Merge pull request #2632 from MPOS/development

TheSerapher · web-flow · commit 02581f1ea3a7 · 2017-11-02T09:49:15.000Z
UPDATE : Development to Master
diff --git a/README.md b/README.md
@@ -30,7 +30,7 @@ These people have supported this project with a donation:
 * [WKNiGHT](https://github.com/WKNiGHT-)
 * [ZC](https://github.com/zccopwrx)
 * Nutnut
-* Caberhagen (http://litecoin-pool.ch)
+* Caberhagen (https://coin-mining.ch)
 * Mining4All (https://www.mining4all.eu/)
 * [xisi](https://github.com/xisi)
 * [PCFiL](https://github.com/PCFiL)
diff --git a/cronjobs/findblock.php b/cronjobs/findblock.php
@@ -28,7 +28,13 @@
 // Fetch our last block found from the DB as a starting point
 $aLastBlock = @$block->getLastValid();
 $strLastBlockHash = $aLastBlock['blockhash'];
-if (!$strLastBlockHash) $strLastBlockHash = '';
+if (!$strLastBlockHash) {
+  try {
+    $strLastBlockHash = $bitcoin->getblockhash(1);
+  } catch (Exception $e) {
+    $strLastBlockHash = "";
+  }
+}
 
 // Fetch all transactions since our last block
 if ( $bitcoin->can_connect() === true ){
diff --git a/include/classes/notification.class.php b/include/classes/notification.class.php
@@ -105,8 +105,9 @@ public function getNotificationSettings($account_id) {
    **/
   public function getNotificationAccountIdByType($strType) {
     $this->debug->append("STA " . __METHOD__, 4);
-    $stmt = $this->mysqli->prepare("SELECT account_id FROM $this->tableSettings WHERE type = ? AND active = 1");
-    if ($stmt && $stmt->bind_param('s', $strType) && $stmt->execute() && $result = $stmt->get_result()) {
+    $stmt = $this->mysqli->prepare("SELECT account_id FROM $this->tableSettings WHERE type IN (?, ?) AND active = 1 GROUP BY account_id");
+    $notStrType = substr('push_'.$strType, 0, 15);
+    if ($stmt && $stmt->bind_param('ss', $strType, $notStrType) && $stmt->execute() && $result = $stmt->get_result()) {
       return $result->fetch_all(MYSQLI_ASSOC);
     }
     return $this->sqlError('E0046');
@@ -150,7 +151,8 @@ public function sendNotification($account_id, $strType, $aMailData) {
     }
     // Check if this user wants strType notifications
     $stmt = $this->mysqli->prepare("SELECT type FROM $this->tableSettings WHERE type IN (?, ?) AND active = 1 AND account_id = ?");
-    if ($stmt && $stmt->bind_param('ssi', $strType, substr('push_'.$strType, 0, 15), $account_id) && $stmt->execute() && $result = $stmt->get_result()) {
+    $notStrType = substr('push_'.$strType, 0, 15);
+    if ($stmt && $stmt->bind_param('ssi', $strType, $notStrType, $account_id) && $stmt->execute() && $result = $stmt->get_result()) {
     	$types = array_map(function($a){ return reset($a);}, $result->fetch_all(MYSQLI_ASSOC));
     	$stmt->close();
     	$result = true;
diff --git a/include/classes/push_notification/notifymyandroid.php b/include/classes/push_notification/notifymyandroid.php
@@ -1,41 +1,42 @@
 <?php
-	class Notifications_NotifyMyAndroid implements IPushNotification {
-		
-		private $apiKey;
-		public function __construct($apikey){
-			$this->apiKey = $apikey;
-		}
-		
-		static $priorities = array(
-			0 => 'info',
-			2 => 'error',
-		);
-		
-		public static function getName(){
-			return  "notifymyandroid.com";
-		}
-		
-		public static function getParameters(){
-			return array(
-				'apikey' => 'API key',
-			);
-		}
-		
-		public function notify($message, $severity = 'info', $event = null){
-			curl_setopt_array($ch = curl_init(), array(
-				CURLOPT_URL => "https://www.notifymyandroid.com/publicapi/notify",
-				CURLOPT_POST => true,
-				CURLOPT_RETURNTRANSFER => true,
-				CURLOPT_POSTFIELDS => http_build_query($data = array(
-					"apikey" => $this->apiKey,
-					"application" => "CryptoGlance",
-					"description" => $message,
-					"content-type" => "text/html",
-					"event" => $event,
-					"priority" => array_search($severity, self::$priorities), 
-				)),
-			));
-			curl_exec($ch);
-			curl_close($ch);
-		}
-	}
+class Notifications_NotifyMyAndroid implements IPushNotification {
+    
+    private $apiKey;
+    public function __construct($apikey){
+        $this->apiKey = $apikey;
+    }
+    
+    static $priorities = array(
+        0 => 'info',
+        2 => 'error',
+    );
+    
+    public static function getName(){
+        return  "notifymyandroid.com";
+    }
+    
+    public static function getParameters(){
+        return array(
+            'apikey' => 'API key',
+        );
+    }
+    
+    public function notify($message, $severity = 'info', $event = null){
+        global $setting;
+        curl_setopt_array($ch = curl_init(), array(
+            CURLOPT_URL => "https://www.notifymyandroid.com/publicapi/notify",
+            CURLOPT_POST => true,
+            CURLOPT_RETURNTRANSFER => true,
+            CURLOPT_POSTFIELDS => http_build_query($data = array(
+                "apikey" => $this->apiKey,
+                "application" => $setting->getValue('website_title')?:"PHP-MPOS",
+                "description" => $message,
+                "content-type" => "text/html",
+                "event" => $event,
+                "priority" => array_search($severity, self::$priorities),
+            )),
+        ));
+        curl_exec($ch);
+        curl_close($ch);
+    }
+}
diff --git a/include/classes/user.class.php b/include/classes/user.class.php
@@ -292,6 +292,7 @@ public function checkPin($userId, $pin='') {
     count($aPin) == 1 ? $pin_hash = $this->getHash($pin, 0) : $pin_hash = $this->getHash($pin, $aPin[1], $aPin[2]);
     $stmt = $this->mysqli->prepare("SELECT pin FROM $this->table WHERE id = ? AND pin = ? LIMIT 1");
     if ($stmt->bind_param('is', $userId, $pin_hash) && $stmt->execute() && $stmt->bind_result($row_pin) && $stmt->fetch()) {
+      $stmt->close();
       $this->setUserPinFailed($userId, 0);
       return ($pin_hash === $row_pin);
     }
@@ -666,7 +667,7 @@ public function logoutUser() {
     // Enforce a page reload and point towards login with referrer included, if supplied
     $port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
     $pushto = $_SERVER['SCRIPT_NAME'].'?page=login';
-    $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['SERVER_NAME'] . $port . $pushto : 'http://' . $_SERVER['SERVER_NAME'] . $port . $pushto;
+    $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['HTTP_HOST'] . $port . $pushto : 'http://' . $_SERVER['HTTP_HOST'] . $port . $pushto;
     if (!headers_sent()) header('Location: ' . $location);
     exit('<meta http-equiv="refresh" content="0; url=' . $location . '"/>');
   }
diff --git a/include/classes/usersettings.class.php b/include/classes/usersettings.class.php
@@ -31,7 +31,8 @@ private function _storeValue($name, $value){
 			if (empty(self::$__SetSTMT)){
 				self::$__SetSTMT = $this->mysqli->prepare('REPLACE INTO '.$this->table.' (`account_id`, `name`, `value`) VALUES (?, ?, ?)');
 			}
-			if (!(self::$__SetSTMT && self::$__SetSTMT->bind_param('iss', $this->account_id, $name, serialize($value)) && self::$__SetSTMT->execute())) {
+			$val = serialize($value);
+			if (!(self::$__SetSTMT && self::$__SetSTMT->bind_param('iss', $this->account_id, $name, $val) && self::$__SetSTMT->execute())) {
 				$this->setErrorMessage($this->getErrorMsg('E0084', $this->table));
 				return $this->sqlError();
 			}
diff --git a/include/classes/worker.class.php b/include/classes/worker.class.php
@@ -124,8 +124,7 @@ public function getWorker($id, $interval=600) {
          ) AS shares
        FROM $this->table AS w
        WHERE id = ?");
-    if ($this->checkStmt($stmt) && $stmt->bind_param('iiiii', $interval, $interval, $interval, $interval, $id) && $stmt->execute() && $result = $stmt->get_result()) {
-      $row = $result->fetch_assoc();
+    if ($this->checkStmt($stmt) && $stmt->bind_param('iiiii', $interval, $interval, $interval, $interval, $id) && $stmt->execute() && ($result = $stmt->get_result()) && ($row = $result->fetch_assoc())) {
       $row['hashrate'] = round($this->coin->calcHashrate($row['shares'], $interval), 2);
       if ($row['count_all'] > 0) {
         $row['difficulty'] = round($row['shares'] / $row['count_all'], 2);
diff --git a/include/lib/swiftmailer/classes/Swift/Mime/SimpleMimeEntity.php b/include/lib/swiftmailer/classes/Swift/Mime/SimpleMimeEntity.php
@@ -687,7 +687,7 @@ protected function _clearCache()
     protected function getRandomId()
     {
         $idLeft = md5(getmypid() . '.' . time() . '.' . uniqid(mt_rand(), true));
-        $idRight = !empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'swift.generated';
+        $idRight = !empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'swift.generated';
         $id = $idLeft . '@' . $idRight;
 
         try {
diff --git a/include/lib/swiftmailer/classes/Swift/Transport/AbstractSmtpTransport.php b/include/lib/swiftmailer/classes/Swift/Transport/AbstractSmtpTransport.php
@@ -477,10 +477,10 @@ private function _sendBcc(Swift_Mime_Message $message, $reversePath, array $bcc,
     /** Try to determine the hostname of the server this is run on */
     private function _lookupHostname()
     {
-        if (!empty($_SERVER['SERVER_NAME'])
-            && $this->_isFqdn($_SERVER['SERVER_NAME']))
+        if (!empty($_SERVER['HTTP_HOST'])
+            && $this->_isFqdn($_SERVER['HTTP_HOST']))
         {
-            $this->_domain = $_SERVER['SERVER_NAME'];
+            $this->_domain = $_SERVER['HTTP_HOST'];
         } elseif (!empty($_SERVER['SERVER_ADDR'])) {
             $this->_domain = sprintf('[%s]', $_SERVER['SERVER_ADDR']);
         }
diff --git a/include/pages/account/reset_failed.inc.php b/include/pages/account/reset_failed.inc.php
@@ -6,7 +6,7 @@
   $user->setUserFailed($_SESSION['USERDATA']['id'], 0);
   $port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
   $pushto = $_SERVER['SCRIPT_NAME'].'?page=dashboard';
-  $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['SERVER_NAME'] . $port . $pushto : 'http://' . $_SERVER['SERVER_NAME'] . $port . $pushto;
+  $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['HTTP_HOST'] . $port . $pushto : 'http://' . $_SERVER['HTTP_HOST'] . $port . $pushto;
   header("Location: " . $location);
 }
 // Somehow we still need to load this empty template
diff --git a/include/pages/login.inc.php b/include/pages/login.inc.php
@@ -29,7 +29,7 @@
         if ($user->checkLogin(@$_POST['username'], @$_POST['password']) ) {
           $port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
           $location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
-          $location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME'];
+          $location .= $_SERVER['HTTP_HOST'] . $port . $_SERVER['SCRIPT_NAME'];
           $location.= '?page=dashboard';
           if (!headers_sent()) header('Location: ' . $location);
           exit('<meta http-equiv="refresh" content="0; url=' . htmlspecialchars($location) . '"/>');
diff --git a/include/version.inc.php b/include/version.inc.php
@@ -1,7 +1,7 @@
 <?php
 $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
 
-define('MPOS_VERSION', '1.0.7');
+define('MPOS_VERSION', '1.0.8');
 define('DB_VERSION', '1.0.2');
 define('CONFIG_VERSION', '1.0.1');
 define('HASH_VERSION', 1);
diff --git a/public/index.php b/public/index.php
@@ -40,7 +40,7 @@ function cfip() { return (@defined('SECURITY')) ? 1 : 0; }
 include_once(BASEPATH . '../include/bootstrap.php');
 
 // switch to https if config option is enabled
-$hts = ($config['https_only'] && (!empty($_SERVER['QUERY_STRING']))) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'] : "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'];
+$hts = ($config['https_only'] && (!empty($_SERVER['QUERY_STRING']))) ? "https://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'] : "https://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
 ($config['https_only'] && @!$_SERVER['HTTPS']) ? exit(header("Location: ".$hts)):0;
 
 // Rate limiting, we use our initilized memcache from bootstrap/autoloader
diff --git a/templates/bootstrap/about/pool/default.tpl b/templates/bootstrap/about/pool/default.tpl
@@ -2,7 +2,7 @@
     <div class="col-lg-12">
       <div class="panel panel-info">
         <div class="panel-heading">
-          <i class="fa fa-info fa-fw"></i> Frequently Asked Questions
+          <i class="fa fa-info fa-fw"></i>Frequently Asked Questions
         </div>
         <div class="panel-body">
           <ul>
@@ -14,11 +14,11 @@
           {/if}
           {if $GLOBAL.config.payout_system == 'pplns'}
           <br>
-          <b>Pay Per Last N Shares (PPLNS)</b> - Block rewards are distributed among the last shares, disregarding round boundaries. In the accurate implementation, the number of shares is deter- mined so that their total will be a specified quantity of score (where the score of a share is the inverse of the difficulty). Most pools use a naive implementation based on a fixed number of shares or a fixed multiple of the difficulty. The share-variance can be reduced at the cost of increased maturity time, but there is no way to decrease the long-term pool-variance.
+          <b>Pay Per Last N Shares (PPLNS)</b> - Block rewards are distributed among the last shares, disregarding round boundaries. In the accurate implementation, the number of shares is determined so that their total will be a specified quantity of score (where the score of a share is the inverse of the difficulty). Most pools use a naive implementation based on a fixed number of shares or a fixed multiple of the difficulty. The share-variance can be reduced at the cost of increased maturity time, but there is no way to decrease the long-term pool-variance.
           {/if}
           {if $GLOBAL.config.payout_system == 'pps'}
           <br>
-          <b>Pay Per Share (PPS)</b> - Each share receives a fixed reward known in advance. This is the ultimate low- variance, low-maturity simple method, but has the highest risk for the operator, and hence lower expected returns than other methods and risk of collapse if not managed properly.
+          <b>Pay Per Share (PPS)</b> - Each share receives a fixed reward known in advance. This is the ultimate low-variance, low-maturity simple method, but has the highest risk for the operator, and hence lower expected returns than other methods and risk of collapse if not managed properly.
           {/if}
           <br><br>
           <li><b><i>Q: What is a orphan block?</b></i></li>
@@ -48,7 +48,7 @@
           </ul>
         </div>
         <div class="panel-footer">
-          <h6>This Pool is running <a href="https://github.com/TheSerapher/php-mpos">MPOS</a> project code. This frontend was  created by TheSerapher aka Sebastian Grewe. The operation of the pool is soley at the hand of your trusted pool operator.</h6>
+          <h6>This Pool is running <a href="https://github.com/TheSerapher/php-mpos">MPOS</a> project code. This frontend was created by <a href="https://github.com/MPOS/php-mpos"TheSerapher aka Sebastian Grewe</a>. The operation of the pool is soley at the hand of your trusted pool operator.</h6>
         </div>
       </div>
     </div>

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,8 @@ private function _storeValue($name, $value){`
`31`	`31`	`if (empty(self::$__SetSTMT)){`
`32`	`32`	self::$__SetSTMT = $this->mysqli->prepare('REPLACE INTO '.$this->table.' (`account_id`, `name`, `value`) VALUES (?, ?, ?)');
`33`	`33`	`}`
`34`		`- if (!(self::$__SetSTMT && self::$__SetSTMT->bind_param('iss', $this->account_id, $name, serialize($value)) && self::$__SetSTMT->execute())) {`
	`34`	`+ $val = serialize($value);`
	`35`	`+ if (!(self::$__SetSTMT && self::$__SetSTMT->bind_param('iss', $this->account_id, $name, $val) && self::$__SetSTMT->execute())) {`
`35`	`36`	`$this->setErrorMessage($this->getErrorMsg('E0084', $this->table));`
`36`	`37`	`return $this->sqlError();`
`37`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -687,7 +687,7 @@ protected function _clearCache()`
`687`	`687`	`protected function getRandomId()`
`688`	`688`	`{`
`689`	`689`	`$idLeft = md5(getmypid() . '.' . time() . '.' . uniqid(mt_rand(), true));`
`690`		`- $idRight = !empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'swift.generated';`
	`690`	`+ $idRight = !empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'swift.generated';`
`691`	`691`	`$id = $idLeft . '@' . $idRight;`
`692`	`692`
`693`	`693`	`try {`
Original file line number	Diff line number	Diff line change
`@@ -477,10 +477,10 @@ private function _sendBcc(Swift_Mime_Message $message, $reversePath, array $bcc,`
`477`	`477`	`/** Try to determine the hostname of the server this is run on */`
`478`	`478`	`private function _lookupHostname()`
`479`	`479`	`{`
`480`		`- if (!empty($_SERVER['SERVER_NAME'])`
`481`		`- && $this->_isFqdn($_SERVER['SERVER_NAME']))`
	`480`	`+ if (!empty($_SERVER['HTTP_HOST'])`
	`481`	`+ && $this->_isFqdn($_SERVER['HTTP_HOST']))`
`482`	`482`	`{`
`483`		`- $this->_domain = $_SERVER['SERVER_NAME'];`
	`483`	`+ $this->_domain = $_SERVER['HTTP_HOST'];`
`484`	`484`	`} elseif (!empty($_SERVER['SERVER_ADDR'])) {`
`485`	`485`	`$this->_domain = sprintf('[%s]', $_SERVER['SERVER_ADDR']);`
`486`	`486`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@`
`6`	`6`	`$user->setUserFailed($_SESSION['USERDATA']['id'], 0);`
`7`	`7`	`$port = ($_SERVER["SERVER_PORT"] == "80" \|\| $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);`
`8`	`8`	`$pushto = $_SERVER['SCRIPT_NAME'].'?page=dashboard';`
`9`		`- $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['SERVER_NAME'] . $port . $pushto : 'http://' . $_SERVER['SERVER_NAME'] . $port . $pushto;`
	`9`	`+ $location = (@$_SERVER['HTTPS'] == 'on') ? 'https://' . $_SERVER['HTTP_HOST'] . $port . $pushto : 'http://' . $_SERVER['HTTP_HOST'] . $port . $pushto;`
`10`	`10`	`header("Location: " . $location);`
`11`	`11`	`}`
`12`	`12`	`// Somehow we still need to load this empty template`