From 379b84b905ac1c927511b23d0af89d28dd263280 Mon Sep 17 00:00:00 2001 From: xiaomlove Date: Sat, 12 Feb 2022 15:08:18 +0800 Subject: [PATCH] deny Bittorrent Protocol v2 torrents --- config/sanctum.php | 2 +- .../2022_01_06_023153_create_medals_table.php | 2 +- include/cleanup.php | 14 ++++++-------- nexus/Install/settings.default.php | 1 + public/takeupload.php | 3 +++ 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/config/sanctum.php b/config/sanctum.php index 3ccc3caf..6dff450a 100644 --- a/config/sanctum.php +++ b/config/sanctum.php @@ -15,7 +15,7 @@ return [ 'stateful' => explode(',', env( 'SANCTUM_STATEFUL_DOMAINS', - 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1,'.parse_url(env('APP_URL'), PHP_URL_HOST) + 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1,'.parse_url(env('APP_URL', ''), PHP_URL_HOST) )), /* diff --git a/database/migrations/2022_01_06_023153_create_medals_table.php b/database/migrations/2022_01_06_023153_create_medals_table.php index e04707fe..cabd0a4f 100644 --- a/database/migrations/2022_01_06_023153_create_medals_table.php +++ b/database/migrations/2022_01_06_023153_create_medals_table.php @@ -21,7 +21,7 @@ class CreateMedalsTable extends Migration $table->string('image_large')->nullable(); $table->string('image_small')->nullable(); $table->integer('price')->default(0); - $table->integer('duration')->default(0); + $table->integer('duration')->nullable(); $table->timestamps(); }); } diff --git a/include/cleanup.php b/include/cleanup.php index ed3ba82b..068c7aa9 100644 --- a/include/cleanup.php +++ b/include/cleanup.php @@ -1,6 +1,5 @@ 0) + $sql = "SELECT id FROM users WHERE class = $class AND uploaded / downloaded < $deratio"; + $res = sql_query($sql) or sqlerr(__FILE__, __LINE__); + $matchUserCount = mysql_num_rows($res); + do_log("sql: $sql, match user count: $matchUserCount"); + if ($matchUserCount > 0) { $dt = sqlesc(date("Y-m-d H:i:s")); while ($arr = mysql_fetch_assoc($res)) @@ -292,7 +290,7 @@ function docleanup($forceAll = 0, $printProgress = false) { if ($is_donor == 'yes' && $donortimes_bonus > 0) $all_bonus = $all_bonus * $donortimes_bonus; KPS("+",$all_bonus,$arr["userid"]); - \App\Models\User::query()->where('id', $arr["userid"])->update(['seed_points' => new \Illuminate\Database\Query\Expression("seed_points + $seedPoints")]); + sql_query("update users set seed_points = seed_points + $seedPoints where id = {$arr["userid"]}"); } } $log = 'calculate seeding bonus'; diff --git a/nexus/Install/settings.default.php b/nexus/Install/settings.default.php index ad8ebc09..57328518 100644 --- a/nexus/Install/settings.default.php +++ b/nexus/Install/settings.default.php @@ -98,6 +98,7 @@ return array ( 'smtp_from' => NULL, 'smtpaddress' => 'smtp.qq.com', 'smtpport' => '25', + 'encryption' => 'ssl', 'accountname' => '', 'accountpassword' => '', ), diff --git a/public/takeupload.php b/public/takeupload.php index 5a891b58..55c9dd89 100644 --- a/public/takeupload.php +++ b/public/takeupload.php @@ -117,6 +117,9 @@ function checkTorrentDict($dict, $key, $type = null) } $info = checkTorrentDict($dict, 'info'); +if (isset($info['piece layers']) || isset($info['files tree']) || (isset($info['meta version']) && $info['meta version'] == 2)) { + bark('Torrent files created with Bittorrent Protocol v2, or hybrid torrents are not supported.'); +} $plen = checkTorrentDict($info, 'piece length', 'integer'); // Only Check without use $dname = checkTorrentDict($info, 'name', 'string'); $pieces = checkTorrentDict($info, 'pieces', 'string');