function doAddAccount() { global $config, $hasher, $pages, $alert, $warning, $gen; // Check Everything Submitted to see if its valid // if (strlen($_REQUEST['new_name']) < 3) { $warning[] = 'Account Name must be at least 3 characters long'; } if (strlen($_REQUEST['new_bfxKey']) != 43) { $warning[] = 'Bitfinex API Keys are 43 Characters Long'; } if (strlen($_REQUEST['new_bfxSec']) != 43) { $warning[] = 'Bitfinex API Secrets are 43 Characters Long'; } // Passwords should never be longer than 72 characters to prevent DoS attacks if (strlen($_REQUEST['new_password']) > 72) { $warning[] = 'Passwords must be less than 72 Characters'; } if (count($warning) == 0) { // Check it doesn't already exits... $userCheck = $this->db->query("SELECT name, bfxapikey FROM `" . $config['db']['prefix'] . "Users` WHERE (name = '" . $this->db->escapeStr($_REQUEST['new_name']) . "' OR bfxapikey = '" . $this->db->escapeStr($_REQUEST['new_bfxKey']) . "' ) LIMIT 1"); if (count($userCheck) == 1) { if ($userCheck[0]['name'] == $_REQUEST['new_name']) { $warning[] = 'This user name already exists in our database'; } if ($userCheck[0]['bfxapikey'] == $_REQUEST['new_bfxKey']) { $warning[] = 'This bitfinex key already exists in our database'; } } } if (count($warning) == 0) { // test their bfx key and sec to see if we can pull data // $bfxTest = new Bitfinex(0, $_REQUEST['new_bfxKey'], $_REQUEST['new_bfxSec']); $bt = $bfxTest->bitfinex_get('account_infos'); if ($bt[0]['fees'][0]['pairs'] != '') { // looks good // // Create The Account // // hash the password $passEnc = $hasher->HashPassword($_REQUEST['new_password']); // write account to db $sql = "INSERT into `" . $config['db']['prefix'] . "Users` (`name`,`email`,`password`,`bfxapikey`,`bfxapisec`,`status` )\n\t\t\t\t\t VALUES\n\t\t\t\t\t ( '" . $this->db->escapeStr($_REQUEST['new_name']) . "', '" . $this->db->escapeStr($_REQUEST['new_email']) . "', '" . $this->db->escapeStr($passEnc) . "',\n\t\t\t\t\t '" . $this->db->escapeStr($_REQUEST['new_bfxKey']) . "', '" . $this->db->escapeStr($_REQUEST['new_bfxSec']) . "', '" . $this->db->escapeStr($_REQUEST['new_actType']) . "' )"; $newUser = $this->db->iquery($sql); if ($newUser['id'] != 0) { // Set default settings for the account // $sql = "INSERT into `" . $config['db']['prefix'] . "Vars` (`id`,`minlendrate`,`spreadlend`,`USDgapBottom`,`USDgapTop`,`thirtyDayMin`,`highholdlimit`,`highholdamt` )\n\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t ( '" . $newUser['id'] . "', '0.0650', '3', '25000', '100000', '0.1500', '0.3500', '0' )"; $newActSettings = $this->db->iquery($sql); $ret['page'] = 2; $ret['newaccount'] = $newUser['id']; $alert[] = '<strong>User ' . $_REQUEST['new_name'] . '</strong> Account Created'; } } } else { $ret['page'] = 0; } return $ret; }
if (count($warning) == 0) { // Check it doesn't already exits... $userCheck = $db->query("SELECT name, bfxapikey FROM `" . $config['db']['prefix'] . "Users` WHERE (name = '" . $db->escapeStr($_REQUEST['installAdminUser']) . "' OR bfxapikey = '" . $db->escapeStr($_REQUEST['installAdminBFXKey']) . "' ) LIMIT 1"); if (count($userCheck) == 1) { if ($userCheck[0]['name'] == $_REQUEST['installAdminUser']) { $warning[] = 'This user name already exists in our database'; } if ($userCheck[0]['bfxapikey'] == $_REQUEST['installAdminBFXKey']) { $warning[] = 'This bitfinex key already exists in our database'; } } } if (count($warning) == 0) { // test their bfx key and sec to see if we can pull data // $bfxTest = new Bitfinex(0, $_REQUEST['installAdminBFXKey'], $_REQUEST['installAdminBFXSec']); $bt = $bfxTest->bitfinex_get('account_infos'); if ($bt[0]['fees'][0]['pairs'] != '') { // looks good // // Create The Account // // hash the password $passEnc = $hasher->HashPassword($_REQUEST['installAdminPassword']); // write account to db $sql = "INSERT into `" . $config['db']['prefix'] . "Users` (`name`,`email`,`password`,`bfxapikey`,`bfxapisec`,`status` )\n\t\t\t\t VALUES\n\t\t\t\t ( '" . $db->escapeStr($_REQUEST['installAdminUser']) . "', '" . $db->escapeStr($_REQUEST['installAdminEmail']) . "', '" . $db->escapeStr($passEnc) . "',\n\t\t\t\t '" . $db->escapeStr($_REQUEST['installAdminBFXKey']) . "', '" . $db->escapeStr($_REQUEST['installAdminBFXSec']) . "', '9' )"; $newUser = $db->iquery($sql); if ($newUser['id'] != 0) { // Set default settings for the account // $sql = "INSERT into `" . $config['db']['prefix'] . "Vars` (`id`,`minlendrate`,`spreadlend`,`USDgapBottom`,`USDgapTop`,`thirtyDayMin`,`highholdlimit`,`highholdamt` )\n\t\t\t\t\t VALUES\n\t\t\t\t\t ( '" . $newUser['id'] . "', '0.0650', '3', '25000', '100000', '0.1500', '0.3500', '0' )"; $newActSettings = $db->iquery($sql); // Success, tell them they need to login now // $alert[] = '<strong>User ' . $_REQUEST['new_name'] . '</strong> Account Created'; $_REQUEST['doInstall'] = 3;