Bitcoin Forum
November 19, 2024, 03:10:42 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 »  All
  Print  
Author Topic: [Pushpool Web Frontend] Simplecoin v5.0 Opensource PHP/MySQL - NEW RELEASE  (Read 57213 times)
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 12, 2011, 04:43:45 PM
 #41

hey you updated the git repo while i was making a patch:

http://paste.ubuntu.com/624849/

or
Code:
55c55
< $authPin = (int) $_POST["authPin"];
---
> $authPin = (string) $_POST["authPin"];
89c89
< if(!is_int($authPin)){
---
> if(!is_numeric($authPin)){

in register.php

This makes it so your pin can start with zero. or 2 zeros. or 3. this affected 2 out of three people on my new pool already :-p

Thanks for that, I'll make sure it gets in the repo Wink

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 12, 2011, 05:27:39 PM
 #42

Anyone know how to tag a specific commit? This is my 1st run using git for version control.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 13, 2011, 06:51:36 PM
 #43

So far with the latest code, I'm passing security audits with flying colors.

If anyone notices anything, please let me know in a PM or feel free to send your own commits to the source for me to review.

Version 2 is well under way with db changes that will hopefully reduce mysqls requirements.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 13, 2011, 08:32:57 PM
Last edit: June 13, 2011, 08:47:01 PM by simplecoin
 #44

Big bugfix to the main cronjob!

was setting the counted enum by int.

to fix affected records:
stop cronjob
apply patch

get latest confirmed block
select blockNumber from networkBlocks where confirms > 119

update shares_history
update settings_history set counted='1' where counted=1 and blockNumber <= (above last blocknumber)
update settings_history set counted='0' where counted=0 and blockNumber > (above last blocknumber)

start cronjob


I don't think affected payouts, but it should have played hell with stats. However, to be sure, I'm disclosing the issue.

The entire shares_history workings are already very overhauled for v2. I'm implementing a condesed shares_counted table to keep shares_history much leaner.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
genewitch
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 13, 2011, 09:48:53 PM
Last edit: June 13, 2011, 10:04:31 PM by genewitch
 #45

I tried to use the git version of adminPanel with my existing install (not latest git) - it doesn't show anything... the old adminPanel didn't do anything.

How do i reset a user's password?

Can i go into the sql database and add shares into a table to make up for the fact that i had to delete the user's duplicate entries?

Also
BUG: You can register the same username more than once.  Undecided
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 13, 2011, 10:43:08 PM
 #46

I tried to use the git version of adminPanel with my existing install (not latest git) - it doesn't show anything... the old adminPanel didn't do anything.

How do i reset a user's password?

Can i go into the sql database and add shares into a table to make up for the fact that i had to delete the user's duplicate entries?

Also
BUG: You can register the same username more than once.  Undecided

What is the php error from adminPanel? It should display if you have the admin flag.

I haven't implemented password reset, I'll add that to the adminPanel and a user option based on email.
If you want to do it manually, update the pass in webUsers to sha256 of pw+your salt.

your best bet for solving miner-related issues is to update shares or shares_history username to the new miner id, but dummy shares should work.

As for the bug, set your username in webUsers to unique. That should stop duplicates for now. I'll add a proper check in the next version.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 14, 2011, 04:23:17 AM
 #47

Just added some minor updates I wanted to roll in before v2 and the required sql changes.  Smiley

v2 is well under way. I may roll it out before I finish all the sql optimizations. However, the biggest optimization will be included (read: archiving shares_history once counted).

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
genewitch
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 14, 2011, 07:03:22 AM
 #48

I tried to use the git version of adminPanel with my existing install (not latest git) - it doesn't show anything... the old adminPanel didn't do anything.

How do i reset a user's password?

Can i go into the sql database and add shares into a table to make up for the fact that i had to delete the user's duplicate entries?

Also
BUG: You can register the same username more than once.  Undecided

What is the php error from adminPanel? It should display if you have the admin flag.

Nothing, i get a blank area where the panel normally is, but the rest of the page loads fine (the template.) I have admin set on the account. the reason i updated is you said you fixed some things and security.

is v2 going to allow seamless upgrade from v1?
d3c0n808
Full Member
***
Offline Offline

Activity: 434
Merit: 101


View Profile
June 14, 2011, 07:05:59 AM
 #49

I updated from git repo and each time i try to register it says user already exists, even though the database is empty.  I don't think its a issue of php not talking to mysql because if that were the case it wouldnt show anything I imagine.  Is anyone else having this issue?
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 14, 2011, 02:28:11 PM
 #50

I tried to use the git version of adminPanel with my existing install (not latest git) - it doesn't show anything... the old adminPanel didn't do anything.

How do i reset a user's password?

Can i go into the sql database and add shares into a table to make up for the fact that i had to delete the user's duplicate entries?

Also
BUG: You can register the same username more than once.  Undecided

What is the php error from adminPanel? It should display if you have the admin flag.

Nothing, i get a blank area where the panel normally is, but the rest of the page loads fine (the template.) I have admin set on the account. the reason i updated is you said you fixed some things and security.

is v2 going to allow seamless upgrade from v1?

You could downgrade the adminPanel to the previous version, the fixes to adminpanel were antiXSS related. If you are the only admin, cross-site scripting shouldn't be an issue on that page.

Can you momentarily turn on php display_errors to see what's hangning? or check the apache log?


For v2 it will not be seamless, it will require DB changes. I will create an upgrade sql script though.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
Lightspeed
Full Member
***
Offline Offline

Activity: 126
Merit: 100



View Profile
June 14, 2011, 07:39:45 PM
 #51

hey

wanted to take a look but site doesn't appear to be working

is ozco.in an implementation of your stuff?

cheers

Overclocking = money? Greatest full time hobby ever!
1AR2eheP4nckS3tuzZHG6ARYndeddxmeDg
AnnihilaT
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
June 14, 2011, 08:27:34 PM
 #52

Hey Mike,

I like where you are going with this but the cookie implementation appears to be broken and your register function is currently broken as well.   Is the latest master supposed to be a working checkout or are you in the middle or reworking things?  Some things i noticed:

- register.php simply doesnt work i had to make the following changes to get it to work:
Code:
                $testUserQ = mysql_query("SELECT id FROM webUsers WHERE username = '".$username."' LIMIT 1");
                        //If not, create new user
                        //if (!$testUserQ) {
                        if (($testUserQ == false) || (mysql_num_rows($testUserQ) == 0)) {

- logout.php simply doesnt work.  Once logged in its impossible to logout without the session either timing out (didnt try to wait for this) or manually updateding/removing the timestamp in the webUser table.  Also you use a meta refresh in logout and login but wouldnt a
         header("Location: /index.php");
be nicer? Or something alike ?

Im curious who is doing your security audit?  You mention that you are getting one done but no details about this.... this might be a good point to expand on since security with web apps are always difficult to get right.   Also you might want to look into the webmin running on your server...if its v1.54, its vulnerable to an XSS attack that can result in root user priveleges for a remote attacker.
simplecoin (OP)
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile WWW
June 15, 2011, 04:33:50 AM
 #53

Hey Mike,

I like where you are going with this but the cookie implementation appears to be broken and your register function is currently broken as well.   Is the latest master supposed to be a working checkout or are you in the middle or reworking things?  Some things i noticed:

- register.php simply doesnt work i had to make the following changes to get it to work:
Code:
                $testUserQ = mysql_query("SELECT id FROM webUsers WHERE username = '".$username."' LIMIT 1");
                        //If not, create new user
                        //if (!$testUserQ) {
                        if (($testUserQ == false) || (mysql_num_rows($testUserQ) == 0)) {

- logout.php simply doesnt work.  Once logged in its impossible to logout without the session either timing out (didnt try to wait for this) or manually updateding/removing the timestamp in the webUser table.  Also you use a meta refresh in logout and login but wouldnt a
         header("Location: /index.php");
be nicer? Or something alike ?

Im curious who is doing your security audit?  You mention that you are getting one done but no details about this.... this might be a good point to expand on since security with web apps are always difficult to get right.   Also you might want to look into the webmin running on your server...if its v1.54, its vulnerable to an XSS attack that can result in root user priveleges for a remote attacker.

I think a few unintended things snuck into the last checkout. I'm about halfway through with the v2 code, and I'm trying to keep it out of master for now.

I had an outpatient spinal procedure done today, so nothing will be checked in tonight. Hopefully I can have a demo of the new work on the test-net soon for some real-world testing and viewing.

As for the security audit, I'm handling them. I'm using internal tools from my professional work, along with acunetix & nmap so far. The current v2(&1.1) code checks out clear so far. If you have any additional recommendations, I'd love to hear them.

I'm not using webmin 1.54 on my production machines. Once back in production, ssh should suffice for the live server. I like to keep production running as lean as possible.



In the future, I'll branch new code and keep the master at the latest 100% stable version.

Donations: 1VjGJHPtLodwCFBDWsHJMdEhqRcRKdBQk
Wayno
Member
**
Offline Offline

Activity: 61
Merit: 10


View Profile
June 18, 2011, 03:15:44 AM
 #54

Hello forums peoples,

I have been using simple coin to run a site and well it isn't working as it should. for starts the shares system is off as i found out after some days of testing and manual calculation, when 2 blocks are found with in a time frame the confirms STOP working on the older block, the cronjob system is hectic as it is if the db is updating the shares and the account balance part the system can run 2 cronjobs and you can get double payouts on the same block.

we have spent the last 48 hrs fixing the code to run correct and make things smoother. just a warning on this if u are planing to use the this code to run ur own large pool.

i found out the hard way Wink

its a great front end but a lot of minor and large bugs to be found and isolated as well.

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
dcconsulting
Newbie
*
Offline Offline

Activity: 41
Merit: 0


View Profile
June 18, 2011, 06:25:47 AM
 #55

Hi Wayno,

It Would be great in the spirit of Open Source to publish the fixed code to us. I am also running a pool on the Simplecoin Frontend and this makes me worry. Have not solved a block yet so it would be greatly appreciated before that.

Regards
Spirals
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile WWW
June 18, 2011, 10:46:39 AM
 #56

There seems to be a bug in accountsettings.php. Changing line 151:
Code:
}else if($inputAuthPin != $authPin && $act){

to:

Code:
}else if($inputAuthPin != $authPin && $act != "addWorker"){

fixes the warning about 'invalid authorization pin' when adding a worker.
Wayno
Member
**
Offline Offline

Activity: 61
Merit: 10


View Profile
June 18, 2011, 05:12:51 PM
 #57

dcconsulting we have solved 5 so far in 10 days running, and oh boy wat a problem it was sorting everything out. the only big issue we had was that i am running bitcoind 3.22 and the backend needs to be changed to generate to immature on looking for blocks, we found 2 blocks on the same day 5 hours apart this is were all the fun started Wink

be warned my code has been changed ALOT

https://github.com/Wayno

i havent uploaded the new db changes yet i will do that later on tonight

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
dcconsulting
Newbie
*
Offline Offline

Activity: 41
Merit: 0


View Profile
June 19, 2011, 08:21:44 AM
 #58

Thank You Wayno !

edit : HAHA writings of a mad man !
Wayno
Member
**
Offline Offline

Activity: 61
Merit: 10


View Profile
June 19, 2011, 10:33:33 AM
 #59

i have uploaded the db and new code.

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
dcconsulting
Newbie
*
Offline Offline

Activity: 41
Merit: 0


View Profile
June 19, 2011, 10:49:07 AM
 #60

Wayno,

Running the cronjob.php I get the following

PHP Fatal error:  Call to undefined function lock() in /var/www/cronjobs/cronjob.php on line 25

In Cronjob Line 25 = lock("cronjob.php");

Any ideas ?
Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!