diff --git a/public/include/pages/api/getuserstatus.inc.php b/public/include/pages/api/getuserstatus.inc.php
index c91ade94..ac8f6654 100644
--- a/public/include/pages/api/getuserstatus.inc.php
+++ b/public/include/pages/api/getuserstatus.inc.php
@@ -5,18 +5,30 @@ if (!defined('SECURITY'))
die('Hacking attempt');
// Check user token
-$id = $user->checkApiKey($_REQUEST['api_key']);
+$user_id = $user->checkApiKey($_REQUEST['api_key']);
-// We have to check if that user is admin too
-if ( ! $user->isAdmin($id) ) {
+/**
+ * This check will ensure the user can do the following:
+ * Admin: Check any user via request id
+ * Regular: Check your own status
+ * Other: Deny access via checkApiKey
+ **/
+if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) {
+ // User is admin and tries to access an ID that is not their own
header("HTTP/1.1 401 Unauthorized");
die("Access denied");
+} else if ($user->isAdmin($user_id)) {
+ // Admin, so allow any ID passed in request
+ $id = $_REQUEST['id'];
+ // Is it a username or a user ID
+ ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id'];
+ ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
+} else {
+ // Not admin, only allow own user ID
+ $id = $user_id;
+ $username = $user->getUserName($id);
}
-// Is it a username or a user ID
-ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id'];
-ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
-
// Output JSON format
echo json_encode(array('getuserstatus' => array(
'username' => $username,
diff --git a/public/include/pages/api/getuserworkers.inc.php b/public/include/pages/api/getuserworkers.inc.php
index 23bdcf5d..9aaca562 100644
--- a/public/include/pages/api/getuserworkers.inc.php
+++ b/public/include/pages/api/getuserworkers.inc.php
@@ -5,17 +5,19 @@ if (!defined('SECURITY'))
die('Hacking attempt');
// Check user token
-$id = $user->checkApiKey($_REQUEST['api_key']);
+$user_id = $user->checkApiKey($_REQUEST['api_key']);
// We have to check if that user is admin too
-if ( ! $user->isAdmin($id) ) {
+if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) {
header("HTTP/1.1 401 Unauthorized");
die("Access denied");
+} else if ($user->isAdmin($user_id)) {
+ $id = $_REQUEST['id'];
+ ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
+} else {
+ $id = $user_id;
}
-// Is it a username or a user ID
-ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']);
-
// Output JSON format
echo json_encode(array('getuserworkers' => $worker->getWorkers($id)));
diff --git a/public/include/pages/statistics/blocks.inc.php b/public/include/pages/statistics/blocks.inc.php
index e83aa8a8..011f4b5c 100644
--- a/public/include/pages/statistics/blocks.inc.php
+++ b/public/include/pages/statistics/blocks.inc.php
@@ -5,7 +5,7 @@ if (!defined('SECURITY')) die('Hacking attempt');
if (!$user->isAuthenticated()) header("Location: index.php?page=home");
// Grab the last blocks found
-$iLimit = 30;
+$iLimit = 20;
$aBlocksFoundData = $statistics->getBlocksFound($iLimit);
$aBlockData = $aBlocksFoundData[0];
diff --git a/public/site_assets/mmcFE/js/custom.js b/public/site_assets/mmcFE/js/custom.js
index 76e967c6..9d63724a 100644
--- a/public/site_assets/mmcFE/js/custom.js
+++ b/public/site_assets/mmcFE/js/custom.js
@@ -16,10 +16,14 @@ $(function () {
var statsType = 'area';
}
+ // hack to statically set width as something is broken with div width calculation - anni
+ var chart_width = $(document).width() - 400;
+
if (statsType == 'line' || statsType == 'pie') {
$(this).hide().visualize({
type: statsType,
// 'bar', 'area', 'pie', 'line'
+ width: chart_width,
height: '240px',
colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c'],
lineDots: 'double',
@@ -37,6 +41,7 @@ $(function () {
} else {
$(this).hide().visualize({
// 'bar', 'area', 'pie', 'line'
+ width: chart_width,
type: statsType,
height: '240px',
colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c']
diff --git a/public/templates/mmcFE/global/sidebar.tpl b/public/templates/mmcFE/global/sidebar.tpl
index 58d49c67..38616226 100644
--- a/public/templates/mmcFE/global/sidebar.tpl
+++ b/public/templates/mmcFE/global/sidebar.tpl
@@ -33,11 +33,11 @@
| Pool Invalid |
- {$GLOBAL.roundshares.invalid|number_format} |
+ {$GLOBAL.roundshares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%) |
| Your Invalid |
- {$GLOBAL.userdata.shares.invalid|number_format} |
+ {$GLOBAL.userdata.shares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%) |
| {$GLOBAL.config.currency} Round Estimate |
diff --git a/public/templates/mmcFE/global/sidebar_pps.tpl b/public/templates/mmcFE/global/sidebar_pps.tpl
index b7aa8617..f8e7476a 100644
--- a/public/templates/mmcFE/global/sidebar_pps.tpl
+++ b/public/templates/mmcFE/global/sidebar_pps.tpl
@@ -30,11 +30,11 @@
| Pool Invalid |
- {$GLOBAL.roundshares.invalid|number_format} |
+ {$GLOBAL.roundshares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%) |
| Your Invalid |
- {$GLOBAL.userdata.shares.invalid|number_format} |
+ {$GLOBAL.userdata.shares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%) |
| |
| {$GLOBAL.config.currency} Estimates |
diff --git a/public/templates/mmcFE/statistics/blocks/default.tpl b/public/templates/mmcFE/statistics/blocks/default.tpl
index 3d7afdde..1a5a46ba 100644
--- a/public/templates/mmcFE/statistics/blocks/default.tpl
+++ b/public/templates/mmcFE/statistics/blocks/default.tpl
@@ -3,7 +3,7 @@
Block Shares
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
| {$BLOCKSFOUND[block].height} |
{/section}
@@ -11,13 +11,13 @@
| Expected |
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
{round(pow(2,32 - $GLOBAL.config.targetdiff) * $BLOCKSFOUND[block].difficulty)} |
{/section}
| Actual |
-{section block $BLOCKSFOUND step=-1 max=20}
+{section block $BLOCKSFOUND step=-1}
{$BLOCKSFOUND[block].shares} |
{/section}
@@ -67,7 +67,9 @@ target and network difficulty and assuming a zero variance scenario.
+{if $GLOBAL.config.payout_system != 'pps'}
- Note: Round Earnings are not credited until {$GLOBAL.confirmations} confirms.
+{/if}
{include file="global/block_footer.tpl"}
diff --git a/public/templates/mmcFE/statistics/blocks/small_table.tpl b/public/templates/mmcFE/statistics/blocks/small_table.tpl
index 9152fcc7..731d57ef 100644
--- a/public/templates/mmcFE/statistics/blocks/small_table.tpl
+++ b/public/templates/mmcFE/statistics/blocks/small_table.tpl
@@ -22,7 +22,9 @@
+{if $GLOBAL.config.payout_system != 'pps'}
- Note: Round Earnings are not credited until {$GLOBAL.confirmations} confirms.
+{/if}
{include file="global/block_footer.tpl"}