RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,261 Commits 4 Branches 11 Tags 14 MiB
6da5510035
Commit Graph

1514 Commits

Author SHA1 Message Date
xisi
6da5510035 clean up pages that use csrftokens 2014-01-20 04:26:04 -05:00
xisi
42d93f5beb specific timing for csrf tokens 2014-01-20 04:26:04 -05:00
xisi
a56140ca84 Moved csrftoken stuff into a class 
added getCurrentIP method to user class
added config option for sitewide csrf protection
 2014-01-20 04:26:04 -05:00
xisi
19a0945be2 no config version inc 2014-01-20 04:26:04 -05:00
xisi
6afc876d19 Merge changes from TheSerapher's pull/1404 Added re-Captcha to Login Page 2014-01-20 04:26:04 -05:00
Sebastian Grewe
954459b897 Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-20 09:58:33 +01:00
Sebastian Grewe
56fbf205b7 [ADDED] Comment for DEBUG levels 2014-01-20 09:58:06 +01:00
Sebastian Grewe
2dab915d6e Merge pull request #1472 from MPOS/issue-1471 
Issue 1471
 2014-01-20 00:42:35 -08:00
Sebastian Grewe
24e24576af [FIX] E-Mail login location 2014-01-20 09:16:38 +01:00
rog1121
77a0287c7f Update default.tpl 2014-01-19 12:37:54 -07:00
Sebastian Grewe
5b7cf6ab93 [FIX] SQL again, sigh 2014-01-19 17:28:34 +01:00
Sebastian Grewe
8a983835c6 [FIX] Whoopsie SQL 2014-01-19 17:25:55 +01:00
Sebastian Grewe
d4db477c2d [FIX] Also honor diff for share difficulties if unset 2014-01-19 17:22:00 +01:00
Sebastian Grewe
b905089a01 [FIX] Removed debug output 2014-01-19 17:18:09 +01:00
Sebastian Grewe
0fb543c3ed [FIX] Honor target_bits for hashrate 2014-01-19 17:17:24 +01:00
Sebastian Grewe
cf49db4535 [IMPROVED] Cronbased global Hash-/Sharerate cache 
* [ADDED] New statistic method to fetch all user mining stats
* [ADDED] New global cache to getUserHash/Sharerate calls
* [ADDED] New memcache key for new global cache

Addresses #1471 and may fix it already if no other changes are required.
 2014-01-19 17:05:27 +01:00
Sebastian Grewe
10e3fcab7e Merge pull request #1468 from Neozonz/issue-1467 
MySQL Optimization: always use order by when using limits
 2014-01-19 06:39:13 -08:00
Neozonz
44e0fa6745 Reverted 2014-01-19 09:35:39 -05:00
Metice
e665552c05 Update default.tpl 
Remove username of placeholder
 2014-01-19 15:01:11 +01:00
Neozonz
73e3bb2284 Removed ORDER BY for single queries 2014-01-19 06:05:55 -05:00
Neozonz
773286bd06 ORDER BY for Updates/Deletes 2014-01-19 06:00:29 -05:00
Neozonz
38f5daba6b Search blocks by desc and order by for deletes 2014-01-19 06:00:14 -05:00
Neozonz
47eb9f7fa0 Allow getWorkerHashRate to set invervals 2014-01-19 05:56:31 -05:00
Sebastian Grewe
48a344ed25 [SECURITY] Dropped small login form 
Since we are adding more security realted features, we drop the small
login in the header. It will need more workarounds than we'd like and is
already dropped when re-Captcha is enabled.

Security > Convenience :D
 2014-01-17 15:43:58 +01:00
Joey
0309886645 What a stupid thing of me to miss 
UNIX_TIMESTAMP() for time comparison, oops
 2014-01-17 03:53:09 -05:00
Sebastian Grewe
a572d0cea0 Merge pull request #1351 from TheSerapher/issue-1345 
Issue 1345
 2014-01-16 23:46:40 -08:00
Sebastian Grewe
1dfbeea5f7 Merge pull request #1420 from TheSerapher/issue-1343 
[IMPROVED] jsonRPC Error Handling with CURL
 2014-01-16 06:15:42 -08:00
Sebastian Grewe
12399a9c43 [REMOVED] Old code 2014-01-16 15:01:25 +01:00
obigal
75729c6592 pplns payouts speed improvements / reworked insert method 2014-01-16 14:42:05 +01:00
Jesse Collier
bc833eb40b [IMPROVED] Adds Email label and removes maxlength 
When logging in from mobile, there currently is not an indicater to
use email or username. This labels it correctly.

Removed maxlength to allow for lengthier email addresses.
 2014-01-16 14:42:05 +01:00
Sebastian Grewe
d9f591e7c8 [UPDATE] MPOS version due to major change 2014-01-16 14:41:44 +01:00
Sebastian Grewe
2829f6a746 [IMPROVED] Dropped username from login 2014-01-16 14:40:51 +01:00
Sebastian Grewe
63960e2e62 [IMPROVED] Allow e-mails only for login 
This is a major change in MPOS. Usernames will not be allowed anymore.
This will avoid a lot of brute force issues since usernames are not a
valid login method anymore.

Fixes #1345 once merged.
 2014-01-16 14:40:51 +01:00
Sebastian Grewe
63f062af9d [UPDATE] CSRF to Mobile template 2014-01-16 14:33:04 +01:00
Sebastian Grewe
bef4298e1f [ADDED] Default re-Captcha HTML to mobile 2014-01-16 14:14:29 +01:00
Sebastian Grewe
d5bff56f6f [ADDED] re-Captha admin options 2014-01-16 14:14:29 +01:00
Sebastian Grewe
b9d36bcfc9 [IMPROVED] Added re-Captcha to Login Page 
* Enable re-captcha to use it
* Disables the mini-login box in header
* Requires re-Captcha to be setup in Admin Panel

Fixes #1400 once merged.
 2014-01-16 14:13:50 +01:00
xisi
050a068d05 fix versioning 2014-01-16 06:05:29 -05:00
xisi
b613182dfb what fix, nothing to see here 2014-01-16 05:55:57 -05:00
xisi
e7725399c2 change function name for sending 2f emails 2014-01-16 05:55:57 -05:00
xisi
8736123df2 improved bad csrf token error message 
cleaned up wording of config
improved leadtime defaults in getCSRFToken
 2014-01-16 05:55:57 -05:00
xisi
764be9f0b7 fixed verbiage 2014-01-16 05:55:57 -05:00
xisi
2d0938b35b [ADDED] Simple CSRF protection tokens 
* Adds config options for disabling, timeout lead time, and forms
 * Adds another salt in config that's used in the token
 * Adds protection for login form by default
 2014-01-16 05:55:57 -05:00
xisi
bae30b2e4f fixed success_login tpl verbiage 2014-01-16 05:55:57 -05:00
xisi
9d14902bb5 fix nocache in account/edit template 2014-01-16 05:55:57 -05:00
xisi
dc984aca63 fixed gitignore for eclipse, added templates/compile/mpos folder and a blank file to fix issues with setup guide/chowning compile dir 2014-01-16 05:53:36 -05:00
xisi
8ed8338b3e fixed my incorrect use of notif settings array 2014-01-16 05:53:36 -05:00
xisi
f3a6d65eab send notifications on successful login when active 2014-01-16 05:53:36 -05:00
xisi
741b6464ef success_login tpl for new notification 2014-01-16 05:53:36 -05:00
xisi
802930cba1 save old token to use in case we error out 2014-01-16 05:53:36 -05:00