From 9f6cf99aa3df78aabecb0b1d0c30ae78d4e1c14b Mon Sep 17 00:00:00 2001 From: xisi Date: Tue, 28 Jan 2014 08:08:53 -0500 Subject: [PATCH] small fixes --- public/include/admin_checks.php | 35 ++++++++++++++++++--------- public/include/classes/user.class.php | 2 +- public/include/pages/login.inc.php | 2 +- public/index.php | 2 +- 4 files changed, 26 insertions(+), 15 deletions(-) diff --git a/public/include/admin_checks.php b/public/include/admin_checks.php index 1a28da32..2652659b 100644 --- a/public/include/admin_checks.php +++ b/public/include/admin_checks.php @@ -2,16 +2,17 @@ $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) { - if (!include_once(INCLUDE_DIR . '/lib/jsonRPCClient.php')) die('Unable to load libs'); - $notice = array(); $enotice = array(); $error = array(); - // setup some basic stuff for checking - $apache_user = posix_getuid(); - $apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user; + // setup some basic stuff for checking - getuid/getpwuid not available on mac/windows + $apache_user = 'unknown'; + if (substr_count(strtolower(PHP_OS), 'nix') > 0) { + $apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown'; + $apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user; + } // setup checks // check if memcache isn't available but enabled in config -> error @@ -71,19 +72,29 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][ $error[] = "strict or mc_antidos are enabled and memcache is not, memcache is required to use these."; } // poke stratum using gettingstarted details -> enotice - $socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP); - if ($socket !== false) { - $address = @gethostbyname($config['gettingstarted']['stratumurl']); - $result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']); - if ($result !== 1) { + if (substr_count(strtolower(PHP_OS), 'nix') > 0) { + // unix *poke* + $socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP); + if ($socket !== false) { + $address = @gethostbyname($config['gettingstarted']['stratumurl']); + $result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']); + if ($result !== 1) { + $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond"; + } + $close = @socket_close($socket); + } + } else { + // mac/windows *poke* + if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'],$config['gettingstarted']['stratumport'],$errCode,$errStr,1)) { $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond"; } - $close = @socket_close($socket); + @fclose($fp); } + // security checks // strict not on -> notice if (!$config['strict']) { - $notice[] = "strict is disabled - if you have memcache, you should turn this on."; + $notice[] = "Strict is disabled - if you have memcache, you should turn this on."; } // salts too short -> notice, salts default -> error if ((strlen(SALT) < 24) || (strlen(SALTY) < 24) || SALT == 'PLEASEMAKEMESOMETHINGRANDOM' || SALTY == 'THISSHOULDALSOBERRAANNDDOOM') { diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php index 1c0feee0..3d1366b3 100644 --- a/public/include/classes/user.class.php +++ b/public/include/classes/user.class.php @@ -493,7 +493,7 @@ class User extends Base { private function createSession($username) { $this->debug->append("STA " . __METHOD__, 4); $this->debug->append("Log in user to _SESSION", 2); - if ($this->config['strict']) { + if ($this->config['strict'] && $this->config['memcache']['enabled']) { session_regenerate_id(true); $_SESSION['AUTHENTICATED'] = '1'; // $this->user from checkUserPassword diff --git a/public/include/pages/login.inc.php b/public/include/pages/login.inc.php index 84964672..d80dd08c 100644 --- a/public/include/pages/login.inc.php +++ b/public/include/pages/login.inc.php @@ -29,7 +29,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserIdByEmail $port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]); $location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://'; $location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME']; - if ($config['strict']) { + if ($config['strict'] && $config['memcache']['enabled']) { $update = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0); $session->regen_session_id(); $update['sid'] = session_id(); diff --git a/public/index.php b/public/index.php index 61a5a327..cb99e3fd 100644 --- a/public/index.php +++ b/public/index.php @@ -128,7 +128,7 @@ if ($config['memcache']['enabled'] && ($config['mc_antidos']['enabled'] || $conf } // Quick config check -if (@$_SESSION['USERDATA']['is_admin'] && (!$config['skip_config_tests'])) { +if (@$_SESSION['USERDATA']['is_admin'] && !@$config['skip_config_tests']) { require_once(INCLUDE_DIR. '/admin_checks.php'); }