LBRYCommunity/block-explorer
1
0
Fork 0
Code Issues 31 Pull requests 4 Projects Releases Packages Wiki Activity

Adds caching to vulnerable API call #47

Merged
nikooo777 merged 2 commits from cache2 into master 2019-01-04 13:57:14 +01:00
Conversation 4 Commits 2 Files changed 4 +341 -565
3 changed files with 341 additions and 565 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 3884c74e7d - Show all commits

6
composer.json
View file

@ -6,14 +6,14 @@
"license": "MIT", "license": "MIT",
"require": { "require": {
"php": ">=5.6", "php": ">=5.6",
"cakephp/cakephp": "^3.6", "cakephp/cakephp": "3.4.*",
"mobiledetect/mobiledetectlib": "2.*", "mobiledetect/mobiledetectlib": "2.*",
"cakephp/migrations": "~1.0", "cakephp/migrations": "~1.0",
"cakephp/plugin-installer": "~1.0", "cakephp/plugin-installer": "~1.0",
"mdanter/ecc": "^0.5.0", "mdanter/ecc": "^0.5.0",
"nesbot/carbon": "~1.18", "nesbot/carbon": "~1.18",
"endroid/qrcode": "^2.2.2", "predis/predis": "^1.1.1",
"predis/predis": "^1.1.1" "endroid/qr-code": "^3.5"
}, },
"require-dev": { "require-dev": {
"psy/psysh": "@stable", "psy/psysh": "@stable",

846
composer.lock generated
View file

File diff suppressed because it is too large Load diff

42
src/Controller/MainController.php
View file

@ -20,6 +20,8 @@ class MainController extends AppController {
const lbcPriceKey = 'lbc.price'; const lbcPriceKey = 'lbc.price';
const txOutSetInfo = 'lbrcrd.tosi';
const bittrexMarketUrl = 'https://bittrex.com/api/v1.1/public/getticker?market=BTC-LBC'; const bittrexMarketUrl = 'https://bittrex.com/api/v1.1/public/getticker?market=BTC-LBC';
const blockchainTickerUrl = 'https://blockchain.info/ticker'; const blockchainTickerUrl = 'https://blockchain.info/ticker';
@ -697,17 +699,47 @@ class MainController extends AppController {
} }
} }
private function _gettxoutsetinfo() { protected function _gettxoutsetinfo() {
$now = new \DateTime('now', new \DateTimeZone('UTC'));
$txOutSetInfo = new \stdClass();
$txOutSetInfo->time = $now->format('c');
$shouldRefreshSet = false;
if (!$this->redis) {
$shouldRefreshSet = true;
} else {
if (!$this->redis->exists(self::txOutSetInfo)) {
$shouldRefreshSet = true;
} else {
$txOutSetInfo = json_decode($this->redis->get(self::txOutSetInfo));
$lastTOSIDt = new \DateTime($txOutSetInfo->time);
$diff = $now->diff($lastTOSIDt);
$diffMinutes = $diff->i;
if ($diffMinutes >= 15 || $txOutSetInfo->set == 'N/A') {
$shouldRefreshSet = true;
}
}
}
if ($shouldRefreshSet) {
$req = ['method' => 'gettxoutsetinfo', 'params' => []]; $req = ['method' => 'gettxoutsetinfo', 'params' => []];
try { try {
$res = json_decode(self::curl_json_post(self::$rpcurl, json_encode($req))); $res = json_decode(self::curl_json_post(self::$rpcurl, json_encode($req)));
if (!isset($res->result)) { if (!isset($res->result)) {
return 0; $txOutSetInfo->tosi = 'N/A';
} }
return $res->result; $txOutSetInfo->tosi = $res->result;
} catch (\Exception $e) { } catch (\Exception $e) {
return 'N/A'; $txOutSetInfo->tosi = 'N/A';
} }
$txOutSetInfo->time = $now->format('c');
if ($this->redis) {
$this->redis->set(self::txOutSetInfo, json_encode($txOutSetInfo));
}
}
return (isset($txOutSetInfo->tosi)) ? $txOutSetInfo->tosi : 'N/A';
} }
public function apistatus() { public function apistatus() {
@ -937,5 +969,3 @@ class MainController extends AppController {
return $response; return $response;
} }
} }
?>