RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

See issue #2427

Browse Source
This commit is contained in:
xisi 2015-06-19 07:01:41 -04:00 committed by Joey
parent 433c8f766a
commit 02067ace54
11 changed files with 288 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
include/admin_checks.php
View File

@ -1,155 +0,0 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) {
if (!include_once(INCLUDE_DIR . '/lib/jsonRPCClient.php')) die('Unable to load libs');
$notice = array();
$enotice = array();
$error = array();
// setup some basic stuff for checking - getuid/getpwuid not available on mac/windows
$apache_user = 'unknown';
if (substr_count(strtolower(PHP_OS), 'nix') > 0 || substr_count(strtolower(PHP_OS), 'linux') > 0) {
$apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown';
$apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user;
}
// setup checks
// logging
if ($config['logging']['enabled']) {
if (!is_writable($config['logging']['path'])) {
$error[] = "Logging is enabled but we can't write in the logfile path";
}
}
// check if fees are 0 and ap/mp tx fees are also set to 0 -> issue #2424
if ($config['fees'] == 0 && ($config['txfee_auto'] == 0 || $config['txfee_manual'] == 0)) {
$notice[] = "Having your pool fees set to 0 and tx fees also set to 0 can cause a problem where the wallet cannot payout, consider setting the txfee to a very low amount, ie. 0.0001 to avoid this.";
}
// check if memcache isn't available but enabled in config -> error
if (!class_exists('Memcached') && $config['memcache']['enabled']) {
$error[] = "You have memcached enabled in your config and it's not available as a PHP module. Install the package on your system.";
}
// if it's not enabled, test it if it exists, if it works -> error tell them to enable, -> otherwise notice it's disabled
if (!$config['memcache']['enabled']) {
if (PHP_OS == 'WINNT') {
require_once(CLASS_DIR . 'memcached.class.php');
}
if (class_exists('Memcached')) {
$memcache_test = @new Memcached();
if ($config['memcache']['sasl'] === true) {
$memcache_test->setOption(Memcached::OPT_BINARY_PROTOCOL, true);
$memcache_test->setSaslAuthData($config['memcache']['sasl']['username'], $config['memcache']['sasl']['password']);
}
$memcache_test_add = @$memcache_test->addServer($config['memcache']['host'], $config['memcache']['port']);
$randmctv = rand(5,10);
$memcache_test_set = @$memcache_test->set('test_mpos_setval', $randmctv);
$memcache_test_get = @$memcache_test->get('test_mpos_setval');
}
if (class_exists('Memcached') && $memcache_test_get == $randmctv) {
$error[] = "You have memcache disabled in the config but it's available and works! Enable it for best performance.";
} else {
$notice[] = "Memcache is disabled; Almost every linux distro has packages for it, you should be using it if you can.";
}
}
// check if htaccess exists
if (!file_exists(BASEPATH.".htaccess")) {
$htaccess_link = "<a href='https://github.com/MPOS/php-mpos/blob/next/public/.htaccess'>.htaccess</a>";
$notice[] = "You don't seem to have a .htaccess in your public folder, if you're using Apache set it up: $htaccess_link";
}
// check if we can write templates/cache and templates/compile -> error
if (!is_writable(TEMPLATE_DIR . '/cache')) {
$error[] = "templates/cache folder is not writable for uid {$apache_user['name']}";
}
if (!is_writable(TEMPLATE_DIR . '/compile')) {
$error[] = "templates/compile folder is not writable for uid {$apache_user['name']}";
}
// check if we can write the config files, we should NOT be able to -> error
if (is_writable(INCLUDE_DIR.'/config/global.inc.php') || is_writable(INCLUDE_DIR.'/config/global.inc.dist.php') ||
is_writable(INCLUDE_DIR.'/config/security.inc.php') || is_writable(INCLUDE_DIR.'/config/security.inc.dist.php')) {
$error[] = "Your config files <b>SHOULD NOT be writable to this user</b>!";
}
// check if daemon can connect -> error
try {
if ($bitcoin->can_connect() !== true) {
$error[] = "Unable to connect to coin daemon using provided credentials";
}
else {
// validate that the wallet service is not in test mode
if ($bitcoin->is_testnet() == true) {
$error[] = "The coin daemon service is running as a testnet. Check the TESTNET setting in your coin daemon config and make sure the correct port is set in the MPOS config.";
}
// if coldwallet is not empty, check if the address is valid -> error
if (!empty($config['coldwallet']['address'])) {
if (!$bitcoin->validateaddress($config['coldwallet']['address']))
$error[] = "Your cold wallet address is <u>SET and INVALID</u>";
}
// check if there is more than one account set on wallet
$accounts = $bitcoin->listaccounts();
if (count($accounts) > 1 && $accounts[''] <= 0) {
$error[] = "There are " . count($accounts) . " Accounts set in local Wallet and Default Account has no liquid funds to pay your miners!";
}
}
} catch (Exception $e) {
}
// check anti DOS protection, we need memcache for that
if ($config['mc_antidos'] && !$config['memcache']['enabled']) {
$error[] = "mc_antidos is enabled and memcache is not, <u>memcache is required</u> to use this";
}
// poke stratum using gettingstarted details -> enotice
if (function_exists('socket_create')) {
$host = @gethostbyname($config['gettingstarted']['stratumurl']);
$port = $config['gettingstarted']['stratumport'];
if (isset($host) and
isset($port) and
($socket=socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) and
(socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 3, 'usec' => 0))) and
(@socket_connect($socket, $host, $port)))
{
socket_close($socket);
} else {
$enotice[] = 'We tried to poke your Stratum server using your $config[\'gettingstarted\'] settings but it didn\'t respond - ' . socket_strerror(socket_last_error());
}
} else {
// Connect via fsockopen as fallback
if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'], $config['gettingstarted']['stratumport'], $errCode, $errStr, 1)) {
$enotice[] = 'We tried to poke your Stratum server using your $config[\'gettingstarted\'] settings but it didn\'t respond';
}
@fclose($fp);
}
// security checks
// salts too short -> notice, salts default -> error
if ((strlen($config['SALT']) < 24) || (strlen($config['SALTY']) < 24) || $config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
if ($config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
$error[] = "You absolutely <u>SHOULD NOT leave your SALT or SALTY default</u> changing them will require registering again";
} else {
$notice[] = "SALT or SALTY is too short, they should be more than 24 characters and changing them will require registering again";
}
}
// display the errors
foreach ($enotice as $en) {
$_SESSION['POPUP'][] = array('CONTENT' => $en, 'TYPE' => 'alert alert-info');
}
if (!count($notice) && !count($error)) {
$_SESSION['POPUP'][] = array('CONTENT' => 'The config options we checked seem OK', 'TYPE' => 'alert alert-success');
} else {
foreach ($notice as $n) {
$_SESSION['POPUP'][] = array('CONTENT' => $n, 'TYPE' => 'alert alert-warning');
}
foreach ($error as $e) {
$_SESSION['POPUP'][] = array('CONTENT' => $e, 'TYPE' => 'alert alert-danger');
}
}
}

38
include/pages/admin/checks/check_daemon.inc.php Normal file
View File

@ -0,0 +1,38 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// check if daemon can connect -> error
try {
if ($bitcoin->can_connect() !== true) {
$newerror = array();
$newerror['name'] = "Coin daemon";
$newerror['description'] = "Unable to connect to coin daemon using provided credentials.";
$newerror['configvalue'] = "wallet.*";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-local-wallet-rpc";
$error[] = $newerror;
$newerror = null;
}
else {
// validate that the wallet service is not in test mode
if ($bitcoin->is_testnet() == true) {
$newerror = array();
$newerror['name'] = "Coin daemon";
$newerror['description'] = "The coin daemon service is running as a testnet. Check the TESTNET setting in your coin daemon config and make sure the correct port is set in the MPOS config.";
$newerror['configvalue'] = "wallet.host";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-local-wallet-rpc";
$error[] = $newerror;
$newerror = null;
}
// check if there is more than one account set on wallet
$accounts = $bitcoin->listaccounts();
if (count($accounts) > 1 && $accounts[''] <= 0) {
$newerror = array();
$newerror['name'] = "Coin daemon";
$newerror['description'] = "There are " . count($accounts) . " Accounts set in local Wallet and Default Account has no liquid funds to pay your miners!";
$newerror['configvalue'] = "wallet.host";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-local-wallet-rpc";
$error[] = $newerror;
$newerror = null;
}
}
} catch (Exception $e) {}

13
include/pages/admin/checks/check_fees.inc.php Normal file
View File

@ -0,0 +1,13 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// check if fees are 0 and ap/mp tx fees are also set to 0 -> issue #2424
if ($config['fees'] == 0 && ($config['txfee_auto'] == 0 || $config['txfee_manual'] == 0)) {
$newerror = array();
$newerror['name'] = "Fees and TX Fees 0";
$newerror['description'] = "Having your pool fees set to 0 and tx fees also set to 0 can cause a problem where the wallet cannot payout, consider setting the txfee to a very low amount, ie. 0.0001 to avoid this.";
$newerror['configvalue'] = "fees";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/issues/2424";
$error[] = $newerror;
$newerror = null;
}

59
include/pages/admin/checks/check_memcache.inc.php Normal file
View File

@ -0,0 +1,59 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// check if memcache isn't available but enabled in config -> error
if (!class_exists('Memcached') && $config['memcache']['enabled']) {
$newerror = array();
$newerror['name'] = "Memcache Config";
$newerror['description'] = "You have memcached enabled in your config and it's not available as a PHP module. Install the package on your system.";
$newerror['configvalue'] = "memcache.enabled";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-memcache";
$error[] = $newerror;
$newerror = null;
}
// if it's not enabled, test it if it exists, if it works -> error tell them to enable, -> otherwise notice it's disabled
if (!$config['memcache']['enabled']) {
if (PHP_OS == 'WINNT') {
require_once(CLASS_DIR . 'memcached.class.php');
}
if (class_exists('Memcached')) {
$memcache_test = @new Memcached();
if ($config['memcache']['sasl'] === true) {
$memcache_test->setOption(Memcached::OPT_BINARY_PROTOCOL, true);
$memcache_test->setSaslAuthData($config['memcache']['sasl']['username'], $config['memcache']['sasl']['password']);
}
$memcache_test_add = @$memcache_test->addServer($config['memcache']['host'], $config['memcache']['port']);
$randmctv = rand(5,10);
$memcache_test_set = @$memcache_test->set('test_mpos_setval', $randmctv);
$memcache_test_get = @$memcache_test->get('test_mpos_setval');
}
if (class_exists('Memcached') && $memcache_test_get == $randmctv) {
$newerror = array();
$newerror['name'] = "Memcache Config";
$newerror['description'] = "You have memcache disabled in the config but it's available and works! Enable it for best performance.";
$newerror['configvalue'] = "memcache.enabled";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-memcache";
$error[] = $newerror;
$newerror = null;
} else {
$newerror = array();
$newerror['name'] = "Memcache Config";
$newerror['description'] = "Memcache is disabled; Almost every linux distro has packages for it, you should be using it if you can.";
$newerror['configvalue'] = "memcache.enabled";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-memcache";
$error[] = $newerror;
$newerror = null;
}
}
// check anti DOS protection, we need memcache for that
if ($config['mc_antidos'] && !$config['memcache']['enabled']) {
$newerror = array();
$newerror['name'] = "Memcache Config";
$newerror['description'] = "mc_antidos is enabled and memcache is not, <u>memcache is required</u> to use this.";
$newerror['configvalue'] = "memcache.enabled";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#memcache-rate-limiting";
$error[] = $newerror;
$newerror = null;
}

47
include/pages/admin/checks/check_permissions.inc.php Normal file
View File

@ -0,0 +1,47 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
if ($config['logging']['enabled']) {
// checks to see that the logging path is writable
if (!is_writable($config['logging']['path'])) {
$newerror = array();
$newerror['name'] = "Log path permissions";
$newerror['description'] = "Logging is enabled but we can't write in the logfile path.";
$newerror['configvalue'] = "logging.path";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Quick-Start-Guide#configuration-1";
$error[] = $newerror;
$newerror = null;
}
}
// check if we can write templates/cache and templates/compile -> error
if (!is_writable(TEMPLATE_DIR . '/cache')) {
$newerror = array();
$newerror['name'] = "templates/cache permissions";
$newerror['description'] = "templates/cache folder is not writable for uid {$apache_user['name']}";
$newerror['configvalue'] = "templates/cache folder";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Quick-Start-Guide#configuration-1";
$error[] = $newerror;
$newerror = null;
}
if (!is_writable(TEMPLATE_DIR . '/compile')) {
$newerror = array();
$newerror['name'] = "templates/compile permissions";
$newerror['description'] = "templates/compile folder is not writable for uid {$apache_user['name']}";
$newerror['configvalue'] = "templates/compile folder";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Quick-Start-Guide#configuration-1";
$error[] = $newerror;
$newerror = null;
}
// check if we can write the config files, we should NOT be able to -> error
if (is_writable(INCLUDE_DIR.'/config/global.inc.php') || is_writable(INCLUDE_DIR.'/config/global.inc.dist.php') ||
is_writable(INCLUDE_DIR.'/config/security.inc.php') || is_writable(INCLUDE_DIR.'/config/security.inc.dist.php')) {
$newerror = array();
$newerror['name'] = "Config permissions";
$newerror['description'] = "Your config files <b>SHOULD NOT be writable to this user</b>!";
$newerror['configvalue'] = "global.inc.php and security.inc.php";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Quick-Start-Guide#configuration-1";
$error[] = $newerror;
$newerror = null;
}

29
include/pages/admin/checks/check_security.inc.php Normal file
View File

@ -0,0 +1,29 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// check if password salts are sane
if (strlen($config['SALT']) < 24 || strlen($config['SALTY']) < 24 || $config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
$newerror = array();
$newerror['name'] = "Password Salts";
if ($config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
$newerror['description'] = "You absolutely <u>SHOULD NOT leave your SALT or SALTY default</u> changing them will require registering again.";
} else {
$newerror['description'] = "SALT or SALTY is too short, they should be more than 24 characters and changing them will require registering again.</p>";
}
$newerror['configvalue'] = "SALT";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-defines--salts";
$error[] = $newerror;
$newerror = null;
}
// check if htaccess exists
if (!file_exists(BASEPATH.".htaccess")) {
$newerror = array();
$newerror['name'] = ".htaccess";
$htaccess_link = "<a href='https://github.com/MPOS/php-mpos/blob/next/public/.htaccess'>.htaccess</a>";
$newerror['description'] = "You don't seem to have a .htaccess in your public folder, if you're using Apache set it up: $htaccess_link";
$newerror['configvalue'] = ".htaccess";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki";
$error[] = $newerror;
$newerror = null;
}

36
include/pages/admin/checks/check_stratum.inc.php Normal file
View File

@ -0,0 +1,36 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// poke stratum using gettingstarted details -> enotice
if (function_exists('socket_create')) {
$host = @gethostbyname($config['gettingstarted']['stratumurl']);
$port = $config['gettingstarted']['stratumport'];
if (isset($host) and
isset($port) and
($socket=socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) and
(socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 3, 'usec' => 0))) and
(@socket_connect($socket, $host, $port)))
{
socket_close($socket);
} else {
$newerror = array();
$newerror['name'] = "Stratum information";
$newerror['description'] = "We tried to poke your Stratum server using your \$config['gettingstarted'] settings but it didn't respond - " . socket_strerror(socket_last_error()) . ".";
$newerror['configvalue'] = "gettingstarted";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-getting-started";
$error[] = $newerror;
$newerror = null;
}
} else {
// Connect via fsockopen as fallback
if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'], $config['gettingstarted']['stratumport'], $errCode, $errStr, 1)) {
$newerror = array();
$newerror['name'] = "Stratum information";
$newerror['description'] = "We tried to poke your Stratum server using your \$config['gettingstarted'] settings but it didn't respond.";
$newerror['configvalue'] = "gettingstarted";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-getting-started";
$error[] = $newerror;
$newerror = null;
}
@fclose($fp);
}

42
include/pages/admin/setup.inc.php Normal file
View File

@ -0,0 +1,42 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// Check user to ensure they are admin
if (!$user->isAuthenticated() || !$user->isAdmin($_SESSION['USERDATA']['id'])) {
header("HTTP/1.1 404 Page not found");
die("404 Page not found");
}
if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) {
if (!include_once(INCLUDE_DIR . '/lib/jsonRPCClient.php')) die('Unable to load libs');
$error = array();
if ($config['skip_config_tests']) {
$newerror = array();
$newerror['name'] = "Config tests skipped";
$newerror['description'] = "Config tests are disabled. Enable them in the global config to run them again.";
$newerror['configvalue'] = "skip_config_tests";
$newerror['helplink'] = "https://github.com/MPOS/php-mpos/wiki/Config-Setup#config-check";
$error[] = $newerror;
$newerror = null;
} else {
// setup some basic stuff for checking - getuid/getpwuid not available on mac/windows
$apache_user = 'unknown';
if (substr_count(strtolower(PHP_OS), 'nix') > 0 || substr_count(strtolower(PHP_OS), 'linux') > 0) {
$apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown';
$apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user;
}
// we want to load anything in checks/ that is check_*.inc.php
$potentialfiles = scandir(__DIR__."/checks/");
foreach ($potentialfiles as $pf) {
if ($pf == '.' || $pf == '..') continue;
if (preg_match("/check_+.+\.inc\.php/", $pf)) {
include_once("checks/".$pf);
}
}
}
$smarty->assign("ERRORS", $error);
}
$smarty->assign("CONTENT", "default.tpl");

4
public/index.php
View File

@ -101,8 +101,8 @@ if (count(@$_SESSION['last_ip_pop']) == 2) {
// version check and config check if not disabled
if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) {
if (!@$config['skip_config_tests']) {
require_once(INCLUDE_DIR . '/admin_checks.php');
if (!@$config['skip_config_tests'] && @$_GET['action'] != 'setup') {
$_SESSION['POPUP'][] = array('CONTENT' => "You haven't turned off config checks, visit the <b><a href='?page=admin&action=setup'>setup page</a></b> for further information.", 'DISMISS' => 'yes', 'ID' => 'lastlogin', 'TYPE' => 'alert alert-info');
}
}

21
templates/bootstrap/admin/setup/default.tpl Normal file
View File

@ -0,0 +1,21 @@
<div class="row">
<div class="col-lg-12">
<div class="panel panel-info">
<div class="panel-heading">
<i class="fa fa-question fa-fw"></i> Setup Checks<br />
<i>To disable these checks, set skip_config_tests to true in global.inc.php</i>
</div>
<div class="panel-body">
{if $ERRORS|@count > 0}
{section errors $ERRORS}
<p><strong>{$ERRORS[errors].name}</strong></p>
<p>{$ERRORS[errors].description}</p>
<p>See: <a href="{$ERRORS[errors].helplink}">{$ERRORS[errors].configvalue}</a></p>
<hr />
{/section}
{/if}
</div>
</div>
</div>
<!-- /.col-lg-12 -->
</div>

1
templates/bootstrap/global/navigation.tpl
View File

@ -30,6 +30,7 @@
<li {if $smarty.get.action|default:"0" eq "dashboard" || $smarty.get.action|default:"0" eq "monitoring" || $smarty.get.action|default:"0" eq "settings"}class="active"{/if}>
<a href="#"><i class="fa fa-linux fa-fw"></i> System <span class="fa arrow"></span></a>
<ul class="nav nav-third-level">
<li><a href="{$smarty.server.SCRIPT_NAME}?page=admin&action=setup"><i class="fa fa-book fa-fw"></i> Setup</a></li>
<li><a href="{$smarty.server.SCRIPT_NAME}?page=admin&action=dashboard"><i class="fa fa-dashboard fa-fw"></i> Dashboard</a></li>
<li><a href="{$smarty.server.SCRIPT_NAME}?page=admin&action=monitoring"><i class="fa fa-bell-o fa-fw"></i> Monitoring</a></li>
<li><a href="{$smarty.server.SCRIPT_NAME}?page=admin&action=settings"><i class="fa fa-gears fa-fw"></i> Settings</a></li>