forked from ahmyi/rivettracker
-
Notifications
You must be signed in to change notification settings - Fork 1
/
dltorrent.php
45 lines (45 loc) · 1.43 KB
/
dltorrent.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
require_once ("config.php");
if ($hiddentracker == true)
{
session_start();
if (!$_SESSION['admin_logged_in'] && !$_SESSION['upload_logged_in'])
{
//check fails
header("Location: authenticate.php?status=error");
exit();
}
}
else
exit();
//if hash isn't of length 40, don't even bother connecting to database
$hash = htmlspecialchars($_GET['hash'], ENT_QUOTES, 'UTF-8');
if (strlen($hash) != 40)
{
header("index.php");
exit();
}
require_once ("funcsv2.php"); //required for errorMessage()
$results = $sql->query("SELECT filename FROM ".$prefix."namemap WHERE info_hash = '" . $hash . "'");
$row = $sql->fetch_row($results);
if ($row[0] == null)
exit(header("Location: index.php"));
else
$filename = $row[0];
if(!file_exists("./torrents/" . $filename . ".torrent"))
exit(header("Location: index.php"));
if (strpos($_SERVER['HTTP_REFERER'], $website_url . "/") === 0 && strpos($_SERVER['HTTP_REFERER'], "http") === 0)
{
$stat = stat("./torrents/" . $filename . ".torrent");
header("Content-Type: application/x-bittorrent");
header("Content-Length: " . $stat[7]);
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $stat[9]) . " GMT");
header("Content-Disposition: attachment; filename=\"" . $filename . ".torrent\"");
readfile("./torrents/" . $filename . ".torrent");
exit();
}
else
exit(header("Location: index.php"));
header('Pragma: no-cache');
header('Cache-Control: no-cache, no-store, must-revalidate');
?>