htaccess to block access to the logs
by default, only log warnings
simple config check to see if that folder is writable
warning if changeNoFee is used
warning if setLocked is used
warning if changeAdmin is used
warning if when logging in that IP is different than saved IP
info if a login fails with bad user or password
warning if a user is locked via failed logins
info if an update/etc fails with bad pin
warning if a user is locked via failed pins
info when a pin request is sent
warning when a pin request email doesn't send
warning when trying to request pin reset and incorrect password
info when a twofactor token sent
warning if twofactor email doesn't send
warning when a user tries to request multiple of the same type of token
info when a twofactor token is deleted
warning if a twofactor token fails to delete
warning when an invalid change password token is used
info on successful account update
warning when reset password is called and IP doesn't match saved IP, info otherwise
warning if isAuthenticated falls through and kills a session
* [ADDED] More error codes
* [MODIFIED] Class updates to use Base Class all the time
* [MODIFIED] Cronjobs have been slightly adjusted
* [ADDED] More base class features
* Added new column to transactions table (`007_transactions.sql`)
* Added setArchived method to mark old transactions as archived
* Honor archived flag in getBalance and getLockedBalance
This will further address and fix#536 once merged.
This will avoid double payouts via the website. Payouts will be
requested by users and processed by a cron. If, for whatever reason,
users do add two requests (it is checked if a payout exists) they would
only have one successful payout until their account balance is back up
to a save value to trigger the payout.
This should fix any issues with manual payouts being exploited through
the website. Will require some testing by others to ensure things work
as expected.
