RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,581 Commits 4 Branches 11 Tags 14 MiB
3c7df46f43
Commit Graph

1156 Commits

Author SHA1 Message Date
xisi
3006cb544f Reworked csrf tokens, now enabled globally 
The way this now works is, if csrf is enabled:
 * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
 * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid
 2014-01-24 13:00:24 -05:00
Sebastian Grewe
a586cc36ab [FIX] Honor cache flag for getUserSharerate 2014-01-24 12:32:21 +01:00
Sebastian Grewe
2891a07637 [FIX] Bail payouts on failed sendtoaddress calls 
* [WORKAROUND] Helps for coins that run a bad RPC implementation
* Addresses #1406 and wil at least stop double payouts
 2014-01-24 12:15:23 +01:00
Sebastian Grewe
481c8dd980 [FIX] Round donations on donor page 2014-01-24 10:52:13 +01:00
Sebastian Grewe
a1a3d7e873 [IMPROVED] Added donation minimum and rounding 
* [ADDED] Config option `$config['donate_threshold']['min'] = 1;`
* [VERSION] Incremented config file version to `0.0.6`
* [CHANGED] Round donations to at least two digits
* [CHANGED] Honor minimum set pool donation percentage
* [UPDATED] Account edit template

Fixes #1475 once merged
 2014-01-24 10:06:13 +01:00
Sebastian Grewe
659c203c06 Merge pull request #1551 from xisi/csrf-improvements 
[FIXES] CSRF tokens & login cleanup
 2014-01-23 23:27:31 -08:00
Sebastian Grewe
90d0ff1081 Merge pull request #1546 from ahmedbodi/patch-1 
Get Cronjob Status API
 2014-01-23 23:13:42 -08:00
Hüseyin Uslu
b518ce0799 Tiny update. 2014-01-24 00:38:28 +02:00
Hüseyin Uslu
0639af54b3 Added reward_type and reward info to api/getpoolinfo 2014-01-24 00:37:50 +02:00
ahmedbodi
6d7d3f2026 Update getcronjobstatus.inc.php 2014-01-23 20:23:41 +00:00
xisi
a3314fa81e Cleaned up login page logic a bit more 
Fixed up CSRF tokens so rollover minutes/hours are now checked and valid
 2014-01-23 11:01:30 -05:00
Sebastian Grewe
33cfa5667d Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-23 16:59:46 +01:00
Sebastian Grewe
92e7f3e1e4 [FIX] Return floats for some statistics 
Fixes #1540
 2014-01-23 16:59:12 +01:00
Andrea Baccega
d6670508f7 Lets always use $this->table instead of hardcoding 2014-01-23 12:56:19 +01:00
ahmedbodi
ece8b3adf6 Create getcronjobstatus.inc.php 2014-01-23 10:29:01 +00:00
Sebastian Grewe
7acd3bc821 Merge pull request #1543 from Neozonz/issue-1542 
[BUG] FIX txfee in getpoolinfo API
 2014-01-23 01:13:00 -08:00
Sebastian Grewe
8a53e0319d [FIX] Missed file for admin maintenance 2014-01-23 10:01:35 +01:00
Sebastian Grewe
ac1bc4b2ce [FIX] Allow admin logins in maintenance mode 
Fixes #1489
 2014-01-23 08:58:25 +01:00
Neozonz
7a21b05a3d [BUG] Fix txfee API call with added support for old API calls 
[ADD] txfee_auto to API Calls
[ADD] txfee_manual to API Calls
[ADD] confirmations to API Calls
 2014-01-23 02:38:34 -05:00
freynder
952d5d979c Bugfix: shares and shares_archive values should be added up. 2014-01-22 14:18:38 +01:00
Sebastian Grewe
2a661b5e78 [FIX] Return proper data if memcache disabled 
If memcache option is disabled, the functions should return the data we
tried to set instead of false. At least we can ensure data is returned
as expected from any methods trying to use the memcache.
 2014-01-22 14:02:44 +01:00
Sebastian Grewe
593149742e Merge pull request #1491 from Neozonz/issue-1488 
[Optimize] SQL Queries : Remove joins from account table
 2014-01-22 04:56:16 -08:00
Neozonz
8b4ad00b1a [FIX] Fixed Data types for getHashrate 2014-01-22 07:33:01 -05:00
Neozonz
3de2fee57f [FIX] Updated function call to include account id as well 2014-01-22 07:10:05 -05:00
Sebastian Grewe
faf648d1d2 [FIX] Show username in Login Mails 2014-01-22 12:18:51 +01:00
Neozonz
0faf23027a [CACHE] Readded 2014-01-21 20:29:09 -05:00
Neozonz
a9853e2832 [Removed] Caching for testing 2014-01-21 20:18:38 -05:00
Neozonz
934825e8dc [FIX] Remove old query remnants 2014-01-21 20:14:44 -05:00
Neozonz
3222792533 [BUG FIX] Missing JSON 2014-01-21 20:14:13 -05:00
Neozonz
be8437e9dd [FIX] Missing User ID argument 2014-01-21 20:07:07 -05:00
Neozonz
f613cc6bfd [FIX] Set interval for sample size as well 2014-01-21 20:06:37 -05:00
Neozonz
2090247afb [COMMENT] Added commenting and fixed function descriptions 
[CLEAN] Clean Code
 2014-01-21 19:43:33 -05:00
Neozonz
02f085f2d7 [FIX] MySQLi Queries 2014-01-22 00:13:58 +00:00
Nonstopmine.com
ac7aed4bc4 Update mail.class.php 
PHP Notice
 2014-01-21 22:28:39 +02:00
Neozonz
34dfd4aefb [FIX] SQL Conditional Operator 2014-01-21 11:16:00 -08:00
Sebastian Grewe
971006b7a2 [FIX] Live stats not being done with global cache 
Fixes live stats not updating and always using the global cache instead.
 2014-01-21 17:16:26 +01:00
Sebastian Grewe
0d367697e0 [FIX] Storing/showing wrong data from cache 
Fixes #1517
 2014-01-21 15:24:44 +01:00
Sebastian Grewe
af1e6e8e13 Merge pull request #1516 from MPOS/default-payout-block 
[UPDATE] Change payout by default to block
 2014-01-21 04:15:18 -08:00
Sebastian Grewe
10ba200df6 [UPDATE] Change payout by default to block 2014-01-21 13:14:53 +01:00
Neozonz
1630d85440 [FIX] Cache by Account_ID 
[FIX] Query by Username
 2014-01-21 06:58:28 -05:00
Sebastian Grewe
2eb53d8efc Merge pull request #1515 from xisi/security-typofix 
Typo in registration
 2014-01-21 03:56:18 -08:00
xisi
c88a14bac1 typo 2014-01-21 06:51:56 -05:00
Neozonz
0a5344cba0 Merge branch 'github.com/issue-1488' 
Conflicts:
	public/include/classes/statistics.class.php
 2014-01-21 06:44:10 -05:00
Neozonz
07e8af55f8 [FIX] Added back accound_ids for caching 
[FIX] SQL string termination
 2014-01-21 06:42:08 -05:00
Neozonz
df97e7a8ea [Optimize] Switched calls to username from id 2014-01-21 06:41:00 -05:00
Neozonz
9e8841b1df [Optimize] Switched calls to username from id 2014-01-21 06:41:00 -05:00
Neozonz
4d845c7c73 [Optimize] Switched calls to username from id 2014-01-21 06:41:00 -05:00
Neozonz
4b98c09fb2 [Optimize] Switched calls to username from id 2014-01-21 06:41:00 -05:00
Neozonz
3d72da0ca4 [Optimize] Switched calls to username from id 2014-01-21 06:40:59 -05:00
Neozonz
d99ae5bab5 [Optimize] Switched calls to username from id 2014-01-21 06:40:59 -05:00
Neozonz
58df4ad1b2 [Optimize] Switched calls to username from id 2014-01-21 06:39:37 -05:00
Neozonz
4a4fd65ae2 [CLEAN] Clean spacing 2014-01-21 06:39:37 -05:00
Neozonz
ca0634929e [FIX] Whoopsie 2014-01-21 06:39:37 -05:00
Neozonz
a78141b5ce [Optimize] SQL Queries : Remove joins from account table 2014-01-21 06:36:07 -05:00
Neozonz
48cc7f7665 [FIX] Added back accound_ids for caching 
[FIX] SQL string termination
 2014-01-21 06:19:59 -05:00
Sebastian Grewe
6b46385584 [IMPROVED] non-auto expire caches added 2014-01-21 10:59:25 +01:00
Sebastian Grewe
fe9c706020 [IMPROVED] non-auto expire caches added 2014-01-21 10:56:08 +01:00
Sebastian Grewe
8ef419f795 [ADDED] Static cache with no auto-expiration 2014-01-21 10:16:17 +01:00
Sebastian Grewe
3cb546cea5 [HOTFIX] Broken maill class 2014-01-21 09:49:57 +01:00
Sebastian Grewe
8cea4ec3ff Merge pull request #1494 from nonstopmine/patch-1 
Update edit.inc.php
 2014-01-21 00:18:44 -08:00
Sebastian Grewe
9520795e07 Merge pull request #1506 from nrpatten/next 
[FIX] input[type=email] in the wrong order and Overlap and Reposition TABS
 2014-01-21 00:07:58 -08:00
Sebastian Grewe
0edd964930 Merge pull request #1507 from xisi/security-js-pwstrength 
Simple javascript password strength/match
 2014-01-21 00:04:18 -08:00
nrpatten
b411f68d64 [FIX] Unknown Pool 
Remove From: {$GLOBAL.website.name|default:"Unknown Pool"}
Add From: ' . $this->setting->getValue('website_name')
 2014-01-21 18:37:19 +11:00
Neozonz
bfaf30fd2c [FIX] FFS 2014-01-20 16:05:41 -08:00
Neozonz
7f2268dfb1 [Optimize] Switched calls to username from id 2014-01-20 16:02:08 -08:00
Neozonz
056387bc27 [Optimize] Switched calls to username from id 2014-01-20 16:01:42 -08:00
Neozonz
49418ccc6b [Optimize] Switched calls to username from id 2014-01-20 16:01:29 -08:00
Neozonz
bdb704fbe2 [Optimize] Switched calls to username from id 2014-01-20 16:01:22 -08:00
Neozonz
8f207bfe76 [Optimize] Switched calls to username from id 2014-01-20 16:01:09 -08:00
Neozonz
9ba717c080 [Optimize] Switched calls to username from id 2014-01-20 16:00:58 -08:00
Neozonz
e275676bf6 [FIX] Double whoopsie 2014-01-20 16:00:37 -08:00
Neozonz
0ef487187f [Optimize] Switched calls to username from id 2014-01-20 16:00:22 -08:00
Neozonz
99a1c87722 [CLEAN] Clean spacing 2014-01-20 14:37:44 -08:00
Neozonz
9b74a1592b [FIX] Whoopsie 2014-01-20 14:32:19 -08:00
Neozonz
5b4a15454c [Optimize] SQL Queries : Remove joins from account table 2014-01-20 14:26:10 -08:00
Neozonz
c42a9f55b7 [FIX] Math fart 2014-01-20 12:55:32 -08:00
xisi
d782038d0f stupid rebase 2014-01-20 15:38:46 -05:00
nonstopmine
bab002d9f8 Update edit.inc.php 
txfee is old variable, replaced with txfee_manual
 2014-01-20 22:32:04 +02:00
Neozonz
f7d9ca2777 [Optimize] By default only sample 3 minutes worth of shares 2014-01-20 12:01:13 -08:00
rog1121
0a6ab8748b Mail Titles 2014-01-20 09:33:21 -07:00
xisi
200e115ee6 forgot to move this to the new config setting, oops 2014-01-20 06:21:42 -05:00
xisi
c8d7d67c96 forgot login in csrf protection disable comment 2014-01-20 05:19:32 -05:00
xisi
11b8b554f1 thanks, eclipse 2014-01-20 04:42:08 -05:00
xisi
befc5b9276 cleanup 2014-01-20 04:42:08 -05:00
xisi
fd49e0eb78 disabled is actually correct to use in cash out form, we want the css props 
slightly optimization
 2014-01-20 04:41:13 -05:00
xisi
03e0b2e51d request fiddling 2014-01-20 04:41:13 -05:00
xisi
1993ff604f Fixed undefined property in news class found by @neozonz 2014-01-20 04:41:13 -05:00
xisi
97835f33ca fixed explicit time check for token validity 2014-01-20 04:41:13 -05:00
xisi
76a67cb71a Changed the config options for CSRF/disabling forms 
* Now an array to disable with granularity
 * Fixed all CSRF tokens back to 1 min
 * Added CSRF protection for unlock account
 * Unified error message for all csrf tokens
 * Fixed a few issues with last commit
 2014-01-20 04:41:13 -05:00
xisi
163e5de1f0 cleaned up & updated config options 2014-01-20 04:40:38 -05:00
xisi
5e5e751271 switched account edit csrf token to 1 min now that saving works on an incorrect entry 2014-01-20 04:40:38 -05:00
xisi
36f3a16cc3 gave password reset its own csrf token 2014-01-20 04:40:38 -05:00
xisi
bd2999526e fixed mobile templates, have not tested as they use same methods as main template 
fixed change pw templates; added csrf token
added csrf protection for password reset
fixed reset and change pass templates; were missing csrf token (form only tpl)
 2014-01-20 04:40:38 -05:00
xisi
7e3197246a fixed error response to not leak info to users 2014-01-20 04:40:38 -05:00
xisi
cc6e58084f Fixed an bug where a notice could be thrown on the edit page under the right conditions 
Cleaned up login page logic which should fix #1459 & #1461
Fixed a bug in tools class where an incorrect config setting could throw a notice
 2014-01-20 04:40:38 -05:00
xisi
dacadd8477 Fixed bug / undefined index when api settings are empty 2014-01-20 04:40:15 -05:00
xisi
62e341b877 finally cleaned up the edit account page to my liking 
fixed change I made to test a fix for someone who was having issues
 2014-01-20 04:38:53 -05:00
xisi
fed3981979 fixed isTokenValid, started work on edit fixes, recaptcha fix test 2014-01-20 04:38:25 -05:00
xisi
3b6a408c3f forget the check, the crons run 2014-01-20 04:33:28 -05:00
xisi
d3a7d4bdbf inc db version in version include 2014-01-20 04:32:54 -05:00