* Adds config options for disabling, timeout lead time, and forms
* Adds another salt in config that's used in the token
* Adds protection for login form by default
* Added new token type: account_unlock
* Added update SQL File
* Updated base structure with new token type
* Added empty template
* Updated user class to send mail on failed passwords
* Added unlock account page to use tokens
Addresses #670
This will improve loading times on large transaction tables. Thanks
@feeleep75 for helping with this one.
* Do not use SQL_CALC_NUM_ROWS since it will do a full table scan
* Allow admins to disable account transaction summaries to speed up page
loads on large tables
* added new admin setting under system to Disable TX Summaries
Fixes#1065 once merged
* Merge manual and auto-payout into single cronjob
* Update template/code to reflect single payout cron
* Update monitoring page
* Update disable payouts option in admin panel settings
* Update account payout page to use new option
This will fix#967 once merged.
This will lock a user account if a password or PIN has been entered
wrong for multiple times in a row. When unlocking the account via admin
panel, both counters are reset so the user can log in again.
This should fix issues with brute force attacks to access user accounts.
Please see configuration dist file for new config options.
Please import SQL upgrade 007 to add new column to user accounts table.
Addresses #670 and should be merged once tested.
* [ADDED] More error codes
* [MODIFIED] Class updates to use Base Class all the time
* [MODIFIED] Cronjobs have been slightly adjusted
* [ADDED] More base class features
* Added: API String QR Code for #582 and #591
This will allow more QRCodes being added that are specific to an
account. The require library is added and the API string can be used as
an example how codes are generated.
Fixes#582
* Removed getAllTransactions method
* Unified getTransactions for users and admins
* Added filter abilities to user transaction view
This should speed up things a fair bit for transaction heavy pools.
Addresses #536
This addresses #497 and allows the admins to disable notifications
through the admin panel. Might be used by those relying on clients using
the API instead.
Once merged it will fix#497.
This will avoid double payouts via the website. Payouts will be
requested by users and processed by a cron. If, for whatever reason,
users do add two requests (it is checked if a payout exists) they would
only have one successful payout until their account balance is back up
to a save value to trigger the payout.
This should fix any issues with manual payouts being exploited through
the website. Will require some testing by others to ensure things work
as expected.
Invitations can now be configured through admin panel settings. By
default, invitations are enabled. Invitation system is also available if
registrations are disabled. To completely remove the ability of new
users to sign up, disable both registration and invitations.
Fixes#330
This will allow users to send invitations to other people via email.
Each account will still need to confirm the email address if the option
is enabled.
Addresses #330, will need to allow pool operators to enable this feature
even with registrations turned off.
* Adding mail verification during account registration
* Added new dist file option for mail verification
* Added account confirmation page using tokens
* Added mail class into user class for password resets
* Moved password reset template
* Adjusted account registration page
* Adjusted user class for email confirmation
Also fixed a bug with smarty_cache_key not being used properly if smarty
is disabled. Key still needs to be available even if caching is disabled
Addresses #330 and prepare the ticket for invitation only system.
* Added anonymous flag to accounts table
* Added checkbox for anonymous flag in edit account page
* Updated user class to support new flag
* Updated statistics class to support anonymous and donations
* Updated all templates showing usernames to show anonymous instead
* Added new SQL `ALTER TABLE` file for upgrading the table
Fixes#419 once merged.
* Added monitoring class to deal with monitoring events
* Added event calls to all important cronjobs
* Added cron_end include file for monitoring cleanups on successful runs
* Added Monitoring to autoloader
* Modified account page to check for running auto_payout in monitoring
* Added monitoring to Navigation bar
* Added monitoring controller page
Fixes#415
Since plenty scrypt based currencies are supported, changed error
message to say `wallet` instead of `litecoind` when failing to connect
to RPC service.
Warn a user with an error that there have been failed login attempts
for their account. Login errors can be cleared by clicking on the URL in
the message itself.
Fixes#240
This will add back the transaction fees. Prior to this commit the pool
had to cover the transaction fees. Now for each transaction the full
balance is transferred (RPC Daemon will remove the TX Fee) but two
transactions are added. One for the Debig and one TXFee.
Fixes#203.
**Requires database upgrade with supplied SQL file**
* Currently no GUI, use DB access to change the row entry
* Upgraded Database table `accounts` with upgrade SQL
* Updated `admin` field to `is_admin` as boolean
* Modified pages, classes, templates to support is_admin and is_locked
Addresses #147
