Re: X-Torrent - Better Passkey Security
Okey so I have forked your xtorrent github to: https://github.com/Chronolabs-Cooperative/xtorrent
which means you will be able to when I let you know pull an updated version from my fork; in this a threadnauts delight me and the endless 2000 or so posts on the XOOPS Forums...
There is a couple of things I have to do to it, to ensure the passkey on the tracker always works, as it will need to do
exec('traceroute 184.108.40.206', $output, $return);
and collect the whois information of the last remaining 3 domains when the passkey is written first, and next time it dials back in case they are on a dynamic IP or anything some network heuristics will allow for the passkey to pass anyway...
Well the network heuristics will be based on the whois company and individual name of the base domain of the traceroute as well as the ip of the actual netbios route in closest to them (1st Level), second closest (2nd Level), third closest (3rd Level), where then the count of passes by level adverage + standard deviation of these 3 levels, is larger by the 3rd level, then the passkey fails, if 2nd, is above adverage then the passkey fails, otherwise 1st level goes endlessly, passing based on first test as well as $_SESSION['passkey'] == $_GET['passkey'] both counting for hits on the pass type in the database...
For the whois i am going to implement https://github.com/Chronolabs-Cooperative/WhoIS-API-PHP
a call in the URL path of xoops_version.php --> there is one for https://whois.xoops.org
on the XOOPS Sourceforge SVN in the ROOT if you update!