ckdb/php - define a limit for multi-address accounts

9 years ago · 9660f55c27
4 changed files with 67 additions and 28 deletions
--- a/pool/page_addrmgt.php
+++ b/pool/page_addrmgt.php
@ -10,6 +10,7 @@ function addrmgtuser($data, $user, $err)
 $pg .= makeForm('addrmgt');
 $pg .= "<table callpadding=0 cellspacing=0 border=0>\n";
 $pg .= '<tr class=title>';
 $pg .= '<td class=dc>#</td>';
 $pg .= '<td class=dl>Address</td>';
 $pg .= '<td class=dl>ID</td>';
 $pg .= '<td class=dr>Ratio</td>';
@ -18,6 +19,7 @@ function addrmgtuser($data, $user, $err)
 # new row template for '+'
 $pg .= '<tr class=hid id=bs>';
 $pg .= '<td class=dc> </td>';
 $pg .= '<td class=dl>';
 $pg .= "<input type=text size=36 name='addr:' value=''>";
 $pg .= '</td>';
@ -38,7 +40,12 @@ function addrmgtuser($data, $user, $err)
 $count = 0;
 if ($ans['STATUS'] == 'ok')
 {
 	if (isset($ans['limit']))
 		$limit = $ans['limit'];
 	else
 		$limit = 1;
 	$count = $ans['rows'];
 	# this will output any DB rows > limit but DB update will ignore extras
 	for ($i = 0; $i < $count; $i++)
 	{
 		if ((($offset) % 2) == 0)
@ -48,6 +55,7 @@ function addrmgtuser($data, $user, $err)
 		$pg .= "<tr class=$row>";
 		$addr = $ans['addr:'.$i];
 		$pg .= '<td class=dc>'.($i+1).'</td>';
 		$pg .= '<td class=dl>';
 		$pg .= "<input type=text size=36 name='addr:$i' value='$addr'>";
 		$pg .= '</td>';
@ -66,20 +74,22 @@ function addrmgtuser($data, $user, $err)
 		$offset++;
 	}
 	if ($offset < $limit) {
 		if ((($offset++) % 2) == 0)
 			$row = 'even';
 		else
 			$row = 'odd';
-	$pg .= "<tr class=$row id=plus>";
+		$pg .= "<tr class=$row id=plus><td class=dc>";
-	$pg .= '<td colspan=4 class=dl>';
+		$pg .= "<input type=button value='+' onclick='return adrw($limit);'>";
-	$pg .= "<input type=button value='+' onclick='return adrw();'>";
+		$pg .= "</td><td colspan=4 class=dl><font size=-1>limit $limit</font></td></tr>";
-	$pg .= '</td></tr>';
+	}
 	if ((($offset++) % 2) == 0)
 		$row = 'even';
 	else
 		$row = 'odd';
 	$pg .= "<tr class=$row>";
 	$pg .= '<td class=dr>&nbsp;</td>';
 	$pg .= '<td class=dr>Password:</td>';
 	$pg .= '<td class=dl><input type=password name=pass size=20></td>';
 	$pg .= '<td colspan=2>&nbsp;</td></tr>';
@ -89,28 +99,32 @@ function addrmgtuser($data, $user, $err)
 	else
 		$row = 'odd';
 	$pg .= "<tr class=$row>";
 	$pg .= '<td class=dr>&nbsp;</td>';
 	$pg .= '<td class=dr><span class=st1>*</span>2nd Authentication:</td>';
 	$pg .= '<td class=dl><input type=password name=2fa size=10>';
 	$pg .= ' <input type=submit name=OK value=Save></td>';
 	$pg .= '<td colspan=3 class=dl>&nbsp;</td></tr>';
-	$pg .= "<tr><td colspan=4 class=dc><font size=-1>";
+	$pg .= '<tr><td colspan=5 class=dc><font size=-1>';
 	$pg .= "<span class=st1>*</span>Leave blank if you haven't enabled it<br>";
 	$pg .= 'You must enter your password to save changes<br>';
-	$pg .= 'A ratio of 0, will remove the address from the payouts</font></td></tr>';
+	$pg .= 'A ratio of 0, will remove the address from the payouts</td></tr>';
 }
 $pg .= "</table><input type=hidden name=rows value=$count id=rows></form>\n";
 # TODO - adrw() update the odd/even class for the new row and rows below it
 # TODO - move the js functions into inc.php
 $pg .= "<script type='text/javascript'>\n";
- $pg .= "function adrw(){var p=document.getElementById('plus');";
+ $pg .= "function adrw(l){var p=document.getElementById('plus');";
 $pg .=  "var r=document.getElementById('rows');var c=parseInt(r.value);";
 $pg .=  "var bs=document.getElementById('bs');var n=bs.cloneNode(true);n.id='z';";
- $pg .=  "n.className='odd';var ia=n.childNodes[0].firstChild;ia.name='addr:'+c;ia.value='';";
+ $pg .=  "var ia=n.childNodes[1].firstChild;ia.name='addr:'+c;ia.value='';";
- $pg .=  "var ipn=n.childNodes[1].firstChild;ipn.name='payname:'+c;ipn.value='';";
+ $pg .=  "var ipn=n.childNodes[2].firstChild;ipn.name='payname:'+c;ipn.value='';";
- $pg .=  "var ir=n.childNodes[2].firstChild;ir.id='rat'+c;ir.name='ratio:'+c;ir.value='0';";
+ $pg .=  "var ir=n.childNodes[3].firstChild;ir.id='rat'+c;ir.name='ratio:'+c;ir.value='0';";
- $pg .=  "var ip=n.childNodes[3].firstChild;ip.id='per'+c;ip.innerHTML='0.00%';";
+ $pg .=  "var ip=n.childNodes[4].firstChild;ip.id='per'+c;ip.innerHTML='0.00%';";
 $pg .=  "p.parentNode.insertBefore(n, p);";
- $pg .=  "c++;r.value=c;return true}\n";
+ $pg .=  "c++;r.value=c;if(c>=l){p.parentNode.removeChild(p)}";
 $pg .=  "n.childNodes[0].innerHTML=''+c;n.className='odd';return true}\n";
 $pg .= "function repc(){var c=parseInt(document.getElementById('rows').value);";
 $pg .=  "if(!isNaN(c)&&c>0&&c<1000){var v=[],tot=0;for(i=0;i<c;i++){";
 $pg .=  "var o=document.getElementById('rat'+i);var ov=parseInt(o.value);if(!isNaN(ov)&&ov>0)";
--- a/src/ckdb.h
+++ b/src/ckdb.h
@ -55,7 +55,7 @@
 #define DB_VLOCK "1"
 #define DB_VERSION "1.0.4"
-#define CKDB_VERSION DB_VERSION"-1.402"
+#define CKDB_VERSION DB_VERSION"-1.403"
 #define WHERE_FFL " - from %s %s() line %d"
 #define WHERE_FFL_HERE __FILE__, __func__, __LINE__
@ -1129,6 +1129,9 @@ extern K_STORE *useratts_store;
 // This att means the user uses multiple % based payout addresses
 #define USER_MULTI_PAYOUT "PayAddresses"
 // If they have multi, then: the default address limit if the useratt num < 1
 #define USER_ADDR_LIMIT 2
 #define USER_OLD_WORKERS "OldWorkersDays"
 #define USER_OLD_WORKERS_DEFAULT 7
--- a/src/ckdb_cmd.c
+++ b/src/ckdb_cmd.c
@ -446,6 +446,8 @@ static char *cmd_userset(PGconn *conn, char *cmd, char *id,
 {
 	K_ITEM *i_username, *i_passwordhash, *i_2fa, *i_rows, *i_address;
 	K_ITEM *i_ratio, *i_payname, *i_email, *u_item, *pa_item, *old_pa_item;
 	K_ITEM *ua_item = NULL;
 	USERATTS *useratts = NULL;
 	char *email, *address, *payname;
 	char reply[1024] = "";
 	size_t siz = sizeof(reply);
@ -459,7 +461,7 @@ static char *cmd_userset(PGconn *conn, char *cmd, char *id,
 	char *ret = NULL;
 	size_t len, off;
 	int32_t ratio;
-	int rows, i;
+	int rows, i, limit;
 	bool ok;
 	LOGDEBUG("%s(): cmd '%s'", __func__, cmd);
@ -488,12 +490,28 @@ static char *cmd_userset(PGconn *conn, char *cmd, char *id,
 			goto struckout;
 		}
 		K_RLOCK(useratts_free);
 		ua_item = find_useratts(users->userid, USER_MULTI_PAYOUT);
 		K_RUNLOCK(useratts_free);
 		if (!ua_item)
 			limit = 1;
 		else {
 			DATA_USERATTS(useratts, ua_item);
 			if (useratts->attnum > 0)
 				limit = (int)(useratts->attnum);
 			else
 				limit = USER_ADDR_LIMIT;
 		}
 		if (!i_passwordhash) {
 			APPEND_REALLOC_INIT(answer, off, len);
 			snprintf(tmp, sizeof(tmp), "email=%s%c",
 				 users->emailaddress, FLDSEP);
 			APPEND_REALLOC(answer, off, len, tmp);
 			snprintf(tmp, sizeof(tmp), "limit=%d%c", limit, FLDSEP);
 			APPEND_REALLOC(answer, off, len, tmp);
 			K_RLOCK(paymentaddresses_free);
 			pa_item = find_paymentaddresses(users->userid, ctx);
 			rows = 0;
@ -577,7 +595,8 @@ static char *cmd_userset(PGconn *conn, char *cmd, char *id,
 				if (rows > 0) {
 					pa_store = k_new_store(paymentaddresses_free);
 					K_WLOCK(paymentaddresses_free);
-					for (i = 0; i < rows; i++) {
+					// discard any extras above the limit
 					for (i = 0; i < rows && pa_store->count < limit; i++) {
 						snprintf(tmp, sizeof(tmp), "ratio:%d", i);
 						i_ratio = optional_name(trf_root, tmp,
 									1, (char *)intpatt,
@ -684,8 +703,8 @@ static char *cmd_userset(PGconn *conn, char *cmd, char *id,
 			if (pa_store && pa_store->count > 0) {
 				ok = paymentaddresses_set(conn, users->userid,
 								pa_store, by,
-								code, inet,
+								code, inet, now,
-								now, trf_root);
+								trf_root);
 				if (!ok) {
 					reason = "address error";
 					goto struckout;
--- a/src/ckdb_dbio.c
+++ b/src/ckdb_dbio.c
@ -1668,6 +1668,9 @@ bool workers_fill(PGconn *conn)
 	return ok;
 }
 // Absolute address limit
 #define ABS_ADDR_LIMIT 999
 /* Whatever the current paymentaddresses are, replace them with the list
 *  in pa_store
 * Code allows for zero, one or more current payment address */
@ -1684,14 +1687,14 @@ bool paymentaddresses_set(PGconn *conn, int64_t userid, K_STORE *pa_store,
 	char *upd = NULL, *ins;
 	size_t len, off;
 	bool ok = false, first, locked = false;
-	char *params[1002]; // Limit of 999 addresses per user
+	char *params[ABS_ADDR_LIMIT+3];
 	char tmp[1024];
 	int n, par = 0, count, matches;
 	LOGDEBUG("%s(): add", __func__);
 	// Quick early abort
-	if (pa_store->count > 999)
+	if (pa_store->count > ABS_ADDR_LIMIT)
 		return false;
 	if (conn == NULL) {
@ -1733,9 +1736,9 @@ bool paymentaddresses_set(PGconn *conn, int64_t userid, K_STORE *pa_store,
 	item = find_paymentaddresses(userid, ctx);
 	DATA_PAYMENTADDRESSES_NULL(row, item);
 	while (item && CURRENT(&(row->expirydate)) && row->userid == userid) {
-		/* This is only possible if the DB was directly updated with
+		/* This is only possible if the DB was directly updated with more
-		 * more than 999 records then reloaded (or a code bug) */
+		 * than ABS_ADDR_LIMIT records then reloaded (or a code bug) */
-		if (++count > 999)
+		if (++count > ABS_ADDR_LIMIT)
 			break;
 		// Find the RAM record in pa_store
@ -1766,12 +1769,12 @@ bool paymentaddresses_set(PGconn *conn, int64_t userid, K_STORE *pa_store,
 	LOGDEBUG("%s(): Step 1 par=%d count=%d matches=%d first=%s", __func__,
 		 par, count, matches, first ? "true" : "false");
 	// Too many, or none need expiring = don't do the update
-	if (count > 999 || first == true) {
+	if (count > ABS_ADDR_LIMIT || first == true) {
 		for (n = 0; n < par; n++)
 			free(params[n]);
 		par = 0;
 		// Too many
-		if (count > 999)
+		if (count > ABS_ADDR_LIMIT)
 			goto rollback;
 	} else {
 		APPEND_REALLOC(upd, off, len, ")");