LBRYFoundation/pool
1
0
Fork 0
mirror of https://github.com/LBRYFoundation/pool.git synced 2025-09-20 18:09:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
pool/web/yaamp/modules/renting/create.php
Tanguy Pruvot f4caf07277 security: remove all unserialize() funcs from code
2017-09-10 00:41:18 +02:00

54 lines
1.3 KiB
PHP
Raw Blame History

<?php
$code = getparam('create_code');
if(!$code)
{
controller()->redirect('/renting');
return;
}
$captcha = new CCaptchaAction(controller(), 'captcha');
$b = $captcha->validate($code, false);
if(!$b)
{
controller()->redirect('/renting');
return;
}
// get a new btc address
$btc = getdbosql('db_coins', "symbol='BTC'");
if(!$btc) return;
$remote = new WalletRPC($btc);
$renter = new db_renters;
$renter->created = time();
$renter->updated = time();
$renter->balance = 0;
$renter->unconfirmed = 0;
$renter->save();
$renter = getdbo('db_renters', $renter->id);
$renter->address = $remote->getaccountaddress(yaamp_renter_account($renter));
$renter->apikey = hash("sha256", $renter->address.time().rand());
$renter->save();
$received1 = $remote->getbalance(yaamp_renter_account($renter), 1);
if($received1>0)
{
$moved = $remote->move(yaamp_renter_account($renter), '', $received1);
debuglog("create new renter, moving initial $received1");
}
$raw_recents = isset($_COOKIE['deposits'])? explode("|", $_COOKIE['deposits']): array();
$recents = array();
foreach($raw_recents as $addr) $recents[$addr] = $addr;
$recents[$renter->address] = $renter->address;
setcookie('deposits', implode("|", $recents), time()+60*60*24*30, '/');
user()->setState('yaamp-deposit', $renter->address);
controller()->redirect('settings');
Reference in a new issue View git blame Copy permalink