From 71519d14d634eabd17fb990fa7a894e625106db3 Mon Sep 17 00:00:00 2001
From: root <rafta@gmx.net>
Date: Sun, 26 Jan 2014 15:19:03 +0100
Subject: [PATCH] [FIX] checking payout address

---
 cronjobs/payouts.php | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/cronjobs/payouts.php b/cronjobs/payouts.php
index 2f00dac0..b7e61505 100755
--- a/cronjobs/payouts.php
+++ b/cronjobs/payouts.php
@@ -45,6 +45,17 @@ if ($setting->getValue('disable_manual_payouts') != 1) {
         $dBalance = $aBalance['confirmed'];
         $aData['coin_address'] = $user->getCoinAddress($aData['account_id']);
         $aData['username'] = $user->getUserName($aData['account_id']);
+        // Validate address against RPC
+        try {
+          $aStatus = $bitcoin->validateaddress($aData['coin_address']);
+          if (!$aStatus['isvalid']) {
+            $log->logError('Failed to verify this users coin address, skipping payout');
+            continue;
+          }
+        } catch (Exception $e) {
+          $log->logError('Failed to verify this users coin address, skipping payout');
+          continue;
+        }
         if ($dBalance > $config['txfee_manual']) {
           // To ensure we don't run this transaction again, lets mark it completed
           if (!$oPayout->setProcessed($aData['id'])) {
@@ -109,11 +120,22 @@ if ($setting->getValue('disable_auto_payouts') != 1) {
         $log->logInfo("\t" . $aUserData['id'] . "\t" . $aUserData['username'] . "\t" . $dBalance . "\t" . $aUserData['ap_threshold'] . "\t\t" . $aUserData['coin_address']);
         // Only run if balance meets threshold and can pay the potential transaction fee
         if ($dBalance > $aUserData['ap_threshold'] && $dBalance > $config['txfee_auto']) {
+          // Validate address against RPC
+          try {
+          $aStatus = $bitcoin->validateaddress($aUserData['coin_address']);
+          if (!$aStatus['isvalid']) {
+            $log->logError('Failed to verify this users coin address, skipping payout');
+            continue;
+            }
+          } catch (Exception $e) {
+            $log->logError('Failed to verify this users coin address, skipping payout');
+            continue;
+          }
           // Send balance, fees are reduced later by RPC Server
           try {
             $txid = $bitcoin->sendtoaddress($aUserData['coin_address'], $dBalance - $config['txfee_auto']);
           } catch (Exception $e) {
-            $log->logError('E0078: RPC method did not return 200 OK: Address: ' . $aData['coin_address'] . ' ERROR: ' . $e->getMessage());
+            $log->logError('E0078: RPC method did not return 200 OK: Address: ' . $aUserData['coin_address'] . ' ERROR: ' . $e->getMessage());
             $monitoring->endCronjob($cron_name, 'E0078', 1, true);
           }
           // Create transaction record