RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #110 from TheSerapher/issue-108

Browse Source 
Issue 108
This commit is contained in:
Sebastian Grewe 2013-06-05 01:15:58 -07:00
commit f59f7e9fb0
5 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
public/include/classes/user.class.php
View File

@ -241,10 +241,27 @@ class User {
public function updateAccount($userID, $address, $threshold, $donate) { public function updateAccount($userID, $address, $threshold, $donate) {
$this->debug->append("STA " . __METHOD__, 4); $this->debug->append("STA " . __METHOD__, 4);
$bUser = false; $bUser = false;
$threshold = min(250, max(0, floatval($threshold)));
if ($threshold < 1) $threshold = 0.0; // number validation checks
if ($threshold < $this->config['ap_threshold']['min'] && $threshold != 0) {
$this->setErrorMessage('Threshold below configured minimum of ' . $this->config['ap_threshold']['min']);
return false;
} else if ($threshold > $this->config['ap_threshold']['max']) {
$this->setErrorMessage('Threshold above configured maximum of ' . $this->config['ap_threshold']['max']);
return false;
}
if ($donate < 0) {
$this->setErrorMessage('Donation below allowed 0% limit');
return false;
} else if ($donate > 100) {
$this->setErrorMessage('Donation above allowed 100% limit');
return false;
}
// Number sanitizer, just in case we fall through above
$threshold = min($this->config['ap_threshold']['max'], max(0, floatval($threshold)));
$donate = min(100, max(0, floatval($donate))); $donate = min(100, max(0, floatval($donate)));
// We passed all validation checks so update the account
$stmt = $this->mysqli->prepare("UPDATE $this->table SET coin_address = ?, ap_threshold = ?, donate_percent = ? WHERE id = ?"); $stmt = $this->mysqli->prepare("UPDATE $this->table SET coin_address = ?, ap_threshold = ?, donate_percent = ? WHERE id = ?");
$stmt->bind_param('sddi', $address, $threshold, $donate, $userID); $stmt->bind_param('sddi', $address, $threshold, $donate, $userID);
$stmt->execute(); $stmt->execute();

4
public/include/config/global.inc.dist.php
View File

@ -25,6 +25,10 @@ $config = array(
'url' => 'https://btc-e.com/api/2', 'url' => 'https://btc-e.com/api/2',
'target' => '/ltc_usd/ticker' 'target' => '/ltc_usd/ticker'
), ),
'ap_threshold' => array(
'min' => 1,
'max' => 250
),
'website' => array( 'website' => array(
'name' => 'The Pool', 'name' => 'The Pool',
'slogan' => 'Resistance is futile', 'slogan' => 'Resistance is futile',

2
public/include/pages/account/edit.inc.php
View File

@ -49,7 +49,7 @@ if ( ! $user->checkPin($_SESSION['USERDATA']['id'], $_POST['authPin']) && $_POST
if ($user->updateAccount($_SESSION['USERDATA']['id'], $_POST['paymentAddress'], $_POST['payoutThreshold'], $_POST['donatePercent'])) { if ($user->updateAccount($_SESSION['USERDATA']['id'], $_POST['paymentAddress'], $_POST['payoutThreshold'], $_POST['donatePercent'])) {
$_SESSION['POPUP'][] = array('CONTENT' => 'Account details updated', 'TYPE' => 'success'); $_SESSION['POPUP'][] = array('CONTENT' => 'Account details updated', 'TYPE' => 'success');
} else { } else {
$_SESSION['POPUP'][] = array('CONTENT' => 'Failed to update your account', 'TYPE' => 'errormsg'); $_SESSION['POPUP'][] = array('CONTENT' => 'Failed to update your account: ' . $user->getError(), 'TYPE' => 'errormsg');
} }
break; break;

8
public/include/smarty_globals.inc.php
View File

@ -25,7 +25,13 @@ $aGlobal = array(
'reward' => $config['reward'], 'reward' => $config['reward'],
'price' => $setting->getValue('price'), 'price' => $setting->getValue('price'),
'blockexplorer' => $config['blockexplorer'], 'blockexplorer' => $config['blockexplorer'],
'chaininfo' => $config['chaininfo'] 'chaininfo' => $config['chaininfo'],
'config' => array(
'ap_threshold' => array(
'min' => $config['ap_threshold']['min'],
'max' => $config['ap_threshold']['max']
)
)
); );
// We don't want these session infos cached // We don't want these session infos cached

2
public/templates/mmcFE/account/edit/default.tpl
View File

@ -9,7 +9,7 @@
<tr><td>API Key: </td><td>{$GLOBAL.userdata.api_key}</td></tr> <tr><td>API Key: </td><td>{$GLOBAL.userdata.api_key}</td></tr>
<tr><td>Payment Address: </td><td><input type="text" name="paymentAddress" value="{$smarty.request.paymentAddress|default:$GLOBAL.userdata.coin_address|escape}" size="40"></td></tr> <tr><td>Payment Address: </td><td><input type="text" name="paymentAddress" value="{$smarty.request.paymentAddress|default:$GLOBAL.userdata.coin_address|escape}" size="40"></td></tr>
<tr><td>Donation %: </td><td><input type="text" name="donatePercent" value="{$smarty.request.donatePercent|default:$GLOBAL.userdata.donate_percent|escape}" size="4"><font size="1"> [donation amount in percent (example: 0.5)]</font></td></tr> <tr><td>Donation %: </td><td><input type="text" name="donatePercent" value="{$smarty.request.donatePercent|default:$GLOBAL.userdata.donate_percent|escape}" size="4"><font size="1"> [donation amount in percent (example: 0.5)]</font></td></tr>
<tr><td>Automatic Payout Threshold: </td><td valign="top"><input type="text" name="payoutThreshold" value="{$smarty.request.payoutThreshold|default:$GLOBAL.userdata.ap_threshold|escape}" size="5" maxlength="5"> <font size="1">[1-250 LTC. Set to '0' for no auto payout]</font></td></tr> <tr><td>Automatic Payout Threshold: </td><td valign="top"><input type="text" name="payoutThreshold" value="{$smarty.request.payoutThreshold|default:$GLOBAL.userdata.ap_threshold|escape}" size="5" maxlength="5"> <font size="1">[{$GLOBAL.config.ap_threshold.min}-{$GLOBAL.config.ap_threshold.max} LTC. Set to '0' for no auto payout]</font></td></tr>
<tr><td>4 digit PIN: </td><td><input type="password" name="authPin" size="4" maxlength="4"><font size="1"> [The 4 digit PIN you chose when registering]</font></td></tr> <tr><td>4 digit PIN: </td><td><input type="password" name="authPin" size="4" maxlength="4"><font size="1"> [The 4 digit PIN you chose when registering]</font></td></tr>
</tbody></table> </tbody></table>
<input type="submit" class="submit long" value="Update Settings"></form> <input type="submit" class="submit long" value="Update Settings"></form>