RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

small fixes

Browse Source
This commit is contained in:
xisi 2014-01-28 08:08:53 -05:00
parent f56c18276a
commit 9f6cf99aa3
4 changed files with 26 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
public/include/admin_checks.php
View File

@ -2,16 +2,17 @@
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) { if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA']['id'])) {
if (!include_once(INCLUDE_DIR . '/lib/jsonRPCClient.php')) die('Unable to load libs'); if (!include_once(INCLUDE_DIR . '/lib/jsonRPCClient.php')) die('Unable to load libs');
$notice = array(); $notice = array();
$enotice = array(); $enotice = array();
$error = array(); $error = array();
// setup some basic stuff for checking // setup some basic stuff for checking - getuid/getpwuid not available on mac/windows
$apache_user = posix_getuid(); $apache_user = 'unknown';
$apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user; if (substr_count(strtolower(PHP_OS), 'nix') > 0) {
$apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown';
$apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user;
}
// setup checks // setup checks
// check if memcache isn't available but enabled in config -> error // check if memcache isn't available but enabled in config -> error
@ -71,19 +72,29 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
$error[] = "strict or mc_antidos are enabled and memcache is not, <u>memcache is required</u> to use these."; $error[] = "strict or mc_antidos are enabled and memcache is not, <u>memcache is required</u> to use these.";
} }
// poke stratum using gettingstarted details -> enotice // poke stratum using gettingstarted details -> enotice
$socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP); if (substr_count(strtolower(PHP_OS), 'nix') > 0) {
if ($socket !== false) { // unix *poke*
$address = @gethostbyname($config['gettingstarted']['stratumurl']); $socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
$result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']); if ($socket !== false) {
if ($result !== 1) { $address = @gethostbyname($config['gettingstarted']['stratumurl']);
$result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']);
if ($result !== 1) {
$enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond";
}
$close = @socket_close($socket);
}
} else {
// mac/windows *poke*
if (! $fp = @fsockopen($config['gettingstarted']['stratumurl'],$config['gettingstarted']['stratumport'],$errCode,$errStr,1)) {
$enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond"; $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond";
} }
$close = @socket_close($socket); @fclose($fp);
} }
// security checks // security checks
// strict not on -> notice // strict not on -> notice
if (!$config['strict']) { if (!$config['strict']) {
$notice[] = "strict is <u>disabled</u> - if you have memcache, you should turn this on."; $notice[] = "Strict is <u>disabled</u> - if you have memcache, you should turn this on.";
} }
// salts too short -> notice, salts default -> error // salts too short -> notice, salts default -> error
if ((strlen(SALT) < 24) || (strlen(SALTY) < 24) || SALT == 'PLEASEMAKEMESOMETHINGRANDOM' || SALTY == 'THISSHOULDALSOBERRAANNDDOOM') { if ((strlen(SALT) < 24) || (strlen(SALTY) < 24) || SALT == 'PLEASEMAKEMESOMETHINGRANDOM' || SALTY == 'THISSHOULDALSOBERRAANNDDOOM') {

2
public/include/classes/user.class.php
View File

@ -493,7 +493,7 @@ class User extends Base {
private function createSession($username) { private function createSession($username) {
$this->debug->append("STA " . __METHOD__, 4); $this->debug->append("STA " . __METHOD__, 4);
$this->debug->append("Log in user to _SESSION", 2); $this->debug->append("Log in user to _SESSION", 2);
if ($this->config['strict']) { if ($this->config['strict'] && $this->config['memcache']['enabled']) {
session_regenerate_id(true); session_regenerate_id(true);
$_SESSION['AUTHENTICATED'] = '1'; $_SESSION['AUTHENTICATED'] = '1';
// $this->user from checkUserPassword // $this->user from checkUserPassword

2
public/include/pages/login.inc.php
View File

@ -29,7 +29,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserIdByEmail
$port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]); $port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
$location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://'; $location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
$location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME']; $location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME'];
if ($config['strict']) { if ($config['strict'] && $config['memcache']['enabled']) {
$update = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0); $update = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
$session->regen_session_id(); $session->regen_session_id();
$update['sid'] = session_id(); $update['sid'] = session_id();

2
public/index.php
View File

@ -128,7 +128,7 @@ if ($config['memcache']['enabled'] && ($config['mc_antidos']['enabled'] || $conf
} }
// Quick config check // Quick config check
if (@$_SESSION['USERDATA']['is_admin'] && (!$config['skip_config_tests'])) { if (@$_SESSION['USERDATA']['is_admin'] && !@$config['skip_config_tests']) {
require_once(INCLUDE_DIR. '/admin_checks.php'); require_once(INCLUDE_DIR. '/admin_checks.php');
} }