[$i]['name'] = $object->value;
}
}
}
if ($attachments[$i]['is_attachment']) {
$attachments[$i]['attachment'] = imap_fetchbody($inbox, $email_number, $i + 1, FT_UID);
if ($structure->parts[$i]->encoding == 3) {
$attachments[$i]['attachment'] = base64_decode($attachments[$i]['attachment']);
} elseif ($structure->parts[$i]->encoding == 4) {
$attachments[$i]['attachment'] = quoted_printable_decode($attachments[$i]['attachment']);
}
}
}
}
foreach ($attachments as $attachment) {
if ($attachment['is_attachment'] == 1) {
$filename = $attachment['name'];
$fileinfo = pathinfo($filename);
if (in_array($fileinfo['extension'], array('csv', 'xls', 'xlsx'))) {
if (empty($filename))
$filename = $attachment['filename'];
if (empty($filename))
$filename = time() . ".dat";
$fp = fopen(drupal_get_path('module', 'pricecal') . "/mail/".$email_number."-".clean($overview[0]->from). "-" . clean($filename), "w+");
fwrite($fp, $attachment['attachment']);
fclose($fp);
}
}
}
//if($count++ >= $max_emails) break;
imap_setflag_full($inbox, $email_number, "\\Seen \\Flagged", ST_UID);
}
}
imap_close($inbox);
import_sales_request_into_database($emailDates);
return true;
}
/*
* Insert new and revised request into database
*/
function import_sales_request_into_database($emailDates = '', $flag = false) {
global $user;
global $base_url;
include_once(drupal_get_path('module', 'pricecal') . '/excel/Classes/PHPExcel/IOFactory.php');
$filelist = file_scan_directory(drupal_get_path('module', 'pricecal') . '/mail', '/^.*\.(csv|CSV|xls|XLS|xlsx|XLSX)$/');
if (!empty($filelist)) {
foreach ($filelist as $list) {
$objPHPExcel = PHPExcel_IOFactory::load($list->uri);
$sheetData = $objPHPExcel->getActiveSheet()->toArray(null, true, true, true);
$resultArray = array();
$part_no = array();
$start_part_no = 0;
$temp = 0;
$ctoarray = array();
$transaction = db_transaction(); //start database transaction
try {
/*
* Prepare array structure to insert as a new or revised request
* $flag = true - it is not importing, it is from home page browse button
*/
$resultArray['requester_name'] = empty($sheetData[1]['B']) ? '' : $sheetData[1]['B'];
$resultArray['requester_email'] = empty($sheetData[2]['B']) ? '' : $sheetData[2]['B'];
$resultArray['request_number'] = empty($sheetData[3]['B']) ? '' : $sheetData[3]['B'];
$resultArray['customer_name'] = empty($sheetData[4]['B']) ? '' : $sheetData[4]['B'];
$resultArray['segment'] = empty($sheetData[5]['B']) ? '' : $sheetData[5]['B'];
$resultArray['dmu_cmr'] = empty($sheetData[6]['B']) ? '' : $sheetData[6]['B'];
$resultArray['cyborg_no'] = empty($sheetData[7]['B']) ? '' : $sheetData[7]['B'];
$resultArray['duty_type'] = empty($sheetData[8]['B']) ? '' : $sheetData[8]['B'];
$resultArray['country_code'] = empty($sheetData[9]['B']) ? '' : $sheetData[9]['B'];
$resultArray['billing_type'] = empty($sheetData[10]['B']) ? '' : $sheetData[10]['B'];
$resultArray['tier_1_partner'] = empty($sheetData[11]['B']) ? '' : $sheetData[11]['B'];
$resultArray['tier_2_partner'] = empty($sheetData[12]['B']) ? '' : $sheetData[12]['B'];
$resultArray['requested_tp'] = empty($sheetData[13]['B']) ? '' : (float)str_replace(',', '', $sheetData[13]['B']);
$resultArray['deal_justification'] = empty($sheetData[14]['B']) ? '' : $sheetData[14]['B'];
$cto_counter = 0 ;
$ctocounterarray = array();
if (!empty($sheetData)) {
foreach ($sheetData as $key => $value) {
if (!empty($resultArray)) {
if ($value['B'] == 'Part Number*') {
$start_part_no = $key;
}
if ($start_part_no != 0 && $key > $start_part_no && $value['B'] != '') {
if (($value['A'] == 'CTO' || $value['A'] == 'Regular') && $temp == 0) {
if($value['A'] == 'CTO'){
$part_no[] = array($value['B'] => array($value['C'], 'primary-cto'));
$cto_counter++;
$ctocounterarray[] = $value['B'];
}else{
$part_no[] = array($value['B'] => array($value['C'], 'primary'));
}
}
if ($value['A'] == 'Bundle-Base' && trim($value['B']) != "" && !empty($value['B'])) {
$temp = 1;
$new_part_number = $value['B'];
}
if ($temp) {
if($value['A'] == "Bundle-Remove"){
$value['C'] = -1 * abs($value['C']);
}
$part_no[] = array($value['B'] => array($value['C'], $value['A']));
$ctoarray[$new_part_number][] = array($value['B'] => array($value['C'], $value['A']));
}
if ($value['A'] == 'CTO' && $temp == 1 && in_array($value['B'], $ctocounterarray)) {
$temp = 0;
$cto_counter--;
}
}
$resultArray['part_no'] = $part_no;
}
}
}
$continue_flag = true;
if($cto_counter !== 0){
$transaction->rollback();
drupal_set_message(t($list->filename . ' import failed' . PHP_EOL), 'error');
import_sales_request_logfile($list->filename, 0,$resultArray['requester_email'],$resultArray['requester_name']);
$continue_flag = false;
$mail_id = ($flag) ? 0 : strstr($list->filename, '-', true); //split email id
}
$newRequest = '';
$quotationSummary = '';
$quotationLineItems = array();
$mail_id = ($flag) ? 0 : strstr($list->filename, '-', true); //split email id
$date = date("Y-m-d H:i:s"); //insert current date time in database
$email_date = (isset($emailDates) && isset($emailDates[$mail_id]) && array_key_exists($mail_id, $emailDates)) ? date("Y-m-d H:i:s", strtotime($emailDates[$mail_id])) : $date;
if (!$flag) {
$result = db_select('quotation_request', 'qr')->fields('qr', array('email_number'))->condition('email_number', $mail_id, '=')->execute()->fetchAssoc();
if (!empty($result)) {
drupal_set_message(t($list->filename . ' already imported.' . PHP_EOL), 'warning');
//import_sales_request_logfile($list->filename, 2);
$continue_flag = false;
}
}
$request_type = 'new';
if ($continue_flag && !empty($resultArray)) {
$request_number = '';
if (empty($resultArray['request_number'])) {
$request_number = import_sales_request_number(); //if the request is new
} else {
$revision = '';
$revise_request_number = array(trim($resultArray['request_number']),trim($resultArray['request_number']).'_R1',trim($resultArray['request_number']).'_R2',trim($resultArray['request_number']).'_R3',trim($resultArray['request_number']).'_R4',trim($resultArray['request_number']).'_R5',trim($resultArray['request_number']).'_R6',trim($resultArray['request_number']).'_R7',trim($resultArray['request_number']).'_R8',trim($resultArray['request_number']).'_R19',trim($resultArray['request_number']).'_R10',trim($resultArray['request_number']).'_R11',trim($resultArray['request_number']).'_R12',trim($resultArray['request_number']).'_R13',trim($resultArray['request_number']).'_R14',trim($resultArray['request_number']).'_R15',trim($resultArray['request_number']).'_R16',trim($resultArray['request_number']).'_R17');
$result = db_select('quotation_request', 'qr')->fields('qr', array('request_number'))->condition('request_number',$revise_request_number , 'IN')->execute();
$revision = $result->rowCount();
if (!empty($revision) && $revision > 0) {
$request_number = $resultArray['request_number'] . '_R' . $revision;
$request_type = 'revise';
} else {
drupal_set_message(t($list->filename . ' has invalid request number.' . PHP_EOL), 'warning');
import_sales_request_logfile($list->filename, 3,$resultArray['requester_email'],$resultArray['requester_name']);
$continue_flag = false;
}
}
/*
* If all OK then it will create a new or revised request in database
*/
if ($continue_flag) {
/*
* $newRequest - will have inserted request number
*/
try {
$newRequest = db_insert('quotation_request')->fields(array('email_number' => $mail_id, 'request_number' => $request_number,'request_type'=>$request_type, 'requester_name' => $resultArray['requester_name'], 'requester_email' => $resultArray['requester_email'], 'customer_name' => $resultArray['customer_name'], 'duty_type' => $resultArray['duty_type'], 'billing_type' => $resultArray['billing_type'], 'segment' => $resultArray['segment'],'request_file' => $list->filename, 'request_date_time' => $email_date, 'dmu_cmr' => $resultArray['dmu_cmr'], 'cyborg_no' => $resultArray['cyborg_no'], 'country_code' => $resultArray['country_code'], 'tier_1_partner' => $resultArray['tier_1_partner'], 'tier_2_partner' => $resultArray['tier_2_partner'], 'requested_tp' => $resultArray['requested_tp'], 'deal_justification' => $resultArray['deal_justification'], 'status' => 'generate quotation', 'created' => $date, 'uid' => $user->uid))->execute();
} catch (PDOException $e) {
drupal_set_message(t('Error: %message', array('%message' => $e->getMessage())), 'error');
}
if (!empty($newRequest)) {
try {
$quotationSummary = db_insert('quotation_summary')->fields(array('quotation_request_id' => $newRequest, 'created' => $date, 'uid' => $user->uid))->execute();
} catch (PDOException $e) {
drupal_set_message(t('Error: %message', array('%message' => $e->getMessage())), 'error');
}
if (!empty($quotationSummary) && !empty($resultArray['part_no'])) {
$base_part_no_id = 0;
foreach ($resultArray['part_no'] as $key => $value) {
$part_no = key($value);
$quantity = (isset($value[$part_no][0])) ? $value[$part_no][0] : 0;
$part_no_behaviour = (isset($value[$part_no][1])) ? $value[$part_no][1] : 'primary';
$query = db_select('cost_tape', 'ct')->fields('ct', array('cost_tape_id'))->fields('ctp', array('bmc_price'))->condition('ct.part_number', $part_no);
$query->leftJoin('cost_tape_price', 'ctp', 'ct.cost_tape_id=ctp.cost_tape_id');
$query->orderBy('ctp.created', 'DESC')->range(0, 1);
$resultArrayAssoc = $query->execute()->fetchAll();
if (count($resultArrayAssoc) > 0) {
foreach ($resultArrayAssoc as $node) {
$cost_tape_id = $node->cost_tape_id;
$bmc_price = $node->bmc_price;
$not_found_part_number = "";
}
} else {
$not_found_part_number = $part_no;
$cost_tape_id = null;
$bmc_price = 0.0;
}
if($part_no_behaviour == 'CTO' || $part_no_behaviour == 'primary-cto'){
$not_found_part_number = $part_no;
$not_found_part_desc = "Server";
$cost_tape_id = null;
}else{
$not_found_part_desc = "";
}
try {
$quotationLineItem = db_insert('quotation_lineitems')->fields(array('quotation_request_id' => $newRequest, 'quotation_summary_id' => $quotationSummary, 'cost_tape_id' => $cost_tape_id, 'not_found_part_no' => $not_found_part_number, 'not_found_desc' => $not_found_part_desc, 'part_behavior' => $part_no_behaviour, 'ref_id' => $base_part_no_id, 'bmc_price' => $bmc_price, 'qty' => $quantity, 'created' => $date, 'uid' => $user->uid))->execute();
$quotationLineItems[] = $quotationLineItem;
if ($part_no_behaviour == 'Bundle-Base' && isset($quotationLineItem)) {
$base_part_no_id = $quotationLineItem;
// $quotationLineItems[] = $quotationLineItem;
$num_updated = db_update('quotation_lineitems') // Table name no longer needs {}
->fields(array('ref_id' => $base_part_no_id))
->condition('quotation_lineitems_id', $base_part_no_id, '=')
->execute();
}
if ($part_no_behaviour == 'CTO' && $base_part_no_id != 0) {
$base_part_no_id = 0;
}
} catch (PDOException $e) {
drupal_set_message(t('Error: %message', array('%message' => $e->getMessage())), 'error');
}
}
}
}
}
}
if ($continue_flag && $newRequest && $quotationSummary && !empty($quotationLineItems)) {
drupal_set_message(t($list->filename . ' imported successfully' . PHP_EOL));
import_sales_request_logfile($list->filename, 1);
$requester_name = $resultArray['requester_name'];
$requester_email_id = $resultArray['requester_email'];
$params = array(
'subject' => "Price quote request has been received successfully. Customer Name :- ".$resultArray['customer_name']. " Request No :- ".$request_number,
'body' => "<p>Hi ".$requester_name.",<br/></p>
<p>Thanks for your email. DCG Pricing team will work on your price quote request and will shortly share the quotation with you.</p>
<p>Your request number is ".$request_number.".</p>
<p>Customer Name : ".$resultArray['customer_name'].".</p>
<p>
<strong>Attachment: </strong><a href='" . $base_url . "/sites/all/modules/pricecal/tmp/" . $list->filename . "'>Click here</a><br/>
</p>
<p>The dcgpricing#lenovo.com mailbox is dedicated to handle only price quote requests. For any other queries, please reach out to respective pricers.</p>
<p>*** This is a system generated email, please do not reply to this email ***</p>
<p>Thanks,<p/><p>DCG Pricing Team</p>",
);
drupal_mail('pricecal', 'success_sales_request', $resultArray['requester_email'], language_default(), $params);
$customer_name = $resultArray['customer_name'];
$params = array(
'subject' => "New price quote request received",
'body' => "<p>Hi Team,<br/></p>
<p>The DCG pricing tool has successfully uploaded a price quote input request and is now available for your working.</p>
<ul>
<li>Request Number : ".$request_number."</li>
<li>Customer name : ".$customer_name."</li>
<li>Requestor name : ".$requester_name."</li>
<li>Requestor email id : ".$requester_email_id."</li>
<li>Deal justification : ".$resultArray['deal_justification']."</li>
</ul>
<p>
<strong>Attachment: </strong><a href='" . $base_url . "/sites/all/modules/pricecal/tmp/" . $list->filename . "'>Click here</a><br/>
</p>
<p>*** This is a system generated email, please do not reply to this email ***</p>
<p>Thanks,<p/><p>DCG Pricing Team</p>",
);
//drupal_mail('pricecal', 'import_success_email', 'chintan.p#blueoceanmi.com', language_default(), $params);
} else if ($continue_flag) {
$transaction->rollback();
//drupal_set_message(t($list->filename . ' import failed' . PHP_EOL), 'error');
import_sales_request_logfile($list->filename, 0, $resultArray['requester_email'],$resultArray['requester_name']);
}
} catch (Exception $e) {
$transaction->rollback();
drupal_set_message(t($list->filename . ' import failed' . PHP_EOL), 'error');
import_sales_request_logfile($list->filename, 0, $resultArray['requester_email'],$resultArray['requester_name']);
}
rename($list->uri, drupal_get_path('module', 'pricecal') . '/tmp/' . $list->filename);
}
} else {
drupal_set_message(t('No email founds.' . PHP_EOL), 'warning'); //if no email found with unread status
}
return true;
}
/*
* Create new request number and check weather request number already exists
*/
function import_sales_request_number($length = 6) {
$selectPartId = db_query("select count(request_number) as request_number from quotation_request")->fetchAssoc();
if(empty($selectPartId['request_number'])){
$token = 101;
}else{
$token = $selectPartId['request_number'] + 101;
}
return $token;
}
function import_sales_request_logfile($filename = '', $update = 0,$requester_emailId = '',$requesterName = '') {
global $base_url;
$log_file_path = drupal_get_path('module', 'pricecal') . '/logs/' . date('Y-M-d') . '.dat';
$msg = ($update) ? $filename . ' imported success' . PHP_EOL : $filename . ' import failed' . PHP_EOL;
if ($update == 0) {
$msg = $filename . ' import failed' . PHP_EOL;
} else if ($update == 1) {
$msg = $filename . ' imported success' . PHP_EOL;
} else if ($update == 2) {
$msg = $filename . ' already imported' . PHP_EOL;
} else if ($update == 3) {
$msg = $filename . ' invalid request number' . PHP_EOL;
}
file_put_contents($log_file_path, date('h:i:sa ') . $msg, FILE_APPEND | LOCK_EX);
if(empty($requesterName)){
$requesterName = "Team";
}
if (in_array($update, array(0, 2, 3))) {
$mail_id = strstr($filename, '-', true);
$params = array(
'subject' => $msg,
'body' => "<p>Hi ".$requesterName.",<br/></p>
<p>The DCG pricing tool has failed to upload a price quote input request(attached here) . Request you to please review and correct the template.
</p>
<p>
<strong>Attachment: </strong><a href='" . $base_url . "/sites/all/modules/pricecal/tmp/" . $filename . "'>Click here</a><br/>
</p>
<p>*** This is a system generated email, please do not reply to this email ***</p>
<p>Thanks,<br/>DCG Pricing Team</p>",
);
if(!empty($requester_emailId)){
//drupal_mail('pricecal', 'import_success_email', 'chintan.p#blueoceanmi.com,'.$requester_emailId, language_default(), $params);
}else{
// drupal_mail('pricecal', 'import_success_email', 'chintan.p#blueoceanmi.com', language_default(), $params);
}
}
}
function clean($string) {
$string = str_replace(' ', '-', $string); // Replaces all spaces with hyphens.
return preg_replace('/[^A-Za-z0-9\-#.]/', '', $string); // Removes special chars.
}
?>
I'm facing really serious issue on live server this code works fine 2 days before but now its saying memory exhausted, i tried to increase memory but still not working. Can you please somebody help me.
I am implementing the laratracker , a bittorrent tracker built in laravel, but unable to start the download. Only one peer appears to be seeding, Sometimes it is saying "Connecting to peers" and remains at it is. The code which i am using is :
<?php
namespace App\Http\Controllers\Announce;
use App\Helpers\BencodeHelper;
use App\Models\Peer;
use App\Models\PeerTorrent;
use App\Models\Torrent;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Routing\Controller;
use Illuminate\Support\Facades\Input;
use Illuminate\Support\Facades\Log;
class AnnounceController extends Controller
{
const __INTERVAL = 1000;
const __TIMEOUT = 120;
const __INTERVAL_MIN = 60;
const __MAX_PPR = 20;
public function announce(Request $request)
{
Log::info($request->fullUrl());
$status = 200;
$content = "";
$passkey = Input::get('passkey');
$peer_id = Input::get('peer_id');
$port = Input::get('port');
$info_hash = Input::get('info_hash');
$downloaded = Input::get('uploaded') ? intval(Input::get('uploaded')) : 0;
$uploaded = Input::get('uploaded') ? intval(Input::get('uploaded')) : 0;
$left = Input::get('left') ? intval(Input::get('left')) : 0;
$compact = Input::get('compact') ? intval(Input::get('compact')) : 0;
$no_peer_id = Input::get('no_peer_id') ? intval(Input::get('no_peer_id')) : 0;
$ipAddress = '';
// Check for X-Forwarded-For headers and use those if found
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && ('' !== trim($_SERVER['HTTP_X_FORWARDED_FOR']))) {
$ipAddress = (trim($_SERVER['HTTP_X_FORWARDED_FOR']));
} else {
if (isset($_SERVER['REMOTE_ADDR']) && ('' !== trim($_SERVER['REMOTE_ADDR']))) {
$ipAddress = (trim($_SERVER['REMOTE_ADDR']));
}
}
$port = $_SERVER['REMOTE_PORT'];
/*if(!$port || !ctype_digit($port) || intval($port) < 1 || intval($port) > 65535)
{
$content = BencodeHelper::track("Invalid client port.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
if ($port == 999 && substr($peer_id, 0, 10) == '-TO0001-XX') {
die("d8:completei0e10:incompletei0e8:intervali600e12:min intervali60e5:peersld2:ip12:72.14.194.184:port3:999ed2:ip11:72.14.194.14:port3:999ed2:ip12:72.14.194.654:port3:999eee");
}*/
if (!$passkey) {
$content = BencodeHelper::track("Missing passkey.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$torrent = Torrent::getByInfoHash(sha1($info_hash));
if (!$torrent || $torrent == null) {
$content = "Torrent not registered with this tracker.";
$status = 404;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$user = User::has('passkeys', '=', $passkey)->get();
if ($user == null) {
$content = BencodeHelper::track("Invalid passkey.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$peer = Peer::getByHashAndPasskey(bin2hex($peer_id), $passkey);
if ($peer == null) {
$peer = Peer::create([
'hash' => bin2hex($peer_id),
'user_agent' => $_SERVER['HTTP_USER_AGENT'],
'ip_address' => $ipAddress,
'passkey' => $passkey,
'port' => $port
]);
}
if (!$info_hash || strlen($info_hash) != 20) {
$content = BencodeHelper::track("Invalid info_hash.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$peer_torrent = PeerTorrent::getByPeerAndTorrent($peer, $torrent);
if ($peer_torrent == null) {
$peer_torrent = PeerTorrent::create([
'peer_id' => $peer->id,
'torrent_id' => $torrent->id,
'uploaded' => $uploaded,
'downloaded' => $downloaded,
'left' => $left,
'stopped' => false
]);
} else {
$peer_torrent->uploaded = $uploaded;
$peer_torrent->downloaded = $downloaded;
$peer_torrent->left = $left;
$peer_torrent->save();
}
$seeders = $torrent->getSeedersCount();
$leechers = $torrent->getLeechersCount();
$resp = "";
if ($compact != 1) {
$resp = "d" . $this->benc_str("interval") . "i" . AnnounceController::__INTERVAL . "e" . $this->benc_str("peers") . "l";
} else {
$resp = "d" . $this->benc_str("interval") . "i" . AnnounceController::__INTERVAL . "e" . $this->benc_str("min interval") . "i" . 300 . "e5:" . "peers";
}
$peer = array();
$peer_num = 0;
foreach ($torrent->getPeersArray() as $row) {
if ($compact != 1) {
if ($row["peer_id"] === $peer->hash) {
continue;
}
$resp .= "d" . $this->benc_str("ip") . $this->benc_str($row['ip']);
if ($no_peer_id == 0) {
$resp .= $this->benc_str("peer id") . $this->benc_str($row["peer_id"]);
}
$resp .= $this->benc_str("port") . "i" . $row["port"] . "e" . "e";
} else {
$peer_ip = explode('.', $row["ip"]);
$peer_ip = pack("C*", $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]);
$peer_port = pack("n*", (int)$row["port"]);
$time = intval((time() % 7680) / 60);
if ($left == 0) {
$time += 128;
}
$time = pack("C", $time);
$peer[] = $time . $peer_ip . $peer_port;
$peer_num++;
}
}
if ($compact != 1) {
$resp .= "ee";
} else {
$o = "";
for ($i = 0; $i < $peer_num; $i++) {
$o .= substr($peer[$i], 1, 6);
}
$resp .= strlen($o) . ':' . $o . 'e';
}
$this->benc_resp_raw($resp);
}
public function benc_resp($d)
{
return $this->benc_resp_raw($this->benc(array('type' => 'dictionary', 'value' => $d)));
}
public function benc_resp_raw($x)
{
header("Content-Type: text/plain");
header("Pragma: no-cache");
if ($_SERVER['HTTP_ACCEPT_ENCODING'] == 'gzip') {
header("Content-Encoding: gzip");
echo gzencode($x, 9, FORCE_GZIP);
} else {
echo $x;
}
}
function benc($obj)
{
if (!is_array($obj) || !isset($obj["type"]) || !isset($obj["value"]))
return;
$c = $obj["value"];
switch ($obj["type"]) {
case "string":
return $this->benc_str($c);
case "integer":
return $this->benc_int($c);
case "list":
return $this->benc_list($c);
case "dictionary":
return $this->benc_dict($c);
default:
return;
}
}
public function benc_str($s)
{
return strlen($s) . ":$s";
}
public function benc_int($i)
{
return "i" . $i . "e";
}
public function benc_list($a)
{
$s = "l";
foreach ($a as $e) {
$s .= $this->benc($e);
}
$s .= "e";
return $s;
}
public function benc_dict($d)
{
$s = "d";
$keys = array_keys($d);
sort($keys);
foreach ($keys as $k) {
$v = $d[$k];
$s .= $this->benc_str($k);
$s .= $this->benc($v);
}
$s .= "e";
return $s;
}
public function hex2bin($hex)
{
$r = '';
for ($i = 0; $i < strlen($hex); $i += 2) {
$r .= chr(hexdec($hex{$i} . $hex{($i + 1)}));
}
return $r;
}
}
<?php
Not sure what to add or modify to the code to get it working . Help appreciated for the solution .
I am trying to implement a bittorrent tracker in Laravel. However, I am stuck at the moment as the download won't start. There is one peer which it appears to be seeding and I am 100% sure that it is connectable. But, when I run a second client on a different machine, the download won't start. It is stuck at "Connecting to peers" (uTorrent).
From the tracker I am sending the following response when the client makes an announce:
d8:intervali1000e12:min intervali300e5:peers18:�ؤ�i�ؑ�XÚJU�6e
In the downloading client I have the following data:
Here's my announce code:
<?php
namespace App\Http\Controllers\Announce;
use App\Helpers\BencodeHelper;
use App\Models\Peer;
use App\Models\PeerTorrent;
use App\Models\Torrent;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Routing\Controller;
use Illuminate\Support\Facades\Input;
use Illuminate\Support\Facades\Log;
class AnnounceController extends Controller
{
const __INTERVAL = 1000;
const __TIMEOUT = 120;
const __INTERVAL_MIN = 60;
const __MAX_PPR = 20;
public function announce(Request $request)
{
Log::info($request->fullUrl());
$status = 200;
$content = "";
$passkey = Input::get('passkey');
$peer_id = Input::get('peer_id');
$port = Input::get('port');
$info_hash = Input::get('info_hash');
$downloaded = Input::get('uploaded') ? intval(Input::get('uploaded')) : 0;
$uploaded = Input::get('uploaded') ? intval(Input::get('uploaded')) : 0;
$left = Input::get('left') ? intval(Input::get('left')) : 0;
$compact = Input::get('compact') ? intval(Input::get('compact')) : 0;
$no_peer_id = Input::get('no_peer_id') ? intval(Input::get('no_peer_id')) : 0;
$ipAddress = '';
// Check for X-Forwarded-For headers and use those if found
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && ('' !== trim($_SERVER['HTTP_X_FORWARDED_FOR']))) {
$ipAddress = (trim($_SERVER['HTTP_X_FORWARDED_FOR']));
} else {
if (isset($_SERVER['REMOTE_ADDR']) && ('' !== trim($_SERVER['REMOTE_ADDR']))) {
$ipAddress = (trim($_SERVER['REMOTE_ADDR']));
}
}
$port = $_SERVER['REMOTE_PORT'];
/*if(!$port || !ctype_digit($port) || intval($port) < 1 || intval($port) > 65535)
{
$content = BencodeHelper::track("Invalid client port.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
if ($port == 999 && substr($peer_id, 0, 10) == '-TO0001-XX') {
die("d8:completei0e10:incompletei0e8:intervali600e12:min intervali60e5:peersld2:ip12:72.14.194.184:port3:999ed2:ip11:72.14.194.14:port3:999ed2:ip12:72.14.194.654:port3:999eee");
}*/
if (!$passkey) {
$content = BencodeHelper::track("Missing passkey.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$torrent = Torrent::getByInfoHash(sha1($info_hash));
if (!$torrent || $torrent == null) {
$content = "Torrent not registered with this tracker.";
$status = 404;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$user = User::has('passkeys', '=', $passkey)->get();
if ($user == null) {
$content = BencodeHelper::track("Invalid passkey.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$peer = Peer::getByHashAndPasskey(bin2hex($peer_id), $passkey);
if ($peer == null) {
$peer = Peer::create([
'hash' => bin2hex($peer_id),
'user_agent' => $_SERVER['HTTP_USER_AGENT'],
'ip_address' => $ipAddress,
'passkey' => $passkey,
'port' => $port
]);
}
if (!$info_hash || strlen($info_hash) != 20) {
$content = BencodeHelper::track("Invalid info_hash.");
$status = 401;
return (new Response(AnnounceController::track($content), $status))
->header('Content-Type', $value);
}
$peer_torrent = PeerTorrent::getByPeerAndTorrent($peer, $torrent);
if ($peer_torrent == null) {
$peer_torrent = PeerTorrent::create([
'peer_id' => $peer->id,
'torrent_id' => $torrent->id,
'uploaded' => $uploaded,
'downloaded' => $downloaded,
'left' => $left,
'stopped' => false
]);
} else {
$peer_torrent->uploaded = $uploaded;
$peer_torrent->downloaded = $downloaded;
$peer_torrent->left = $left;
$peer_torrent->save();
}
$seeders = $torrent->getSeedersCount();
$leechers = $torrent->getLeechersCount();
$resp = "";
if ($compact != 1) {
$resp = "d" . $this->benc_str("interval") . "i" . AnnounceController::__INTERVAL . "e" . $this->benc_str("peers") . "l";
} else {
$resp = "d" . $this->benc_str("interval") . "i" . AnnounceController::__INTERVAL . "e" . $this->benc_str("min interval") . "i" . 300 . "e5:" . "peers";
}
$peer = array();
$peer_num = 0;
foreach ($torrent->getPeersArray() as $row) {
if ($compact != 1) {
if ($row["peer_id"] === $peer->hash) {
continue;
}
$resp .= "d" . $this->benc_str("ip") . $this->benc_str($row['ip']);
if ($no_peer_id == 0) {
$resp .= $this->benc_str("peer id") . $this->benc_str($row["peer_id"]);
}
$resp .= $this->benc_str("port") . "i" . $row["port"] . "e" . "e";
} else {
$peer_ip = explode('.', $row["ip"]);
$peer_ip = pack("C*", $peer_ip[0], $peer_ip[1], $peer_ip[2], $peer_ip[3]);
$peer_port = pack("n*", (int)$row["port"]);
$time = intval((time() % 7680) / 60);
if ($left == 0) {
$time += 128;
}
$time = pack("C", $time);
$peer[] = $time . $peer_ip . $peer_port;
$peer_num++;
}
}
if ($compact != 1) {
$resp .= "ee";
} else {
$o = "";
for ($i = 0; $i < $peer_num; $i++) {
$o .= substr($peer[$i], 1, 6);
}
$resp .= strlen($o) . ':' . $o . 'e';
}
$this->benc_resp_raw($resp);
}
public function benc_resp($d)
{
return $this->benc_resp_raw($this->benc(array('type' => 'dictionary', 'value' => $d)));
}
public function benc_resp_raw($x)
{
header("Content-Type: text/plain");
header("Pragma: no-cache");
if ($_SERVER['HTTP_ACCEPT_ENCODING'] == 'gzip') {
header("Content-Encoding: gzip");
echo gzencode($x, 9, FORCE_GZIP);
} else {
echo $x;
}
}
function benc($obj)
{
if (!is_array($obj) || !isset($obj["type"]) || !isset($obj["value"]))
return;
$c = $obj["value"];
switch ($obj["type"]) {
case "string":
return $this->benc_str($c);
case "integer":
return $this->benc_int($c);
case "list":
return $this->benc_list($c);
case "dictionary":
return $this->benc_dict($c);
default:
return;
}
}
public function benc_str($s)
{
return strlen($s) . ":$s";
}
public function benc_int($i)
{
return "i" . $i . "e";
}
public function benc_list($a)
{
$s = "l";
foreach ($a as $e) {
$s .= $this->benc($e);
}
$s .= "e";
return $s;
}
public function benc_dict($d)
{
$s = "d";
$keys = array_keys($d);
sort($keys);
foreach ($keys as $k) {
$v = $d[$k];
$s .= $this->benc_str($k);
$s .= $this->benc($v);
}
$s .= "e";
return $s;
}
public function hex2bin($hex)
{
$r = '';
for ($i = 0; $i < strlen($hex); $i += 2) {
$r .= chr(hexdec($hex{$i} . $hex{($i + 1)}));
}
return $r;
}
}
I am not quite sure what am I missing here.
Maybe it's because you constantly set
->header('Content-Type', $value);
without ever setting $value? So the "Announce-Response" is malformed?
$port = $_SERVER['REMOTE_PORT'];
I think the problem is that the tracker instead of register the port that the connecting peer sends in the announce string, the tracker register the remote port that the peer is connecting from.
That is almost certainly the wrong port to use.
I am using a script to forward email addresses and getting bad message number error. the message number is parsed as an argument for the function and i am not sure how to get the message number and insert it as the argument. Please help. I am new to php. The error points out $structure = imap_fetchstructure($connection, $id, FT_UID); and $result['text'] = imap_body($connection, $id, FT_UID); parts. Please help me.
<?php
require_once '../swift/lib/swift_required.php';
$hostname = '{imap.xyz.com:993/imap/ssl}INBOX';
$username = 'email';
$password = 'password';
/* try to connect */
$connection = imap_open($hostname,$username,$password) or die('Cannot connect to Tiriyo: ' . imap_last_error());
ini_set('memory_limit', '256M');
function Message_Parse($id)
{
global $connection;
if (is_resource($connection))
{
$result = array
(
'text' => null,
'html' => null,
'attachments' => array(),
);
$structure = imap_fetchstructure($connection, $id, FT_UID);
//print_r($structure);
//array_key_exists — Checks if the given key or index exists in the array
if (is_array($structure) && array_key_exists('parts', $structure))
{
foreach ($structure->parts as $key => $part)
{
if (($part->type >= 2) || (($part->ifdisposition == 1) && ($part->disposition == 'ATTACHMENT')))
{
$filename = null;
if ($part->ifparameters == 1)
{
$total_parameters = count($part->parameters);
for ($i = 0; $i < $total_parameters; $i++)
{
if (($part->parameters[$i]->attribute == 'NAME') || ($part->parameters[$i]->attribute == 'FILENAME'))
{
$filename = $part->parameters[$i]->value;
break;
}
}
if (is_null($filename))
{
if ($part->ifdparameters == 1)
{
$total_dparameters = count($part->dparameters);
for ($i = 0; $i < $total_dparameters; $i++)
{
if (($part->dparameters[$i]->attribute == 'NAME') || ($part->dparameters[$i]->attribute == 'FILENAME'))
{
$filename = $part->dparameters[$i]->value;
break;
}
}
}
}
}
$result['attachments'][] = array
(
'filename' => $filename,
'content' => str_replace(array("\r", "\n"), '', trim(imap_fetchbody($connection, $id, ($key + 1), FT_UID))),
);
}
else
{
if ($part->subtype == 'PLAIN')
{
$result['text'] = imap_fetchbody($connection, $id, ($key + 1), FT_UID);
}
else if ($part->subtype == 'HTML')
{
$result['html'] = imap_fetchbody($connection, $id, ($key + 1), FT_UID);
}
else
{
foreach ($part->parts as $alternative_key => $alternative_part)
{
if ($alternative_part->subtype == 'PLAIN')
{
echo '<h2>' . $alternative_part->subtype . ' ' . $alternative_part->encoding . '</h2>';
$result['text'] = imap_fetchbody($connection, $id, ($key + 1) . '.' . ($alternative_key + 1), FT_UID);
}
else if ($alternative_part->subtype == 'HTML')
{
echo '<h2>' . $alternative_part->subtype . ' ' . $alternative_part->encoding . '</h2>';
$result['html'] = imap_fetchbody($connection, $id, ($key + 1) . '.' . ($alternative_key + 1), FT_UID);
}
}
}
}
}
}
else
{
$result['text'] = imap_body($connection, $id, FT_UID);
}
$result['text'] = imap_qprint($result['text']);
$result['html'] = imap_qprint(imap_8bit($result['html']));
return $result;
}
return false;
}
$emails = imap_search($connection,'ALL');
// rsort($emails);
/* for every email... */
foreach($emails as $email_number) {
echo $email_number;
$result = Message_Parse($email_number);
//$data = $result['attachments'];
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
//$attachment = Swift_Attachment::newInstance($result['attachments'], $filename, 'audio/mp3');
$message = Swift_Message::newInstance('test message1 ')
->setFrom(array('from address' => 'name'))
->setTo(array('to address.com'))
->setBody($result['text']);
// ->attach($attachment);
$result1 = $mailer->send($message);
}
?>
The FT_UID flag means that you are using message uid, rather than message sequence id. In order to get the uid for a given message, you have to use the msg_uid() function.
Since you are beginner, I hardly think this was your question, so here is complete example how to get the headers and the content of a given message:
<?php
$emailAddress = 'postmaster#example.com';
$password = 'someSecretPassword';
$server = 'localhost';
$folder = 'Inbox';
$dsn = sprintf('{%s}%s', $server, $folder);
$mbox = imap_open($dsn, $emailAddress, $password);
if (!$mbox) {
die ('Unable to connect');
}
$status = imap_status($mbox, $dsn, SA_ALL);
$msgs = imap_sort($mbox, SORTDATE, 1, SE_UID);
foreach ($msgs as $msguid) {
$msgno = imap_msgno($mbox, $msguid);
$headers = imap_headerinfo($mbox, $msgno);
$structure = imap_fetchstructure($mbox, $msguid, FT_UID);
var_dump($headers);
var_dump($structure);
}
I was getting the same error when inside the loop, after processing the email, I was moving the message to a different folder.
After I comment out the imap_move the error went away.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I found this script attached to a modified index page. This looks like some kind of backdoor. and who is this SAPE ?
<?php
class SAPE_base {
var $_version = '1.0.8';
var $_verbose = false;
var $_charset = '';
var $_sape_charset = '';
var $_server_list = array('dispenser-01.sape.ru', 'dispenser-02.sape.ru');
var $_cache_lifetime = 3600;
var $_cache_reloadtime = 600;
var $_error = '';
var $_host = '';
var $_request_uri = '';
var $_multi_site = false;
var $_fetch_remote_type = '';
var $_socket_timeout = 6;
var $_force_show_code = false;
var $_is_our_bot = false;
var $_debug = false;
var $_ignore_case = false;
var $_db_file = '';
var $_use_server_array = false;
var $_force_update_db = false;
function SAPE_base($options = null) {
$host = '';
if (is_array($options)) {
if (isset($options['host'])) {
$host = $options['host'];
}
}
elseif (strlen($options)) {
$host = $options;
$options = array();
}
else {
$options = array();
}
if (isset($options['use_server_array']) && $options['use_server_array'] == true) {
$this->_use_server_array = true;
}
if (strlen($host)) {
$this->_host = $host;
}
else {
$this->_host = $_SERVER['HTTP_HOST'];
}
$this->_host = preg_replace('/^http:\/\//', '', $this->_host);
$this->_host = preg_replace('/^www\./', '', $this->_host);
if (isset($options['request_uri']) && strlen($options['request_uri'])) {
$this->_request_uri = $options['request_uri'];
}
elseif ($this->_use_server_array === false) {
$this->_request_uri = getenv('REQUEST_URI');
}
if (strlen($this->_request_uri) == 0) {
$this->_request_uri = $_SERVER['REQUEST_URI'];
}
if (isset($options['multi_site']) && $options['multi_site'] == true) {
$this->_multi_site = true;
}
if (isset($options['debug']) && $options['debug'] == true) {
$this->_debug = true;
}
if (isset($_COOKIE['sape_cookie']) && ($_COOKIE['sape_cookie'] == _SAPE_USER)) {
$this->_is_our_bot = true;
if (isset($_COOKIE['sape_debug']) && ($_COOKIE['sape_debug'] == 1)) {
$this->_debug = true;
$this->_options = $options;
$this->_server_request_uri = $this->_request_uri = $_SERVER['REQUEST_URI'];
$this->_getenv_request_uri = getenv('REQUEST_URI');
$this->_SAPE_USER = _SAPE_USER;
}
if (isset($_COOKIE['sape_updatedb']) && ($_COOKIE['sape_updatedb'] == 1)) {
$this->_force_update_db = true;
}
}
else {
$this->_is_our_bot = false;
}
if (isset($options['verbose']) && $options['verbose'] == true || $this->_debug) {
$this->_verbose = true;
}
if (isset($options['charset']) && strlen($options['charset'])) {
$this->_charset = $options['charset'];
}
else {
$this->_charset = 'windows-1251';
}
if (isset($options['fetch_remote_type']) && strlen($options['fetch_remote_type'])) {
$this->_fetch_remote_type = $options['fetch_remote_type'];
}
if (isset($options['socket_timeout']) && is_numeric($options['socket_timeout']) && $options['socket_timeout'] > 0) {
$this->_socket_timeout = $options['socket_timeout'];
}
if (isset($options['force_show_code']) && $options['force_show_code'] == true) {
$this->_force_show_code = true;
}
if (!defined('_SAPE_USER')) {
return $this->raise_error('Не задана константа _SAPE_USER');
}
if (isset($options['ignore_case']) && $options['ignore_case'] == true) {
$this->_ignore_case = true;
$this->_request_uri = strtolower($this->_request_uri);
}
}
function fetch_remote_file($host, $path) {
$user_agent = $this->_user_agent . ' ' . $this->_version;
#ini_set('allow_url_fopen', 1);
#ini_set('default_socket_timeout', $this->_socket_timeout);
#ini_set('user_agent', $user_agent);
if (
$this->_fetch_remote_type == 'file_get_contents'
||
(
$this->_fetch_remote_type == ''
&&
function_exists('file_get_contents')
&&
ini_get('allow_url_fopen') == 1
)
) {
$this->_fetch_remote_type = 'file_get_contents';
if ($data = #file_get_contents('http://' . $host . $path)) {
return $data;
}
}
elseif (
$this->_fetch_remote_type == 'curl'
||
(
$this->_fetch_remote_type == ''
&&
function_exists('curl_init')
)
) {
$this->_fetch_remote_type = 'curl';
if ($ch = #curl_init()) {
#curl_setopt($ch, CURLOPT_URL, 'http://' . $host . $path);
#curl_setopt($ch, CURLOPT_HEADER, false);
#curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
#curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->_socket_timeout);
#curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
if ($data = #curl_exec($ch)) {
return $data;
}
#curl_close($ch);
}
}
else {
$this->_fetch_remote_type = 'socket';
$buff = '';
$fp = #fsockopen($host, 80, $errno, $errstr, $this->_socket_timeout);
if ($fp) {
#fputs($fp, "GET {$path} HTTP/1.0\r\nHost: {$host}\r\n");
#fputs($fp, "User-Agent: {$user_agent}\r\n\r\n");
while (!#feof($fp)) {
$buff .= #fgets($fp, 128);
}
#fclose($fp);
$page = explode("\r\n\r\n", $buff);
return $page[1];
}
}
return $this->raise_error('Не могу подключиться к серверу: ' . $host . $path . ', type: ' . $this->_fetch_remote_type);
}
function _read($filename) {
$fp = #fopen($filename, 'rb');
#flock($fp, LOCK_SH);
if ($fp) {
clearstatcache();
$length = #filesize($filename);
$mqr = #get_magic_quotes_runtime();
#set_magic_quotes_runtime(0);
if ($length) {
$data = #fread($fp, $length);
}
else {
$data = '';
}
#set_magic_quotes_runtime($mqr);
#flock($fp, LOCK_UN);
#fclose($fp);
return $data;
}
return $this->raise_error('Не могу считать данные из файла: ' . $filename);
}
function _write($filename, $data) {
$fp = #fopen($filename, 'ab');
if ($fp) {
if (flock($fp, LOCK_EX | LOCK_NB)) {
$length = strlen($data);
ftruncate($fp, 0);
#fwrite($fp, $data, $length);
#flock($fp, LOCK_UN);
#fclose($fp);
if (md5($this->_read($filename)) != md5($data)) {
#unlink($filename);
return $this->raise_error('Нарушена целостность данных при записи в файл: ' . $filename);
}
}
else {
return false;
}
return true;
}
return $this->raise_error('Не могу записать данные в файл: ' . $filename);
}
function raise_error($e) {
$this->_error = '<p style="color: red; font-weight: bold;">SAPE ERROR: ' . $e . '</p>';
if ($this->_verbose == true) {
print $this->_error;
}
return false;
}
function load_data() {
$this->_db_file = $this->_get_db_file();
if (!is_file($this->_db_file)) {
if (#touch($this->_db_file)) {
#chmod($this->_db_file, 0666);
}
else {
return $this->raise_error('Нет файла ' . $this->_db_file . '. Создать не удалось. Выставите права 777 на папку.');
}
}
if (!is_writable($this->_db_file)) {
return $this->raise_error('Нет доступа на запись к файлу: ' . $this->_db_file . '! Выставите права 777 на папку.');
}
#clearstatcache();
$data = $this->_read($this->_db_file);
if (
$this->_force_update_db
|| (
!$this->_is_our_bot
&&
(
filemtime($this->_db_file) < (time() - $this->_cache_lifetime)
||
filesize($this->_db_file) == 0
||
#unserialize($data) == false
)
)
) {
#touch($this->_db_file, (time() - $this->_cache_lifetime + $this->_cache_reloadtime));
$path = $this->_get_dispenser_path();
if (strlen($this->_charset)) {
$path .= '&charset=' . $this->_charset;
}
foreach ($this->_server_list as $i => $server) {
if ($data = $this->fetch_remote_file($server, $path)) {
if (substr($data, 0, 12) == 'FATAL ERROR:') {
$this->raise_error($data);
}
else {
$hash = #unserialize($data);
if ($hash != false) {
$hash['__sape_charset__'] = $this->_charset;
$hash['__last_update__'] = time();
$hash['__multi_site__'] = $this->_multi_site;
$hash['__fetch_remote_type__'] = $this->_fetch_remote_type;
$hash['__ignore_case__'] = $this->_ignore_case;
$hash['__php_version__'] = phpversion();
$hash['__server_software__'] = $_SERVER['SERVER_SOFTWARE'];
$data_new = #serialize($hash);
if ($data_new) {
$data = $data_new;
}
$this->_write($this->_db_file, $data);
break;
}
}
}
}
}
if (strlen(session_id())) {
$session = session_name() . '=' . session_id();
$this->_request_uri = str_replace(array('?' . $session, '&' . $session), '', $this->_request_uri);
}
$this->set_data(#unserialize($data));
}
}
class SAPE_client extends SAPE_base {
var $_links_delimiter = '';
var $_links = array();
var $_links_page = array();
var $_user_agent = 'SAPE_Client PHP';
function SAPE_client($options = null) {
parent::SAPE_base($options);
$this->load_data();
}
function return_links($n = null, $offset = 0) {
if (is_array($this->_links_page)) {
$total_page_links = count($this->_links_page);
if (!is_numeric($n) || $n > $total_page_links) {
$n = $total_page_links;
}
$links = array();
for ($i = 1; $i <= $n; $i++) {
if ($offset > 0 && $i <= $offset) {
array_shift($this->_links_page);
}
else {
$links[] = array_shift($this->_links_page);
}
}
$html = join($this->_links_delimiter, $links);
if (
strlen($this->_charset) > 0
&&
strlen($this->_sape_charset) > 0
&&
$this->_sape_charset != $this->_charset
&&
function_exists('iconv')
) {
$new_html = #iconv($this->_sape_charset, $this->_charset, $html);
if ($new_html) {
$html = $new_html;
}
}
if ($this->_is_our_bot) {
$html = '<sape_noindex>' . $html . '</sape_noindex>';
}
}
else {
$html = $this->_links_page;
}
if ($this->_debug) {
$html .= print_r($this, true);
}
return $html;
}
function _get_db_file() {
if ($this->_multi_site) {
return dirname(__FILE__) . '/' . $this->_host . '.links.db';
}
else {
return dirname(__FILE__) . '/links.db';
}
}
function _get_dispenser_path() {
return '/code.php?user=' . _SAPE_USER . '&host=' . $this->_host;
}
function set_data($data) {
if ($this->_ignore_case) {
$this->_links = array_change_key_case($data);
}
else {
$this->_links = $data;
}
if (isset($this->_links['__sape_delimiter__'])) {
$this->_links_delimiter = $this->_links['__sape_delimiter__'];
}
if (isset($this->_links['__sape_charset__'])) {
$this->_sape_charset = $this->_links['__sape_charset__'];
}
else {
$this->_sape_charset = '';
}
if (#array_key_exists($this->_request_uri, $this->_links) && is_array($this->_links[$this->_request_uri])) {
$this->_links_page = $this->_links[$this->_request_uri];
}
else {
if (isset($this->_links['__sape_new_url__']) && strlen($this->_links['__sape_new_url__'])) {
if ($this->_is_our_bot || $this->_force_show_code) {
$this->_links_page = $this->_links['__sape_new_url__'];
}
}
}
}
}
class SAPE_context extends SAPE_base {
var $_words = array();
var $_words_page = array();
var $_user_agent = 'SAPE_Context PHP';
var $_filter_tags = array('a', 'textarea', 'select', 'script', 'style', 'label', 'noscript', 'noindex', 'button');
function SAPE_context($options = null) {
parent::SAPE_base($options);
$this->load_data();
}
function replace_in_text_segment($text) {
$debug = '';
if ($this->_debug) {
$debug .= "<!-- argument for replace_in_text_segment: \r\n" . base64_encode($text) . "\r\n -->";
}
if (count($this->_words_page) > 0) {
$source_sentence = array();
if ($this->_debug) {
$debug .= '<!-- sentences for replace: ';
}
foreach ($this->_words_page as $n => $sentence) {
//Заменяем все сущности на символы
$special_chars = array(
'&' => '&',
'"' => '"',
''' => '\'',
'<' => '<',
'>' => '>'
);
$sentence = strip_tags($sentence);
foreach ($special_chars as $from => $to) {
str_replace($from, $to, $sentence);
}
$sentence = htmlspecialchars($sentence);
$sentence = preg_quote($sentence, '/');
$replace_array = array();
if (preg_match_all('/(&[#a-zA-Z0-9]{2,6};)/isU', $sentence, $out)) {
for ($i = 0; $i < count($out[1]); $i++) {
$unspec = $special_chars[$out[1][$i]];
$real = $out[1][$i];
$replace_array[$unspec] = $real;
}
}
foreach ($replace_array as $unspec => $real) {
$sentence = str_replace($real, '((' . $real . ')|(' . $unspec . '))', $sentence);
}
$source_sentences[$n] = str_replace(' ', '((\s)|( ))+', $sentence);
if ($this->_debug) {
$debug .= $source_sentences[$n] . "\r\n\r\n";
}
}
if ($this->_debug) {
$debug .= '-->';
}
$first_part = true;
if (count($source_sentences) > 0) {
$content = '';
$open_tags = array();
$close_tag = '';
$part = strtok(' ' . $text, '<');
while ($part !== false) {
if (preg_match('/(?si)^(\/?[a-z0-9]+)/', $part, $matches)) {
$tag_name = strtolower($matches[1]);
if (substr($tag_name, 0, 1) == '/') {
$close_tag = substr($tag_name, 1);
if ($this->_debug) {
$debug .= '<!-- close_tag: ' . $close_tag . ' -->';
}
}
else {
$close_tag = '';
if ($this->_debug) {
$debug .= '<!-- open_tag: ' . $tag_name . ' -->';
}
}
$cnt_tags = count($open_tags);
if (($cnt_tags > 0) && ($open_tags[$cnt_tags - 1] == $close_tag)) {
array_pop($open_tags);
if ($this->_debug) {
$debug .= '<!-- ' . $tag_name . ' - deleted from open_tags -->';
}
if ($cnt_tags - 1 == 0) {
if ($this->_debug) {
$debug .= '<!-- start replacement -->';
}
}
}
if (count($open_tags) == 0) {
if (!in_array($tag_name, $this->_filter_tags)) {
$split_parts = explode('>', $part, 2);
if (count($split_parts) == 2) {
foreach ($source_sentences as $n => $sentence) {
if (preg_match('/' . $sentence . '/', $split_parts[1]) == 1) {
$split_parts[1] = preg_replace('/' . $sentence . '/', str_replace('$', '\$', $this->_words_page[$n]), $split_parts[1], 1);
if ($this->_debug) {
$debug .= '<!-- ' . $sentence . ' --- ' . $this->_words_page[$n] . ' replaced -->';
}
unset($source_sentences[$n]);
unset($this->_words_page[$n]);
}
}
$part = $split_parts[0] . '>' . $split_parts[1];
unset($split_parts);
}
}
else {
$open_tags[] = $tag_name;
if ($this->_debug) {
$debug .= '<!-- ' . $tag_name . ' - added to open_tags, stop replacement -->';
}
}
}
}
else {
foreach ($source_sentences as $n => $sentence) {
if (preg_match('/' . $sentence . '/', $part) == 1) {
$part = preg_replace('/' . $sentence . '/', str_replace('$', '\$', $this->_words_page[$n]), $part, 1);
if ($this->_debug) {
$debug .= '<!-- ' . $sentence . ' --- ' . $this->_words_page[$n] . ' replaced -->';
}
unset($source_sentences[$n]);
unset($this->_words_page[$n]);
}
}
}
if ($this->_debug) {
$content .= $debug;
$debug = '';
}
if ($first_part) {
$content .= $part;
$first_part = false;
}
else {
$content .= $debug . '<' . $part;
}
unset($part);
$part = strtok('<');
}
$text = ltrim($content);
unset($content);
}
}
else {
if ($this->_debug) {
$debug .= '<!-- No word`s for page -->';
}
}
if ($this->_debug) {
$debug .= '<!-- END: work of replace_in_text_segment() -->';
}
if ($this->_is_our_bot || $this->_force_show_code || $this->_debug) {
$text = '<sape_index>' . $text . '</sape_index>';
if (isset($this->_words['__sape_new_url__']) && strlen($this->_words['__sape_new_url__'])) {
$text .= $this->_words['__sape_new_url__'];
}
}
if ($this->_debug) {
if (count($this->_words_page) > 0) {
$text .= '<!-- Not replaced: ' . "\r\n";
foreach ($this->_words_page as $n => $value) {
$text .= $value . "\r\n\r\n";
}
$text .= '-->';
}
$text .= $debug;
}
return $text;
}
function replace_in_page(&$buffer) {
if (count($this->_words_page) > 0) {
$split_content = preg_split('/(?smi)(<\/?sape_index>)/', $buffer, -1);
$cnt_parts = count($split_content);
if ($cnt_parts > 1) {
//Если есть хоть одна пара sape_index, то начинаем работу
if ($cnt_parts >= 3) {
for ($i = 1; $i < $cnt_parts; $i = $i + 2) {
$split_content[$i] = $this->replace_in_text_segment($split_content[$i]);
}
}
$buffer = implode('', $split_content);
if ($this->_debug) {
$buffer .= '<!-- Split by Sape_index cnt_parts=' . $cnt_parts . '-->';
}
}
else {
$split_content = preg_split('/(?smi)(<\/?body[^>]*>)/', $buffer, -1, PREG_SPLIT_DELIM_CAPTURE);
if (count($split_content) == 5) {
$split_content[0] = $split_content[0] . $split_content[1];
$split_content[1] = $this->replace_in_text_segment($split_content[2]);
$split_content[2] = $split_content[3] . $split_content[4];
unset($split_content[3]);
unset($split_content[4]);
$buffer = $split_content[0] . $split_content[1] . $split_content[2];
if ($this->_debug) {
$buffer .= '<!-- Split by BODY -->';
}
}
else {
if ($this->_debug) {
$buffer .= '<!-- Can`t split by BODY -->';
}
}
}
}
else {
if (!$this->_is_our_bot && !$this->_force_show_code && !$this->_debug) {
$buffer = preg_replace('/(?smi)(<\/?sape_index>)/', '', $buffer);
}
else {
if (isset($this->_words['__sape_new_url__']) && strlen($this->_words['__sape_new_url__'])) {
$buffer .= $this->_words['__sape_new_url__'];
}
}
if ($this->_debug) {
$buffer .= '<!-- No word`s for page -->';
}
}
return $buffer;
}
function _get_db_file() {
if ($this->_multi_site) {
return dirname(__FILE__) . '/' . $this->_host . '.words.db';
}
else {
return dirname(__FILE__) . '/words.db';
}
}
function _get_dispenser_path() {
return '/code_context.php?user=' . _SAPE_USER . '&host=' . $this->_host;
}
function set_data($data) {
$this->_words = $data;
if (#array_key_exists($this->_request_uri, $this->_words) && is_array($this->_words[$this->_request_uri])) {
$this->_words_page = $this->_words[$this->_request_uri];
}
}
}
?>
Sape is apparently link exchange service used by a Russian-speaking botnet owner.
This backdoor appears to use the sape API to download XML and use bots to create a "context" that probably clicks links to generate illicit revenue.
From a bad Google transition of sape.ru:
Sape system increases revenue and reduces the consumption of
webmasters optimizers. Venues are beginning to sell the place, not
only from the main pages, but also internal. How many pages on the
site? Let each revenue. Optimizers are buying cheap internal pages and
save on moving projects.
My Russian isn't very good, but sape.ru looks like some kind of link exchange service. And in answer to your question "Who is SAPE":
[david#archtower ~]$ whois sape.ru
% By submitting a query to RIPN's Whois Service
% you agree to abide by the following terms of use:
% http://www.ripn.net/about/servpol.html#3.2 (in Russian)
% http://www.ripn.net/about/en/servpol.html#3.2 (in English).
domain: SAPE.RU
nserver: ns1.q0.ru.
nserver: ns2.q0.ru.
nserver: ns3.q0.ru.
state: REGISTERED, DELEGATED, VERIFIED
org: LTD Sape
registrar: R01-REG-RIPN
admin-contact: https://partner.r01.ru/contact_admin.khtml
created: 2006.06.20
paid-till: 2013.06.20
free-date: 2013.07.21
source: TCI
Last updated on 2012.06.19 19:28:42 MSK
[david#archtower ~]$
Looks like it's something to automatically visit ads referral links at first glance.