From c6d9e0b8b3f3e238a23350ac9b26b513d374c2b8 Mon Sep 17 00:00:00 2001 From: kanoi Date: Fri, 13 Jun 2014 19:00:09 +1000 Subject: [PATCH] php for web server --- pool/base.php | 269 +++++++++++++++++++++++++++++++ pool/db.php | 127 +++++++++++++++ pool/index.php | 62 ++++++++ pool/page.php | 351 +++++++++++++++++++++++++++++++++++++++++ pool/page_help.php | 13 ++ pool/page_index.php | 17 ++ pool/page_payments.php | 43 +++++ pool/page_reg.php | 128 +++++++++++++++ pool/param.php | 30 ++++ pool/socket.php | 163 +++++++++++++++++++ 10 files changed, 1203 insertions(+) create mode 100644 pool/base.php create mode 100644 pool/db.php create mode 100644 pool/index.php create mode 100644 pool/page.php create mode 100644 pool/page_help.php create mode 100644 pool/page_index.php create mode 100644 pool/page_payments.php create mode 100644 pool/page_reg.php create mode 100644 pool/param.php create mode 100644 pool/socket.php diff --git a/pool/base.php b/pool/base.php new file mode 100644 index 00000000..01a60961 --- /dev/null +++ b/pool/base.php @@ -0,0 +1,269 @@ +'), array('<', '>'), $str); + return $rep; +} +# +function htmler($str) +{ + $srch = array('<','>',"\r\n","\n","\r"); + $rep = array('<','>','
','
','
'); + return str_replace($srch, $rep, $str); +} +# +function cvtdbg() +{ + global $dbg, $dbgstr; + + if ($dbg === false || $dbgstr == '') + $rep = ''; + else + $rep = htmler($dbgstr).'
'; + + return $rep; +} +# +function safeinput($txt, $len = 1024, $lf = true) +{ + $ret = trim($txt); + if ($ret != '') + { + if ($lf === true) + $ret = preg_replace("/[^ -~\r\n]/", '', $ret); + else + $ret = preg_replace('/[^ -~]/', '', $ret); + + if ($len > 0) + $ret = substr($ret, 0, $len); + } + return trim($ret); +} +# +function safetext($txt, $len = 1024) +{ + $tmp = substr($txt, 0, $len); + + $res = ''; + for ($i = 0; $i < strlen($tmp); $i++) + { + $ch = substr($tmp, $i, 1); + if ($ch >= ' ' && $ch <= '~') + $res .= $ch; + else + { + $c = ord($ch); + $res .= sprintf('0x%02x', $c); + } + } + + if (strlen($txt) > $len) + $res .= '...'; + + return $res; +} +# +function dbd($data) +{ + return "
Web site is currently down
"; +} +# +function dbdown() +{ + gopage(NULL, 'dbd', NULL, '', true, false); +} +# +function f404($data) +{ + return "
404
"; +} +# +function do404() +{ + gopage(NULL, 'f404', NULL, '', true, false); +} +# +function showPage($page, $menu, $name) +{ +# If you are doing development, use without '@' +# Then switch to '@' when finished +# @include_once("page_$page.php"); + include_once("page_$page.php"); + + $fun = 'show_' . $page; + if (function_exists($fun)) + $fun($menu, $name); + else + do404(); +} +# +function showIndex() +{ + showPage('index', NULL, ''); +} +# +function offline() +{ + if (file_exists('./maintenance.txt')) + { + $ip = $_SERVER['REMOTE_ADDR']; + if ($ip != '192.168.7.74') + gopage(NULL, file_get_contents('./maintenance.txt'), NULL, '', false, false); + } +} +# +offline(); +# +session_start(); +# +include_once('db.php'); +# +function validUserPass($user, $pass) +{ + $rep = checkpass($user, $pass); + $ans = repDecode($rep); + usleep(100000); // Max 10x per second + if ($ans['STATUS'] == 'ok') + { + $key = 'ckp'.rand(1000000,9999999); + $_SESSION['ckpkey'] = $key; + $_SESSION[$key] = array('who' => $user, 'id' => $user); + } +} +# +function logout() +{ + if (isset($_SESSION['ckpkey'])) + { + $key = $_SESSION['ckpkey']; + + if (isset($_SESSION[$key])) + unset($_SESSION[$key]); + + unset($_SESSION['ckpkey']); + } +} +# +function requestRegister() +{ + $reg = getparam('Register', false); + if ($reg !== NULL) + { + logout(); + return true; + } + return false; +} +# +function tryLogInOut() +{ + // If already logged in, it will ignore User/Pass + if (isset($_SESSION['ckpkey'])) + { + $logout = getparam('Logout', false); + if (!nuem($logout) && $logout == 'Logout') + logout(); + } + else + { + $user = getparam('User', false); + if ($user !== NULL) + $user = loginStr($user); + if (nuem($user)) + return; + + $pass = getparam('Pass', false); + if (nuem($pass)) + return; + + $login = getparam('Login', false); + if (nuem($login)) + return; + + validUserPass($user, $pass); + } +} +# +function validate() +{ + $who = ''; + $whoid = ''; + + if (!isset($_SESSION['ckpkey'])) + return false; + + $key = $_SESSION['ckpkey']; + if (!isset($_SESSION[$key])) + { + logout(); + return array(false, NULL); + } + + if (!isset($_SESSION[$key]['who'])) + { + logout(); + return array(false, NULL); + } + + $who = $_SESSION[$key]['who']; + + if (!isset($_SESSION[$key]['id'])) + { + logout(); + return array(false, NULL); + } + + $whoid = $_SESSION[$key]['id']; + + return array($who, $whoid); +} +# +function loggedIn() +{ + list($who, $whoid) = validate(); + if ($who == false) + return false; + + return true; +} +# +?> diff --git a/pool/db.php b/pool/db.php new file mode 100644 index 00000000..17178c4e --- /dev/null +++ b/pool/db.php @@ -0,0 +1,127 @@ + 3) + { + $flds = explode($fld_sep, $major[3]); + foreach ($flds as $fld) + { + if (strlen($fld) > 0) + { + $nameval = explode($val_sep, $fld, 2); + if (count($nameval) > 1) + $ans[$nameval[0]] = $nameval[1]; + else + $ans[$nameval[0]] = ''; + } + } + } + + $ans['ID'] = $major[0]; + $ans['STAMP'] = $major[1]; + $ans['STATUS'] = $major[2]; + + return $ans; +} +# +function msgEncode($id, $cmd, $fields) +{ + global $send_sep, $fld_sep, $val_sep; + + $msg = $id . $send_sep . $cmd; + $first = true; + foreach ($fields as $name => $value) + { + if ($first === true) + { + $msg .= $send_sep; + $first = false; + } + else + $msg .= $fld_sep; + + $msg .= $name . $val_sep . $value; + } + return $msg; +} +# +function getStats($user) +{ + global $fld_sep; + if ($user === null) + $msg = "s$fld_sep"; + else + $msg = "s$fld_sep$user"; + return $msg; +} +# +function homeInfo($user) +{ + $msg = getStats($user); +/* + $rep = sendsockreply('homeInfo', $msg); + if ($rep === false) + $ans = false; + else + $ans = repDecode($rep); + + return $ans; +*/ + if ($user !== null) + $uhr = rand(500, 2500); + else + $uhr = 0; + + $plb = 1401237522; + + $nlb = time() - rand(200,500); + + return array('PoolHashRate' => '250', 'PoolLastBlock' => "$plb", 'NetLastBlock' => "$nlb", 'UserHashRate' => "$uhr"); +} +# +function checkpass($user, $pass) +{ + $passhash = myhash($pass); + $flds = array('username' => $user, 'passwordhash' => $passhash); + $msg = msgEncode('log', 'chkpass', $flds); + $rep = sendsockreply('checkpass', $msg); + if (!$rep) + dbdown(); + return $rep; +} +# +function getpayments() +{ + list($who, $whoid) = validate(); + if ($who == false) + showIndex(); + $flds = array('username' => $who); + $msg = msgEncode('pay', 'payments', $flds); + $rep = sendsockreply('getpayments', $msg); + if (!$rep) + dbdown(); + return $rep; +} +?> diff --git a/pool/index.php b/pool/index.php new file mode 100644 index 00000000..a3418fe4 --- /dev/null +++ b/pool/index.php @@ -0,0 +1,62 @@ + array( + 'Home' => '' + ), + 'Account' => array( + 'Workers' => 'workers', + 'Payments' => 'payments', + 'Settings' => 'settings' + ), + 'Pool' => array( + 'Stats' => 'stats' + ), + 'gap' => NULL, + 'Help' => array( + 'Help' => 'help' + ) + ); + $page = ''; + $n = ''; + foreach ($menu as $item => $options) + if ($options !== NULL) + foreach ($options as $name => $pagename) + if ($pagename === $p) + { + $page = $p; + $n = " - $name"; + } + + if ($page === '') + showPage('index', $menu, ''); + else + showPage($page, $menu, $n); +} +# +function check() +{ + tryLogInOut(); + $in = loggedIn(); + if ($in == false) + { + if (requestRegister() == true) + showPage('reg', NULL, ''); + else + showIndex(); + } + else + { + $p = getparam('k', true); + process($p); + } +} +# +check(); +# +?> diff --git a/pool/page.php b/pool/page.php new file mode 100644 index 00000000..22e03b95 --- /dev/null +++ b/pool/page.php @@ -0,0 +1,351 @@ +\n"; + + $head = str_replace($script_marker, $page_scripts, $head); + + $all = $head; + $all .= trm_force($body); + $all .= trm($pg); + $all .= trm_force($foot); + + usleep(100000); + + echo $all; + + exit(0); +} +?> diff --git a/pool/page_help.php b/pool/page_help.php new file mode 100644 index 00000000..63b2c3d0 --- /dev/null +++ b/pool/page_help.php @@ -0,0 +1,13 @@ +HelplessHelpless'; +} +# +function show_help($menu, $name) +{ + gopage(NULL, 'dohelp', $menu, $name); +} +# +?> diff --git a/pool/page_index.php b/pool/page_index.php new file mode 100644 index 00000000..c6b4aaf9 --- /dev/null +++ b/pool/page_index.php @@ -0,0 +1,17 @@ +CKPool +Welcome to CKPool the bestest mostest gnarliest poolest in the ...... south. +'; + return $pg; +} +# +function show_index($menu, $name) +{ + gopage(NULL, 'doindex', $menu, $name); +} +# +?> diff --git a/pool/page_payments.php b/pool/page_payments.php new file mode 100644 index 00000000..0b9df450 --- /dev/null +++ b/pool/page_payments.php @@ -0,0 +1,43 @@ +Payments'; + + $rep = getPayments(); + $ans = repDecode($rep); + + $pg .= "\n"; + $pg .= ""; + $pg .= ""; + $pg .= ""; + $pg .= ""; + $pg .= "\n"; + if ($ans['STATUS'] == 'ok') + { + $count = $ans['rows']; + for ($i = 0; $i < $count; $i++) + { + if (($i % 2) == 0) + $row = 'even'; + else + $row = 'odd'; + + $pg .= ""; + $pg .= ''; + $pg .= ''; + $pg .= ''; + $pg .= "\n"; + } + } + $pg .= "
DateAddressBTC
'.$ans['paydate'.$i].''.$ans['payaddress'.$i].''.btcfmt($ans['amount'.$i]).'
\n"; + + return $pg; +} +# +function show_payments($menu, $name) +{ + gopage(NULL, 'dopayments', $menu, $name); +} +# +?> diff --git a/pool/page_reg.php b/pool/page_reg.php new file mode 100644 index 00000000..cb9c5a51 --- /dev/null +++ b/pool/page_reg.php @@ -0,0 +1,128 @@ +Register'; + if (isset($data['error'])) + $pg .= "
".$data['error']." - please try again

"; + $pg .= " +
+ + + + + + + + + + + + +
Username:
Email:
Password:
Retype Password:
 

All fields are required
+
"; + + return $pg; +} +# +function doreg2($data) +{ + $pg = '

Registered

'; + $pg .= '
You will receive an email shortly to verify your account'; + return $pg; +} +# +function safepass($pass) +{ + if (strlen($pass) < 6) + return false; + + # Invalid characters + $p2 = preg_replace('/[^ -~]/', '', $pass); + if ($p2 != $pass) + return false; + + # At least one lowercase + $p2 = preg_replace('/[a-z]/', '', $pass); + if ($p2 == $pass) + return false; + + # At least one uppercase + $p2 = preg_replace('/[A-Z]/', '', $pass); + if ($p2 == $pass) + return false; + + # At least one digit + $p2 = preg_replace('/[0-9]/', '', $pass); + if ($p2 == $pass) + return false; + + return true; +} +# +function show_reg($menu, $name) +{ + $user = getparam('user', false); + $mail = getparam('mail', false); + $pass = getparam('pass', false); + $pass2 = getparam('pass2', false); + + $data = array(); + $ok = true; + if ($user === NULL && $mail === NULL && $pass === NULL && $pass2 === NULL) + $ok = false; + else + { + if ($user !== NULL) + $data['user'] = $user; + else + $ok = false; + if ($mail !== NULL) + $data['mail'] = $mail; + else + $ok = false; + if ($pass === NULL || safepass($pass) !== true) + { + $ok = false; + $data['error'] = "Password is unsafe"; + } elseif ($pass2 === NULL || $pass2 != $pass) + { + $ok = false; + $data['error'] = "Passwords don't match"; + } + } + + if ($ok === true) + { + $passhash = myhash($pass); + $flds = array('username' => $user, + 'emailaddress' => $mail, + 'passwordhash' => $passhash); + $msg = msgEncode('reg', 'adduser', $flds); + $rep = sendsockreply('show_reg', $msg); + if (!$rep) + dbdown(); + + $ans = repDecode($rep); + if ($ans['STATUS'] == 'added') + gopage($data, 'doreg2', $menu, $name, true, true, false); + else + $data['error'] = "Invalid details"; + } + + gopage($data, 'doreg', $menu, $name, true, true, false); +} +# +?> diff --git a/pool/param.php b/pool/param.php new file mode 100644 index 00000000..26c39c48 --- /dev/null +++ b/pool/param.php @@ -0,0 +1,30 @@ + diff --git a/pool/socket.php b/pool/socket.php new file mode 100644 index 00000000..9ace00b7 --- /dev/null +++ b/pool/socket.php @@ -0,0 +1,163 @@ +> 8; + $siz .= chr($sen % 256); + $sen = $sen >> 8; + $siz .= chr($sen % 256); + $sen = $sen >> 8; + $siz .= chr($sen % 256); + + $msg = $siz . $msg; + + $left = $len + 4; + while ($left > 0) + { + $res = socket_write($socket, substr($msg, 0 - $left), $left); + if ($res === false) + { + $sockerr = socket_strerror(socket_last_error()); + $msg = "$fun() sendsock() failed"; + error_log("CKPERR: $msg '$sockerr'"); + break; + } + else + $left -= $res; + } + if ($left == 0) + $ret = true; + + return $ret; +} +# +function sendsock($fun, $msg) +{ + $ret = false; + $socket = getsock($fun); + if ($socket !== false) + { + $ret = dosend($fun, $socket, $msg); + socket_close($socket); + } + return $ret; +} +# +function sendsockreply($fun, $msg) +{ + $ret = false; + $socket = getsock($fun); + if ($socket !== false) + { + $ret = dosend($fun, $socket, $msg); + if ($ret !== false) + $ret = readsockline($fun, $socket); + + socket_close($socket); + } + return $ret; +} +# +?>