Merge branch 'next' of github.com:TheSerapher/php-mmcfe-ng into next

2013-06-28 21:54:52 +02:00 · 2013-06-28 21:54:52 +02:00 · b90662e544
commit b90662e544
parent 4f8cfd95db 60a2a44552
8 changed files with 43 additions and 20 deletions
--- a/public/include/pages/api/getuserstatus.inc.php
+++ b/public/include/pages/api/getuserstatus.inc.php
@ -5,18 +5,30 @@ if (!defined('SECURITY'))
 die('Hacking attempt');

 // Check user token
-$id = $user->checkApiKey($_REQUEST['api_key']);
+$user_id = $user->checkApiKey($_REQUEST['api_key']);

-// We have to check if that user is admin too
-if ( ! $user->isAdmin($id) ) {
+/**
+ * This check will ensure the user can do the following:
+ * Admin: Check any user via request id
+ * Regular: Check your own status
+ * Other: Deny access via checkApiKey
+ **/
+if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) {
+  // User is admin and tries to access an ID that is not their own
  header("HTTP/1.1 401 Unauthorized");
  die("Access denied");
+} else if ($user->isAdmin($user_id)) {
+  // Admin, so allow any ID passed in request
+  $id = $_REQUEST['id'];
+  // Is it a username or a user ID
+  ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id'];
+  ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
+} else {
+  // Not admin, only allow own user ID
+  $id = $user_id;
+  $username = $user->getUserName($id);
 }

-// Is it a username or a user ID
-ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id'];
-ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
-
 // Output JSON format
 echo json_encode(array('getuserstatus' => array(
  'username' => $username,
--- a/public/include/pages/api/getuserworkers.inc.php
+++ b/public/include/pages/api/getuserworkers.inc.php
@ -5,17 +5,19 @@ if (!defined('SECURITY'))
 die('Hacking attempt');

 // Check user token
-$id = $user->checkApiKey($_REQUEST['api_key']);
+$user_id = $user->checkApiKey($_REQUEST['api_key']);

 // We have to check if that user is admin too
-if ( ! $user->isAdmin($id) ) {
+if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) {
  header("HTTP/1.1 401 Unauthorized");
  die("Access denied");
+} else if ($user->isAdmin($user_id)) {
+  $id = $_REQUEST['id'];
+  ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
+} else {
+  $id = $user_id;
 }

-// Is it a username or a user ID
-ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
-
 // Output JSON format
 echo json_encode(array('getuserworkers' => $worker->getWorkers($id)));

--- a/public/include/pages/statistics/blocks.inc.php
+++ b/public/include/pages/statistics/blocks.inc.php
@ -5,7 +5,7 @@ if (!defined('SECURITY')) die('Hacking attempt');
 if (!$user->isAuthenticated()) header("Location: index.php?page=home");

 // Grab the last blocks found
-$iLimit = 30;
+$iLimit = 20;
 $aBlocksFoundData = $statistics->getBlocksFound($iLimit);
 $aBlockData = $aBlocksFoundData[0];

--- a/public/site_assets/mmcFE/js/custom.js
+++ b/public/site_assets/mmcFE/js/custom.js
@ -16,10 +16,14 @@ $(function () {
            var statsType = 'area';
        }

+        // hack to statically set width as something is broken with div width calculation - anni
+        var chart_width = $(document).width() - 400;
+
        if (statsType == 'line' || statsType == 'pie') {
            $(this).hide().visualize({
                type: statsType,
                // 'bar', 'area', 'pie', 'line'
+                width: chart_width,
                height: '240px',
                colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c'],
                lineDots: 'double',
@ -37,6 +41,7 @@ $(function () {
        } else {
            $(this).hide().visualize({
                // 'bar', 'area', 'pie', 'line'
+                width: chart_width,
                type: statsType,
                height: '240px',
                colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c']
--- a/public/templates/mmcFE/global/sidebar.tpl
+++ b/public/templates/mmcFE/global/sidebar.tpl
@ -33,11 +33,11 @@
                    </tr>
                    <tr>
                      <td><b>Pool Invalid</b></td>
-                      <td class="right"><i>{$GLOBAL.roundshares.invalid|number_format}</i></td>
+                      <td class="right"><i>{$GLOBAL.roundshares.invalid|number_format}</i><font size='1px'> ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%)</font></td>
                    </tr>
                    <tr>
                      <td><b>Your Invalid</b></td>
-                      <td class="right"><i>{$GLOBAL.userdata.shares.invalid|number_format}</i><font size='1px'></font></td>
+                      <td class="right"><i>{$GLOBAL.userdata.shares.invalid|number_format}</i><font size='1px'> ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%)</font></td>
                    </tr>
                    <tr>
                      <td colspan="2"><b><u>{$GLOBAL.config.currency} Round Estimate</u></b></td>
--- a/public/templates/mmcFE/global/sidebar_pps.tpl
+++ b/public/templates/mmcFE/global/sidebar_pps.tpl
@ -30,11 +30,11 @@
                    </tr>
                    <tr>
                      <td><b>Pool Invalid</b></td>
-                      <td class="right"><i>{$GLOBAL.roundshares.invalid|number_format}</i></td>
+                      <td class="right"><i>{$GLOBAL.roundshares.invalid|number_format}<font size='1px'> ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%)</font></i></td>
                    </tr>
                    <tr>
                      <td><b>Your Invalid</b></td>
-                      <td class="right"><i>{$GLOBAL.userdata.shares.invalid|number_format}</i><font size='1px'></font></td>
+                      <td class="right"><i>{$GLOBAL.userdata.shares.invalid|number_format}</i><font size='1px'> ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%)</font></td>
                    </tr>
                    <tr><td colspan="2">&nbsp;</td></tr>
                    <tr><td colspan="2"><b><u>{$GLOBAL.config.currency} Estimates</u></b></td></tr>
--- a/public/templates/mmcFE/statistics/blocks/default.tpl
+++ b/public/templates/mmcFE/statistics/blocks/default.tpl
@ -3,7 +3,7 @@
  <caption>Block Shares</caption> 
  <thead>
    <tr>
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
      <th scope="col">{$BLOCKSFOUND[block].height}</th>
 {/section}
    </th>
@ -11,13 +11,13 @@
  <tbody>
    <tr>
      <th scope="row">Expected</th>
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
      <td>{round(pow(2,32 - $GLOBAL.config.targetdiff) * $BLOCKSFOUND[block].difficulty)}</td>
 {/section}
    </tr>
    <tr>
      <th scope="row">Actual</th>
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
      <td>{$BLOCKSFOUND[block].shares}</td>
 {/section}
   </tr>
@ -67,7 +67,9 @@ target and network difficulty and assuming a zero variance scenario.
    </tbody>
  </table>
 </center>
+{if $GLOBAL.config.payout_system != 'pps'}
 <ul>
  <li>Note: <font color="orange">Round Earnings are not credited until {$GLOBAL.confirmations} confirms.</font></li>
 </ul>
+{/if}
 {include file="global/block_footer.tpl"}
--- a/public/templates/mmcFE/statistics/blocks/small_table.tpl
+++ b/public/templates/mmcFE/statistics/blocks/small_table.tpl
@ -22,7 +22,9 @@
    </tbody>
  </table>
 </center>
+{if $GLOBAL.config.payout_system != 'pps'}
 <ul>
  <li>Note: <font color="orange">Round Earnings are not credited until {$GLOBAL.confirmations} confirms.</font></li>
 </ul>
+{/if}
 {include file="global/block_footer.tpl"}