From 9eeb2b879cdcd769ad43eb04b60745083727a11a Mon Sep 17 00:00:00 2001
From: Sebastian Grewe <sebastian@grewe.ca>
Date: Tue, 11 Mar 2014 10:54:33 +0100
Subject: [PATCH 1/2] [ADDED] Settings Runtime Cache

---
 public/include/classes/setting.class.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/public/include/classes/setting.class.php b/public/include/classes/setting.class.php
index 3da3ccb9..1f92eb7a 100644
--- a/public/include/classes/setting.class.php
+++ b/public/include/classes/setting.class.php
@@ -3,6 +3,21 @@ $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
 
 class Setting extends Base {
   protected $table = 'settings';
+  private $cache = array();
+
+  /**
+   * Fetch all values available and cache them in this class
+   * That way we don't fetch them from DB for each call
+   */
+  public function createCache() {
+    if ($aSettings = $this->getAllAssoc()) {
+      foreach ($aSettings as $key => $aData) {
+        $this->cache[$aData['name']] = $aData['value'];
+      }
+      return true;
+    }
+    return false;
+  }
 
   /**
    * Fetch a value from our table
@@ -10,6 +25,8 @@ class Setting extends Base {
    * @return value string Value
    **/
   public function getValue($name, $default="") {
+    // Try our class cache first
+    if (isset($this->cache[$name])) return $this->cache[$name];
     $stmt = $this->mysqli->prepare("SELECT value FROM $this->table WHERE name = ? LIMIT 1");
     if ($this->checkStmt($stmt) && $stmt->bind_param('s', $name) && $stmt->execute() && $result = $stmt->get_result()) {
       if ($result->num_rows > 0) {
@@ -30,6 +47,8 @@ class Setting extends Base {
    * @return bool
    **/
   public function setValue($name, $value) {
+    // Update local cache too
+    $this->cache[$name] = $value;
     $stmt = $this->mysqli->prepare("
       INSERT INTO $this->table (name, value)
       VALUES (?, ?)
@@ -44,3 +63,5 @@ $setting = new Setting($debug, $mysqli);
 $setting->setDebug($debug);
 $setting->setMysql($mysqli);
 $setting->setErrorCodes($aErrorCodes);
+// Fill our class cache with data so we don't have to run SQL queries all the time
+$setting->createCache();

From 74d4eba27d1f76006292be106d107b38803d068f Mon Sep 17 00:00:00 2001
From: Sebastian Grewe <sebastian@grewe.ca>
Date: Tue, 11 Mar 2014 20:32:09 +0100
Subject: [PATCH 2/2] [CLEANUP] Admin Checks

* [REMOVED] SQL Checks, those won't be done since we need SQL to
  login as admin anyway. Are handled in database.inc.php too.
* [CHANGE] Dropped *nix detection since it would not detect Linux PHP_OS
* [IMPROVED] Simply check if we can use socket_create at all, fall back
  to fsockopen if this does not exist.

Not addressing any specific issue, just some cleanup.
---
 public/include/admin_checks.php | 44 +++++++++++++++++----------------
 1 file changed, 23 insertions(+), 21 deletions(-)

diff --git a/public/include/admin_checks.php b/public/include/admin_checks.php
index 98ecbbb2..f112efb4 100644
--- a/public/include/admin_checks.php
+++ b/public/include/admin_checks.php
@@ -6,25 +6,27 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
   $notice = array();
   $enotice = array();
   $error = array();
-  
+
   // setup some basic stuff for checking - getuid/getpwuid not available on mac/windows
   $apache_user = 'unknown';
   if (substr_count(strtolower(PHP_OS), 'nix') > 0 || substr_count(strtolower(PHP_OS), 'linux') > 0) {
     $apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown';
     $apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user;
   }
-  
+
   // setup checks
   // logging
   if ($config['logging']['enabled']) {
     if (!is_writable($config['logging']['path'])) {
-      $error[] = "Logging is enabled but we can't write in the logging path";
+      $error[] = "Logging is enabled but we can't write in the logfile path";
     }
   }
+
   // check if memcache isn't available but enabled in config -> error
   if (!class_exists('Memcached') && $config['memcache']['enabled']) {
-    $error[] = "You have memcache enabled in your config and it's not available. Install the package on your system.";
+    $error[] = "You have memcached enabled in your config and it's not available as a PHP module. Install the package on your system.";
   }
+
   // if it's not enabled, test it if it exists, if it works -> error tell them to enable, -> otherwise notice it's disabled
   if (!$config['memcache']['enabled']) {
     if (PHP_OS == 'WINNT') {
@@ -38,16 +40,18 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
       $memcache_test_get = @$memcache_test->get('test_mpos_setval');
     }
     if (class_exists('Memcached') && $memcache_test_get == $randmctv) {
-      $error[] = "You have memcache disabled in the config and it's available & works! Enable it.";
+      $error[] = "You have memcache disabled in the config but it's available and works! Enable it for best performance.";
     } else {
       $notice[] = "Memcache is disabled; Almost every linux distro has packages for it, you should be using it if you can.";
     }
   }
+
   // check if htaccess exists
   if (!file_exists(BASEPATH.".htaccess")) {
     $htaccess_link = "<a href='https://github.com/MPOS/php-mpos/blob/next/public/.htaccess'>.htaccess</a>";
-    $notice[] = "You don't seem to have a .htaccess in your public folder, if you're using apache set it up $htaccess_link";
+    $notice[] = "You don't seem to have a .htaccess in your public folder, if you're using Apache set it up: $htaccess_link";
   }
+
   // check if we can write templates/cache and templates/compile -> error
   if (!is_writable(THEME_DIR.'/cache')) {
     $error[] = "templates/cache folder is not writable for uid {$apache_user['name']}";
@@ -55,11 +59,13 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
   if (!is_writable(THEME_DIR.'/compile')) {
     $error[] = "templates/compile folder is not writable for uid {$apache_user['name']}";
   }
+
   // check if we can write the config files, we should NOT be able to -> error
   if (is_writable(INCLUDE_DIR.'/config/global.inc.php') || is_writable(INCLUDE_DIR.'/config/global.inc.dist.php') ||
       is_writable(INCLUDE_DIR.'/config/security.inc.php') || is_writable(INCLUDE_DIR.'/config/security.inc.dist.php')) {
     $error[] = "Your config files <b>SHOULD NOT be writable to this user</b>!";
   }
+
   // check if daemon can connect -> error
   try {
     if ($bitcoin->can_connect() !== true) {
@@ -76,7 +82,7 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
         if (!$bitcoin->validateaddress($config['coldwallet']['address']))
           $error[] = "Your cold wallet address is <u>SET and INVALID</u>";
       }
-      
+
       // check if there is more than one account set on wallet
       $accounts = $bitcoin->listaccounts();
       if (count($accounts) > 1 && $accounts[''] <= 0) {
@@ -85,34 +91,30 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
     }
   } catch (Exception $e) {
   }
-  // if database connection fails -> error
-  $db_connect = new mysqli($config['db']['host'], $config['db']['user'], $config['db']['pass'], $config['db']['name'], $config['db']['port']);
-  if (mysqli_connect_errno() || !array_key_exists('client_info', $db_connect)) {
-    $error[] = "Unable to connect to mysql using provided credentials";
-  }
+  // check anti DOS protection, we need memcache for that
   if ($config['mc_antidos'] && !$config['memcache']['enabled']) {
     $error[] = "mc_antidos is enabled and memcache is not, <u>memcache is required</u> to use this";
   }
+
   // poke stratum using gettingstarted details -> enotice
-  if (substr_count(strtolower(PHP_OS), 'nix') > 0) {
-    // unix *poke*
-    $socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+  if (function_exists('socket_create')) {
+    $socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
     if ($socket !== false) {
       $address = @gethostbyname($config['gettingstarted']['stratumurl']);
       $result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']);
       if ($result !== true) {
-        $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond";
+        $enotice[] = 'We tried to poke your Stratum server using your $config[\'gettingstarted\'] settings but it didn\'t respond';
       }
       $close = @socket_close($socket);
     }
   } else {
-    // mac/windows *poke*
-    if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'],$config['gettingstarted']['stratumport'],$errCode,$errStr,1)) {
-      $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond";
+    // Connect via fsockopen as fallback
+    if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'], $config['gettingstarted']['stratumport'], $errCode, $errStr, 1)) {
+      $enotice[] = 'We tried to poke your Stratum server using your $config[\'gettingstarted\'] settings but it didn\'t respond';
     }
     @fclose($fp);
   }
-  
+
   // security checks
   // salts too short -> notice, salts default -> error
   if ((strlen($config['SALT']) < 24) || (strlen($config['SALTY']) < 24) || $config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
@@ -122,7 +124,7 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
       $notice[] = "SALT or SALTY is too short, they should be more than 24 characters and changing them will require registering again";
     }
   }
-  
+
   // display the errors
   foreach ($enotice as $en) {
     $_SESSION['POPUP'][] = array('CONTENT' => $en, 'TYPE' => 'info');