RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,075 Commits 4 Branches 11 Tags 14 MiB
963b76ed80
Commit Graph

354 Commits

Author SHA1 Message Date
iAmShorty
4532bd6601 [UPDATE] add coinname to qrode 2014-02-17 15:39:10 +01:00
iAmShorty
63ba74fc60 [UPDATE] balance fix for cron and wallet 2014-02-16 17:32:05 +01:00
Sebastian Grewe
85f985060b Merge pull request #1766 from rog1121/notification-fix 
Notifications Fix
 2014-02-16 14:50:38 +01:00
Sebastian Grewe
e6a396c85b Merge pull request #1750 from iAmShorty/wallet-info-adminpanel 
[ENHANCEMENT] Wallet info adminpanel
 2014-02-16 08:12:03 +01:00
rog1121
eb382b677c Notifications Fix 2014-02-15 18:00:36 -07:00
iAmShorty
45d79d0eab [UPDATE] style change for addresses 2014-02-15 23:17:37 +01:00
iAmShorty
2acf83894d only show new table if accounts > 1 2014-02-15 13:55:28 +01:00
Sebastian Grewe
bd561ff465 [FIX] Statistics Graphs ACL 
Fixes #1760
 2014-02-15 09:27:38 +01:00
iAmShorty
0ef5fdedef [UPDATE] small changes 2014-02-14 17:08:22 +01:00
Sebastian Grewe
d7f2e6e5ac [UPDATE] ACL Management 
* [ADDED] Smarty acl_check function
* [ADDED] Optional default return  value for getValue calls
* [UPDATE] ACL Checks in page controllers
* [UPDATE] Navigation template to use check_acl from Smarty
* [ADDED] New ACL options where needed
* [REMOVED] Disable pages from System Settings Tab
* [ADDED] Above removed pages into ACL Settings Tab

This will make usage of ACLs a bit easier and transparent.
Also fixes #1731 once merged.
 2014-02-14 10:56:25 +01:00
iAmShorty
1fd7499856 [UPDATE] style changes 2014-02-13 17:28:47 +01:00
iAmShorty
224af2c9d3 [UPDATE] showing accounts with balance and address 2014-02-13 16:29:33 +01:00
iAmShorty
81b8b976d1 [FEATURE] show addresses from account 2014-02-13 12:29:04 +01:00
iAmShorty
146799d163 [FEATURE] show addresses from account 2014-02-13 12:28:26 +01:00
Sebastian Grewe
6509cc6039 [ADDE] CSRF validation for Worker Deletion 
* [ADDED] CSRF token checks to worker page
* [CHANGED] Check for both _GET and _POST ctokens
* [ADDED] CSRF token to each delete call URL

Fixes #1702 once merged
 2014-02-07 12:24:48 +01:00
Sebastian Grewe
7cf3fb27fb [UPDATE] Allow global notification settings 
Fixes #1232 and allows further expansion in the future.
Addresses #1672 too.
 2014-02-06 11:13:22 +01:00
Sebastian Grewe
7673c34d80 Merge branch 'fix-contactform' into next 2014-02-06 10:57:49 +01:00
Sebastian Grewe
5196cc7448 [UPDATE] Highlight next/previous arrows on admin/user 2014-02-06 10:56:19 +01:00
Sebastian Grewe
2f1d68448f [FIX] CSRF/Re-captcha on Contactform 
Fixes #1666
 2014-02-06 10:19:58 +01:00
HerrKauwer
70e8b27085 Used zxcvbn for password strength determination 2014-02-02 15:04:55 +01:00
Sebastian Grewe
319d9439a4 Merge pull request #1621 from xisi/sessions-mclimiter-fixes 
[UPDATE] Security updates and fixes
 2014-01-31 05:55:09 -08:00
xisi
ae47437ab7 fixed worker delete csrf thing I stubbed earlier 
took to field out of the rest of the login forms
 2014-01-29 09:41:50 -05:00
Zen00
0e8949c71d Linked Site-Title 
Seems that there was plans to make the site title a link, but the .tpl
was never updated.
 2014-01-28 08:16:31 -07:00
xisi
6398e5dfec merged session manager/memcache limiter 
cleanup for PR
 2014-01-28 07:26:33 -05:00
xisi
b728b680ca blah blah 2014-01-28 07:26:08 -05:00
Sebastian Grewe
5f65904431 [FIX] HTTPS detecion on Template 2014-01-28 09:25:50 +01:00
Sebastian Grewe
768d193793 Merge pull request #1576 from xisi/csrf-backend-only 
[FIXES] More CSRF improvements
 2014-01-25 06:59:08 -08:00
xisi
8fbda49fd1 Don't even need the suppression 2014-01-24 16:33:55 -05:00
xisi
a043e5ed19 Fixes #1561, which happened to me even with the API key in the correct format 2014-01-24 16:32:00 -05:00
xisi
3006cb544f Reworked csrf tokens, now enabled globally 
The way this now works is, if csrf is enabled:
 * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
 * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid
 2014-01-24 13:00:24 -05:00
Sebastian Grewe
a1a3d7e873 [IMPROVED] Added donation minimum and rounding 
* [ADDED] Config option `$config['donate_threshold']['min'] = 1;`
* [VERSION] Incremented config file version to `0.0.6`
* [CHANGED] Round donations to at least two digits
* [CHANGED] Honor minimum set pool donation percentage
* [UPDATED] Account edit template

Fixes #1475 once merged
 2014-01-24 10:06:13 +01:00
xisi
1fd0adf038 Removed unused config setting 2014-01-23 11:01:30 -05:00
Sebastian Grewe
4b04df5d8a [FIX] Allow TAB to focus on email login 2014-01-23 10:11:37 +01:00
nrpatten
151decb2b6 [FIX] Align Checkbox 
"Edit template" checkbox align closer to "Active"
 2014-01-22 00:39:42 +11:00
nrpatten
fc7a939b1e [FIX] Update github footer link 
Remove https://github.com/TheSerapher/php-mpos
Add https://github.com/MPOS/php-mpos
 2014-01-21 23:42:58 +11:00
Sebastian Grewe
bf484c4be2 Merge pull request #1510 from xisi/security-pagecontrollerfix 
Fix issue #1508
 2014-01-21 03:20:38 -08:00
xisi
ac91d70c5f This should fix issue #1508 2014-01-21 04:04:53 -05:00
Sebastian Grewe
2d760c2934 Merge pull request #1504 from daygle/patch-6 
Update default.tpl
 2014-01-21 01:00:00 -08:00
Sebastian Grewe
9520795e07 Merge pull request #1506 from nrpatten/next 
[FIX] input[type=email] in the wrong order and Overlap and Reposition TABS
 2014-01-21 00:07:58 -08:00
Sebastian Grewe
0edd964930 Merge pull request #1507 from xisi/security-js-pwstrength 
Simple javascript password strength/match
 2014-01-21 00:04:18 -08:00
nrpatten
0cfc92bd2b [FIX] Overlap and Reposition TABS 
[FIX] "E-mail address for system error" Overlap and realign class="tabs" to fieldset
 2014-01-21 17:12:06 +11:00
xisi
a20c2324e2 Added pw strength/match to change password form 2014-01-21 00:02:57 -05:00
xisi
b0053b65e1 Added basic javascript password strength/match testing 
Added pw strength/match to registration form
 2014-01-20 23:57:07 -05:00
Glen
3a43ed4e42 Update default.tpl 
Getting started page modification suggestions for all users.

1. Add BFGMiner details.
2. Remove bullet points for steps.
3. Add additional line for BFGMiner command line.
 2014-01-21 14:38:10 +11:00
Sebastian Grewe
eb6692b31c Merge pull request #1481 from raistlinthewiz/next 
tx fee's shouldn't be %
 2014-01-20 07:46:45 -08:00
Hüseyin Uslu
51d0879f8d Wording fix for index.php?page=account&action=edit - tx fee's shouldn't be % 2014-01-20 17:44:45 +02:00
xisi
ffda9dbae1 rebase + fix bug in overview tpl that could throw a notice 2014-01-20 04:53:00 -05:00
xisi
fd49e0eb78 disabled is actually correct to use in cash out form, we want the css props 
slightly optimization
 2014-01-20 04:41:13 -05:00
xisi
a987878c8e removed extraneous disabling of a field in edit account page, thanks @rog1121 2014-01-20 04:41:13 -05:00
xisi
b0413226b4 removed extraneous disabling of a field in edit account page, thanks @rog1121 2014-01-20 04:41:13 -05:00
xisi
76a67cb71a Changed the config options for CSRF/disabling forms 
* Now an array to disable with granularity
 * Fixed all CSRF tokens back to 1 min
 * Added CSRF protection for unlock account
 * Unified error message for all csrf tokens
 * Fixed a few issues with last commit
 2014-01-20 04:41:13 -05:00
xisi
bd2999526e fixed mobile templates, have not tested as they use same methods as main template 
fixed change pw templates; added csrf token
added csrf protection for password reset
fixed reset and change pass templates; were missing csrf token (form only tpl)
 2014-01-20 04:40:38 -05:00
xisi
15eca659b9 fixed a bug in edit account template 
moved csrf token to above template in smarty assigns
fixed a bug in user class
remove small login/fix header to catch up
 2014-01-20 04:30:17 -05:00
xisi
8756036646 cleaned up account edit csrf slightly 
added csrf protection to workers under sitewide config
added csrf protection to notifications under sitewide config
added csrf protection to invitations under sitewide config
cleaned up login page csrf
cleaned up contactform/contactform page
cleaned up register/register page
moved config->csrf->forms->register to sitewide
added login ip/user/time to notification on login
 2014-01-20 04:29:45 -05:00
xisi
e5c9720174 Finished cleanup of account edit page 
added csrf protection to account edit page under sitewide config
escaped all instances of CTOKEN for csrf in smarty templates
 2014-01-20 04:29:13 -05:00
xisi
d83542e03e Added method to get description image of csrf token with name 
moved sitewide into options portion of the config option
csrf protection for contact form under sitewide config option
changed register to 1 hour token
 2014-01-20 04:27:58 -05:00
xisi
58529547e0 Cleaned up logic of login page csrf protection 
added csrf protection to register page
 2014-01-20 04:27:22 -05:00
xisi
6afc876d19 Merge changes from TheSerapher's pull/1404 Added re-Captcha to Login Page 2014-01-20 04:26:04 -05:00
rog1121
77a0287c7f Update default.tpl 2014-01-19 12:37:54 -07:00
Metice
e665552c05 Update default.tpl 
Remove username of placeholder
 2014-01-19 15:01:11 +01:00
Sebastian Grewe
48a344ed25 [SECURITY] Dropped small login form 
Since we are adding more security realted features, we drop the small
login in the header. It will need more workarounds than we'd like and is
already dropped when re-Captcha is enabled.

Security > Convenience :D
 2014-01-17 15:43:58 +01:00
Sebastian Grewe
2829f6a746 [IMPROVED] Dropped username from login 2014-01-16 14:40:51 +01:00
Sebastian Grewe
d5bff56f6f [ADDED] re-Captha admin options 2014-01-16 14:14:29 +01:00
Sebastian Grewe
b9d36bcfc9 [IMPROVED] Added re-Captcha to Login Page 
* Enable re-captcha to use it
* Disables the mini-login box in header
* Requires re-Captcha to be setup in Admin Panel

Fixes #1400 once merged.
 2014-01-16 14:13:50 +01:00
xisi
2d0938b35b [ADDED] Simple CSRF protection tokens 
* Adds config options for disabling, timeout lead time, and forms
 * Adds another salt in config that's used in the token
 * Adds protection for login form by default
 2014-01-16 05:55:57 -05:00
xisi
9d14902bb5 fix nocache in account/edit template 2014-01-16 05:55:57 -05:00
xisi
ed8349ef50 works as far as I can tell 2014-01-16 05:53:36 -05:00
xisi
d9d678be61 retooled most of the email confirmation setup 2014-01-16 05:53:36 -05:00
xisi
69eec05cb7 simplified notifications with index, updated the settings method, and fixed up template, sql fixes 2014-01-16 05:42:43 -05:00
xisi
ef904858ae [Addition] E-mail confirmations for user actions 
* If enabled, sends e-mail to confirm user withdraws, edits and pw changes
 * Adds 4 config options, enabled + individual settings
 * Adds 3 new token_types
 2014-01-16 05:42:43 -05:00
Sebastian Grewe
409f41bc35 Merge pull request #1437 from nrpatten/next 
[FIX] Issue #1423
 2014-01-16 02:42:05 -08:00
Sebastian Grewe
24a7085519 Merge pull request #1428 from nicoschtein/patch-16 
Added User Last Login column to Admin User Info section
 2014-01-16 01:01:21 -08:00
nrpatten
6b8953c048 Update default.tpl 
[FIX] Alignment of text and image.
 2014-01-16 19:54:12 +11:00
nrpatten
43117e555d Update default.tpl 
[FIX] Me being an idiot :)
 2014-01-16 19:36:30 +11:00
nrpatten
415461fe32 Update default.tpl 
[FIX] Issue #1423 Add mouse over explanation for TX fee for auto payouts and manual payouts.
 2014-01-16 12:28:57 +11:00
rog1121
33763e12a6 Fix Dashboard 2014-01-15 18:01:51 -07:00
nicoschtein
ced8a16a66 [Fix] Wrong var name and Align 2014-01-15 18:04:22 -02:00
nicoschtein
5c0decee41 Added date formatting to Last Login column 2014-01-15 17:57:57 -02:00
nicoschtein
a55da151a0 Added Last Login column to User Info section 2014-01-15 17:43:28 -02:00
Fred
41e89f7830 Version 3 
New additions some clean up
 2014-01-15 10:40:06 -06:00
nicoschtein
451d57cbce Changed txfee to txfee_manual in edit account manual payout request 2014-01-14 19:14:11 -02:00
Sebastian Grewe
adf2d4782b [FIX] Potential caching issue 2014-01-14 17:14:41 +01:00
Sebastian Grewe
57eed58a47 [FIX] Caching issues for popups 2014-01-14 13:26:58 +01:00
Sebastian Grewe
2b3a3edf3c [FIX] Do not filter reCaptcha HTML 2014-01-14 11:15:16 +01:00
Sebastian Grewe
4be76130cb [FIX] Show cron status in admin dashboard 
Removing duplicate version box

Fixes #1379 once merged.
 2014-01-12 17:49:20 +01:00
Sebastian Grewe
141556d77a [UPDATE] Moved notice to footer 2014-01-12 10:25:50 +01:00
Sebastian Grewe
cc67decd28 [FIX] Ignore master template on template editor 
Don't use SQL templates for large amount of changes. Create your own
file based theme then!

This fixes #1375 once merged
 2014-01-12 10:15:37 +01:00
Sebastian Grewe
20305026e8 [ADDED] User login overview to admin dashboard 
Fixes #1374 once merged
 2014-01-12 09:05:59 +01:00
Sebastian Grewe
20ef443ae1 [FIX] Custom smarty code HTML 2014-01-12 08:50:24 +01:00
Sebastian Grewe
f98d08df83 [SECURITY] Fixing XSS in PHP_SELF 
Fixes #1364 once merged.
 2014-01-11 19:01:14 +01:00
Sebastian Grewe
9526cf0093 [IMPROVED] Show static nav hashrate if live off 
Fixes #1362 once merged.
 2014-01-11 18:37:55 +01:00
Sebastian Grewe
1485a02528 [ADDED] Invitation overview to admin dashboard 
* Split up dashboard default template into subfiles
* Added new invitation overview
* Updated page file

Fixes #1357 once merged.
 2014-01-11 13:45:55 +01:00
Sebastian Grewe
fb3f527e86 [FIX] Typo in modifier 2014-01-11 13:15:44 +01:00
Sebastian Grewe
93dd7c92a6 Merge pull request #1356 from TheSerapher/issue-1354 
[CLEANUP] Missed two values
 2014-01-11 04:13:40 -08:00
Sebastian Grewe
1ca8144ad5 [CLEANUP] Missed two values 2014-01-11 13:13:20 +01:00
Sebastian Grewe
c1d08895cf Merge pull request #1355 from TheSerapher/issue-1354 
[CLEANUP] Dashboard number formatting
 2014-01-11 04:11:49 -08:00
Sebastian Grewe
5f942d9ba7 [CLEANUP] Dashboard number formatting 
Cleans up some Ajax data on the dashboard to match the static template
data format. No more jumpy numbers.

Fixes #1354
 2014-01-11 13:10:44 +01:00
Sebastian Grewe
6baad2dd06 [UPDATE] Added active workers to admin dashboard 
* Using lower time range for shares: 120 seconds
* Updated worker class with new time range for active workers
* Added statistics, active users call with 120 seconds time range
* Updated admin panel dashboard template

Fixes #1352 once merged.
 2014-01-11 12:37:39 +01:00
Sebastian Grewe
88c962266f [IMPROVED] Wrapper for contributor stats 
Fixes a small alignment issue with unbalance table heights.
 2014-01-11 12:04:48 +01:00
rog1121
412807b7a8 Add Stratum URL 2014-01-10 18:40:06 -07:00