RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1031 from xisi/patch-2

Browse Source 
[UPDATE] Fix for issue #957
This commit is contained in:
Sebastian Grewe 2013-12-19 06:47:43 -08:00
commit 28b71cbc2f
2 changed files with 22 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
public/include/classes/worker.class.php
View File

@ -21,14 +21,19 @@ class Worker extends Base {
$username = $this->user->getUserName($account_id);
$iFailed = 0;
foreach ($data as $key => $value) {
if ('' === $value['username'] || '' === $value['password']) {
if ('' === $value['username'] || '' === $value['password']) {
$iFailed++;
} else {
// Check worker name first
if (! preg_match("/^[0-9a-zA-Z_\-]*$/", $value['username'])) {
$iFailed++;
continue;
}
// Prefix the WebUser to Worker name
$value['username'] = "$username." . $value['username'];
$stmt = $this->mysqli->prepare("UPDATE $this->table SET password = ?, username = ?, monitor = ? WHERE account_id = ? AND id = ?");
if ( ! ( $this->checkStmt($stmt) && $stmt->bind_param('ssiii', $value['password'], $value['username'], $value['monitor'], $account_id, $key) && $stmt->execute()) )
$iFailed++;
} else {
// Prefix the WebUser to Worker name
$value['username'] = "$username." . $value['username'];
$stmt = $this->mysqli->prepare("UPDATE $this->table SET password = ?, username = ?, monitor = ? WHERE account_id = ? AND id = ?");
if ( ! ( $this->checkStmt($stmt) && $stmt->bind_param('ssiii', $value['password'], $value['username'], $value['monitor'], $account_id, $key) && $stmt->execute()) )
$iFailed++;
}
}
if ($iFailed == 0)
@ -225,8 +230,16 @@ class Worker extends Base {
$this->setErrorMessage($this->getErrorMsg('E0058'));
return false;
}
if (!preg_match("/^[0-9a-zA-Z_\-]*$/", $workerName)) {
$this->setErrorMessage($this->getErrorMsg('E0072'));
return false;
}
$username = $this->user->getUserName($account_id);
$workerName = "$username.$workerName";
if (strlen($workerName) > 50) {
$this->setErrorMessage($this->getErrorMsg('E0073'));
return false;
}
$stmt = $this->mysqli->prepare("INSERT INTO $this->table (account_id, username, password) VALUES(?, ?, ?)");
if ($this->checkStmt($stmt) && $stmt->bind_param('iss', $account_id, $workerName, $workerPassword)) {
if (!$stmt->execute()) {

2
public/include/config/error_codes.inc.php
View File

@ -69,4 +69,6 @@ $aErrorCodes['E0062'] = 'Block has no share_id, not running payouts';
$aErrorCodes['E0063'] = 'Upstream share already assigned to previous block';
$aErrorCodes['E0064'] = 'Failed to create transaction record';
$aErrorCodes['E0065'] = 'Remaining balance is greater than 0';
$aErrorCodes['E0072'] = 'Worker names must be alphanumeric';
$aErrorCodes['E0073'] = 'Worker name is too long; try entering a shorter name'
?>