RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,563 Commits 4 Branches 11 Tags 14 MiB
afdf3abb29
Commit Graph

2563 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
xisi
afdf3abb29 ripped out all the memcache session stuff, not worth it with the side effects of caching things 
cleaned up config/checks
 2014-01-30 18:41:56 -05:00
xisi
8487a8d462 respect client validation settings for failures 2014-01-30 09:38:41 -05:00
xisi
3d414e9ffa I think this is a good midway between hardcoding it in and allowing configurability 2014-01-29 23:35:07 -05:00
xisi
0643cf4b87 fixed crons, tested on 2 boxes 2014-01-29 18:33:34 -05:00
xisi
53a8b4adf1 .htaccess check for @ahmedbodi 2014-01-29 15:43:09 -05:00
xisi
51818421d8 weird problem, strict for isAuthenticated 2014-01-29 14:46:21 -05:00
xisi
5d017f60c3 how this worked before is beyond me 2014-01-29 13:28:38 -05:00
xisi
ae47437ab7 fixed worker delete csrf thing I stubbed earlier 
took to field out of the rest of the login forms
 2014-01-29 09:41:50 -05:00
xisi
c36413d70c tests not checks 2014-01-29 09:17:58 -05:00
xisi
f298c60260 little more cleanup 
put version check/config check after sessions/rate limiter so it works correctly & only uses 1 db hit
 2014-01-29 09:16:03 -05:00
xisi
568445845a changes DEBUG SALT and SALTY from defines to variables 
switched that in all places used (class loads mostly)
moved all includes at the beginning of index into bootstrap
moves *_PATH defines from config to bootstrap
config now uses defaults first, then user config
 2014-01-29 07:34:50 -05:00
xisi
c2b1c68699 added check if we can write config files to admin_checks, we shouldnt be able to 2014-01-29 05:20:06 -05:00
xisi
56ad9266d3 last login time not this login time 2014-01-29 03:55:51 -05:00
xisi
74dec2796d Added last login time/ip address popup on login w/ close button 
Info/blue if your ip matches, warning/yellow if not
 2014-01-28 15:45:24 -05:00
xisi
3efe979ae3 Switch config over to wiki, yay 2014-01-28 14:24:48 -05:00
xisi
181ef0c6d2 security config mask 2014-01-28 10:31:53 -05:00
xisi
614b5b1dbb of all the pages to miss it on 2014-01-28 08:19:58 -05:00
xisi
9f6cf99aa3 small fixes 2014-01-28 08:08:53 -05:00
xisi
f56c18276a small fixes 2014-01-28 07:26:33 -05:00
xisi
6398e5dfec merged session manager/memcache limiter 
cleanup for PR
 2014-01-28 07:26:33 -05:00
xisi
c373fc7192 removed exploits/added to gitignore for later 2014-01-28 07:26:32 -05:00
Joey
63c3b96a29 now enforce client & server validity on login with strict on 
fixed csrf token check for a few pages where it mightve been broken
session manager now can be bound to base user class and used, like in login
logout now pushes you to login regardless, no longer has param to push to custom url
fixed validate client, hijacking sessions no longer works
 2014-01-28 07:26:32 -05:00
Joey
795e019d0d cleaned up config options a bit 2014-01-28 07:26:32 -05:00
Joey
493c43e0ed updated check in autoloader so default needs to be changed if SECHASH_CHECK is enabled 2014-01-28 07:26:32 -05:00
Joey
d5f1c97f82 fixed check against define like it used to even if SECHASH_CHECK is disabled 
fixed ajax calls in memcache limiter to use REQUEST page/action rather than QUERY_STRING
 2014-01-28 07:26:32 -05:00
xisi
b728b680ca blah blah 2014-01-28 07:26:08 -05:00
xisi
9dcb855b34 strict class, trying to figure out why edit account doesnt work 2014-01-28 06:18:57 -05:00
xisi
f21f05e874 pushing to start core rebuild 2014-01-28 06:18:57 -05:00
xisi
7393f21d01 just pushing so I can rebase zzz 2014-01-28 06:18:57 -05:00
xisi
d57aed4049 basic test stuff 2014-01-28 06:18:57 -05:00
Sebastian Grewe
56f995c86f Merge pull request #1617 from HerrKauwer/pwcheck 
Cleaned up pwcheck.js
 2014-01-28 00:28:32 -08:00
Sebastian Grewe
5f65904431 [FIX] HTTPS detecion on Template 2014-01-28 09:25:50 +01:00
Sebastian Grewe
967c1cc48f [FIX] Proper HTTPS detection 
Fixes #1618 once merged
 2014-01-28 09:25:20 +01:00
Sebastian Grewe
b783237c2e Merge pull request #1457 from MPOS/issue-1332 
Issue 1332
 2014-01-28 00:18:56 -08:00
Sebastian Grewe
f83c88aae6 Merge pull request #1603 from MPOS/double-payouts 
Double payouts
 2014-01-27 22:25:44 -08:00
HerrKauwer
095ee2e40a Cleaned up pwcheck.js 2014-01-27 23:56:39 +01:00
Sebastian Grewe
7d4e0ccb6d Merge pull request #1608 from MPOS/admin-wallet-smarty-cache 
[FIX] Do not assign smarty vars if caching hits
 2014-01-27 04:51:40 -08:00
Sebastian Grewe
ecfa741223 [FIX] Do not assign smarty vars if caching hits 2014-01-27 13:43:33 +01:00
Sebastian Grewe
b5cb8171ba Merge branch 'master-read-only-check' into next 2014-01-27 13:26:14 +01:00
Sebastian Grewe
823f694638 Merge pull request #1605 from MPOS/thash-modifier 
[ADDED] THash/second modifier
 2014-01-27 03:59:28 -08:00
Sebastian Grewe
f183b586a8 [ADDED] Check if master is read-only 
Just to ensure we can run at all.
 2014-01-27 12:58:41 +01:00
Sebastian Grewe
fab3c44e90 [ADDED] THash/second modifier 2014-01-27 12:45:46 +01:00
Sebastian Grewe
a0b36841c8 [FIX] Logic error 2014-01-27 12:30:26 +01:00
Sebastian Grewe
cb1fc8b9c6 Update README.md 
Added phone apps.
 2014-01-27 10:48:16 +01:00
Sebastian Grewe
227a7c33de [FIX] Reset TX and RPCTX Ids 2014-01-27 10:39:19 +01:00
Sebastian Grewe
1cd9352952 [FIX] Transaction ID and RPC Transaction ID 2014-01-27 10:31:18 +01:00
Sebastian Grewe
72d923737f [WORKAROUND] Fully debit user before RPC call 
* First debit the user fully for this transaction
* Try the payout RPC call
* Fail this so admins can first confirm it worked, then force payouts
* Added comment what line to remove if this happens a lot

This will further address #1586
 2014-01-27 09:25:59 +01:00
Sebastian Grewe
e3219cf5da Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-27 09:13:41 +01:00
Sebastian Grewe
d4557982ba [FIX] API call for transactions 
Fixes #1602 once merged.
 2014-01-27 09:13:09 +01:00
iAmShorty
9bff2fd1e2 Merge pull request #1597 from iAmShorty/coinverify-adduser 
[UPDATE] adding user to log if no valid coin address set
 2014-01-26 11:24:35 -08:00