This will lock a user account if a password or PIN has been entered
wrong for multiple times in a row. When unlocking the account via admin
panel, both counters are reset so the user can log in again.
This should fix issues with brute force attacks to access user accounts.
Please see configuration dist file for new config options.
Please import SQL upgrade 007 to add new column to user accounts table.
Addresses #670 and should be merged once tested.
* [ADDED] More error codes
* [MODIFIED] Class updates to use Base Class all the time
* [MODIFIED] Cronjobs have been slightly adjusted
* [ADDED] More base class features
* [ADDED] new monitoring method : endCronjob
* [IMPROVED] Use newly added error codes
* [ADDED] mail notifications, enabled by default
* [ADDED] cron disable on fatal errors with exit code != 0
* [ADDED] Command line swtich: -f = Force running crons even if disabled
* [ADDED] Disabled status in monitoring site
This will improve error handling in our cronjobs. Fatal errors now
require manual intervention by explicityly running crons with the force
option (`-f`). Until they are forced to run, crons will stay disabled.
Fixes#773 once merged
* [ADDED] New Config Option: Algorithm
* scrypt and sha256d supported right now
* might add SHA coin support across MPOS
* Compatible with previous implementation
* [REMOVED] config option: pps_target
* Replaced by config option: algorithm
* Please update your config, defaults to srypt now!
* [ADDED] Unpaid Shares in Dashboard
* [MODIFIED] User estshares from DB query instead template math
* Adjusted mmcfe-ng occurences in code
* Adjusted Database strucutre to only supply the full structure
* Adjusted default template to MPOS
Addresses #643
* [FEATURE] Allow in-class checking for user permissions
* [FEATURE] Allow in-class creation of the JSON data for coherence
* [FEATURE} Added API version in JSON data for client side checks
* [IMPROVEMENT] Adjusted all API calls to use the new JSON layout
**NOTE**: This is breaking backwads compatibility with the old API!
Please adjust your client application to support this new version.
The data array should not change much more other than added features.
* Migrated configuration options to admin panel
* Removed configuration options from config file
* Added help text for each configuration option into panel
Addresses #622 and needs extensive testing by pools. A lot has changed
so pool owners might have to adjust their own templates to match this
new system.
This will avoid double payouts via the website. Payouts will be
requested by users and processed by a cron. If, for whatever reason,
users do add two requests (it is checked if a payout exists) they would
only have one successful payout until their account balance is back up
to a save value to trigger the payout.
This should fix any issues with manual payouts being exploited through
the website. Will require some testing by others to ensure things work
as expected.
This will allow users to send invitations to other people via email.
Each account will still need to confirm the email address if the option
is enabled.
Addresses #330, will need to allow pool operators to enable this feature
even with registrations turned off.
* Adding mail verification during account registration
* Added new dist file option for mail verification
* Added account confirmation page using tokens
* Added mail class into user class for password resets
* Moved password reset template
* Adjusted account registration page
* Adjusted user class for email confirmation
Also fixed a bug with smarty_cache_key not being used properly if smarty
is disabled. Key still needs to be available even if caching is disabled
Addresses #330 and prepare the ticket for invitation only system.
* Added token type class
* Storing Token Type as ID not varchar
* Added new system to user class and fixed issues with it
* Started on mail verification process in user class
* Updated autoloader
* Updated change password template
Addresses #330
* Added monitoring class to deal with monitoring events
* Added event calls to all important cronjobs
* Added cron_end include file for monitoring cleanups on successful runs
* Added Monitoring to autoloader
* Modified account page to check for running auto_payout in monitoring
* Added monitoring to Navigation bar
* Added monitoring controller page
Fixes#415
This will allow us to start checking a blockhash against a solution
submitted to the database.
Details on this in the ticket. Just a WIP to save file states.
Addresses #405
* Added 3rd party logger library KLogger
* Adjusted all cronjobs from verbose output to logging
* Added new logs folder for crons to write to
* Added new .gitignore for logs folder data
* Updated blocks class to only fetch blocks with no share_id
* Adjusted findblocks to use no blocks class method
This will allow any admin to enable or disable a pool maintenance mode.
Regular users that are still logged in will not be kicked out (yet). New
users that are trying to login and are not admins will be denied access.
Also added registration option to Admin Settings via WebUI. You can now
disable new accounts via web option or configuration setting.
Fixes#259 but also adds an additional feature.
* Added mobile device detection PHP library
* Call PHP library to decide which theme to use
* Added theme as a configuration option into global config
* Selectable Desktop theme (default: mmcFE)
* Selectable Mobile theme (default: mobile)
* Disable mobile theme support entirely
**NOTE**: This requires updates to the `global.inc.php` so please check
the dist file and update your config before filing a new issue!
Addresses #25
* Adding dynamic news posts from DB
* Support Adding, Editing, Activating, Deactivating through admin panel
* Display all active posts on news page
* Implemented Markdown Library by Michelf
Fixes#61
* Added main mail class
* notification class extends mail class
* Added mail template for IDLE workers
* Added notification table to SQL structure
This works already but once notified the status is not reset as soon as
a worker is active again. Need to think of a system to do that
automatically.
Addresses #116
* Use tickerupdate.php cron to update setting value
* Added new configuration variables for ticket updates
* Added some missing configuration vars for some URLs
