looka Posted October 13, 2008 Report Share Posted October 13, 2008 WHERE (userid = $userid AND instanceid = $instanceid) OR (userid = 0 AND instanceid = $instanceid AND claimed = 0)perhaps you can ease this query assuming userid and instanceid are not 0 or empty string: if torrent file does not have user or userid, then it is unclaimed, dont you think so? WHERE instanceid = $instanceid AND (userid = $userid OR userid = 0) Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 13, 2008 Author Report Share Posted October 13, 2008 Nope you forgot the claimed part. 0.23 is out and it has:WHERE ((instanceid = $instanceid) AND ((userid = $userid) OR (userid = 0 AND claimed = 0))) Link to comment Share on other sites More sharing options...
looka Posted October 13, 2008 Report Share Posted October 13, 2008 hehe i just pointed out, that if torrent does not have userID, than it already IS unclaimed, what do u think? Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 13, 2008 Author Report Share Posted October 13, 2008 A torrent can exists multiple times in a single instance because a torrent can be claimed by multiple users. userid is part of the key and I use userid 0 for a list of all torrents in an instance. And in that list the claimed field decides whether it is used by a user or not. Link to comment Share on other sites More sharing options...
looka Posted October 13, 2008 Report Share Posted October 13, 2008 okay. it is your logic:) Link to comment Share on other sites More sharing options...
thirit Posted October 13, 2008 Report Share Posted October 13, 2008 Awesome!! It works now.Thanks a lot looka and alderaan!Btw: "To enable the curl extension find the "extension=php_curl.dll" line and make sure it has no # in front of it." In my php.ini, it had a ; before the sentence not a #, so I didn't remove it, that was why it wasn't working duh! xD Link to comment Share on other sites More sharing options...
looka Posted October 14, 2008 Report Share Posted October 14, 2008 yes, a little different comment style for php and apache:) Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 16, 2008 Author Report Share Posted October 16, 2008 Ok I'm not a real pro on XSS so I read around on the internet and I mashed together the following function to sanitize the output of strings that might at one time or another have been inputted through a query:function xsssanitize($str){ global $non_sgml_chars; if (empty($non_sgml_chars)) { for ($i = 0; $i <= 31; $i++) { if ($i == 9 || $i == 13 || $i == 10) continue; $non_sgml_chars[chr($i)] = ''; } for ($i = 127; $i <= 159; $i++) { $non_sgml_chars[utf8_encode(chr($i))] = ''; } } $str = iconv('UTF-8', 'UTF-8//IGNORE', $str); $str = strtr($str, $non_sgml_chars); $str = htmlspecialchars($str); return $str;}It uses a UTF-8 to UTF-8 conversion to remove improper UTF-8 stuff.I removes non sgml chars with the exception of tab, newline and return carriage.And then it changes special HTML chars to their non-parsed equivalent (I already did this since 0.1).This allows full UTF-8 username and password (for example) including HTML characters while maintaining XSS security.Anyone have any suggestions, flaws or hacks? Link to comment Share on other sites More sharing options...
SilentStriker Posted October 17, 2008 Report Share Posted October 17, 2008 Thanks for the great addon.I was able, after much trial and error, to get it to work in IIS.This is ideal for me since I am running a 2003 server that already has IIS installed.Now I gotta come up with a way to have torrent files associated and add to the server with a single click!: DFor those curious:To get it to run in IIS (I used IIS 6.0).1. Install PHP, do it manually, dont use the installer.- make sure php_curl, php_sqlite, php_pdo, and php_gd2 are enabled. 2. Install Latest utorrent (I also updated to the latest webui, dont know if that effected anything).3. *IMPORTANT SPECIAL STEP* Install Ionic Isapi Rewriter http://cheeso.members.winisp.net/IIRF.aspx4. the Rewriter does not support QSA, so a workaround is needed. In IsapiRewrite4.ini code in:RewriteCond %{QUERY_STRING} ^$RewriteRule ^/gui/(.*)$ /webui_shell/index.php?shell_file=$1 [L]RewriteRule ^/gui/(.*)\?(.*)$ /webui_shell/index.php?shell_file=$1&$2 [L]5. unzip the four files into your IIS website into a folder named webui_shell6. add the isapi filter to your website in IISI think that should do it. Configure it like normal, just using IIS! Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 17, 2008 Author Report Share Posted October 17, 2008 One of the features coming in 0.3 is optional IP based authorization.This will allow you to either assign an IP to a user in the admin panel or to opt to remember the last IP a user logged in with. Then if someone comes from that IP it is assumed it is that user and won't have to login. This means other community efforts (remote .torrent file handler, Fx plugin, µRemote, mIRC script and anything else that goes directly for the µtorrent backend) will work.This will of course greatly reduce security and is an OPTIONAL system. By default this will be off.SilenStriker thanks for that if you don't mind I would like to add those instructions to the next readme. Link to comment Share on other sites More sharing options...
SilentStriker Posted October 17, 2008 Report Share Posted October 17, 2008 Sure, feel free. Actually, after work today I'll make a little more detailed how to. As it stands you would need to be really familiar with IIS with just those instructions. Link to comment Share on other sites More sharing options...
thelittlefire Posted October 17, 2008 Report Share Posted October 17, 2008 For IP authorization there's no way you can "bounce" valid_IP from the WebUI right? You're planning on adding an ACL to the initial connect phase? Very ambitious feature for such a "new" interface. I think this may indeed be the choice very soon for those... individuals who resell / host with uTorrent as their preferred client. Cheers for making this a reality Lord Alderaan. Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 17, 2008 Author Report Share Posted October 17, 2008 The IP feature is done I just have to test it a bit. It uses $_SERVER['REMOTE_ADDR'] which of is spoofable but not without a relation to the IP your are trying to spoof (same subnet for example).I'm also thinking about implementing optional basic http auth just like the webui itself.Yes, I think seedbox sellers and resellers might find use in the Webui Shell. Whoever wants to employ the Webui Shell needs access to the apache/IIS and php config itself which means that not just anybody who has a 'seedbox' can 'abuse' my Webui Shell for reselling without the owners knowing. Everybody happy \o/But as I said before I didn't write this for seedboxes. I'm willing to implement anything I think is useful in general and I am less likely to take up requests or suggestions that only help seedbox sellers/resellers. The prime goal is to make BitTorrent on shared home connections easier (dorms/apartments/line sharing through wifi/etc). Link to comment Share on other sites More sharing options...
SilentStriker Posted October 18, 2008 Report Share Posted October 18, 2008 Things you will need:IIS 6 (7?) install:Windows installation CD, This should work on XP pro, Windows 2003/2008, and (vista versions?).Latest PHP for windows, available at www.php.net. Get the zip format, not the exe.Ionic Isapi Rewriter available from http://cheeso.members.winisp.net/IIRF.aspxLatest utorrent available from http://www.utorrent.comLatest WebUI for utorrent availabe from the forums at http://www.utorrent.comLatest version of the multi user shell also available fromt he forums at http://utorrent.comApache Install:???Tutorial:Im going to assume you have utorrent installed with the webui enabled. Make sure you have the latest webui zip in c:\documents and settings\<user>\application data\utorrent\Installing IIS:Installing IIS is fairly simple, go to your control panel, open "Add or Remove Programs," Click on Add/REmove Windows Components. Once the "Windows Component Wizard" opens Check "Internet Information services"(windows XP) or drill down through "Application Server" -> "Internet Information Services"(Windows 2003). Click next, make sure your Windows CD is in the drive. IIS will install.Installing Apache:???INstalling PHP (Apache/IIS):-Create a PHP directory in your root. (c:\PHP)-Unzip the PHP installation zip into this directory.-Add the PHP directory to your PATH environmental variable. Right click on My computer->properties->advanced->Environmental Variables. In the bottom portion labeled "system variables"double click on "Path." To the FRONT OF THE DIALOGUE BOX add "C:\PHP;" there is no spaces, and no quotations. click ok three times.-open your c:\PHP directory and create a folder named "sessions."-Find the file named php.ini-recommended and rename it to php.ini-Open php.ini in a text editor---Uncomment (remove the ; from the line) cgi.force_redirect and set it to 0---change session.save_path to point to c:\php\sessions---change extension_dir= c:\php\ext---Uncomment extension=php_curl---Uncomment extension=php_sqlite---Uncomment extension=php_pdo---Uncomment extension=php_gd2-Save php.ini-click start->run. type in regedit to open the registry editor. Drill down through HKEY_LOCAL_MACHINE, right click on software->new->Key. Name the new key PHP. drill down through software, click on the new PHP key. IN the right hand box right click->new->string value. Name the new string IniFilePath and set the data to C:\PHP-Close the registry editorAdding PHP to IIS:Go to your administrative tools in your control panel and open Internet Services Manager.It should automatically connect you to your local machine. Right click on web Service Extensions on the left hand side and click "add a new web service extension." Enter in php and click add. Browse to C:\php\php5isapi.dll. Set extension status to allow. click okay.Right click on website and click properties, go to the documents tab and add index.php asa start document. Click on the "Home Directory" tab and click "configuration" near the bottom.Thats it! now to test the pHP installation.Go to the default website in c:\inetpub\wwwroot and make a text file. Name the file phpinfo.php. Open it with a text editor and put in <?php phpinfo(); ?>Open a web browser and go to http://<server name>/phpinfo.phpIf everything is installed correctly you should see a lot of info about your php installation. If it is not working, try a reboot.Adding PHP to Apache:???Adding the Ionic Isapi Rewriter to IIS:Create a new folder in c:\ named IonicIsapiRewriter. Extract IsapiRewrite4.dll from the lib directory in the zip, move it to c:\IonicIsapiRewriter\Create a new text document in c:\ionicIsapiRewriter. Rename it IsapiRewrite4.ini.Open IsapiRewrite4.ini and put in the following code:RewriteCond %{QUERY_STRING} ^$RewriteRule ^/gui/(.*)$ /webui_shell/index.php?shell_file=$1 [L]RewriteRule ^/gui/(.*)\?(.*)$ /webui_shell/index.php?shell_file=$1&$2 [L]Save the file. Close.Open up Internet Services Manager and find the website you plan to install the shell in (XP users only have 1 website). The default web site is named "Default Web Site." Right click on it and go to properties. Click on the ISAPI Filters tab and click add. Filter name = Ionic Rewriter. Click browse drill to c:\ionicIsapiRewriter\ and chose ISAPIRewrite4.dll.Now we have all the prep work done.Installing the Multi User SHell(IIS):Browse to your folder with your website. Assuming default: c:\inetpub\wwwroot\ and create a folder named webui_shell. Extract the multi user shell into this folder, delete the readme. Open config.php and configure a settings folder for you multiple users. This folder must not be in the website tree. C:\webui_shell\ is appropriate.Set you admin username and password. Set your port number for utorrent. Save.You should now be able to browse to http://<server>/gui/ (the last / is important. http://<server>/gui will not work) and see the website in action. login as your admin to begin configuring.Installing the Multi User Shell(Apache):??? Link to comment Share on other sites More sharing options...
sonyfero Posted October 21, 2008 Report Share Posted October 21, 2008 Hello, guys!Hi, Lord Alderaan.Just to understand better: "support for multiple instances" means I can set up more than 1 WebUI Shell (and configure each one to manage 1 different instance of uTorrent), or is only 1 WebUI Shell able to manage multiple uTorrent instances?Anyway, thanks for you work, had not installed it yet, but I'm sure it is so great and fit my needs! Link to comment Share on other sites More sharing options...
Firon Posted October 21, 2008 Report Share Posted October 21, 2008 1 WebUI shell for one µTorrent client for multiple users. Link to comment Share on other sites More sharing options...
Lord Alderaan Posted October 21, 2008 Author Report Share Posted October 21, 2008 Since 0.2 you can add multiple µTorrent clients using the instances panel. Each user is assigned to only one instance but an instance can have multiple users. I've added screenshots of some of the admin panels as they look now (halfway through 0.3). Link to comment Share on other sites More sharing options...
Firon Posted October 21, 2008 Report Share Posted October 21, 2008 Well then, I stand corrected! Link to comment Share on other sites More sharing options...
looka Posted October 31, 2008 Report Share Posted October 31, 2008 great, version .23 is so far so good.great work. Link to comment Share on other sites More sharing options...
splinter98 Posted November 5, 2008 Report Share Posted November 5, 2008 This is perfect for what I need, only problem is when a user logs in I get {"build":12639}, which is a bit annoying as it means I can't use it.With a bit more digging, I am able to view /gui/index.html however with no formatting as its not receiving the CSS properly.All the correct modules and things are running so I don't understand whats wrong.Thanks for any helpSplinter98 Link to comment Share on other sites More sharing options...
looka Posted November 5, 2008 Report Share Posted November 5, 2008 did you correctly set up .htaccess file and rewriting rules? Link to comment Share on other sites More sharing options...
thelittlefire Posted November 5, 2008 Report Share Posted November 5, 2008 Verify your WebUI works first, then add the shell on-top. Link to comment Share on other sites More sharing options...
splinter98 Posted November 5, 2008 Report Share Posted November 5, 2008 I'm fairly sure, I have Rewrite enabled and thats working as I can view the pages corectly and ?list=1 returns properly, so that is working. (also I can access the multi user settings page and thats working properly).htaccess - There is no reference in the readme to using .htaccess in the tutorial nor is it using it in anyway atm.I am really confused as to why it's not working, apache works with css elsewhere so that shouldn't be a problem@thelittlefie: the webui works fine normallyEDIT: hmm it seems to work under IE&chrome but not Firefox :s Link to comment Share on other sites More sharing options...
thelittlefire Posted November 5, 2008 Report Share Posted November 5, 2008 Is there an error listed in "Console" for Javascript? Usually that message is returned when ADDING a torrent, not on-load. Link to comment Share on other sites More sharing options...
splinter98 Posted November 5, 2008 Report Share Posted November 5, 2008 not when loading straight /gui/if I load /gui/index.html I do get errors referring to the style sheets MIME type are text/html and not text/css - and then the page loads without any styling.EDIT: I've created a guest account that has no privileges, for you to use so you can see the error I'm getting, pm if you want the informationEDIT2: I have asked some of my friends to try and it works on their firefox so I have no idea why it isnt working on mine :s (Tried hard refreshing and clearing the cache)EDIT3: cleared my cookies and its working thanks for helping Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.