RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,544 Commits 4 Branches 11 Tags 14 MiB
6398e5dfec
Commit Graph

2544 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
xisi
6398e5dfec merged session manager/memcache limiter 
cleanup for PR
 2014-01-28 07:26:33 -05:00
xisi
c373fc7192 removed exploits/added to gitignore for later 2014-01-28 07:26:32 -05:00
Joey
63c3b96a29 now enforce client & server validity on login with strict on 
fixed csrf token check for a few pages where it mightve been broken
session manager now can be bound to base user class and used, like in login
logout now pushes you to login regardless, no longer has param to push to custom url
fixed validate client, hijacking sessions no longer works
 2014-01-28 07:26:32 -05:00
Joey
795e019d0d cleaned up config options a bit 2014-01-28 07:26:32 -05:00
Joey
493c43e0ed updated check in autoloader so default needs to be changed if SECHASH_CHECK is enabled 2014-01-28 07:26:32 -05:00
Joey
d5f1c97f82 fixed check against define like it used to even if SECHASH_CHECK is disabled 
fixed ajax calls in memcache limiter to use REQUEST page/action rather than QUERY_STRING
 2014-01-28 07:26:32 -05:00
xisi
b728b680ca blah blah 2014-01-28 07:26:08 -05:00
xisi
9dcb855b34 strict class, trying to figure out why edit account doesnt work 2014-01-28 06:18:57 -05:00
xisi
f21f05e874 pushing to start core rebuild 2014-01-28 06:18:57 -05:00
xisi
7393f21d01 just pushing so I can rebase zzz 2014-01-28 06:18:57 -05:00
xisi
d57aed4049 basic test stuff 2014-01-28 06:18:57 -05:00
Sebastian Grewe
56f995c86f Merge pull request #1617 from HerrKauwer/pwcheck 
Cleaned up pwcheck.js
 2014-01-28 00:28:32 -08:00
Sebastian Grewe
5f65904431 [FIX] HTTPS detecion on Template 2014-01-28 09:25:50 +01:00
Sebastian Grewe
967c1cc48f [FIX] Proper HTTPS detection 
Fixes #1618 once merged
 2014-01-28 09:25:20 +01:00
Sebastian Grewe
b783237c2e Merge pull request #1457 from MPOS/issue-1332 
Issue 1332
 2014-01-28 00:18:56 -08:00
Sebastian Grewe
f83c88aae6 Merge pull request #1603 from MPOS/double-payouts 
Double payouts
 2014-01-27 22:25:44 -08:00
HerrKauwer
095ee2e40a Cleaned up pwcheck.js 2014-01-27 23:56:39 +01:00
Sebastian Grewe
7d4e0ccb6d Merge pull request #1608 from MPOS/admin-wallet-smarty-cache 
[FIX] Do not assign smarty vars if caching hits
 2014-01-27 04:51:40 -08:00
Sebastian Grewe
ecfa741223 [FIX] Do not assign smarty vars if caching hits 2014-01-27 13:43:33 +01:00
Sebastian Grewe
b5cb8171ba Merge branch 'master-read-only-check' into next 2014-01-27 13:26:14 +01:00
Sebastian Grewe
823f694638 Merge pull request #1605 from MPOS/thash-modifier 
[ADDED] THash/second modifier
 2014-01-27 03:59:28 -08:00
Sebastian Grewe
f183b586a8 [ADDED] Check if master is read-only 
Just to ensure we can run at all.
 2014-01-27 12:58:41 +01:00
Sebastian Grewe
fab3c44e90 [ADDED] THash/second modifier 2014-01-27 12:45:46 +01:00
Sebastian Grewe
a0b36841c8 [FIX] Logic error 2014-01-27 12:30:26 +01:00
Sebastian Grewe
cb1fc8b9c6 Update README.md 
Added phone apps.
 2014-01-27 10:48:16 +01:00
Sebastian Grewe
227a7c33de [FIX] Reset TX and RPCTX Ids 2014-01-27 10:39:19 +01:00
Sebastian Grewe
1cd9352952 [FIX] Transaction ID and RPC Transaction ID 2014-01-27 10:31:18 +01:00
Sebastian Grewe
72d923737f [WORKAROUND] Fully debit user before RPC call 
* First debit the user fully for this transaction
* Try the payout RPC call
* Fail this so admins can first confirm it worked, then force payouts
* Added comment what line to remove if this happens a lot

This will further address #1586
 2014-01-27 09:25:59 +01:00
Sebastian Grewe
e3219cf5da Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-27 09:13:41 +01:00
Sebastian Grewe
d4557982ba [FIX] API call for transactions 
Fixes #1602 once merged.
 2014-01-27 09:13:09 +01:00
iAmShorty
9bff2fd1e2 Merge pull request #1597 from iAmShorty/coinverify-adduser 
[UPDATE] adding user to log if no valid coin address set
 2014-01-26 11:24:35 -08:00
root
0d5ee3ecd7 [UPDATE] adding user to log if no valid coin address set 2014-01-26 20:09:24 +01:00
Sebastian Grewe
b87691371f [SECURITY] Path disclosure and redirects 
* [SECURITY] Do not disclose paths with wrong query arguments in API
* [SECURITY] Removed $to redirect after login

Fixes #1596 once merged.
 2014-01-26 17:41:27 +01:00
Sebastian Grewe
0d2895f517 Merge pull request #1592 from iAmShorty/address-validation 
[FIX] checking payout address
 2014-01-26 07:41:08 -08:00
Sebastian Grewe
112f6153c9 Merge pull request #1595 from danbi/next 
Update findblock.php
 2014-01-26 07:33:41 -08:00
root
10ad4eecdd [FIX] moved before balance check 2014-01-26 16:31:39 +01:00
danbi
f7548857ee Update findblock.php 
Make the E0005 error non-fatal, in order to prevent cronjobs being disabled in this condition.
Usually it is resolved on the next run.
 2014-01-26 17:25:26 +02:00
root
71519d14d6 [FIX] checking payout address 2014-01-26 15:19:03 +01:00
Sebastian Grewe
7c8d7701f2 [FIX] Lock state 2 for admin locks 2014-01-26 11:17:33 +01:00
Sebastian Grewe
702ed49704 [ADDED] Account lock status 
* Lock 1: user confirmation/unlock pending, count shares
* Lock 2: Admin disabled, ignore shares

This further addresses #1332 and should allow proper dropping of shares
for banned accounts.
 2014-01-26 11:17:33 +01:00
Sebastian Grewe
e4627fc51d [IMPROVED] Ignore locked account shares 
* Updated getRoundShares to honor locked accounts
* Updated getSharesForAccounts and getArchiveShares

This will fix #1332 and ignore locked user accounts in share
calculations for payouts.
 2014-01-26 11:17:33 +01:00
Sebastian Grewe
1c94030c7b [FIX] Regression bug 2014-01-26 11:17:19 +01:00
Sebastian Grewe
bfb591b162 Update README.md 
Added team members
 2014-01-26 09:36:07 +01:00
Sebastian Grewe
8ca9744ce1 [CLEANUP] Coding style 2014-01-26 09:30:59 +01:00
Sebastian Grewe
b02db092a2 Merge pull request #1502 from Neozonz/issue-1501 
[Enhance] PPS & Payout Crons
 2014-01-26 00:27:33 -08:00
Sebastian Grewe
816fb783ce Merge pull request #1589 from joebauers/next 
Update user.class.php
 2014-01-25 23:50:25 -08:00
joebauers
48ce68e612 Update user.class.php 
No need to show world if valid account.
 2014-01-26 02:44:30 -05:00
Neozonz
ff0915a5c4 Merge branch 'next' 2014-01-25 17:45:16 -05:00
Sebastian Grewe
643c21d3a7 [UPDATE] Logfile cleanup 
* [REMOVED] Do not show row headers at each cron run
* [REMOVED] Extra newlines in notification cron
 2014-01-25 21:35:02 +01:00
Sebastian Grewe
a343ac4047 Merge pull request #1568 from MPOS/payout-fail-bail 
[FIX] Bail payouts on failed sendtoaddress calls
 2014-01-25 08:38:56 -08:00