AMD Planet

<?

// SCPROXY+AUTH 0.1a tom@winamp.com 01.18.2002
// <a href="http://beta.shoutcast.com/~tpepper/scproxy.phps" target="_blank"><a href="http://beta.shoutcast.com/~tpepper/scproxy.phps" target="_blank">http://beta.shoutcast.com/~tpepper/scproxy.phps</a></a>
//
// requires: php 4.0.5+ compiled with --enable-sockets and --with-mysql
//
// this script will act as a liason between a private shoutcast server and
// a public listener, providing an auth mechanism for subscription-only
// services. This script is currently configured for a mysql database,
// but should be fairly trivial to convert to another db. It expects by
// default a database table with two entries, username and password, both
// in cleartext. If the incoming auth request matches these fields, the
// connection is put through. If not, byebye.
//
// the script also has a mechanism for disallowing concurrent logins, so only
// one authpair can proxy at a given moment. (only one person can listen to
// the stream per authentication pair is the intended effect)
//
// You will need some knowledge of mysql to create the database and
// table. An example, given the defaults, might be:
//
// mysqladmin create scproxy
// mysql scproxy
// mysql> CREATE TABLE auth(username VARCHAR(255) NOT NULL PRIMARY KEY,
// -> password VARCHAR(255) NOT NULL,
// -> timestamp INT NOT NULL);
// mysql> INSERT INTO auth VALUES ('test','password',0);
//
// then, configure the sc_host and sc_port below (and db_login/db_password
// if necessary,) then test by connecting winamp to this script via
// http://test<img%20src="images/smilies/tongue.gif"%20border="0"%20alt="">assword@php.server.ip.address/scriptname.php
//
// once you get it working, remove the test auth pair with:
// mysql> DELETE FROM auth WHERE username='test';



// BEGIN CONFIG BLOCK ////////////////////////////////////////////
$db_hostname="mysql.ip.address.here";
$db_login="dbusername";
$db_password="password";
$db_database="scproxy";
$db_tablename="auth";
$db_username_field="username";
$db_password_field="password";
$db_timefield="timestamp";
$sc_host="ip.of.shotucast.server";
$sc_port=8000;
// END CONFIG BLOCK //////////////////////////////////////////////

set_time_limit(0);
ignore_user_abort();
register_shutdown_function("byebye");

function byebye() {
global $shutdown_flag,$db_tablename,$db_timefield,$db_username_field,$PHP_AUTH_USER;
$shutdown_flag=1;
@mysql_query("UPDATE $db_tablename SET $db_timefield=0 WHERE $db_username_field='$PHP_AUTH_USER'");
@fclose($sp);
}

if (!isset($PHP_AUTH_USER)) {
header("WWW-Authenticate: Basic realm=\"SCProxy\"");
header("HTTP/1.0 401 Unauthorized");
echo "This service requires a valid login/password.\n";
exit;
}

$linkid=@mysql_connect($db_hostname, $db_login, $db_password) or die("Cannot connect to authentication database to verify login.");
@mysql_select_db($db_database) or die("Unable to select database $db_database.\n");

$query="SELECT $db_timefield AS lastupdate FROM $db_tablename WHERE $db_username_field='$PHP_AUTH_USER' AND $db_password_field='$PHP_AUTH_PW'";

$matches=0;
$lastupdate=0;
$res=@mysql_query($query);
if($obj=@mysql_fetch_object($res)) {
$lastupdate=$obj->lastupdate;
$matches=mysql_num_rows($res);
}

if(!$matches) {
header("WWW-Authenticate: Basic realm=\"SCProxy\"");
header("HTTP/1.0 401 Unauthorized");
echo "This service requires a valid login/password.\n";
exit;
}

if(time()-$lastupdate<600) {
header("ICY 404 The account is already in use. If account is inactive, wait 10 minutes and try again.");
exit("The account is already in use. If account is inactive, wait 10 minutes and try again.");
}

$sp = fsockopen($sc_host, $sc_port, &$errno, &$errstr, 10);
if (!$sp) exit("Could not connect to SHOUTcast server.\n");

set_socket_blocking($sp,false);

fwrite($sp,"GET / HTTP/1.0\nUser-Agent:SHOUTcast PHP Proxy 0.1\nicy-metadata:1\n\n");

$sockack=0;

for ($i=0; $i<120; $i++) {
if (feof($sp)) break;
$str.=fread($sp,4096);
usleep(200000);
if (strpos($str,"\r\n\r\n")) break;
}


if(strpos($str,"\r\n\r\n")===false) exit("Unable to establish stream with SHOUTcast server.\n");
else {
$head=substr($str,0,strpos($str,"\r\n\r\n"));
$head=eregi_replace("ICY 200 OK\r\n","",$head);
header($head);
}

flush();
echo substr($str,strpos($str,"\r\n\r\n")+4);
flush();
while(!$shutdown_flag) {
$buf=fread($sp,4096);
if (feof($sp)) $shutdown_flag=1;
echo $buf;
flush();
usleep(75000);
if(time()-$lasttime>300) {
@mysql_query("UPDATE $db_tablename SET $db_timefield=".time()." WHERE $db_username_field='$PHP_AUTH_USER'");
$lasttime=time();
}
}

?>

2.
Create a PLS file that points to your PHP script.
When folks click the PLS, it'll load in Winamp and ask for authorization.

Listeners provide their username and password in the form (the popup displays this example):
username<img src="images/smilies/tongue.gif" border="0" alt="">assword

Generic PLS Example:
[playlist]
NumberOfEntries=1
File1=http://YOUR-PHP-SCRIPT
Title1=YOUR-STATION-NAME
Length1=-1
Version=2

Pseudo PLS Example:
[playlist]
NumberOfEntries=1
File1=http://www.myhost.com/myscript.php
Title1=My Station
Length1=-1
Version=2

3.
I have modified my PHP script to authorize against my phpBB PHP bulletin board.
Change the database values to point to your phpBB users table and users columns.
Change the initial query to:
$query="SELECT $db_timefield AS lastupdate FROM $db_tablename WHERE $db_username_field='$PHP_AUTH_USER' AND $db_password_field='" . md5($PHP_AUTH_PW) . "'";