Adds caching to vulnerable API call #47

Merged
nikooo777 merged 2 commits from cache2 into master 2019-01-04 13:57:14 +01:00
2 changed files with 14 additions and 21 deletions
Showing only changes of commit aeceeec732 - Show all commits

View file

@ -74,7 +74,7 @@ CREATE TABLE `Addresses`
`TotalReceived` DECIMAL(18,8) DEFAULT 0 NOT NULL, `TotalReceived` DECIMAL(18,8) DEFAULT 0 NOT NULL,
`TotalSent` DECIMAL(18,8) DEFAULT 0 NOT NULL, `TotalSent` DECIMAL(18,8) DEFAULT 0 NOT NULL,
`Balance` DECIMAL(18,8) AS (`TotalReceived` - `TotalSent`) PERSISTENT, `Balance` DECIMAL(18,8) AS (`TotalReceived` - `TotalSent`) PERSISTENT,
`Tag` VARCHAR(30) NOT NULL, `Tag` VARCHAR(30),
`TagUrl` VARCHAR(200), `TagUrl` VARCHAR(200),
`Created` DATETIME NOT NULL, `Created` DATETIME NOT NULL,
`Modified` DATETIME NOT NULL, `Modified` DATETIME NOT NULL,

View file

@ -13,6 +13,7 @@ use Cake\Log\Log;
use Endroid\QrCode\ErrorCorrectionLevel; use Endroid\QrCode\ErrorCorrectionLevel;
use Endroid\QrCode\LabelAlignment; use Endroid\QrCode\LabelAlignment;
use Endroid\QrCode\QrCode; use Endroid\QrCode\QrCode;
use Endroid\QrCode\Response\QrCodeResponse;
class MainController extends AppController { class MainController extends AppController {
@ -559,12 +560,6 @@ class MainController extends AppController {
$recentTxs = []; $recentTxs = [];
$tagRequestAmount = 0; $tagRequestAmount = 0;
// Check for pending tag request
$this->loadModel('TagAddressRequests');
$pending = $this->TagAddressRequests->find()->where(['Address' => $addr, 'IsVerified <>' => 1])->first();
if (!$pending) {
$tagRequestAmount = '25.' . rand(11111111, 99999999);
}
$address = $this->Addresses->find()->where(['Address' => $addr])->first(); $address = $this->Addresses->find()->where(['Address' => $addr])->first();
if (!$address) { if (!$address) {
@ -625,8 +620,6 @@ class MainController extends AppController {
$this->set('offset', $offset); $this->set('offset', $offset);
$this->set('canTag', $canTag); $this->set('canTag', $canTag);
$this->set('pending', $pending);
$this->set('tagRequestAmount', $tagRequestAmount);
$this->set('address', $address); $this->set('address', $address);
$this->set('totalReceived', $totalRecvAmount); $this->set('totalReceived', $totalRecvAmount);
$this->set('totalSent', $totalSentAmount); $this->set('totalSent', $totalSentAmount);
@ -649,15 +642,15 @@ class MainController extends AppController {
$qrCode->setSize(300); $qrCode->setSize(300);
// Set advanced options // Set advanced options
$qrCode $qrCode->setWriterByName('png');
->setWriterByName('png') $qrCode->setMargin(10);
->setMargin(10) $qrCode->setEncoding('UTF-8');
->setEncoding('UTF-8') $qrCode->setErrorCorrectionLevel(new ErrorCorrectionLevel(ErrorCorrectionLevel::LOW));
->setErrorCorrectionLevel(ErrorCorrectionLevel::LOW) $qrCode->setForegroundColor(['r' => 0, 'g' => 0, 'b' => 0, 'a' => 0]);
->setForegroundColor(['r' => 0, 'g' => 0, 'b' => 0]) $qrCode->setBackgroundColor(['r' => 255, 'g' => 255, 'b' => 255, 'a' => 0]);
->setBackgroundColor(['r' => 255, 'g' => 255, 'b' => 255]) $qrCode->setLogoWidth(150);
->setLogoWidth(150) $qrCode->setValidateResult(false);
->setValidateResult(false);
header('Content-Type: '.$qrCode->getContentType()); header('Content-Type: '.$qrCode->getContentType());
echo $qrCode->writeString(); echo $qrCode->writeString();