Old 9th January 2004, 23:57   #1
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
scproxy+auth

I am trying to use this proxy script that tom wrote for authentication. The script seems to rely on the fact the the PHP register_globals setting be switched on in the php.ini configuration file which is off by default from PHP 4.2.0 onwards. I have tried to edit the script to get round this as follows.

PHP Code:
<?


// BEGIN CONFIG BLOCK ////////////////////////////////////////////
$db_hostname="localhost";
$db_login="scproxyuser";
$db_password="**********";
$db_database="scproxy";
$db_tablename="auth";
$db_username_field="username";
$db_password_field="password";
$db_timefield="timestamp";
$sc_host="81.137.214.186";
$sc_port=8000;
// END CONFIG BLOCK //////////////////////////////////////////////

set_time_limit(0);
ignore_user_abort();
register_shutdown_function("byebye");

function 
byebye() {
  global 
$shutdown_flag,$db_tablename,$db_timefield,$db_username_field,$PHP_AUTH_USER;
  
$shutdown_flag=1;
  @
mysql_query("UPDATE $db_tablename SET $db_timefield=0 WHERE $db_username_field='".$_SERVER['PHP_AUTH_USER']."'");
  @
fclose($sp);
}  

if (!isset(
$_SERVER['PHP_AUTH_USER'])) {
  
header("WWW-Authenticate: Basic realm=\"SCProxy\"");
  
header("HTTP/1.0 401 Unauthorized");
  echo 
"This service requires a valid login/password 1.\n";
  exit;
}

$linkid=@mysql_connect($db_hostname$db_login$db_password) or die("Cannot connect to authentication database to verify login.");
@
mysql_select_db($db_database) or die("Unable to select database $db_database.\n");

$query="SELECT $db_timefield AS lastupdate, username, password FROM $db_tablename WHERE $db_username_field= '".$_SERVER['PHP_AUTH_USER']."' AND $db_password_field= '".$_SERVER['PHP_AUTH_PW']."'";



$matches=0;
$lastupdate=0;
$res=@mysql_query($query);
if(
$obj=@mysql_fetch_object($res)) {
  
$lastupdate=$obj->lastupdate;
  
$matches=mysql_num_rows($res);
}

if(!
$matches) {
  
header("WWW-Authenticate: Basic realm=\"SCProxy\"");
  
header("HTTP/1.0 401 Unauthorized");
  echo 
"This service requires a valid login/password 2.\n";
  exit;
}

if(
time()-$lastupdate<600) {
  
header("ICY 404 The account is already in use.  If account is inactive, wait 10 minutes and try again.");
  exit(
"The account is already in use.  If account is inactive, wait 10 minutes and try again.");
}

$sp fsockopen($sc_host$sc_port, &$errno, &$errstr10);
if (!
$sp) exit("Could not connect to SHOUTcast server.\n");

set_socket_blocking($sp,false);

fwrite($sp,"GET / HTTP/1.0\nUser-Agent:SHOUTcast PHP Proxy 0.1\nicy-metadata:1\n\n");

$sockack=0;

for (
$i=0$i<120$i++) {
  if (
feof($sp)) break;
  
$str.=fread($sp,4096);
  
usleep(200000);
  if (
strpos($str,"\r\n\r\n")) break;
}


if(
strpos($str,"\r\n\r\n")===false) exit("Unable to establish stream with SHOUTcast server.\n");
else {
  
$head=substr($str,0,strpos($str,"\r\n\r\n"));
  
$head=eregi_replace("ICY 200 OK\r\n","",$head);
  
header($head);
}

flush();
echo 
substr($str,strpos($str,"\r\n\r\n")+4);
flush();
while(!
$shutdown_flag) {
  
$buf=fread($sp,4096);
  if (
feof($sp)) $shutdown_flag=1;
  echo 
$buf;
  
flush();
  
usleep(75000);
  if(
time()-$lasttime>300) {
    @
mysql_query("UPDATE $db_tablename SET $db_timefield=".time()." WHERE $db_username_field='".$_SERVER['PHP_AUTH_USER']."'");
    
$lasttime=time();
  }
}

?>
which seemed to get round the initial problems i was having. The script now almost works and my SC server registers a successfull connection from the proxy script but winamp just says that it is connectint for about 20 secs then says error syncing to mpeg and tries to connect again. This process repeats untill all my slots are full of connections from the proxy script. Any ideas anyone ? I have only been learning PHP for 2 days so can anyone see if i have broken the script with the changes i made (mainly replacing $PHP_AUTH_USER with $_SERVER['PHP_AUTH_USER'])?


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 10th January 2004, 01:22   #2
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
bump ...


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 10th January 2004, 01:45   #3
DJHotIce
Forum Loser
(Forum King)
 
DJHotIce's Avatar
 
Join Date: Jan 2003
Location: That place I can't remember the name.
Posts: 4,617
Send a message via AIM to DJHotIce Send a message via Yahoo to DJHotIce
I don't think register globals is enabled on the script. IT doesn't even use it!

-DJHotIce
Bounce Multimedia - Professional Web Design
DJHotIce is offline   Reply With Quote
Old 10th January 2004, 01:58   #4
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
well correct me if im wrong cos as i say i've only been at this PHP thing for a couple of days but as far as i can understand it the register_globals option automatically sets up global variables named after the items in the super global variable arrays duch as $_SERVER, $_POST, etc, PHP_AUTH_USER is a member of the $_SERVER superglobal i.e. $_SERVER['PHP_AUTH_USER'] and needs to be refered to as such unless the register_globals option is set in the ini file.

...
Anyway replacing the refernces to PHP_AUTH_USER with $_SERVER['PHP_AUTH_USER'] is the only way i could get the script to authenticate and connect to shoutcast. But then i get the problem i outlined in my original post.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 10th January 2004, 02:55   #5
DJHotIce
Forum Loser
(Forum King)
 
DJHotIce's Avatar
 
Join Date: Jan 2003
Location: That place I can't remember the name.
Posts: 4,617
Send a message via AIM to DJHotIce Send a message via Yahoo to DJHotIce
no.... Register globals to my knowledge isn't that. I don't have a full explanation. But the $_SERVER varitable is one built into PHP (Not Register Globals) and contains it's own server side functions. If you have Macromedia Dreamweaver handy you can see all the dif types of things you can call with $_SERVER... You Can't Access a get varitable/array from the server varitable/array (and vice versa)

You may wish to take a look at the good ole php.net (The complete ediots [and advanced users] guide.) Specificially this http://us2.php.net/manual/en/languag...predefined.php

-DJHotIce
Bounce Multimedia - Professional Web Design
DJHotIce is offline   Reply With Quote
Old 10th January 2004, 02:56   #6
DJHotIce
Forum Loser
(Forum King)
 
DJHotIce's Avatar
 
Join Date: Jan 2003
Location: That place I can't remember the name.
Posts: 4,617
Send a message via AIM to DJHotIce Send a message via Yahoo to DJHotIce
addtionally take a look at this for more info about register globals: http://us2.php.net/manual/en/languag...predefined.php

-DJHotIce
Bounce Multimedia - Professional Web Design
DJHotIce is offline   Reply With Quote
Old 10th January 2004, 15:26   #7
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
To quote from the link to the PHP.net manual you sent me

Quote:
In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL http://www.example.com/test.php?id=3 instead of $id, or $_ENV['HOME'] instead of $HOME.
The scproxy+auth PHP script written by Tom Pepper repeatedly uses the variables $PHP_AUTH_USER and $PHP_AUTH_PW which are actually members of the $_SERVER array of predefined superglobal variables. The register_globals directive autmatically creates global variables for each of the predefined variables in the superglobal arrays. As it is switched off by default in PHP 4.2 to make the script work you either have to turn it on (which has security implications) or you have to change all references to $PHP_AUTH_USER into $_SERVER['PHP_AUTH_USER']. Which is what i have done in the script i posted.

My problem is now that the authorisastion part of the script works fine, it's just the proxy bit doesn't work. Winamp seems to be connecting but just stays inm the connecting phase for about 20 secs then says error syncing to mpeg and reconnects. In mt DNAS log it says there is a connection being made and when winamp trys to connect again the log registers a second copnnection. This continues untill all of my listener slots are full.

Hasw anyone got this script to work. Can anyone see if the changes i have made to the script in order to make mthe authentication work have in fact broken the proxy part.

[edit]
I have also now discovered that if i kick the connection that winamp is trying to make before it times out it then play the stream back for the amount of time it was trying to connect. E.g. if it says connecting for 15 secs and i then kick it before it times out i then get 15 secs of music[/edit]

Thanks for any and all input.


Do not PM me for tech support !

Last edited by jackherer; 10th January 2004 at 16:49.
jackherer is offline   Reply With Quote
Old 10th January 2004, 16:49   #8
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
bumpety bump


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 10th January 2004, 20:54   #9
DJHotIce
Forum Loser
(Forum King)
 
DJHotIce's Avatar
 
Join Date: Jan 2003
Location: That place I can't remember the name.
Posts: 4,617
Send a message via AIM to DJHotIce Send a message via Yahoo to DJHotIce
Well, Apparently Peers that Tom DID code with Register Globals, Didn't see that you decided to make changes on the script.

Also try commenting out the set socket blocking, here is another resource to the script: http://www.spacialaudio.com/knowledg...n.php?qstId=75

-DJHotIce
Bounce Multimedia - Professional Web Design
DJHotIce is offline   Reply With Quote
Old 10th January 2004, 21:03   #10
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
Quote:
Originally posted by DJHotIce
Well, Apparently Peers that Tom DID code with Register Globals, Didn't see that you decided to make changes on the script.
Oops sorry i wan't totally clear about that was i ;-)

Quote:
Also try commenting out the set socket blocking, here is another resource to the script: http://www.spacialaudio.com/knowledg...n.php?qstId=75
Yeah that's where i got the script from, and yes i have tried doing that to no avail. I think it must be something to do with my PHP set-up cos it nearly works.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 10th January 2004, 21:08   #11
DJHotIce
Forum Loser
(Forum King)
 
DJHotIce's Avatar
 
Join Date: Jan 2003
Location: That place I can't remember the name.
Posts: 4,617
Send a message via AIM to DJHotIce Send a message via Yahoo to DJHotIce
I've actually used the script, and had 0% problems, well that would be a lie but I did get it to work 4 me!

-DJHotIce
Bounce Multimedia - Professional Web Design
DJHotIce is offline   Reply With Quote
Old 10th January 2004, 21:21   #12
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
Well as i say it nearly works, the authentication works ok, the DNAS registers a succesfull connection from the script but winamp doesn't play anything unless you use the DNAS configuration to kick it. Then it plays the amount of time it was trying to connect. This is also what happens in other apps like WMP etc. If i open the script in i.e. i get giberish coming down the screen as if it opens the mp3 data as a html file. Could it be some mime type thing or some kind of set up in apache. It's as if winamp etc don't realise it's mp3 data.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 12th January 2004, 23:57   #13
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
bumpety bump bump


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 14th January 2004, 21:22   #14
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
Oh dear i'm bumping my post again.

Having looked into the situation a bit further i think the script is actually working and it's perhaps something to do with my apache/php set-up that's causing the problem. The script seems to be streaming the data, if i put the script URL into a browser then after i authenticate (which works fine) i then get a download dialog saying that it is downloading scproxy.mp3 (the script is called scproxy.php) but obviously as it's a stream the download never ends. But Winamp and WMP won't play it and real player just pops up the same download box as if i'd entered the URL ina browser. Can anyone help me out with this at all as i've seen a number of post for people who have got this working and it's getting ver frustrating.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 14th January 2004, 23:12   #15
FesterHead
Alumni
 
FesterHead's Avatar
 
Join Date: Sep 2001
Location: Maui, Hawaii
Posts: 14,108
Have you tried the ghetto method yet?

Or maybe try a different approach such as adding/removing to the RIP list.

I was able to get the proxy going with only the change noted in the SA KB article.
Even integrated it to my phbb logins.

SHOUTcast authentication isn't trivial and getting "it" to work across multiple clients may be a nightmare.
It may be worth the time/effort to look into Windows Media Services.

FesterHead is offline   Reply With Quote
Old 15th January 2004, 18:04   #16
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
Thanks for your feedback fester i am starting to realise that i just simply may not be able to use SC for this, the frustating thing is that it very nearly almost works, i think it must be some server set-up/mime type thing. I am using apache 2.0 with PHP 4.3 on RHL 9 if that is any use to any one.

I havn't tried the ghetto method my site is going to use MySQL as the backend for user authentication, content management etc. and i would like to integrate the streaming with everything so i didn't end up having to make sure that the usernames/passwords in the txt file for SC match the username/PW in MySQL for the rest of the site.

The problem with Windows Media Services is that you have to run it on a Windoze box and i rent a Linux box for hosting i need a *nix solution.

I have also tried Real's Helix Universla Media Server, which is easy to use, works on Linux and seems to work well and is stable. The problem with it is that the free version only allows up to 1Mb/s transfer or 10 listeners whichever is reached first and you have to pay $3000 to go up to 4Mb/s and even more if you want more bandwidth. Also the authentication only works with the real player client whereas this proxy script seems uses standard http auth requests and seems to work with most players, problem is i can't get it to proxy correctly.

I have though about doing something based on the RIP list but it reads the RIP list into memory when you start the process and you have to send the server a command line signal to get it to read it again. Whilst you can issue Unix command line commands from PHP i am not sure how well this method would work under heavy load.

Anyone else suceeded in doing a MySQL based auth system, it doesn't have to be bullet proof i don't want to charge for access to the stream i just want to get people to sign up to the site before they listen to the stream.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 16th January 2004, 02:25   #17
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
bumpety bump

Right this is the last bump then i'm going to assume that this problem is beyond the scope of this forum and give up ho hum :-(


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 26th January 2004, 06:03   #18
LordBinky
Junior Member
 
Join Date: Jan 2004
Posts: 3
I am curious . . .

How secure is that script? All it seems to do is hide the stations port(s). Kind of a 'security through obscurity' method. It seems to me if a user really wanted to listen to a station that uses the script, all they would have to do to bypass it is run a port scan on the web site's IPs to find the one that is streaming, then either use 'www.IPofsite.comort/listen.pls' or open Windows Media Player and use 'www.IPsite.comort.'

Am I wrong in this summary?

Could someone send me some clear instructions on how to use this script so that I might find out (or direct me to a link)? I found the instructions on www.spacialaudio.com but that does not seem to be enough. I also searched on this forum and all I can find is other peoples problems without any solutions. My problem is that I get an "error syncing to mpeg". I checked that I was using the correct database names and passwords. Is the listen.pls supposed to be in a specific directory, like the shoutcast directory? Currently, I have it in my web directory near the authentication script.
LordBinky is offline   Reply With Quote
Old 26th January 2004, 13:37   #19
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
It's not very secure, all it is is a proxy. It does hide the IP as well so long as you are running the script on a different IP to your DNAS and you could also make you DNAS private so that it would only accept connections from the IP that was hosting the script. However i can't get it to work either in the manner my previous posts describe. However i think my problems are with my apache set up rather than the script it's self. A number of people have got it to work OK.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 26th January 2004, 15:47   #20
LordBinky
Junior Member
 
Join Date: Jan 2004
Posts: 3
I have tried it on IIS6 and Apache without much success. If there is a setting within the web server I'd be curious to see what it is.

I have also been looking around for other solutions to this problem. This has also not had much success.

I geuss I'll (or we will) have to wait for Shoutcast 3 to come out. Does anyone have an idea when that might be (even a geuss would be sweet)?
LordBinky is offline   Reply With Quote
Old 26th January 2004, 15:56   #21
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
You can use the, unsupported but built in Ghetto method for authorisation in shoutcast. Search the forum for authentication and you should find the post that contains the instructions on how to set it up.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 26th January 2004, 19:01   #22
LordBinky
Junior Member
 
Join Date: Jan 2004
Posts: 3
Icky.

I remember reading about the 'ghetto' method. I will try a little longer at getting this code to work (I rightfully admit the possibility of my own stupidity, ie maybe I am still missing something). If I get anywhere I will post the results. If no worky, then I will see what the gheto method will do for me.

Otherwise, I will just keep searching for something.

Is there any news on Shoutcast3? A beta even?

Btw, thanks, jackherer, for responding so quickly. I apreciate it.
LordBinky is offline   Reply With Quote
Old 26th January 2004, 19:12   #23
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
No news on any new versions of shoutcast that i have heard of. My only reason for thinking it must be a server set up thing is that other people have got this script to work with no problems i suspect it is something mime related. If you get it to work i would apreciate any feedback you could give me as i also would like to get this method to work so that i can integrate the authorisation with my site member database in mySQL. It very nearly works for me. If i create a link to the script in a web page and then "save traget as" it downloads a valid mp3 file that i can listen to ok in a media player. and it downloads it at a speed that i would expect for the bandwidth of the stream and it downloads indefinately untill i tell it to stop. I just can't get winamp to play the data like a stream. It's been very frustrating.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 27th January 2004, 04:09   #24
DJ AmPs
Major Dude
 
DJ AmPs's Avatar
 
Join Date: Mar 2002
Location: g
Posts: 1,603
As per the original problem...

Did you make sure output_buffering was disabled in the php.ini?
DJ AmPs is offline   Reply With Quote
Old 27th January 2004, 09:51   #25
jackherer
Major Dude
 
Join Date: Aug 2003
Posts: 942
Well it's set to "off" yeah.


Do not PM me for tech support !
jackherer is offline   Reply With Quote
Old 29th July 2004, 19:50   #26
tobsn
Junior Member
 
Join Date: Jul 2004
Posts: 21
its a way but not the correct...

for every listener i runs a apache child. thats not good.

think about it, if u have 200 listenser or more thats horrible. if u can compile apache very small (with some cpu gcc flags etc.) u can get a 2mb big apache proc.
so, just calculate, 200 listeners * 2mb per apache proc.
u need 400mb ram.

u see the problem with this method?
tobsn is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Shoutcast > Shoutcast Technical Support

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump