More performance optimized/random string generation, removed passkey length limit from the announcer (#1013)

2025-08-14 10:37:30 -07:00 · 2023-11-01 21:20:12 +04:00 · 2023-11-01 21:20:12 +04:00 · 725773254f
commit 725773254f
parent c69712a463
7 changed files with 20 additions and 17 deletions
--- a/bt/announce.php
+++ b/bt/announce.php
@ -30,7 +30,7 @@ if (isset($_GET['?info_hash']) && !isset($_GET['info_hash'])) {
 if (strpos($_SERVER['REQUEST_URI'], 'scrape') !== false) {
    msg_die('Please disable SCRAPE!');
 }
-if (!isset($_GET[$passkey_key]) || !is_string($_GET[$passkey_key]) || strlen($_GET[$passkey_key]) !== BT_AUTH_KEY_LENGTH) {
+if (!isset($_GET[$passkey_key]) || !is_string($_GET[$passkey_key])) {
    msg_die('Please LOG IN and RE-DOWNLOAD this torrent (passkey not found)');
 }

@ -93,9 +93,6 @@ if (!isset($downloaded) || $downloaded < 0) {
 if (!isset($left) || $left < 0) {
    msg_die('Invalid left value: ' . $left);
 }
-if (!verify_id($passkey, BT_AUTH_KEY_LENGTH)) {
-    msg_die('Invalid passkey: ' . $passkey);
-}

 // IP
 $ip = $_SERVER['REMOTE_ADDR'];
--- a/common.php
+++ b/common.php
@ -102,7 +102,7 @@ define('BB_BT_TRACKER', 'bb_bt_tracker');
 define('BB_BT_TRACKER_SNAP', 'bb_bt_tracker_snap');
 define('BB_BT_USERS', 'bb_bt_users');

-define('BT_AUTH_KEY_LENGTH', 10);
+define('BT_AUTH_KEY_LENGTH', 20);

 define('DL_STATUS_RELEASER', -1);
 define('DL_STATUS_DOWN', 0);
@ -297,9 +297,14 @@ function str_compact($str)
 */
 function make_rand_str($length = 10): string
 {
-    $pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    $pool = str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');

-    return substr(str_shuffle(str_repeat($pool, (int)$length)), 0, $length);
+    $randomString = '';
+    for ($i = 0; $i < $length; $i++) {
+        $randomString .= $pool[random_int(0, 61)];
+    }
+
+    return $randomString;
 }

 function array_deep(&$var, $fn, $one_dimensional = false, $array_only = false)
--- a/library/includes/functions.php
+++ b/library/includes/functions.php
@ -1188,10 +1188,10 @@ function get_user_torrent_client(string $peer_id): mixed
        '-CT' => 'CTorrent', '-DE' => 'Deluge', '-FD' => 'Free Download Manager', 'FD6' => 'Free Download Manager',
        '-FG' => 'FlashGet', '-FL' => 'Folx', '-HL' => 'Halite', '-KG' => 'KGet',
        '-KT' => 'KTorrent', '-LT' => 'libTorrent', '-Lr' => 'LibreTorrent', '-MG' => 'MediaGet',
-        '-TR' => 'Transmission', '-tT' => 'tTorrent', '-UM' => "uTorrent Mac", '-UT' => "uTorrent",
-        '-UW' => "uTorrent Web", '-WW' => 'WebTorrent', '-WD' => 'WebTorrent', '-XL' => 'Xunlei',
+        '-TR' => 'Transmission', '-tT' => 'tTorrent', '-UM' => "uTorrent Mac", '-UT' => 'uTorrent',
+        '-UW' => 'uTorrent Web', '-WW' => 'WebTorrent', '-WD' => 'WebTorrent', '-XL' => 'Xunlei',
        '-PI' => 'PicoTorrent', '-qB' => 'qBittorrent', 'M' => 'BitTorrent', 'MG' => 'MediaGet',
-        'OP' => 'Opera', 'TIX' => 'Tixati', 'aria2-' => 'Aria2', 'A2' => 'Aria2',
+        '-MG' => 'MediaGet', 'OP' => 'Opera', 'TIX' => 'Tixati', 'aria2-' => 'Aria2', 'A2' => 'Aria2',
        /**
         * ================================ Other ================================
         * '-BB' => 'BitBuddy', '-AR' => 'Arctic', '-AT' => 'Artemis', '-AV' => 'Avicora',
@ -1233,9 +1233,10 @@ function get_user_torrent_client(string $peer_id): mixed

    if (!empty($bestMatch)) {
        return '<img width="auto" height="auto" style="display:inline!important;vertical-align:middle" src="/styles/images/clients/' . $bestMatch . '.png" alt="' . $bestMatch . '" title="' . $peer_id . '">';
-    } else {
-        return $peer_id;
    }
+
+    return $peer_id;
+
 }

 function birthday_age($date)
--- a/library/includes/init_bb.php
+++ b/library/includes/init_bb.php
@ -262,7 +262,7 @@ define('SHOW_PEERS_NAMES', 2);
 define('SHOW_PEERS_FULL', 3);

 define('SEARCH_ID_LENGTH', 12);
-define('ACTKEY_LENGHT', 32);
+define('ACTKEY_LENGTH', 32);
 define('SID_LENGTH', 20);
 define('LOGIN_KEY_LENGTH', 32);
 define('USERNAME_MIN_LENGTH', 3);
--- a/library/includes/ucp/register.php
+++ b/library/includes/ucp/register.php
@ -534,7 +534,7 @@ if ($submit && !$errors) {
     */
    if ($mode == 'register') {
        if ($bb_cfg['reg_email_activation']) {
-            $user_actkey = make_rand_str(ACTKEY_LENGHT);
+            $user_actkey = make_rand_str(ACTKEY_LENGTH);
            $db_data['user_active'] = 0;
            $db_data['user_actkey'] = $user_actkey;
        } else {
@ -597,7 +597,7 @@ if ($submit && !$errors) {
        // если что-то было изменено
        if ($db_data) {
            if (!$pr_data['user_active']) {
-                $user_actkey = make_rand_str(ACTKEY_LENGHT);
+                $user_actkey = make_rand_str(ACTKEY_LENGTH);
                $pr_data['user_actkey'] = $user_actkey;
                $db_data['user_actkey'] = $user_actkey;

--- a/library/includes/ucp/sendpasswd.php
+++ b/library/includes/ucp/sendpasswd.php
@ -37,7 +37,7 @@ if (isset($_POST['submit'])) {
            $username = $row['username'];
            $user_id = $row['user_id'];

-            $user_actkey = make_rand_str(ACTKEY_LENGHT);
+            $user_actkey = make_rand_str(ACTKEY_LENGTH);
            $user_password = make_rand_str(PASSWORD_MIN_LENGTH);

            $sql = "UPDATE " . BB_USERS . "
--- a/src/Helpers/IPHelper.php
+++ b/src/Helpers/IPHelper.php
@ -63,6 +63,6 @@ class IPHelper extends Ip

    public static function long2ip_extended(string $ip): string
    {
-        return self::long2ip($ip, $ip > 4294967295);
+        return self::long2ip($ip, $ip > 0xFFFFFFFF);
    }
 }