RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #2683 from MPOS/development

Browse Source 
UPDATE : Development to Master
This commit is contained in:
Sebastian Grewe 2018-04-05 10:40:22 +02:00 committed by GitHub
commit 8fa8d6c8de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
44 changed files with 450 additions and 1842 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -40,4 +40,7 @@
tests/_output/*
# NetBeans Project Directory
/nbproject/*
/nbproject/*
# No need for composer.lock
/composer.lock

1
.travis.yml
View File

@ -34,6 +34,7 @@ before_script:
- nohup php -S bone:8000 public/index.php &
script:
- php vendor/bin/codecept build
- php vendor/bin/codecept run unit --coverage --coverage-html --coverage-xml --env travis
after_script:

43
README.md
View File

@ -1,11 +1,10 @@
[![Build Status](https://travis-ci.org/MPOS/php-mpos.png?branch=master)](https://travis-ci.org/MPOS/php-mpos) [![Code Climate](https://codeclimate.com/github/MPOS/php-mpos/badges/gpa.svg)](https://codeclimate.com/github/MPOS/php-mpos) [![Code Coverage](https://scrutinizer-ci.com/g/MPOS/php-mpos/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/MPOS/php-mpos/?branch=master) [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/MPOS/php-mpos/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/MPOS/php-mpos/?branch=master) master<br />
[![Build Status](https://travis-ci.org/MPOS/php-mpos.png?branch=development)](https://travis-ci.org/MPOS/php-mpos) [![Code Coverage](https://scrutinizer-ci.com/g/MPOS/php-mpos/badges/coverage.png?b=development)](https://scrutinizer-ci.com/g/MPOS/php-mpos/?branch=development) [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/MPOS/php-mpos/badges/quality-score.png?b=development)](https://scrutinizer-ci.com/g/MPOS/php-mpos/?branch=development) development
Description
===========
MPOS is a web based Mining Portal for various crypto currencies. It was created by [TheSerapher](https://github.com/TheSerapher) and has hence grown quite large. Recently it was migrated into a Github Organization to make development easier. It's a community driven open source project. Support can be requested on IRC at https://webchat.freenode.net/?channels=#mpos - Be **PATIENT** ... People listed in this channel may currently be inactive but most users there have offline logging of messages. They **will** see your questions and answer if they can. Don't join, ask the question and leave. Sit around if you want answers to your questions!
MPOS is a web based Mining Portal for various crypto currencies. It was originally created by [TheSerapher](https://github.com/TheSerapher) and has hence grown quite large. It's now used by many pools out there and is a good starting point to learn more about mining and running pools in general. There is no active development done on the project by the orignal developers but we still merge PRs!
Donations
=========
@ -20,24 +19,6 @@ Website Footer
When you decide to use `MPOS` please be so kind and leave the footer intact. You are not the author of the software and should honor those that have worked on it. Keeping the footer intact helps spreading the word. Leaving the donation address untouched allows miners to donate to the author.
Donors
======
These people have supported this project with a donation:
* [obigal](https://github.com/obigal)
* [vias](https://github.com/vias79)
* [WKNiGHT](https://github.com/WKNiGHT-)
* [ZC](https://github.com/zccopwrx)
* Nutnut
* Caberhagen (https://coin-mining.ch)
* Mining4All (https://www.mining4all.eu/)
* [xisi](https://github.com/xisi)
* [PCFiL](https://github.com/PCFiL)
* [rog1121](https://github.com/rog1121)(https://rapidhash.net)
* [Wow, Much Pool](http://www.wowmuchpool.com/)
* webxassDE (https://www.suchcoins.com/)
Pools running MPOS
==================
@ -140,39 +121,27 @@ on non-existing features in `MPOS`. For the vast majority, adjusting themes shou
In all that, I humbly ask to keep the `MPOS` author reference and Github URL intact.
Related Software
================
There are a few other projects out there that take advantage of MPOS and it's included API. Here a quick list that you can check out for yourself:
* [MPOS IRC Bot](https://github.com/WKNiGHT-/mpos-bot) written in Python, standalone bot, using the MPOS API
* [MPOS Eggdrop Module](https://github.com/iAmShorty/mpos-eggdrop-tcl) written in TCL, adding MPOS commands to this bot, using the MPOS API
* [Windows Phone Pool App](http://www.windowsphone.com/en-us/store/app/meeneminermonitor/7ec6eac7-a642-409b-96c8-57b5cfdf45cf)
* [iPhone iMPOS App](https://itunes.apple.com/us/app/impos/id742179239?mt=8)
* [Other Windows Phone App](http://www.windowsphone.com/en-us/store/app/mining-info/952f1137-eb62-4613-8057-34576d3c9c44)
Contributing
============
You can contribute to this project in different ways:
* Report outstanding issues and bugs by creating an [Issue][1]
* Suggest feature enhancements also via [Issues][1]
* Fork the project, create a branch and file a pull request to improve the code itself
If you wish to participate contact the team on IRC: https://webchat.freenode.net/?channels=#mpos - we will point you to the proper channels!
* Fork the project, create a branch and file a pull request **against development** to improve the code itself
Contact
=======
You can find the team on Freenode.net, #MPOS.
This product is not actively developed anymore. For setup and installation support, please find help in other channels.
This projects issue tracker is used for bugs and issues with the core code, not for general help in setting up and running
pool.
Team Members
============
Author and Project Owner: [TheSerapher](https://github.com/TheSerapher) aka Sebastian Grewe
Developers:
Past developers that helped on MPOS in the early days:
* [nrpatten](https://github.com/nrpatten)
* [Aim](https://github.com/fspijkerman)

4
composer.json
View File

@ -10,5 +10,7 @@
"email": "delboy1978uk@gmail.com"
}
],
"require": {}
"require": {
"google/recaptcha": "~1.1"
}
}

1358
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

BIN
composer.phar Executable file
View File

Binary file not shown.

23
cronjobs/run-maintenance.sh
View File

@ -47,16 +47,25 @@ fi
ME=$( basename $0 )
# Overwrite some settings via command line arguments
while getopts "hfvp:d:" opt; do
while getopts "hfvt:p:d:" opt; do
case "$opt" in
h|\?)
echo "Usage: $0 [-v] [-p PHP_BINARY] [-d SUBFOLDER]";
echo "Usage: $0 [-v] [-f] [-t TIME_IN_SEC] [-p PHP_BINARY] [-d SUBFOLDER]";
exit 0
;;
v) VERBOSE=1 ;;
f) PHP_OPTS="$PHP_OPTS -f";;
p) PHP_BIN=$OPTARG ;;
d) SUBFOLDER=$OPTARG ;;
t)
if [[ $OPTARG =~ ^[0-9]+$ ]]; then
TIMEOUT=$OPTARG
PHP_OPTS="$PHP_OPTS -t $OPTARG"
else
echo "Option -t requires an integer" >&2
exit 1
fi
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
@ -102,6 +111,16 @@ fi
# Our PID of this shell
PID=$$
# If $PIDFILE exists and older than the time specified by -t, remove it.
if [[ -e $PIDFILE ]]; then
if [[ -n $TIMEOUT ]] && \
[[ $(( $(date +%s) - $(stat -c %Y $PIDFILE) )) -gt $TIMEOUT ]]; then
echo "$PIDFILE exists but older than the time you specified in -t option ($TIMEOUT sec)."
echo "Removing PID file."
rm $PIDFILE
fi
fi
if [[ -e $PIDFILE ]]; then
echo "Cron seems to be running already"
RUNPID=$( cat $PIDFILE )

24
cronjobs/run-payout.sh
View File

@ -46,17 +46,25 @@ fi
# My own name
ME=$( basename $0 )
# Overwrite some settings via command line arguments
while getopts "hfvp:d:" opt; do
while getopts "hfvt:p:d:" opt; do
case "$opt" in
h|\?)
echo "Usage: $0 [-v] [-p PHP_BINARY] [-d SUBFOLDER]";
echo "Usage: $0 [-v] [-f] [-t TIME_IN_SEC] [-p PHP_BINARY] [-d SUBFOLDER]";
exit 0
;;
v) VERBOSE=1 ;;
f) PHP_OPTS="$PHP_OPTS -f";;
p) PHP_BIN=$OPTARG ;;
d) SUBFOLDER=$OPTARG ;;
t)
if [[ $OPTARG =~ ^[0-9]+$ ]]; then
TIMEOUT=$OPTARG
PHP_OPTS="$PHP_OPTS -t $OPTARG"
else
echo "Option -t requires an integer" >&2
exit 1
fi
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
@ -102,6 +110,16 @@ fi
# Our PID of this shell
PID=$$
# If $PIDFILE exists and older than the time specified by -t, remove it.
if [[ -e $PIDFILE ]]; then
if [[ -n $TIMEOUT ]] && \
[[ $(( $(date +%s) - $(stat -c %Y $PIDFILE) )) -gt $TIMEOUT ]]; then
echo "$PIDFILE exists but older than the time you specified in -t option ($TIMEOUT sec)."
echo "Removing PID file."
rm $PIDFILE
fi
fi
if [[ -e $PIDFILE ]]; then
echo "Cron seems to be running already"
RUNPID=$( cat $PIDFILE )

23
cronjobs/run-statistics.sh
View File

@ -47,16 +47,25 @@ fi
ME=$( basename $0 )
# Overwrite some settings via command line arguments
while getopts "hfvp:d:" opt; do
while getopts "hfvt:p:d:" opt; do
case "$opt" in
h|\?)
echo "Usage: $0 [-v] [-p PHP_BINARY] [-d SUBFOLDER]";
echo "Usage: $0 [-v] [-f] [-t TIME_IN_SEC] [-p PHP_BINARY] [-d SUBFOLDER]";
exit 0
;;
v) VERBOSE=1 ;;
f) PHP_OPTS="$PHP_OPTS -f";;
p) PHP_BIN=$OPTARG ;;
d) SUBFOLDER=$OPTARG ;;
t)
if [[ $OPTARG =~ ^[0-9]+$ ]]; then
TIMEOUT=$OPTARG
PHP_OPTS="$PHP_OPTS -t $OPTARG"
else
echo "Option -t requires an integer" >&2
exit 1
fi
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
@ -102,6 +111,16 @@ fi
# Our PID of this shell
PID=$$
# If $PIDFILE exists and older than the time specified by -t, remove it.
if [[ -e $PIDFILE ]]; then
if [[ -n $TIMEOUT ]] && \
[[ $(( $(date +%s) - $(stat -c %Y $PIDFILE) )) -gt $TIMEOUT ]]; then
echo "$PIDFILE exists but older than the time you specified in -t option ($TIMEOUT sec)."
echo "Removing PID file."
rm $PIDFILE
fi
fi
if [[ -e $PIDFILE ]]; then
echo "Cron seems to be running already"
RUNPID=$( cat $PIDFILE )

26
cronjobs/shared.inc.php
View File

@ -51,19 +51,39 @@ $cron_name = basename($_SERVER['PHP_SELF'], '.php');
require_once(BASEPATH . '../include/bootstrap.php');
require_once(BASEPATH . '../include/version.inc.php');
// Load 3rd party logging library for running crons
$log = KLogger::instance( BASEPATH . '../logs/' . $cron_name, KLogger::INFO );
// Command line switches
array_shift($argv);
foreach ($argv as $option) {
foreach ($argv as $index => $option) {
switch ($option) {
case '-f':
$monitoring->setStatus($cron_name . "_disabled", "yesno", 0);
$monitoring->setStatus($cron_name . "_active", "yesno", 0);
break;
case '-t':
// When `-t TIME_IN_SEC` is specified, we ignore the cron active flag
// if the time elapsed `TIME_IN_SEC` seconds after the last job started.
// Check the next argument is the value for -t option.
if (!($index + 1 < count($argv)) || // check if '-t' is not the last argument.
!(ctype_digit($argv[$index + 1]))) { // check the next argument is numeric string
$log->logFatal('Option -t requires an integer.');
$monitoring->endCronjob($cron_name, 'E0085', 3, true, false);
}
$timeout = intval($argv[$index + 1]);
$timeElapsedFromLastStart = $dStartTime - $monitoring->getLastCronStarted($cron_name);
if ($timeElapsedFromLastStart > $timeout) {
$log->logWarn("Previous cronjob `$cron_name` is started before than you specified by -t. Re-run forced.");
$monitoring->setStatus($cron_name . "_active", "yesno", 0);
}
break;
}
}
// Load 3rd party logging library for running crons
$log = KLogger::instance( BASEPATH . '../logs/' . $cron_name, KLogger::INFO );
$log->LogDebug('Starting ' . $cron_name);
// Load the start time for later runtime calculations for monitoring

4
cronjobs/tables_cleanup.php
View File

@ -59,7 +59,7 @@ if ($oToken->cleanupTokens()) {
}
$log->logInfo(sprintf($strLogMask, 'cleanupTokens', $affected, number_format(microtime(true) - $start, 3), $status, $message));
// Clenaup shares archive
// Cleanup shares archive
$start = microtime(true);
$status = 'OK';
$message = '';
@ -73,7 +73,7 @@ if ($affected === false) {
}
$log->logInfo(sprintf($strLogMask, 'purgeArchive', $affected, number_format(microtime(true) - $start, 3), $status, $message));
// Clenaup shares archive
// Cleanup shares archive
$start = microtime(true);
$status = 'OK';
$message = '';

3
include/autoloader.inc.php
View File

@ -2,6 +2,8 @@
(SECURITY == "*)WT#&YHfd" && SECHASH_CHECK) ? die("public/index.php -> Set a new SECURITY value to continue") : 0;
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
require_once(INCLUDE_DIR . '/../vendor/autoload.php');
// Default classes
require_once(INCLUDE_DIR . '/lib/KLogger.php');
require_once(CLASS_DIR . '/logger.class.php');
@ -9,6 +11,7 @@ require_once(CLASS_DIR . '/debug.class.php');
if ($config['mysql_filter']) {
require_once(CLASS_DIR . '/strict.class.php');
}
require_once(INCLUDE_DIR . '/classes/mysqlims.class.php');
require_once(INCLUDE_DIR . '/database.inc.php');
require_once(INCLUDE_DIR . '/config/memcache_keys.inc.php');
require_once(INCLUDE_DIR . '/config/error_codes.inc.php');

1
include/bootstrap.php
View File

@ -32,7 +32,6 @@ if (@file_exists(INCLUDE_DIR . '/config/security.inc.php')) include_once(INCLUDE
session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
$session_start = @session_start();
if (!$session_start) {
$log->log("info", "Forcing session id regeneration, session failed to start [hijack attempt?]");
session_destroy();
session_regenerate_id(true);
session_start();

5
include/classes/base.class.php
View File

@ -253,8 +253,9 @@ class Base {
$this->setErrorMessage(call_user_func_array(array($this, 'getErrorMsg'), func_get_args()));
}
// Default to SQL error for debug and cron errors
$this->debug->append($this->getErrorMsg('E0019', $this->mysqli->error));
$this->setCronMessage($this->getErrorMsg('E0019', $this->mysqli->error));
$this->debug->append($this->getErrorMsg('E0019', $this->mysqli->lastused->errno));
$this->setCronMessage($this->getErrorMsg('E0019', $this->mysqli->lastused->errno));
return false;
}

17
include/classes/csrftoken.class.php
View File

@ -16,19 +16,22 @@ class CSRFToken Extends Base {
}
/**
* Returns +1 min and +1 hour rollovers hashes
* Returns +1 min up to +15 min rollovers hashes
* @param string $user user or IP/host address
* @param string $type page name or other unique per-page identifier
* @return array 1min and 1hour hashes
* @return array 1 minute ago up to 15 minute ago hashes
*/
public function checkAdditional($user, $type) {
$date = date('m/d/y/H/i');
$d = explode('/', $date);
// minute may have rolled over
$seed1 = $this->buildSeed($user.$type, $d[0], $d[1], $d[2], $d[3], ($d[4]-1));
// hour may have rolled over
$seed2 = $this->buildSeed($user.$type, $d[0], $d[1], $d[2], ($d[3]-1), 59);
return array($this->getHash($seed1), $this->getHash($seed2));
$hashes = array();
for ($x = 1; $x < 16; $x++){
for ($y = 4;$d[$y]-- == 0;$y--);
if ($d[4] < 0) { $d[4] = 59; }
$hashes[$x-1] = $this->getHash($this->buildSeed($user.$type, $d[0], $d[1], $d[2], $d[3], $d[4]));
}
return $hashes;
}
/**

8
include/classes/mail.class.php
View File

@ -14,18 +14,10 @@ class Mail extends Base {
**/
public function contactform($senderName, $senderEmail, $senderSubject, $senderMessage) {
$this->debug->append("STA " . __METHOD__, 4);
if (preg_match('/[^a-z_\.\!\?\-0-9\\s ]/i', $senderName)) {
$this->setErrorMessage($this->getErrorMsg('E0024'));
return false;
}
if (empty($senderEmail) || !filter_var($senderEmail, FILTER_VALIDATE_EMAIL)) {
$this->setErrorMessage($this->getErrorMsg('E0023'));
return false;
}
if (preg_match('/[^a-z_\.\!\?\-0-9\\s ]/i', $senderSubject)) {
$this->setErrorMessage($this->getErrorMsg('E0034'));
return false;
}
if (strlen(strip_tags($senderMessage)) < strlen($senderMessage)) {
$this->setErrorMessage($this->getErrorMsg('E0024'));
return false;

10
include/classes/monitoring.class.php
View File

@ -60,6 +60,16 @@ class Monitoring extends Base {
return $aStatus['value'];
}
/**
* Get the timestamp that last time a cronjob started
* @param name string Cronjob name
* @return int unix timestamp of last time the cronjob started
**/
public function getLastCronStarted($name) {
$aStatus = $this->getStatus($name . '_starttime');
return $aStatus['value'];
}
/**
* Fetch a value from our table
* @param name string Setting name

91
include/classes/mysqlims.class.php Normal file
View File

@ -0,0 +1,91 @@
<?php
/*
* This class will run queries on master/slave servers depending on the query itself.
*/
class mysqlims extends mysqli
{
private $mysqliW;
private $mysqliR = null;
private $slave = false;
public $lastused = null;
/*
* Pass main and slave connection arrays to the constructor, and strict as true/false
*
* @param array $main
* @param array $slave
* @param boolean $strict
*
* @return void
*/
public function __construct($main, $slave = false, $strict = false)
{
if ($strict) {
$this->mysqliW = new mysqli_strict($main['host'],
$main['user'], $main['pass'],
$main['name'], $main['port']);
if ($slave && is_array($slave) && isset($slave['enabled']) && $slave['enabled']
=== true) {
$this->mysqliR = new mysqli_strict($slave['host'],
$slave['user'], $slave['pass'],
$slave['name'], $slave['port']);
$this->slave = true;
}
} else {
$this->mysqliW = new mysqli($main['host'],
$main['user'], $main['pass'],
$main['name'], $main['port']);
if ($slave && is_array($slave) && isset($slave['enabled']) && $slave['enabled']
=== true) {
$this->mysqliR = new mysqli($slave['host'],
$slave['user'], $slave['pass'],
$slave['name'], $slave['port']);
$this->slave = true;
}
}
if ($this->mysqliW->connect_errno) {
throw new Exception("Failed to connect to MySQL: (".$this->mysqliW->connect_errno.") ".$this->mysqliW->connect_error);
}
if ($this->slave === true && $this->mysqliR->connect_errno) {
throw new Exception("Failed to connect to MySQL: (".$this->mysqliR->connect_errno.") ".$this->mysqliR->connect_error);
}
}
/*
* Override standard mysqli_prepare to select master/slave server
* @param $string query
*
* @return mysqli_stmt
*/
public function prepare($query)
{
if (stripos($query, "SELECT") && stripos($query, "FOR UPDATE") === false && stripos($query, "INSERT") === false && $this->slave !== false) {
$this->lastused = $this->mysqliR;
return $this->mysqliR->prepare($query);
} else {
$this->lastused = $this->mysqliW;
return $this->mysqliW->prepare($query);
}
}
/*
* Override standard mysqli_query to select master/slave server
* @param string $query
* @param int $resultmode
*
* @return boolean
* @return mixed
*/
public function query($query, $resultmode = MYSQLI_STORE_RESULT)
{
if (stripos($query, "SELECT") && stripos($query, "FOR UPDATE") === false && stripos($query, "INSERT") === false && $this->slave !== false) {/* Use readonly server */
$this->lastused = $this->mysqliR;
return $this->mysqliR->query($query, $resultmode);
} else {
$this->lastused = $this->mysqliW;
return $this->mysqliW->query($query, $resultmode);
}
}
}

8
include/classes/notification.class.php
View File

@ -22,8 +22,10 @@ class Notification extends Mail {
$this->debug->append("STA " . __METHOD__, 4);
$data = json_encode($aData);
$stmt = $this->mysqli->prepare("SELECT id FROM $this->table WHERE data = ? AND active = 1 LIMIT 1");
if ($stmt && $stmt->bind_param('s', $data) && $stmt->execute() && $stmt->store_result() && $stmt->num_rows == 1)
return true;
if ($stmt && $stmt->bind_param('s', $data) && $stmt->execute() && $stmt->store_result() && $stmt->num_rows == 1) {
return true;
}
return $this->sqlError('E0041');
}
@ -188,7 +190,7 @@ class Notification extends Mail {
public function cleanupNotifications($days=7) {
$failed = 0;
$this->deleted = 0;
$stmt = $this->mysqli->prepare("DELETE FROM $this->table WHERE time < (NOW() - ? * 24 * 60 * 60)");
$stmt = $this->mysqli->prepare("DELETE FROM $this->table WHERE time < (NOW() - INTERVAL ? DAY)");
if (! ($this->checkStmt($stmt) && $stmt->bind_param('i', $days) && $stmt->execute())) {
$failed++;
} else {

6
include/classes/template.class.php
View File

@ -79,7 +79,7 @@ class Template extends Base {
}
$this->setErrorMessage('Failed to get active templates');
$this->debug->append('Template::getActiveTemplates failed: ' . $this->mysqli->error);
$this->debug->append('Template::getActiveTemplates failed: ' . $this->mysqli->lastused->error);
return false;
}
@ -172,7 +172,7 @@ class Template extends Base {
return $result->fetch_assoc();
$this->setErrorMessage('Failed to get the template');
$this->debug->append('Template::getEntry failed: ' . $this->mysqli->error);
$this->debug->append('Template::getEntry failed: ' . $this->mysqli->lastused->error);
return false;
}
@ -206,7 +206,7 @@ class Template extends Base {
return true;
$this->setErrorMessage('Database error');
$this->debug->append('Template::updateEntry failed: ' . $this->mysqli->error);
$this->debug->append('Template::updateEntry failed: ' . $this->mysqli->lastused->error);
return false;
}
}

56
include/classes/tools.class.php
View File

@ -44,9 +44,13 @@ class Tools extends Base {
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; PHP client; '.php_uname('s').'; PHP/'.phpversion().')');
}
curl_setopt($ch, CURLOPT_URL, $url . $target);
$url = rtrim($url, '/');
$target = ltrim($target, '/');
curl_setopt($ch, CURLOPT_URL, $url . '/' . $target);
// curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
@ -72,11 +76,9 @@ class Tools extends Base {
**/
private function getApiType($url) {
if (preg_match('/coinchoose.com/', $url)) {
return 'coinchose';
} else if (preg_match('/btc-e.com/', $url)) {
return 'coinchoose';
} else if (preg_match('/btc-e.nz/', $url)) {
return 'btce';
} else if (preg_match('/cryptsy.com/', $url)) {
return 'cryptsy';
} else if (preg_match('/cryptopia.co.nz/', $url)) {
return 'cryptopia';
} else if (preg_match('/cryptorush.in/', $url)) {
@ -87,6 +89,18 @@ class Tools extends Base {
return 'c-cex';
} else if (preg_match('/bittrex.com/', $url)) {
return 'bittrex';
} else if (preg_match('/crypto-bridge.org/', $url)) {
return 'cryptobridge';
} else if (preg_match('/yobit.net/', $url)) {
return 'yobit';
} else if (preg_match('/binance.com/', $url)) {
return 'binance';
} else if (preg_match('/southxchange.com/', $url)) {
return 'southxchange';
} else if (preg_match('/mercatox.com/', $url)) {
return 'mercatox';
} else if (preg_match('/tradeogre.com/', $url)) {
return 'tradeogre';
}
$this->setErrorMessage("API URL unknown");
return false;
@ -97,30 +111,28 @@ class Tools extends Base {
**/
public function getPrice() {
$aData = $this->getApi($this->config['price']['url'], $this->config['price']['target']);
$strCurrency = $this->config['currency'];
$strBase = $this->config['currency'];
$strQuote = $this->config['price']['currency'];
// Check the API type for configured URL
if (!$strApiType = $this->getApiType($this->config['price']['url']))
return false;
// if api data is valid, extract price depending on API type
if (is_array($aData)) {
switch ($strApiType) {
case 'coinchose':
case 'coinchoose':
foreach ($aData as $aItem) {
if($strCurrency == $aItem[0])
if($strBase == $aItem[0])
return $aItem['price'];
}
break;
case 'btce':
return $aData['ticker']['last'];
break;
case 'cryptsy':
return @$aData['return']['markets'][$strCurrency]['lasttradeprice'];
break;
case 'cryptopia':
return @$aData['Data']['LastPrice'];
break;
case 'cryptorush':
return @$aData["$strCurrency/" . $this->config['price']['currency']]['last_trade'];
return @$aData["{$strBase}/{$strQuote}"]['last_trade'];
break;
case 'mintpal':
return @$aData['0']['last_price'];
@ -131,6 +143,26 @@ class Tools extends Base {
case 'bittrex':
return @$aData['result']['Last'];
break;
case 'cryptobridge':
foreach ($aData as $aItem) {
if("{$strBase}_{$strQuote}" == $aItem['id'])
return $aItem['last'];
}
case 'yobit':
return @$aData[strtolower($strBase) . "_" . strtolower($strQuote)]['last'];
break;
case 'binance':
return @$aData['price'];
break;
case 'southxchange':
return @$aData['Last'];
break;
case 'mercatox':
return @$aData['pairs']["{$strBase}_{$strQuote}"]['last'];
break;
case 'tradeogre':
return @$aData['price'];
break;
}
} else {
$this->setErrorMessage("Got an invalid response from ticker API");

10
include/classes/user.class.php
View File

@ -575,7 +575,7 @@ class User extends Base {
}
// Catchall
$this->setErrorMessage('Failed to update your account');
$this->debug->append('Account update failed: ' . $this->mysqli->error);
$this->debug->append('Account update failed: ' . $this->mysqli->lastused->error);
return false;
}
@ -832,7 +832,7 @@ class User extends Base {
$signup_time = time();
if ($this->checkStmt($stmt) && $stmt->bind_param('sssissi', $username_clean, $password_hash, $email1, $signup_time, $pin_hash, $apikey_hash, $is_locked) && $stmt->execute()) {
$new_account_id = $this->mysqli->insert_id;
$new_account_id = $this->mysqli->lastused->insert_id;
if (!is_null($coinaddress)) $this->coin_address->add($new_account_id, $coinaddress);
if (! $this->setting->getValue('accounts_confirm_email_disabled') && $is_admin != 1) {
if ($token = $this->token->createToken('confirm_email', $stmt->insert_id)) {
@ -855,8 +855,8 @@ class User extends Base {
}
} else {
$this->setErrorMessage( 'Unable to register' );
$this->debug->append('Failed to insert user into DB: ' . $this->mysqli->error);
echo $this->mysqli->error;
$this->debug->append('Failed to insert user into DB: ' . $this->mysqli->lastused->error);
echo $this->mysqli->lastused->error;
if ($stmt->sqlstate == '23000') $this->setErrorMessage( 'Username or email already registered' );
return false;
}
@ -895,7 +895,7 @@ class User extends Base {
} else {
$this->setErrorMessage('Invalid token: ' . $this->token->getError());
}
$this->debug->append('Failed to update password:' . $this->mysqli->error);
$this->debug->append('Failed to update password:' . $this->mysqli->lastused->error);
return false;
}

1
include/config/error_codes.inc.php
View File

@ -80,3 +80,4 @@ $aErrorCodes['E0081'] = 'Failed to insert new block into database';
$aErrorCodes['E0082'] = 'Block does not supply any usable confirmation information';
$aErrorCodes['E0083'] = 'Maintenance mode enabled, skipped';
$aErrorCodes['E0084'] = 'Error updating %s table';
$aErrorCodes['E0085'] = 'Cron disabled due to invalid arguments';

14
include/config/global.inc.dist.php
View File

@ -60,6 +60,18 @@ $config['db']['name'] = 'mpos';
// $config['db']['shared']['workers'] = $config['db']['name'];
// $config['db']['shared']['news'] = $config['db']['name'];
/**
* Setup read-only/slave database server for selects (read queries)
**/
$config['db-ro']['enabled'] = false;
$config['db-ro']['host'] = 'localhost';
$config['db-ro']['user'] = 'someuser';
$config['db-ro']['pass'] = 'somepass';
$config['db-ro']['port'] = 3306;
$config['db-ro']['name'] = 'mpos';
/**
* Local wallet RPC
* RPC configuration for your daemon/wallet
@ -101,7 +113,7 @@ $config['gettingstarted']['stratumport'] = '3333';
* https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-ticker-api
**/
$config['price']['enabled'] = false;
$config['price']['url'] = 'https://btc-e.com';
$config['price']['url'] = 'https://btc-e.nz';
$config['price']['target'] = '/api/2/ltc_usd/ticker';
$config['price']['currency'] = 'USD';

9
include/database.inc.php
View File

@ -3,13 +3,14 @@ $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// Instantiate class, we are using mysqlng
if ($config['mysql_filter']) {
$mysqli = new mysqli_strict($config['db']['host'], $config['db']['user'], $config['db']['pass'], $config['db']['name'], $config['db']['port']);
$mysqli = new mysqlims($config['db'],$config['db-ro'], true);
} else {
$mysqli = new mysqli($config['db']['host'], $config['db']['user'], $config['db']['pass'], $config['db']['name'], $config['db']['port']);
$mysqli = new mysqlims($config['db'],$config['db-ro'], false);
}
// Check if read-only and quit if it is on
if ($mysqli->query('/* MYSQLND_MS_MASTER_SWITCH */SELECT @@global.read_only AS read_only')->fetch_object()->read_only == 1) {
// Check if read-only and quit if it is on, disregard if slave is enabled
if ($mysqli->query('/* MYSQLND_MS_MASTER_SWITCH */SELECT @@global.read_only AS read_only')->fetch_object()->read_only == 1 && $config['db-ro']['enabled'] === false ) {
die('Database is in READ-ONLY mode');
}

274
include/lib/recaptchalib.php
View File

@ -1,274 +0,0 @@
<?php
/*
* This is a PHP library that handles calling reCAPTCHA.
* - Documentation and latest version
* http://recaptcha.net/plugins/php/
* - Get a reCAPTCHA API Key
* https://www.google.com/recaptcha/admin/create
* - Discussion group
* http://groups.google.com/group/recaptcha
*
* Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
* AUTHORS:
* Mike Crawford
* Ben Maurer
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* The reCAPTCHA server URL's
*/
define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api");
define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api");
define("RECAPTCHA_VERIFY_SERVER", "www.google.com");
/**
* Encodes the given data into a query string format
* @param $data - array of string elements to be encoded
* @return string - encoded request
*/
function _recaptcha_qsencode ($data) {
$req = "";
foreach ( $data as $key => $value )
$req .= $key . '=' . urlencode( stripslashes($value) ) . '&';
// Cut the last '&'
$req=substr($req,0,strlen($req)-1);
return $req;
}
/**
* Submits an HTTP POST to a reCAPTCHA server
* @param string $host
* @param string $path
* @param array $data
* @param int port
* @return array response
*/
function _recaptcha_http_post($host, $path, $data, $port = 80) {
$req = _recaptcha_qsencode ($data);
$http_request = "POST $path HTTP/1.0\r\n";
$http_request .= "Host: $host\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: " . strlen($req) . "\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $req;
$response = '';
if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
die ('Could not open socket');
}
fwrite($fs, $http_request);
while ( !feof($fs) )
$response .= fgets($fs, 1160); // One TCP-IP packet
fclose($fs);
$response = explode("\r\n\r\n", $response, 2);
return $response;
}
/**
* Gets the challenge HTML (javascript and non-javascript version).
* This is called from the browser, and the resulting reCAPTCHA HTML widget
* is embedded within the HTML form it was called from.
* @param string $pubkey A public key for reCAPTCHA
* @param string $error The error given by reCAPTCHA (optional, default is null)
* @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)
* @return string - The HTML to be embedded in the user's form.
*/
function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
{
if ($pubkey == null || $pubkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
if ($use_ssl) {
$server = RECAPTCHA_API_SECURE_SERVER;
} else {
$server = RECAPTCHA_API_SERVER;
}
$errorpart = "";
if ($error) {
$errorpart = "&amp;error=" . $error;
}
return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>
<noscript>
<iframe src="'. $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
</noscript>';
}
/**
* A ReCaptchaResponse is returned from recaptcha_check_answer()
*/
class ReCaptchaResponse {
var $is_valid;
var $error;
}
/**
* Calls an HTTP POST function to verify if the user's guess was correct
* @param string $privkey
* @param string $remoteip
* @param string $challenge
* @param string $response
* @param array $extra_params an array of extra variables to post to the server
* @return ReCaptchaResponse
*/
function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array())
{
if ($privkey == null || $privkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
if ($remoteip == null || $remoteip == '') {
die ("For security reasons, you must pass the remote ip to reCAPTCHA");
}
//discard spam submissions
if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
$recaptcha_response = new ReCaptchaResponse();
$recaptcha_response->is_valid = false;
$recaptcha_response->error = 'incorrect-captcha-sol';
return $recaptcha_response;
}
$response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify",
array (
'privatekey' => $privkey,
'remoteip' => $remoteip,
'challenge' => $challenge,
'response' => $response
) + $extra_params
);
$answers = explode ("\n", $response [1]);
$recaptcha_response = new ReCaptchaResponse();
if (trim ($answers [0]) == 'true') {
$recaptcha_response->is_valid = true;
}
else {
$recaptcha_response->is_valid = false;
$recaptcha_response->error = $answers [1];
}
return $recaptcha_response;
}
/**
* gets a URL where the user can sign up for reCAPTCHA. If your application
* has a configuration page where you enter a key, you should provide a link
* using this function.
* @param string $domain The domain where the page is hosted
* @param string $appname The name of your application
*/
function recaptcha_get_signup_url ($domain = null, $appname = null) {
return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname));
}
function _recaptcha_aes_pad($val) {
$block_size = 16;
$numpad = $block_size - (strlen ($val) % $block_size);
return str_pad($val, strlen ($val) + $numpad, chr($numpad));
}
/* Mailhide related code */
function _recaptcha_aes_encrypt($val,$ky) {
if (! function_exists ("mcrypt_encrypt")) {
die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
}
$mode=MCRYPT_MODE_CBC;
$enc=MCRYPT_RIJNDAEL_128;
$val=_recaptcha_aes_pad($val);
return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
}
function _recaptcha_mailhide_urlbase64 ($x) {
return strtr(base64_encode ($x), '+/', '-_');
}
/* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
function recaptcha_mailhide_url($pubkey, $privkey, $email) {
if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
"you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
}
$ky = pack('H*', $privkey);
$cryptmail = _recaptcha_aes_encrypt ($email, $ky);
return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail);
}
/**
* gets the parts of the email to expose to the user.
* eg, given johndoe@example,com return ["john", "example.com"].
* the email is then displayed as john...@example.com
*/
function _recaptcha_mailhide_email_parts ($email) {
$arr = preg_split("/@/", $email );
if (strlen ($arr[0]) <= 4) {
$arr[0] = substr ($arr[0], 0, 1);
} else if (strlen ($arr[0]) <= 6) {
$arr[0] = substr ($arr[0], 0, 3);
} else {
$arr[0] = substr ($arr[0], 0, 4);
}
return $arr;
}
/**
* Gets html to display an email address given a public an private key.
* to get a key, go to:
*
* http://www.google.com/recaptcha/mailhide/apikey
*/
function recaptcha_mailhide_html($pubkey, $privkey, $email) {
$emailparts = _recaptcha_mailhide_email_parts ($email);
$url = recaptcha_mailhide_url ($pubkey, $privkey, $email);
return htmlentities($emailparts[0]) . "<a href='" . htmlentities ($url) .
"' onclick=\"window.open('" . htmlentities ($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ($emailparts [1]);
}

2
include/pages/api/getpoolstatus.inc.php
View File

@ -12,7 +12,7 @@ $aLastBlock = $block->getLast();
// Efficiency
$aShares = $statistics->getRoundShares();
$aShares['valid'] > 0 ? $dEfficiency = round((100 - (100 / $aShares['valid'] * $aShares['invalid'])), 2) : $dEfficiency = 0;
$aShares['invalid'] > 0 ? $dEfficiency = round((1 - ($aShares['invalid'] / ($aShares['valid'] + $aShares['invalid']))) * 100, 2) : $dEfficiency = 100;
// Fetch RPC data
if ($bitcoin->can_connect() === true){

9
include/pages/api/getusertransactions.inc.php
View File

@ -8,13 +8,20 @@ $api->isActive();
$user_id = $api->checkAccess($user->checkApiKey($_REQUEST['api_key']), @$_REQUEST['id']);
// Fetch transactions
if (isset($_REQUEST['start'])) {
$start = $_REQUEST['start'];
} else {
// start at the beginning
$start = 0;
}
if (isset($_REQUEST['limit']) && $_REQUEST['limit'] <= 100) {
$limit = $_REQUEST['limit'];
} else {
// Force limit
$limit = 100;
}
$data['transactions'] = $transaction->getTransactions(0, NULL, $limit, $user_id);
$data['transactions'] = $transaction->getTransactions($start, NULL, $limit, $user_id);
// Fetch summary if enabled
if (!$setting->getValue('disable_transactionsummary')) {

2
include/pages/contactform/contactform.inc.php
View File

@ -25,7 +25,7 @@ if ($setting->getValue('acl_contactform') == 2) {
if ($mail->contactform($_POST['senderName'], $_POST['senderEmail'], $_POST['senderSubject'], $_POST['senderMessage'])) {
$_SESSION['POPUP'][] = array('CONTENT' => 'Thanks for sending your message! We will get back to you shortly');
} else {
$_SESSION['POPUP'][] = array('CONTENT' => 'There was a problem sending your message. Please try again. ' . $user->getError(), 'TYPE' => 'alert alert-danger');
$_SESSION['POPUP'][] = array('CONTENT' => 'There was a problem sending your message. Check following error and please try again: ' . $mail->getError(), 'TYPE' => 'alert alert-danger');
}
}
}

29
include/pages/login.inc.php
View File

@ -1,20 +1,25 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
$recaptcha_enabled = ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_logins'));
if ($recaptcha_enabled) {
$recaptcha_secret = $setting->getValue('recaptcha_private_key');
$recaptcha_public_key = $setting->getValue('recaptcha_public_key');
$recaptcha = new \ReCaptcha\ReCaptcha($recaptcha_secret);
$smarty->assign("recaptcha_public_key", $recaptcha_public_key);
}
$smarty->assign("recaptcha_enabled", $recaptcha_enabled);
// ReCaptcha handling if enabled
if ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_logins')) {
require_once(INCLUDE_DIR . '/lib/recaptchalib.php');
if ($recaptcha_enabled) {
if (!empty($_POST['username']) && !empty($_POST['password'])) {
// Load re-captcha specific data
$rsp = recaptcha_check_answer (
$setting->getValue('recaptcha_private_key'),
$_SERVER["REMOTE_ADDR"],
( (isset($_POST["recaptcha_challenge_field"])) ? $_POST["recaptcha_challenge_field"] : null ),
( (isset($_POST["recaptcha_response_field"])) ? $_POST["recaptcha_response_field"] : null )
);
$smarty->assign("RECAPTCHA", recaptcha_get_html($setting->getValue('recaptcha_public_key'), $rsp->error, true));
} else {
$smarty->assign("RECAPTCHA", recaptcha_get_html($setting->getValue('recaptcha_public_key'), null, true));
$recaptcha_response = (isset($_POST["g-recaptcha-response"]) ? $_POST["g-recaptcha-response"] : null);
$rsp = $recaptcha->verify($recaptcha_response, $_SERVER["REMOTE_ADDRESS"]);
}
}
@ -23,7 +28,7 @@ if (!empty($_POST['username']) && !empty($_POST['password'])) {
$_SESSION['POPUP'][] = array('CONTENT' => 'You are not allowed to login during maintenace.', 'TYPE' => 'alert alert-info');
} else {
// Check if recaptcha is enabled, process form data if valid
if (!$setting->getValue('recaptcha_enabled') || !$setting->getValue('recaptcha_enabled_logins') || ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_logins') && $rsp->is_valid)) {
if (($recaptcha_enabled && $rsp->isSuccess()) || !$recaptcha_enabled) {
if (!$config['csrf']['enabled'] || $config['csrf']['enabled'] && $csrftoken->valid) {
// check if login is correct
if ($user->checkLogin(@$_POST['username'], @$_POST['password']) ) {

10
include/pages/register.inc.php
View File

@ -8,10 +8,14 @@ if ($setting->getValue('lock_registration') && $setting->getValue('disable_invit
$_SESSION['POPUP'][] = array('CONTENT' => 'Only invited users are allowed to register.', 'TYPE' => 'alert alert-danger');
$smarty->assign("CONTENT", "disabled.tpl");
} else {
if ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_registrations')) {
require_once(INCLUDE_DIR . '/lib/recaptchalib.php');
$smarty->assign("RECAPTCHA", recaptcha_get_html($setting->getValue('recaptcha_public_key'), null, true));
$recaptcha_enabled = ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_registrations'));
$smarty->assign("recaptcha_enabled", $recaptcha_enabled);
if ($recaptcha_enabled) {
$recaptcha_public_key = $setting->getValue('recaptcha_public_key');
$smarty->assign("recaptcha_public_key", $recaptcha_public_key);
}
// Load news entries for Desktop site and unauthenticated users
$smarty->assign("CONTENT", "default.tpl");
}

31
include/pages/register/register.inc.php
View File

@ -1,19 +1,24 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
$recaptcha_enabled = ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_registrations'));
$smarty->assign("recaptcha_enabled", $recaptcha_enabled);
// ReCaptcha handling if enabled
if ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_registrations')) {
require_once(INCLUDE_DIR . '/lib/recaptchalib.php');
if ($recaptcha_enabled) {
$recaptcha_secret = $setting->getValue('recaptcha_private_key');
$recaptcha_public_key = $setting->getValue('recaptcha_public_key');
$smarty->assign("recaptcha_public_key", $recaptcha_public_key);
$recaptcha = new \ReCaptcha\ReCaptcha($recaptcha_secret);
// Load re-captcha specific data
$rsp = recaptcha_check_answer (
$setting->getValue('recaptcha_private_key'),
$_SERVER["REMOTE_ADDR"],
( (isset($_POST["recaptcha_challenge_field"])) ? $_POST["recaptcha_challenge_field"] : null ),
( (isset($_POST["recaptcha_response_field"])) ? $_POST["recaptcha_response_field"] : null )
);
$smarty->assign("RECAPTCHA", recaptcha_get_html($setting->getValue('recaptcha_public_key'), $rsp->error, true));
if (!$rsp->is_valid) $_SESSION['POPUP'][] = array('CONTENT' => 'Invalid Captcha, please try again.', 'TYPE' => 'alert alert-danger');
$recaptcha = ($rsp->is_valid) ? 1 : 0;
$recaptcha_response = (isset($_POST["g-recaptcha-response"]) ? $_POST["g-recaptcha-response"] : null);
$rsp = $recaptcha->verify($recaptcha_response, $_SERVER["REMOTE_ADDRESS"]);
if (!$rsp->isSuccess()) $_SESSION['POPUP'][] = array('CONTENT' => 'Invalid Captcha, please try again.', 'TYPE' => 'alert alert-danger');
}
if ($setting->getValue('disable_invitations') && $setting->getValue('lock_registration')) {
@ -23,10 +28,10 @@ if ($setting->getValue('disable_invitations') && $setting->getValue('lock_regist
} else {
// Check if csrf is enabled and fail if token is invalid
if (!$config['csrf']['enabled'] || $config['csrf']['enabled'] && $csrftoken->valid) {
if ($setting->getValue('recaptcha_enabled') != 1 || $setting->getValue('recaptcha_enabled_registrations') != 1 || $rsp->is_valid) {
if (($recaptcha_enabled && $rsp->isSuccess()) || !$recaptcha_enabled) {
// Check if recaptcha is enabled, process form data if valid or disabled
isset($_POST['token']) ? $token = $_POST['token'] : $token = '';
isset($_POST['coinaddress']) ? $validcoinaddress = $_POST['coinaddress'] : $validcoinaddress = NULL;
isset($_POST['coinaddress']) ? $validcoinaddress = $_POST['coinaddress'] : $validcoinaddress = NULL;
if ($config['check_valid_coinaddress'] AND empty($validcoinaddress)) {
$_SESSION['POPUP'][] = array('CONTENT' => 'Please enter a valid Wallet Address', 'TYPE' => 'alert alert-danger');
} else {

2
include/version.inc.php
View File

@ -1,7 +1,7 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
define('MPOS_VERSION', '1.0.8');
define('MPOS_VERSION', '1.0.9');
define('DB_VERSION', '1.0.2');
define('CONFIG_VERSION', '1.0.1');
define('HASH_VERSION', 1);

2
templates/bootstrap/about/pool/default.tpl
View File

@ -48,7 +48,7 @@
</ul>
</div>
<div class="panel-footer">
<h6>This Pool is running <a href="https://github.com/TheSerapher/php-mpos">MPOS</a> project code. This frontend was created by <a href="https://github.com/MPOS/php-mpos"TheSerapher aka Sebastian Grewe</a>. The operation of the pool is soley at the hand of your trusted pool operator.</h6>
<h6>This Pool is running <a href="https://github.com/TheSerapher/php-mpos">MPOS</a> project code. This frontend was created by <a href="https://github.com/MPOS/php-mpos">TheSerapher aka Sebastian Grewe</a>. The operation of the pool is soley at the hand of your trusted pool operator.</h6>
</div>
</div>
</div>

66
templates/bootstrap/admin/wallet/peers.tpl
View File

@ -1,31 +1,35 @@
<div class="row">
<div class="col-lg-12">
<div class="panel panel-info">
<div class="panel-heading">
<i class="fa fa-connectdevelop fa-fw"></i> Peer Information
</div>
<div class="panel-body no-padding">
<table class="table table-striped table-bordered table-hover">
<thead>
<tr>
<th>Host</th>
<th>Protocol</th>
<th>Identity</th>
<th>Connected</th>
<th>Traffic</th>
</tr>
</thead>
<tbody>
{foreach key=KEY item=ARRAY from=$PEERINFO}
<tr>
<td>{$ARRAY['addr']}</td>
<td>{$ARRAY['version']}</td>
<td>{$ARRAY['subver']|replace:'/':''}</td>
<td>{$ARRAY['conntime']|date_format:$GLOBAL.config.date}</td>
<td>{(($ARRAY['bytessent']|default:"0" + $ARRAY['bytesrecv']|default:"0") / 1024 / 1024)|number_format:"3"} MB</td>
</tr>
{/foreach}
</tbody>
</table>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="panel panel-info">
<div class="panel-heading">
<i class="fa fa-connectdevelop fa-fw"></i> Peer Information
</div>
<div class="panel-body no-padding">
<div class="table-responsive">
<table class="table table-striped table-bordered table-hover">
<thead>
<tr>
<th>Host</th>
<th>Protocol</th>
<th>Identity</th>
<th>Connected</th>
<th>Traffic</th>
</tr>
</thead>
<tbody>
{foreach key=KEY item=ARRAY from=$PEERINFO}
<tr>
<td>{$ARRAY['addr']}</td>
<td>{$ARRAY['version']}</td>
<td>{$ARRAY['subver']|replace:'/':''}</td>
<td>{$ARRAY['conntime']|date_format:$GLOBAL.config.date}</td>
<td>{(($ARRAY['bytessent']|default:"0" + $ARRAY['bytesrecv']|default:"0") / 1024 / 1024)|number_format:"3"} MB</td>
</tr>
{/foreach}
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>

67
templates/bootstrap/admin/wallet/status.tpl
View File

@ -1,32 +1,35 @@
<div class="col-lg-8">
<div class="panel panel-info">
<div class="panel-heading">
<i class="fa fa-info fa-fw"></i> Wallet Status
</div>
<div class="panel-body no-padding">
<table class="table table-striped table-bordered table-hover">
<thead>
<th>Version</th>
<th>Protocol Version</th>
<th>Wallet Version</th>
<th>Peers</th>
<th>Status</th>
<th>Blocks</th>
<th>Accounts</th>
</thead>
<tbody>
<tr>
<td>{$COININFO.version|default:""}</td>
<td>{$COININFO.protocolversion|default:""}</td>
<td>{$COININFO.walletversion|default:""}</td>
<td>{$COININFO.connections|default:""}</td>
<td><font color="{if $COININFO.errors}red{else}green{/if}">{$COININFO.errors|default:"OK"}</font></td>
<td>{$COININFO.blocks|default:"0"}</td>
<td>{$ADDRESSCOUNT}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="col-lg-8">
<div class="panel panel-info">
<div class="panel-heading">
<i class="fa fa-info fa-fw"></i> Wallet Status
</div>
<div class="panel-body no-padding">
<div class="table-responsive">
<table class="table table-striped table-bordered table-hover">
<thead>
<tr>
<th>Version</th>
<th>Protocol Version</th>
<th>Wallet Version</th>
<th>Peers</th>
<th>Status</th>
<th>Blocks</th>
<th>Accounts</th>
</tr>
</thead>
<tbody>
<tr>
<td>{$COININFO.version|default:""}</td>
<td>{$COININFO.protocolversion|default:""}</td>
<td>{$COININFO.walletversion|default:""}</td>
<td>{$COININFO.connections|default:""}</td>
<td><font color="{if $COININFO.errors}red{else}green{/if}">{$COININFO.errors|default:"OK"}</font></td>
<td>{$COININFO.blocks|default:"0"}</td>
<td>{$ADDRESSCOUNT}</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>

2
templates/bootstrap/dashboard/round_statistics/pplns/round.tpl
View File

@ -70,7 +70,7 @@
<p class="h5" id="b-nextdiff">{if $GLOBAL.nethashrate > 0}{$NETWORK.EstNextDifficulty|number_format:"8"}{else}n/a{/if}</p>
</div>
<div class="circle-tile-number text-faded">
<p class="h6">Est Next Difficulty{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}</p>
<p class="h6">Est. Next Difficulty{if $GLOBAL.config.coindiffchangetarget > 1}{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}{/if}</p>
</div>
</div>
</div>

2
templates/bootstrap/dashboard/round_statistics/pps/round.tpl
View File

@ -130,7 +130,7 @@
<p id="b-nextdiff" class="h5">{if $GLOBAL.nethashrate > 0}{$NETWORK.EstNextDifficulty|number_format:"8"}{else}n/a{/if}</p>
</div>
<div class="circle-tile-number text-faded">
<p class="h6">Est Next Difficulty{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}</p>
<p class="h6">Est. Next Difficulty{if $GLOBAL.config.coindiffchangetarget > 1}{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}{/if}</p>
</div>
</div>
</div>

2
templates/bootstrap/dashboard/round_statistics/prop/round.tpl
View File

@ -70,7 +70,7 @@
<p class="h5" id="b-nextdiff">{if $GLOBAL.nethashrate > 0}{$NETWORK.EstNextDifficulty|number_format:"8"}{else}n/a{/if}</p>
</div>
<div class="circle-tile-number text-faded">
<p class="h6">Est Next Difficulty{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}</p>
<p class="h6">Est. Next Difficulty{if $GLOBAL.config.coindiffchangetarget > 1}{if $GLOBAL.nethashrate > 0}<br/>Change in {$NETWORK.BlocksUntilDiffChange} Blocks{else}No Estimates{/if}{/if}</p>
</div>
</div>
</div>

9
templates/bootstrap/login/default.tpl
View File

@ -17,7 +17,14 @@
</div>
</div>
</div>
<center>{nocache}{$RECAPTCHA|default:"" nofilter}{/nocache}</center>
<center>
{nocache}
{if $recaptcha_enabled}
<div class="g-recaptcha" data-sitekey="{$recaptcha_public_key}"></div>
<script type="text/javascript" src="https://www.google.com/recaptcha/api.js"></script>
{/if}
{/nocache}
</center>
<div class="panel-footer">
<input type="submit" class="btn btn-success btn-sm" value="Login" >
<a href="{$smarty.server.SCRIPT_NAME}?page=password"><font size="1">Forgot your password?</font></a>

11
templates/bootstrap/register/default.tpl
View File

@ -52,7 +52,7 @@
<font size="1">Four digit number. <b>Remember this pin!</b></font>
<div class="input-group input-group-sm">
<span class="input-group-addon"><i class="fa fa-shield fa-fw"></i></span>
<input type="password" class="form-control" name="pin" placeholder="PIN" value="" size="4" maxlength="4" required>
<input type="password" class="form-control" name="pin" placeholder="PIN" value="" size="4" maxlength="4" required>
</div>
<div class="input-group input-group-sm">
<label>
@ -60,7 +60,14 @@
</label>
</div>
</div>
<center>{nocache}{$RECAPTCHA|default:"" nofilter}{/nocache}</center>
<center>
{nocache}
{if $recaptcha_enabled}
<div class="g-recaptcha" data-sitekey="{$recaptcha_public_key}"></div>
<script type="text/javascript" src="https://www.google.com/recaptcha/api.js"></script>
{/if}
{/nocache}
</center>
</div>
<div class="panel-footer">
<input type="submit" value="Register" class="btn btn-success btn-sm">

12
templates/bootstrap/statistics/blocks/block_overview_time.tpl
View File

@ -42,7 +42,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.TotalShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.TotalEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.TotalShares / $LASTBLOCKSBYTIME.TotalEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.TotalShares / $LASTBLOCKSBYTIME.TotalEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.TotalShares / $LASTBLOCKSBYTIME.TotalEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.TotalShares / $LASTBLOCKSBYTIME.TotalEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.TotalShares / $LASTBLOCKSBYTIME.TotalEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}
@ -68,7 +68,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.1HourShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.1HourEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.1HourShares / $LASTBLOCKSBYTIME.1HourEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.1HourShares / $LASTBLOCKSBYTIME.1HourEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.1HourShares / $LASTBLOCKSBYTIME.1HourEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.1HourShares / $LASTBLOCKSBYTIME.1HourEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.1HourShares / $LASTBLOCKSBYTIME.1HourEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}
@ -94,7 +94,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.24HourShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.24HourEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.24HourShares / $LASTBLOCKSBYTIME.24HourEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.24HourShares / $LASTBLOCKSBYTIME.24HourEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.24HourShares / $LASTBLOCKSBYTIME.24HourEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.24HourShares / $LASTBLOCKSBYTIME.24HourEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.24HourShares / $LASTBLOCKSBYTIME.24HourEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}
@ -120,7 +120,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.7DaysShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.7DaysEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.7DaysShares / $LASTBLOCKSBYTIME.7DaysEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.7DaysShares / $LASTBLOCKSBYTIME.7DaysEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.7DaysShares / $LASTBLOCKSBYTIME.7DaysEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.7DaysShares / $LASTBLOCKSBYTIME.7DaysEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.7DaysShares / $LASTBLOCKSBYTIME.7DaysEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}
@ -146,7 +146,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.4WeeksShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.4WeeksEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.4WeeksShares / $LASTBLOCKSBYTIME.4WeeksEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.4WeeksShares / $LASTBLOCKSBYTIME.4WeeksEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.4WeeksShares / $LASTBLOCKSBYTIME.4WeeksEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.4WeeksShares / $LASTBLOCKSBYTIME.4WeeksEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.4WeeksShares / $LASTBLOCKSBYTIME.4WeeksEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}
@ -172,7 +172,7 @@
<td class="text-right">{$LASTBLOCKSBYTIME.12MonthShares|number_format}</td>
<td class="text-right">
{if $LASTBLOCKSBYTIME.12MonthEstimatedShares > 0}
<font color="{if (($LASTBLOCKSBYTIME.12MonthShares / $LASTBLOCKSBYTIME.12MonthEstimatedShares * 100) <= 100)}green{else}red{/if}">{($LASTBLOCKSBYTIME.12MonthShares / $LASTBLOCKSBYTIME.12MonthEstimatedShares * 100)|number_format:"2"}%</font></b>
<font color="{if (($LASTBLOCKSBYTIME.12MonthShares / $LASTBLOCKSBYTIME.12MonthEstimatedShares * 100) <= 100)}green{elseif (($LASTBLOCKSBYTIME.12MonthShares / $LASTBLOCKSBYTIME.12MonthEstimatedShares * 100) <= 115)}orange{else}red{/if}">{($LASTBLOCKSBYTIME.12MonthShares / $LASTBLOCKSBYTIME.12MonthEstimatedShares * 100)|number_format:"2"}%</font></b>
{else}
0.00%
{/if}

4
templates/bootstrap/statistics/blocks/blocks_found_details.tpl
View File

@ -59,7 +59,7 @@
<td class="text-right">{$BLOCKSFOUND[block].shares|number_format}</td>
<td class="text-right">
{math assign="percentage" equation="shares / estshares * 100" shares=$BLOCKSFOUND[block].shares|default:"0" estshares=$BLOCKSFOUND[block].estshares}
<font color="{if ($percentage <= 100)}green{else}red{/if}">{$percentage|number_format:"2"}</font>
<font color="{if ($percentage <= 100)}green{elseif ($percentage <= 115)}orange{else}red{/if}">{$percentage|number_format:"2"}</font>
</td>
</tr>
{/section}
@ -70,7 +70,7 @@
<td class="text-right">{$pplnsshares|number_format}</td>
{/if}
<td class="text-right">{$totalshares|number_format}</td>
<td class="text-right">{if $count > 0}<font color="{if (($totalshares / $totalexpectedshares * 100) <= 100)}green{else}red{/if}">{($totalshares / $totalexpectedshares * 100)|number_format:"2"}</font>{else}0{/if}</td>
<td class="text-right">{if $count > 0}<font color="{if (($totalshares / $totalexpectedshares * 100) <= 100)}green{elseif (($totalshares / $totalexpectedshares * 100) <= 115)}orange{else}red{/if}">{($totalshares / $totalexpectedshares * 100)|number_format:"2"}</font>{else}0{/if}</td>
</tr>
</tbody>
</table>

6
templates/bootstrap/statistics/graphs/default.tpl
View File

@ -2,7 +2,7 @@
$(function () {
var hashChart = Morris.Line({
element: 'hashrate-area-chart',
data: {$YOURMININGSTATS},
data: {$YOURMININGSTATS nofilter},
xkey: 'time',
ykeys: ['hashrate'],
labels: ['Hashrate'],
@ -17,7 +17,7 @@ $(function () {
var workersChart = Morris.Line({
element: 'workers-area-chart',
data: {$YOURMININGSTATS},
data: {$YOURMININGSTATS nofilter},
xkey: 'time',
ykeys: ['workers'],
labels: ['Workers'],
@ -32,7 +32,7 @@ $(function () {
var shareCharts= Morris.Line({
element: 'sharerate-area-chart',
data: {$YOURMININGSTATS},
data: {$YOURMININGSTATS nofilter},
xkey: 'time',
ykeys: ['sharerate'],
labels: ['Sharerate'],