RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,510 Commits 4 Branches 11 Tags 14 MiB
d4557982ba
Commit Graph

1673 Commits

Author SHA1 Message Date
Sebastian Grewe
d4557982ba [FIX] API call for transactions 
Fixes #1602 once merged.
 2014-01-27 09:13:09 +01:00
Sebastian Grewe
b87691371f [SECURITY] Path disclosure and redirects 
* [SECURITY] Do not disclose paths with wrong query arguments in API
* [SECURITY] Removed $to redirect after login

Fixes #1596 once merged.
 2014-01-26 17:41:27 +01:00
Sebastian Grewe
816fb783ce Merge pull request #1589 from joebauers/next 
Update user.class.php
 2014-01-25 23:50:25 -08:00
joebauers
48ce68e612 Update user.class.php 
No need to show world if valid account.
 2014-01-26 02:44:30 -05:00
Sebastian Grewe
a343ac4047 Merge pull request #1568 from MPOS/payout-fail-bail 
[FIX] Bail payouts on failed sendtoaddress calls
 2014-01-25 08:38:56 -08:00
Sebastian Grewe
768d193793 Merge pull request #1576 from xisi/csrf-backend-only 
[FIXES] More CSRF improvements
 2014-01-25 06:59:08 -08:00
Sebastian Grewe
9e6a2a3bea [FIX] Do not treat disabled notification as error 
Fixes #1582 once merged.
 2014-01-25 13:10:38 +01:00
xisi
8fbda49fd1 Don't even need the suppression 2014-01-24 16:33:55 -05:00
xisi
a043e5ed19 Fixes #1561, which happened to me even with the API key in the correct format 2014-01-24 16:32:00 -05:00
xisi
c81aec4c64 fixed bug in registration form 2014-01-24 15:38:56 -05:00
xisi
0f88f70fcf fixes bug in registration form, thanks @Zen00 2014-01-24 15:34:01 -05:00
xisi
4e18ff318b cleaned up tabbing and sessions in index 2014-01-24 15:07:00 -05:00
xisi
c192cbb0bd Token failure condition fix 2014-01-24 14:46:50 -05:00
xisi
3006cb544f Reworked csrf tokens, now enabled globally 
The way this now works is, if csrf is enabled:
 * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
 * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid
 2014-01-24 13:00:24 -05:00
Sebastian Grewe
a586cc36ab [FIX] Honor cache flag for getUserSharerate 2014-01-24 12:32:21 +01:00
Sebastian Grewe
2891a07637 [FIX] Bail payouts on failed sendtoaddress calls 
* [WORKAROUND] Helps for coins that run a bad RPC implementation
* Addresses #1406 and wil at least stop double payouts
 2014-01-24 12:15:23 +01:00
Sebastian Grewe
70a09811ec [FIX] PHP Notice on Mobile Template 2014-01-24 11:29:19 +01:00
Sebastian Grewe
481c8dd980 [FIX] Round donations on donor page 2014-01-24 10:52:13 +01:00
Sebastian Grewe
a1a3d7e873 [IMPROVED] Added donation minimum and rounding 
* [ADDED] Config option `$config['donate_threshold']['min'] = 1;`
* [VERSION] Incremented config file version to `0.0.6`
* [CHANGED] Round donations to at least two digits
* [CHANGED] Honor minimum set pool donation percentage
* [UPDATED] Account edit template

Fixes #1475 once merged
 2014-01-24 10:06:13 +01:00
Sebastian Grewe
659c203c06 Merge pull request #1551 from xisi/csrf-improvements 
[FIXES] CSRF tokens & login cleanup
 2014-01-23 23:27:31 -08:00
Sebastian Grewe
90d0ff1081 Merge pull request #1546 from ahmedbodi/patch-1 
Get Cronjob Status API
 2014-01-23 23:13:42 -08:00
Sebastian Grewe
f75200ce1e Merge pull request #1560 from raistlinthewiz/next 
Added reward_type and reward info to api/getpoolinfo
 2014-01-23 23:09:06 -08:00
Neozonz
2d607cca97 [FIX/ENHANCE] Session management 
@herrkauwer appreciate the code review and help
@xisi initial code pr
@add1ct3dd reporting the issue
 2014-01-23 16:52:29 -08:00
Hüseyin Uslu
b518ce0799 Tiny update. 2014-01-24 00:38:28 +02:00
Hüseyin Uslu
0639af54b3 Added reward_type and reward info to api/getpoolinfo 2014-01-24 00:37:50 +02:00
ahmedbodi
6d7d3f2026 Update getcronjobstatus.inc.php 2014-01-23 20:23:41 +00:00
Sebastian Grewe
207a8719fd Merge pull request #1558 from xisi/security-invalidsession-fix 
[FIX] Invalid session regeneration
 2014-01-23 11:52:00 -08:00
xisi
bb24b9cb2c Wrong spot 2014-01-23 14:45:11 -05:00
Joey
8b59e3d519 Merge pull request #1557 from xisi/security-invalidsession-fix 
[FIX] Invalid session regeneration
 2014-01-23 11:43:29 -08:00
xisi
4df4957ec5 Fixes invalid session bug 2014-01-23 14:32:28 -05:00
xisi
1fd0adf038 Removed unused config setting 2014-01-23 11:01:30 -05:00
xisi
a3314fa81e Cleaned up login page logic a bit more 
Fixed up CSRF tokens so rollover minutes/hours are now checked and valid
 2014-01-23 11:01:30 -05:00
Sebastian Grewe
33cfa5667d Merge branch 'next' of github.com:MPOS/php-mpos into next 2014-01-23 16:59:46 +01:00
Sebastian Grewe
92e7f3e1e4 [FIX] Return floats for some statistics 
Fixes #1540
 2014-01-23 16:59:12 +01:00
Andrea Baccega
d6670508f7 Lets always use $this->table instead of hardcoding 2014-01-23 12:56:19 +01:00
ahmedbodi
ece8b3adf6 Create getcronjobstatus.inc.php 2014-01-23 10:29:01 +00:00
Sebastian Grewe
7acd3bc821 Merge pull request #1543 from Neozonz/issue-1542 
[BUG] FIX txfee in getpoolinfo API
 2014-01-23 01:13:00 -08:00
Sebastian Grewe
4b04df5d8a [FIX] Allow TAB to focus on email login 2014-01-23 10:11:37 +01:00
Sebastian Grewe
8a53e0319d [FIX] Missed file for admin maintenance 2014-01-23 10:01:35 +01:00
Sebastian Grewe
ac1bc4b2ce [FIX] Allow admin logins in maintenance mode 
Fixes #1489
 2014-01-23 08:58:25 +01:00
Neozonz
7a21b05a3d [BUG] Fix txfee API call with added support for old API calls 
[ADD] txfee_auto to API Calls
[ADD] txfee_manual to API Calls
[ADD] confirmations to API Calls
 2014-01-23 02:38:34 -05:00
Sebastian Grewe
cde6227692 Merge pull request #1539 from fspijkerman/next 
Use a full path instead of CWD set by PHP
 2014-01-22 22:17:24 -08:00
Frank Spijkerman
0d300581ff Use a full path instead of CWD set by PHP 2014-01-22 18:40:06 +01:00
freynder
952d5d979c Bugfix: shares and shares_archive values should be added up. 2014-01-22 14:18:38 +01:00
Sebastian Grewe
2a661b5e78 [FIX] Return proper data if memcache disabled 
If memcache option is disabled, the functions should return the data we
tried to set instead of false. At least we can ensure data is returned
as expected from any methods trying to use the memcache.
 2014-01-22 14:02:44 +01:00
Sebastian Grewe
593149742e Merge pull request #1491 from Neozonz/issue-1488 
[Optimize] SQL Queries : Remove joins from account table
 2014-01-22 04:56:16 -08:00
Neozonz
8b4ad00b1a [FIX] Fixed Data types for getHashrate 2014-01-22 07:33:01 -05:00
Neozonz
3de2fee57f [FIX] Updated function call to include account id as well 2014-01-22 07:10:05 -05:00
Sebastian Grewe
0d10079a2a [FIX] remove mail debug output 2014-01-22 12:48:03 +01:00
Sebastian Grewe
faf648d1d2 [FIX] Show username in Login Mails 2014-01-22 12:18:51 +01:00