1  |   Order by index

Jul 23, 2003, 2:57pm

any one know where i can get a multipath php script?

Jul 23, 2003, 4:21pm

oct31.de i believe

-SWE

[View Quote]

Jul 23, 2003, 5:14pm

Try these links:

http://www.ricta.net/ethaw/multipath.html

http://oct31.de/aw/ls/index.html

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 5:53pm

Well, I do not have it online as everyone needs it
somehow different.


[View Quote]

Jul 23, 2003, 6:00pm

[View Quote] LoL. :) make it so everything's purple!

--
--Bowen--

No of SETI units returned: 41
Processing time: 31 days, 9 hours.
(Total hours: 753)
www.setiathome.ssl.berkeley.edu

Jul 23, 2003, 11:39pm

err i thought there was a php just was just a php, not so huge like Who's
multipath php *scratches head at unbelieveable add entry and crap*

Jul 24, 2003, 3:37am

[View Quote] Ananas' multipath php is very easy to use. There's no reason at all to
make it huge. :)

--
--Bowen--

No of SETI units returned: 44
Processing time: 36 days, 0 hours.
(Total hours: 864)
www.setiathome.ssl.berkeley.edu

Jul 24, 2003, 5:10am

I can't find it =\

Jul 24, 2003, 7:24am

This is the one I use.


<?PHP
$aPaths = array ('www.url1.com/', 'http://www.url2.com/',
'http://www.url3.com/', 'http://www.url4.com/');


$fIn=$fOut=$IsZip=0;

// this block is only needed if AW examines the HTTP header!
if ($Content = strrchr ($QUERY_STRING, '.'))
{
if (stristr ($Content, ".zip"))
Header ("Content-Type: application/zip");
else
Header ("Content-type: image/jpeg");
}

$Namepos = strrpos ($QUERY_STRING, '/');
$Filepath = substr ($QUERY_STRING, 0, $Namepos+1);
$Filename = substr ($QUERY_STRING, $Namepos+1);

Header( "Content-Disposition: attachment; filename=".$Filename );


$Firsttry = -1;
if ($Filename[0] == '~')
{
$Firsttry = intval (substr($Filename,1,2))-1;
$Filename = substr($Filename, 3);

if ($Firsttry >= 0)
if ($fIn = at fopen ($aPaths[$Firsttry].$Filepath.$Filename,
"rb"))
{
fpassthru ($fIn); // no fclose, fpassthru() closes the file
exit;
}
}

$Anz = sizeof ($aPaths);
for ($i=0; $i<$Anz; $i++)
if ($i != $Firsttry)
if ($fIn = at fopen ($aPaths[$i].$Filepath.$Filename, "rb"))
{
fpassthru ($fIn); // no fclose, fpassthru() closes the file
exit;
}
?>

Jul 24, 2003, 11:02am

if ($Content = strrchr ($QUERY_STRING, '.'))
{
if (stristr ($Content, ".zip"))
Header ("Content-Type: application/zip");
else
if (stristr ($Content, ".mp3"))
Header ("Content-Type: application/mp3");
else
Header ("Content-type: image/jpeg");
}


> if ($Content = strrchr ($QUERY_STRING, '.'))
> {
> if (stristr ($Content, ".zip"))
> Header ("Content-Type: application/zip");
> else
> Header ("Content-type: image/jpeg");
> }

Jul 24, 2003, 12:05pm

This is an example of how the 3.4 browser referrer string can be
used to deny leeches the use of your object path. You must
enable the referer string option for your world.

If you can't read code, comprehend what applies to you,
and ignore things that an experienced coder will see obviously
need to be changed to work with your own OP, just ignore this
post.

Sorry about the formatting. I messed it up intentionally to bait
the anal people into starting a flamefest.

--

if (!empty($HTTP_REFERER))
{
// potential 3.4 browser
$a1 = explode("/", $HTTP_REFERER, 4);
$a2 = explode(":", $a1[2], 3);

$world = $a1[3];
$server = $a2[0];
$port = $a2[1];

// this switch needs to really be a
// loop that checks a subscriber database
switch($port)
{
case "5670": // Main AW Universe
switch($world)
{
case "xxxxxxxx":
$Leech = false;
break;
}
break;
case "5685": // Main OW Universe
switch($world)
{
case "cwlab":
$Leech = false;
break;
}
break;
case "5702": // AW Europe
switch($world)
{
case "xxxx":
case "cwlab":
case "xxx":
case "xxxxxxx":
$Leech = false;
break;
}
break;
default:
break;
}

// if it is not a leech, point the path at the real objects
if ($Leech == false)
{
$ObPath = REAL_PATH;
}
}
else
{
// probably a 3.3 browser
// Let the megapath sort it all out
header("Location: ". REDIRECT_PATH . $QUERY_STRING);
exit;
}

if ($Leech == true)
{
// Record info about the request
LeechLog();
Header('Status: 403 Not Authorized');
exit;
}

....
process the request normally

Jul 24, 2003, 1:11pm

Here is another snippet. This one checks to see if the request is coming
from an AW browser. This can easily be spoofed, but it will mean
someone needs to actually do some work to rip you off.

This will allow both 3.3 and 3.4 browsers to access your path.

--
define(BROWSER_AGENT_ACCEPT, "ActiveWorlds");
define(BROWSER_AGENT_ACCEPT2, "Active Worlds Browser");

$agent = explode("/", $_SERVER['HTTP_USER_AGENT']);

if ($agent[0] != BROWSER_AGENT_ACCEPT)
{
if ($agent[0] != BROWSER_AGENT_ACCEPT2)
{
Snooper(); // log this and then die
}
}

...

process the request normally

Jul 24, 2003, 7:00pm

oh man im confused, codewarriror, your code looks very good, but i dont know
where to add the snippets in the php.. because i wouldnt know what i would
be doing.. heh

Jul 24, 2003, 7:08pm

[View Quote] That's the actual php itself from what I gather. Of course you'll have
to define Snooper();.

--
--Bowen--

No of SETI units returned: 44
Processing time: 36 days, 0 hours.
(Total hours: 864)
www.setiathome.ssl.berkeley.edu

Jul 24, 2003, 10:46pm

"codewarrior" <pete at accelr8r.com> wrote in news:3f1fe7b3$1 at server1.Activeworlds.com:

> This is an example of how the 3.4 browser referrer string can be
> used to deny leeches the use of your object path. You must
> enable the referer string option for your world.
>
> If you can't read code, comprehend what applies to you,
> and ignore things that an experienced coder will see obviously
> need to be changed to work with your own OP, just ignore this
> post.
>
> Sorry about the formatting. I messed it up intentionally to bait
> the anal people into starting a flamefest.

> LeechLog();

Two things:

1) You're not defining LeechLog() anywhere. If you use his code,
add this at the end:

==start code==
function LeechLog () {
$log = at fopen ("leeches.log", "a"); //Open file in append mode
if (!$log) //Error opening log file
return;

fwrite ($log, "Leech attempt from IP: ".$_SERVER["REMOTE_ADDR"]."\n");
fclose ($log);
}
==end code==

If your PHP version is inferior to 4.1.0 you'll need to replace
$_SERVER with $HTTP_SERVER_VARS.

2) You assume register_globals to be on. This is bad practice,
especially as r_g defaults to off since PHP 4.2. Use
$_SERVER["HTTP_REFERER"] (see note above for old PHP versions)

I recommend users of the code replace $HTTP_REFERER with the above snippet.

Besides that, nice coding.

KAH

Jul 25, 2003, 12:40am

So how would the mutlipath deal with the avatar.zips? Man im being a pain..
sorry

Jul 25, 2003, 3:48am

[View Quote] Well, what this one is doing is checking to see if the browser is
activeworlds or not, if it's just the standard IE/mozilla/netscape/opera
it gives them an error/404/whatever. If it is AWB, then it lets it do
anything it could do normally (what this is doing is protecting your
object path from people who would take objects and textures (not that
you couldn't open the AW browser and do it anyways)).

--
--Bowen--

No of SETI units returned: 44
Processing time: 36 days, 0 hours.
(Total hours: 864)
www.setiathome.ssl.berkeley.edu

Jul 25, 2003, 6:54am

Nah i mean what anna had posted.

Jul 25, 2003, 9:20am

http://oct31.de/aw/infos/MultipleAvatarsDat.txt
One of those 3 ways to do it should help in most cases.

[View Quote]

Jul 25, 2003, 11:32am

There was another thing noone mentioned. My previous code should have
defined $Leech = true at the beginning before any of the other code.

[View Quote] The method shown will log each attempt to access your path by inreasing
the log file size. This introduces a vulnerability to a type of DOS attack.
A malicious person could simply hammer your OP repeatedly, causing
the log file to increase in size in an unbounded manner until your OP
space is all used up, and your performance would begin to degrade
well in advance as the log file gets bigger and bigger.

Here is a function (sorry about the formatting again) that will record
leech attempts in a log file, but will only record one line for each
world that is trying to leech. This will keep the leech log file from
growing unbounded.

Notice also that it is the REFERER that should be logged. The
REMOTE_ADDR in this case is just someone who is visiting
a world that is trying to leech off your path. The REFERER
will be blank if the leech is not a 3.4 world, or it will actually
tell you which world is trying to leech your objects if it is a
3.4 world.

Also note the use of the ' at ' in front of many functions to prevent
them from printing errors into your HTML document if they fail
for some reason. PHP functions often print information you don't
want people to see, and if the script wishes to do something more
such as creating 'fake' objects or textures to give to leech attempts,
error messages in the HTTP stream will corrupt the stream and
cause them to be unrecognized as valid MIME objects.

The code is loosely based of some page hit counter code. It
really should use a database to record this kind of thing.

--

function LeechLog()
{
$cnt = 0;
$found = "false";
$filename = LOG_PATH."leech.counter";

// potential 3.4 browser
$a1 = explode("/", $_SERVER['HTTP_REFERER'], 4);
$a2 = explode(":", $a1[2], 3);

$world = $a1[3];
$server = $a2[0];
$port = $a2[1];

$agent = explode("/", $_SERVER['HTTP_USER_AGENT'], 2);

// it's good practice to limit the size of any string that came from the
// outside world so as to protect against buffer overrun based hacks
// we plan to sprintf these all into a buffer, so clean them up a bit
if (strlen($agent) > 16)
$agent = substr($agent, 0, 16);
if (strlen($world) > 16)
$world = substr($world, 0, 16);
if (strlen($server) > 16)
$server = substr($server, 0, 16);
if (strlen($port) > 5)
$port = substr($port, 0, 5);

$key = sprintf("%16s%5s%16s", $server, $port, $world);

if (file_exists ($filename))
{
$fp = at fopen($filename,"r+");
}
else
{
$fp = at fopen($filename,"w");
}

if ($fp)
{
$offset = 0;
$cnt = 1;
while (($found == "false") && ($row = at fgets($fp,4096)))
{
$cols = explode(";",$row);
$cols[1] = trim($cols[1]);
if ($cols[0] == $key)
{
$cnt = ++$cols[1];
$record = sprintf("%s;%8d;%16s\n", $key, $cnt,
$_SERVER['HTTP_USER_AGENT']);
at fseek($fp,$offset);
at fputs($fp, $record);
$found = "true";
}
$offset = at ftell($fp);
}
at fclose($fp);
}

if ($found=="false")
{
// no record found
$fp = at fopen($filename,"a");
if ($fp)
{
// record 1 offense
$record = sprintf("%s;%8d;%16s\n", $key, 1, $_SERVER['HTTP_USER_AGENT']);
at fputs($fp, $record);
at fclose($fp);
}
}
}

Jul 25, 2003, 12:28pm

<note the use of "sandwich" posting>

[View Quote] My strategy for dealing with the avatars.zip and the terrains is to do as I
think Alex suggested...

Refuse to do anything at all to try to fix them :-P

AW needs to simply add a per world name for the avatars.zip file, and a
per world prefix for the terrain texture names.

I suspect it's ugly to do the avatars.dat file because I think it may be
built
into the browser. If this info starts to come from the server in some future
version, they will not have an easy choice of what to do when the browser
enters an older world whose server doesn't provide the info.

They could make the browser try to read a file called avatar_config.dat
from your OP path though. It doesn't exist on older OPs, so if it doesn't
exist, they can go ahead and do what they do now.

If said file does exist, it could contain a list of names of files
associated with
particular worlds such that the browser could determine if it was in one of
the worlds listed, and load the appropriate files. If the user is in none of
the
listed worlds, then it would fall back to loading the avatars.dat as it does
now, and using 'terrain' as the prefix for the terrain textures.

An alternative would be to extend the capabilities within the existing
avatars.dat file format to allow each avatar listed to have a list of worlds
it may appear in. This would be a very ugly way to do it, but it would be
better than nothing, although it doesn't at all address the issue of all the
terrain texture names being the same.

Another alternative would simply be to pre-pend the world name in
front of the filename with an underscore and just try to read that file
first... i.e. look for cwlab_avatars.dat first, and try to load
cwlab_terrainXX.jpg. This is a bit ugly too.. an actual configuration
file would be much more preferable.

Many of the things that would make life easier for OP path hosters and
people trying to make dynamic content based on server side scripting
could be done without having to expose GUI based methods to set up
and control them. There is no built in GUI based mechanism for editing
the avatars.dat file for example, so the precedent has already been set
for controlling aspects of your world via a text file on your OP path
with no GUI tools for doing so provided in the browser.

In addition to not requiring GUI tools for such things, the *world*
server would not need to keep track of this information. I suspect
that AW is loathe to do anything with the world server code and
protocols, and I don't blame them. Changing the way that works
should not be treated lightly, but adding additional text files to your
OP path to control some new features should be a pretty simple
and safe way to go about some things.

> sorry
> So how would the mutlipath deal with the avatar.zips? Man im being a
pain..

news:3f209886 at server1.Activeworlds.com...
[View Quote] <note the use of "sandwich" posting>

Jul 25, 2003, 1:50pm

[View Quote] It works because it defines the .zip extension. So anything that's zip
or jpeg will be displayed properly. Including avatars.zip.

--
--Bowen--

No of SETI units returned: 44
Processing time: 36 days, 0 hours.
(Total hours: 864)
www.setiathome.ssl.berkeley.edu

Jul 27, 2003, 1:56am

Well the php that dlp anne posted, isn't working, i have both ops local on
the server, one /themask and the other /ops/world.. it isnt working.. :-\

Jul 27, 2003, 6:51am

If you have 2 local paths, you should not use the http:// URL
but the server path. Example :

$aPaths = array ('/vol/op1/', '/opt/var/op2/);


[View Quote]

Jul 27, 2003, 2:12pm

I thought of using that... thanks Ananas =)

1  |   Order by index