From 096bb5124fa27d27c3e60031edc432d877f1c507 Mon Sep 17 00:00:00 2001
From: Roman Kelesidis <roman25052006.kelesh@gmail.com>
Date: Thu, 16 Jan 2025 16:09:34 +0300
Subject: [PATCH] feat(announcer): Added `is_numeric()` checking for some
 fields (#1766)

---
 bt/announce.php | 9 +++++----
 bt/scrape.php   | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/bt/announce.php b/bt/announce.php
index 5e531d9af..ef19d2f89 100644
--- a/bt/announce.php
+++ b/bt/announce.php
@@ -126,20 +126,21 @@ if (strlen($info_hash) !== 20) {
  */
 if (
     !isset($port)
+    || !is_numeric($port)
     || ($port < 1024 && !$stopped)
     || $port > 0xFFFF) {
     msg_die('Invalid port: ' . $port);
 }
 
-if (!isset($uploaded) || $uploaded < 0) {
+if (!isset($uploaded) || !is_numeric($uploaded) || $uploaded < 0) {
     msg_die('Invalid uploaded value: ' . $uploaded);
 }
 
-if (!isset($downloaded) || $downloaded < 0) {
+if (!isset($downloaded) || !is_numeric($downloaded) || $downloaded < 0) {
     msg_die('Invalid downloaded value: ' . $downloaded);
 }
 
-if (!isset($left) || $left < 0) {
+if (!isset($left) || !is_numeric($left) || $left < 0) {
     msg_die('Invalid left value: ' . $left);
 }
 
@@ -237,7 +238,7 @@ if ($lp_info) {
 
     /**
      * Currently torrent clients send truncated v2 hashes (the design raises questions).
-     * https://github.com/bittorrent/bittorrent.org/issues/145#issuecomment-1720040343
+     * @see https://github.com/bittorrent/bittorrent.org/issues/145#issuecomment-1720040343
      */
     $info_hash_where = "WHERE tor.info_hash = '$info_hash_sql' OR SUBSTRING(tor.info_hash_v2, 1, 20) = '$info_hash_sql'";
 
diff --git a/bt/scrape.php b/bt/scrape.php
index faf8fc2b0..534cd57fd 100644
--- a/bt/scrape.php
+++ b/bt/scrape.php
@@ -68,7 +68,7 @@ if (!empty($info_hash_count)) {
 
     /**
      * Currently torrent clients send truncated v2 hashes (the design raises questions).
-     * https://github.com/bittorrent/bittorrent.org/issues/145#issuecomment-1720040343
+     * @see https://github.com/bittorrent/bittorrent.org/issues/145#issuecomment-1720040343
      */
     $info_hash_where = "tor.info_hash IN ('$info_hashes_sql') OR SUBSTRING(tor.info_hash_v2, 1, 20) IN ('$info_hashes_sql')";