From 7b0ae8d86ec2787ab157783041a9e720a4d6f796 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 20:29:51 +0200 Subject: [PATCH 1/7] reduced blocks count to fixed 20 --- public/include/pages/statistics/blocks.inc.php | 2 +- public/templates/mmcFE/statistics/blocks/default.tpl | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/public/include/pages/statistics/blocks.inc.php b/public/include/pages/statistics/blocks.inc.php index e83aa8a8..011f4b5c 100644 --- a/public/include/pages/statistics/blocks.inc.php +++ b/public/include/pages/statistics/blocks.inc.php @@ -5,7 +5,7 @@ if (!defined('SECURITY')) die('Hacking attempt'); if (!$user->isAuthenticated()) header("Location: index.php?page=home"); // Grab the last blocks found -$iLimit = 30; +$iLimit = 20; $aBlocksFoundData = $statistics->getBlocksFound($iLimit); $aBlockData = $aBlocksFoundData[0]; diff --git a/public/templates/mmcFE/statistics/blocks/default.tpl b/public/templates/mmcFE/statistics/blocks/default.tpl index 3d7afdde..2fcaa9e5 100644 --- a/public/templates/mmcFE/statistics/blocks/default.tpl +++ b/public/templates/mmcFE/statistics/blocks/default.tpl @@ -3,7 +3,7 @@ Block Shares -{section block $BLOCKSFOUND step=-1 max=20} +{section block $BLOCKSFOUND step=-1} {$BLOCKSFOUND[block].height} {/section} @@ -11,13 +11,13 @@ Expected -{section block $BLOCKSFOUND step=-1 max=20} +{section block $BLOCKSFOUND step=-1} {round(pow(2,32 - $GLOBAL.config.targetdiff) * $BLOCKSFOUND[block].difficulty)} {/section} Actual -{section block $BLOCKSFOUND step=-1 max=20} +{section block $BLOCKSFOUND step=-1} {$BLOCKSFOUND[block].shares} {/section} From 9e59f99230aa3c8706ccf93c3d705b3cf42f6f11 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 20:32:18 +0200 Subject: [PATCH 2/7] remove block confirm notice for pps --- public/templates/mmcFE/statistics/blocks/default.tpl | 2 ++ public/templates/mmcFE/statistics/blocks/small_table.tpl | 2 ++ 2 files changed, 4 insertions(+) diff --git a/public/templates/mmcFE/statistics/blocks/default.tpl b/public/templates/mmcFE/statistics/blocks/default.tpl index 2fcaa9e5..823433b7 100644 --- a/public/templates/mmcFE/statistics/blocks/default.tpl +++ b/public/templates/mmcFE/statistics/blocks/default.tpl @@ -67,7 +67,9 @@ target and network difficulty and assuming a zero variance scenario. +{if $GLOBAL.config.payout_system != 'pps'} +{if} {include file="global/block_footer.tpl"} diff --git a/public/templates/mmcFE/statistics/blocks/small_table.tpl b/public/templates/mmcFE/statistics/blocks/small_table.tpl index 9152fcc7..731d57ef 100644 --- a/public/templates/mmcFE/statistics/blocks/small_table.tpl +++ b/public/templates/mmcFE/statistics/blocks/small_table.tpl @@ -22,7 +22,9 @@ +{if $GLOBAL.config.payout_system != 'pps'} +{/if} {include file="global/block_footer.tpl"} From 99a58e7119c17bbe366131b4965ae18e40504acb Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Thu, 13 Jun 2013 22:26:12 +0200 Subject: [PATCH 3/7] fixed missing /if --- public/templates/mmcFE/statistics/blocks/default.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/templates/mmcFE/statistics/blocks/default.tpl b/public/templates/mmcFE/statistics/blocks/default.tpl index 823433b7..1a5a46ba 100644 --- a/public/templates/mmcFE/statistics/blocks/default.tpl +++ b/public/templates/mmcFE/statistics/blocks/default.tpl @@ -71,5 +71,5 @@ target and network difficulty and assuming a zero variance scenario.
  • Note: Round Earnings are not credited until {$GLOBAL.confirmations} confirms.
-{if} +{/if} {include file="global/block_footer.tpl"} From d11950f9cf95c9e7d013d18ef31302bf33cc7199 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 20:39:26 +0200 Subject: [PATCH 4/7] re-introduce graph width detection --- public/site_assets/mmcFE/js/custom.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/public/site_assets/mmcFE/js/custom.js b/public/site_assets/mmcFE/js/custom.js index 76e967c6..9d63724a 100644 --- a/public/site_assets/mmcFE/js/custom.js +++ b/public/site_assets/mmcFE/js/custom.js @@ -16,10 +16,14 @@ $(function () { var statsType = 'area'; } + // hack to statically set width as something is broken with div width calculation - anni + var chart_width = $(document).width() - 400; + if (statsType == 'line' || statsType == 'pie') { $(this).hide().visualize({ type: statsType, // 'bar', 'area', 'pie', 'line' + width: chart_width, height: '240px', colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c'], lineDots: 'double', @@ -37,6 +41,7 @@ $(function () { } else { $(this).hide().visualize({ // 'bar', 'area', 'pie', 'line' + width: chart_width, type: statsType, height: '240px', colors: ['#6fb9e8', '#ec8526', '#9dc453', '#ddd74c'] From 8f20009475970d824c46bd892895a01657c249ea Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 21:32:59 +0200 Subject: [PATCH 5/7] Distinguish between admin and user API call Fixes #268 --- .../include/pages/api/getuserstatus.inc.php | 26 ++++++++++++++----- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/public/include/pages/api/getuserstatus.inc.php b/public/include/pages/api/getuserstatus.inc.php index c91ade94..ac8f6654 100644 --- a/public/include/pages/api/getuserstatus.inc.php +++ b/public/include/pages/api/getuserstatus.inc.php @@ -5,18 +5,30 @@ if (!defined('SECURITY')) die('Hacking attempt'); // Check user token -$id = $user->checkApiKey($_REQUEST['api_key']); +$user_id = $user->checkApiKey($_REQUEST['api_key']); -// We have to check if that user is admin too -if ( ! $user->isAdmin($id) ) { +/** + * This check will ensure the user can do the following: + * Admin: Check any user via request id + * Regular: Check your own status + * Other: Deny access via checkApiKey + **/ +if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) { + // User is admin and tries to access an ID that is not their own header("HTTP/1.1 401 Unauthorized"); die("Access denied"); +} else if ($user->isAdmin($user_id)) { + // Admin, so allow any ID passed in request + $id = $_REQUEST['id']; + // Is it a username or a user ID + ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id']; + ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']); +} else { + // Not admin, only allow own user ID + $id = $user_id; + $username = $user->getUserName($id); } -// Is it a username or a user ID -ctype_digit($_REQUEST['id']) ? $username = $user->getUserName($_REQUEST['id']) : $username = $_REQUEST['id']; -ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']); - // Output JSON format echo json_encode(array('getuserstatus' => array( 'username' => $username, From 3421cf63b699653203d8dcd1376bd63ca5899e0d Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 21:38:03 +0200 Subject: [PATCH 6/7] Allow regular users to check their own workers Fixes #270 --- public/include/pages/api/getuserworkers.inc.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/public/include/pages/api/getuserworkers.inc.php b/public/include/pages/api/getuserworkers.inc.php index 23bdcf5d..9aaca562 100644 --- a/public/include/pages/api/getuserworkers.inc.php +++ b/public/include/pages/api/getuserworkers.inc.php @@ -5,17 +5,19 @@ if (!defined('SECURITY')) die('Hacking attempt'); // Check user token -$id = $user->checkApiKey($_REQUEST['api_key']); +$user_id = $user->checkApiKey($_REQUEST['api_key']); // We have to check if that user is admin too -if ( ! $user->isAdmin($id) ) { +if ( ! $user->isAdmin($user_id) && ($_REQUEST['id'] != $user_id && !empty($_REQUEST['id']))) { header("HTTP/1.1 401 Unauthorized"); die("Access denied"); +} else if ($user->isAdmin($user_id)) { + $id = $_REQUEST['id']; + ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']); +} else { + $id = $user_id; } -// Is it a username or a user ID -ctype_digit($_REQUEST['id']) ? $id = $_REQUEST['id'] : $id = $user->getUserId($_REQUEST['id']); - // Output JSON format echo json_encode(array('getuserworkers' => $worker->getWorkers($id))); From ee9a6eed6a0882fe061a1a37487375a775630964 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Fri, 28 Jun 2013 21:52:28 +0200 Subject: [PATCH 7/7] Added % of invalids for pool and user Fixes #272 --- public/templates/mmcFE/global/sidebar.tpl | 4 ++-- public/templates/mmcFE/global/sidebar_pps.tpl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/public/templates/mmcFE/global/sidebar.tpl b/public/templates/mmcFE/global/sidebar.tpl index 58d49c67..38616226 100644 --- a/public/templates/mmcFE/global/sidebar.tpl +++ b/public/templates/mmcFE/global/sidebar.tpl @@ -33,11 +33,11 @@ Pool Invalid - {$GLOBAL.roundshares.invalid|number_format} + {$GLOBAL.roundshares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%) Your Invalid - {$GLOBAL.userdata.shares.invalid|number_format} + {$GLOBAL.userdata.shares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%) {$GLOBAL.config.currency} Round Estimate diff --git a/public/templates/mmcFE/global/sidebar_pps.tpl b/public/templates/mmcFE/global/sidebar_pps.tpl index b7aa8617..f8e7476a 100644 --- a/public/templates/mmcFE/global/sidebar_pps.tpl +++ b/public/templates/mmcFE/global/sidebar_pps.tpl @@ -30,11 +30,11 @@ Pool Invalid - {$GLOBAL.roundshares.invalid|number_format} + {$GLOBAL.roundshares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.roundshares.invalid}%) Your Invalid - {$GLOBAL.userdata.shares.invalid|number_format} + {$GLOBAL.userdata.shares.invalid|number_format} ({100 / $GLOBAL.roundshares.valid * $GLOBAL.userdata.shares.invalid}%)   {$GLOBAL.config.currency} Estimates