From 05f6bc678fdbae92bbf3b7780a9cc32829fbc475 Mon Sep 17 00:00:00 2001 From: "Janus B. Kristensen" Date: Wed, 10 Oct 2007 21:06:10 +0000 Subject: [PATCH] Due to magic quotes check the IDs and hashes are now always 20 bytes svn path=/trunk/boinc/; revision=13825 --- html/bt/announce.php | 6 +++--- html/bt/scrape.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/html/bt/announce.php b/html/bt/announce.php index 31d2119579..c01955ecd0 100755 --- a/html/bt/announce.php +++ b/html/bt/announce.php @@ -17,9 +17,9 @@ function trackerError($error){ } $info_hash = rawurldecode($_GET["info_hash"]); -if (strlen($info_hash)<20) throw new IllegalArgumentException("Malformed infohash key (length ".strlen($info_hash).")"); +if (strlen($info_hash)!=20) throw new IllegalArgumentException("Malformed infohash key (length ".strlen($info_hash).")"); $peer_id = $_GET["peer_id"]; -if (strlen($peer_id)<20) throw new IllegalArgumentException("Malformed peer ID (".strlen($peer_id).")"); +if (strlen($peer_id)!=20) throw new IllegalArgumentException("Malformed peer ID (".strlen($peer_id).")"); $port = $_GET["port"]; if (!is_numeric($port)) throw new IllegalArgumentException("Non-numeric port supplied"); $event = $_GET["event"]; @@ -43,7 +43,7 @@ if (isIPBanned($ip)){ // Check that the info_hash is one that we allow: $queryHandle = mysql_query("SELECT * from bittorrent_files where info_hash=\"".process_user_text($info_hash)."\""); echo mysql_error(); if (!mysql_num_rows($queryHandle)){ - trackerError("The tracker does not allow tracking of this file:".$info_hash); + trackerError("The tracker does not allow tracking of this file:".$info_hash . " [] ".$_GET["info_hash"]); } $infoHashObject = mysql_fetch_object($queryHandle); diff --git a/html/bt/scrape.php b/html/bt/scrape.php index 591f929485..d3f3b033b3 100755 --- a/html/bt/scrape.php +++ b/html/bt/scrape.php @@ -15,7 +15,7 @@ function trackerError($error){ } $info_hash = rawurldecode($_GET["info_hash"]); -if (strlen($info_hash)<20) throw new IllegalArgumentException("Malformed infohash key (length ".strlen($info_hash).")"); +if (strlen($info_hash)!=20) throw new IllegalArgumentException("Malformed infohash key (length ".strlen($info_hash).")"); if (!$ip){ $ip = $_SERVER["REMOTE_ADDR"];