RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,556 Commits 4 Branches 11 Tags 14 MiB
ae47437ab7
Commit Graph

646 Commits

Author SHA1 Message Date
xisi
568445845a changes DEBUG SALT and SALTY from defines to variables 
switched that in all places used (class loads mostly)
moved all includes at the beginning of index into bootstrap
moves *_PATH defines from config to bootstrap
config now uses defaults first, then user config
 2014-01-29 07:34:50 -05:00
xisi
56ad9266d3 last login time not this login time 2014-01-29 03:55:51 -05:00
xisi
74dec2796d Added last login time/ip address popup on login w/ close button 
Info/blue if your ip matches, warning/yellow if not
 2014-01-28 15:45:24 -05:00
xisi
9f6cf99aa3 small fixes 2014-01-28 08:08:53 -05:00
xisi
6398e5dfec merged session manager/memcache limiter 
cleanup for PR
 2014-01-28 07:26:33 -05:00
Joey
63c3b96a29 now enforce client & server validity on login with strict on 
fixed csrf token check for a few pages where it mightve been broken
session manager now can be bound to base user class and used, like in login
logout now pushes you to login regardless, no longer has param to push to custom url
fixed validate client, hijacking sessions no longer works
 2014-01-28 07:26:32 -05:00
xisi
b728b680ca blah blah 2014-01-28 07:26:08 -05:00
xisi
9dcb855b34 strict class, trying to figure out why edit account doesnt work 2014-01-28 06:18:57 -05:00
xisi
f21f05e874 pushing to start core rebuild 2014-01-28 06:18:57 -05:00
Sebastian Grewe
b783237c2e Merge pull request #1457 from MPOS/issue-1332 
Issue 1332
 2014-01-28 00:18:56 -08:00
Sebastian Grewe
1cd9352952 [FIX] Transaction ID and RPC Transaction ID 2014-01-27 10:31:18 +01:00
Sebastian Grewe
b87691371f [SECURITY] Path disclosure and redirects 
* [SECURITY] Do not disclose paths with wrong query arguments in API
* [SECURITY] Removed $to redirect after login

Fixes #1596 once merged.
 2014-01-26 17:41:27 +01:00
Sebastian Grewe
702ed49704 [ADDED] Account lock status 
* Lock 1: user confirmation/unlock pending, count shares
* Lock 2: Admin disabled, ignore shares

This further addresses #1332 and should allow proper dropping of shares
for banned accounts.
 2014-01-26 11:17:33 +01:00
Sebastian Grewe
e4627fc51d [IMPROVED] Ignore locked account shares 
* Updated getRoundShares to honor locked accounts
* Updated getSharesForAccounts and getArchiveShares

This will fix #1332 and ignore locked user accounts in share
calculations for payouts.
 2014-01-26 11:17:33 +01:00
Sebastian Grewe
816fb783ce Merge pull request #1589 from joebauers/next 
Update user.class.php
 2014-01-25 23:50:25 -08:00
joebauers
48ce68e612 Update user.class.php 
No need to show world if valid account.
 2014-01-26 02:44:30 -05:00
Sebastian Grewe
768d193793 Merge pull request #1576 from xisi/csrf-backend-only 
[FIXES] More CSRF improvements
 2014-01-25 06:59:08 -08:00
Sebastian Grewe
9e6a2a3bea [FIX] Do not treat disabled notification as error 
Fixes #1582 once merged.
 2014-01-25 13:10:38 +01:00
xisi
3006cb544f Reworked csrf tokens, now enabled globally 
The way this now works is, if csrf is enabled:
 * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
 * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid
 2014-01-24 13:00:24 -05:00
Sebastian Grewe
a586cc36ab [FIX] Honor cache flag for getUserSharerate 2014-01-24 12:32:21 +01:00
Sebastian Grewe
481c8dd980 [FIX] Round donations on donor page 2014-01-24 10:52:13 +01:00
Sebastian Grewe
a1a3d7e873 [IMPROVED] Added donation minimum and rounding 
* [ADDED] Config option `$config['donate_threshold']['min'] = 1;`
* [VERSION] Incremented config file version to `0.0.6`
* [CHANGED] Round donations to at least two digits
* [CHANGED] Honor minimum set pool donation percentage
* [UPDATED] Account edit template

Fixes #1475 once merged
 2014-01-24 10:06:13 +01:00
xisi
a3314fa81e Cleaned up login page logic a bit more 
Fixed up CSRF tokens so rollover minutes/hours are now checked and valid
 2014-01-23 11:01:30 -05:00
Sebastian Grewe
33cfa5667d Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-23 16:59:46 +01:00
Sebastian Grewe
92e7f3e1e4 [FIX] Return floats for some statistics 
Fixes #1540
 2014-01-23 16:59:12 +01:00
Andrea Baccega
d6670508f7 Lets always use $this->table instead of hardcoding 2014-01-23 12:56:19 +01:00
Sebastian Grewe
ac1bc4b2ce [FIX] Allow admin logins in maintenance mode 
Fixes #1489
 2014-01-23 08:58:25 +01:00
freynder
952d5d979c Bugfix: shares and shares_archive values should be added up. 2014-01-22 14:18:38 +01:00
Sebastian Grewe
2a661b5e78 [FIX] Return proper data if memcache disabled 
If memcache option is disabled, the functions should return the data we
tried to set instead of false. At least we can ensure data is returned
as expected from any methods trying to use the memcache.
 2014-01-22 14:02:44 +01:00
Sebastian Grewe
593149742e Merge pull request #1491 from Neozonz/issue-1488 
[Optimize] SQL Queries : Remove joins from account table
 2014-01-22 04:56:16 -08:00
Neozonz
8b4ad00b1a [FIX] Fixed Data types for getHashrate 2014-01-22 07:33:01 -05:00
Sebastian Grewe
faf648d1d2 [FIX] Show username in Login Mails 2014-01-22 12:18:51 +01:00
Neozonz
934825e8dc [FIX] Remove old query remnants 2014-01-21 20:14:44 -05:00
Neozonz
f613cc6bfd [FIX] Set interval for sample size as well 2014-01-21 20:06:37 -05:00
Neozonz
2090247afb [COMMENT] Added commenting and fixed function descriptions 
[CLEAN] Clean Code
 2014-01-21 19:43:33 -05:00
Neozonz
02f085f2d7 [FIX] MySQLi Queries 2014-01-22 00:13:58 +00:00
Nonstopmine.com
ac7aed4bc4 Update mail.class.php 
PHP Notice
 2014-01-21 22:28:39 +02:00
Neozonz
34dfd4aefb [FIX] SQL Conditional Operator 2014-01-21 11:16:00 -08:00
Sebastian Grewe
971006b7a2 [FIX] Live stats not being done with global cache 
Fixes live stats not updating and always using the global cache instead.
 2014-01-21 17:16:26 +01:00
Sebastian Grewe
0d367697e0 [FIX] Storing/showing wrong data from cache 
Fixes #1517
 2014-01-21 15:24:44 +01:00
Neozonz
1630d85440 [FIX] Cache by Account_ID 
[FIX] Query by Username
 2014-01-21 06:58:28 -05:00
Neozonz
0a5344cba0 Merge branch 'github.com/issue-1488' 
Conflicts:
	public/include/classes/statistics.class.php
 2014-01-21 06:44:10 -05:00
Neozonz
07e8af55f8 [FIX] Added back accound_ids for caching 
[FIX] SQL string termination
 2014-01-21 06:42:08 -05:00
Neozonz
4a4fd65ae2 [CLEAN] Clean spacing 2014-01-21 06:39:37 -05:00
Neozonz
ca0634929e [FIX] Whoopsie 2014-01-21 06:39:37 -05:00
Neozonz
a78141b5ce [Optimize] SQL Queries : Remove joins from account table 2014-01-21 06:36:07 -05:00
Neozonz
48cc7f7665 [FIX] Added back accound_ids for caching 
[FIX] SQL string termination
 2014-01-21 06:19:59 -05:00
Sebastian Grewe
6b46385584 [IMPROVED] non-auto expire caches added 2014-01-21 10:59:25 +01:00
Sebastian Grewe
fe9c706020 [IMPROVED] non-auto expire caches added 2014-01-21 10:56:08 +01:00
Sebastian Grewe
8ef419f795 [ADDED] Static cache with no auto-expiration 2014-01-21 10:16:17 +01:00