RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding ability to disable the sites API functions

Browse Source 
Addresses #467 and will fix upon merge.
This commit is contained in:
Sebastian Grewe 2013-07-17 09:43:02 +02:00
parent 82f29de293
commit d492b532b7
16 changed files with 91 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
public/include/autoloader.inc.php
View File

@ -22,6 +22,7 @@ require_once(INCLUDE_DIR . '/database.inc.php');
require_once(INCLUDE_DIR . '/smarty.inc.php');
// Load classes that need the above as dependencies
require_once(CLASS_DIR . '/base.class.php');
require_once(CLASS_DIR . '/api.class.php');
require_once(CLASS_DIR . '/mail.class.php');
require_once(CLASS_DIR . '/tokentype.class.php');
require_once(CLASS_DIR . '/token.class.php');

23
public/include/classes/api.class.php Normal file
View File

@ -0,0 +1,23 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY')) die('Hacking attempt');
/**
* Helper class for our API
**/
class Api extends Base {
function isActive($error=true) {
if (!$this->config['website']['api']['disabled']) {
return true;
} else {
if ($error == true) {
header('HTTP/1.1 501 Not implemented');
die('501 Not implemented');
}
}
}
}
$api = new Api();
$api->setConfig($config);

31
public/include/config/global.inc.dist.php
View File

@ -96,22 +96,24 @@ $config['ap_threshold']['max'] = 250;
* Website specific configuration settings
*
* Explanation:
* title : Website title used in master template
* name : The pool name, displayed in the header and mails
* slogan : A special slogan, also displayed in the header below name
* email : `From` addresses used in notifications
* theme : Theme used for desktop browsers
* mobile : Enable/Disable mobile theme support
* mobile_theme : Theme used for mobile browsers
* title : Website title used in master template
* name : The pool name, displayed in the header and mails
* slogan : A special slogan, also displayed in the header below name
* email : `From` addresses used in notifications
* theme : Theme used for desktop browsers
* mobile : Enable/Disable mobile theme support
* mobile_theme : Theme used for mobile browsers
* api disabled : Disable the sites API functions
*
* Defaults:
* title = `The Pool - Mining Evolved`
* name = `The Pool`
* slogan = `Resistance is futile`
* email = `test@example.com`
* theme = `mmcFE`
* mobile = true
* mobile_theme = `mobile`
* title = `The Pool - Mining Evolved`
* name = `The Pool`
* slogan = `Resistance is futile`
* email = `test@example.com`
* theme = `mmcFE`
* mobile = true
* mobile_theme = `mobile`
* api disbabled = false
**/
$config['website']['title'] = 'The Pool - Mining Evolved';
$config['website']['name'] = 'The Pool';
@ -120,6 +122,7 @@ $config['website']['email'] = 'test@example.com';
$config['website']['theme'] = 'mmcFE';
$config['website']['mobile'] = true;
$config['website']['mobile_theme'] = 'mobile';
$config['website']['api']['disabled'] = false;
/**
* Account specific settings

6
public/include/pages/api.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check for valid API key
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getblockcount.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getblocksfound.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getcurrentworkers.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getdifficulty.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getestimatedtime.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getpoolhashrate.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getpoolsharerate.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

3
public/include/pages/api/getpoolstatus.inc.php
View File

@ -3,6 +3,9 @@
// Make sure we are called from index.php
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$user_id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/gettimesincelastblock.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getuserstatus.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$user_id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/getuserworkers.inc.php
View File

@ -1,8 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// Check if the API is activated
$api->isActive();
// Check user token
$user_id = $user->checkApiKey($_REQUEST['api_key']);

6
public/include/pages/api/public.inc.php
View File

@ -1,10 +1,10 @@
<?php
// Make sure we are called from index.php
if (!defined('SECURITY'))
die('Hacking attempt');
if (!defined('SECURITY')) die('Hacking attempt');
// {"pool_name":"Pool-X.eu","hashrate":"511128.99","workers":"2104","shares_this_round":92450,"last_block":"365294","network_hashrate":17327056.06}
// Check if the API is activated
$api->isActive();
// Fetch last block information
$aLastBlock = $block->getLast();