Added feature to send all unsent emails. Better validation on user-en…

…tered BTC addresses.

classes/App.php

@@ -19,11 +19,16 @@ public function last_insert_id() {
 	}
 
 	public function run_query($query) {
-		if ($GLOBALS['show_query_errors'] == TRUE) $result = $this->dbh->query($query) or die("Error in query: ".$query.", ".$this->dbh->errorInfo()[2]);
+		if ($GLOBALS['show_query_errors'] == TRUE) $result = $this->dbh->query($query) or $this->log_then_die("Error in query: ".$query.", ".$this->dbh->errorInfo()[2]);
 		else $result = $this->dbh->query($query) or die("Error in query");
 		return $result;
 	}
-
+
+	public function log_then_die($message) {
+		$this->log($message);
+		die($message);
+	}
+
 	public function utf8_clean($str) {
 		return iconv('UTF-8', 'UTF-8//IGNORE', $str);
 	}

cron/address_miner.php

@@ -15,7 +15,7 @@
 	$coin_rpcs = array();
 	$game_id2real_game_i = array();
 
-	$q = "SELECT * FROM game_types WHERE game_type='real';";
+	$q = "SELECT * FROM games WHERE game_type='real';";
 	$r = $app->run_query($q);
 	$real_game_i = 0;
 

lib/bitcoin-sci/bitcoin.lib.php

@@ -13,9 +13,9 @@
 require_once(dirname(__FILE__).'/ecc-lib/auto_load.php');
 require_once(dirname(__FILE__).'/Crypt/Random.php');
 
-/*if (!extension_loaded('bcmath')) {
-  die("ERROR: BC Math is not installed!");
-}*/
+if (!extension_loaded('bcmath')) {
+  die("Failed to load the 'bitcoin-sci' library. Please try 'yum install php-bcmath' or 'apt-get install php-bcmath'. Then restart your web server.");
+}
 
 class bitcoin {
 

scripts/async_email_deliver.php

@@ -2,60 +2,76 @@
 $host_not_required = TRUE;
 require_once(realpath(dirname(dirname(__FILE__)))."/includes/connect.php");
 
-if ($_REQUEST['delivery_id'] > 0) {
-	$delivery_id = intval($_REQUEST['delivery_id']);
-} else $delivery_id = intval($argv[1]);
-
-$q = "SELECT * FROM async_email_deliveries WHERE delivery_id='".$delivery_id."' AND time_delivered=0;";
-$r = $app->run_query($q);
-
-if ($r->rowCount() == 1) {
-	$delivery = $r->fetch();
-
-	$url = 'https://api.sendgrid.com/';
-
-	$params = array(
-		'api_user'	=> $GLOBALS['sendgrid_user'],
-		'api_key'	=> $GLOBALS['sendgrid_pass'],
-		'subject'	=> $delivery['subject'],
-		'html'		=> $delivery['message'],
-		'from'		=> $delivery['from_email'],
-		'fromname'	=> $delivery['from_name'],
-		'bcc'		=> $delivery['bcc']
-	);
-
-	$to_list = explode(",", $delivery['to_email']);
-	for ($i=0; $i<count($to_list); $i++) {
-		$params["to[$i]"] = $to_list[$i];
+if ($_REQUEST['action'] == "send_all") {
+	$keeplooping = true;
+}
+else {
+	$keeplooping = false;
+}
+do {
+	if ($_REQUEST['action'] == "send_all") {	
+		$q = "SELECT * FROM async_email_deliveries WHERE time_delivered=0 ORDER BY delivery_id ASC LIMIT 1;";
+		$r = $app->run_query($q);
+	}
+	else {
+		if ($_REQUEST['delivery_id'] > 0) {
+			$delivery_id = intval($_REQUEST['delivery_id']);
+		} else $delivery_id = intval($argv[1]);
+
+		$q = "SELECT * FROM async_email_deliveries WHERE delivery_id='".$delivery_id."' AND time_delivered=0;";
+		$r = $app->run_query($q);
 	}
-
-	if ($cc_list != "") {
-		$cc_list = explode(",", $delivery['cc']);
-		for ($j=0; $j<count($cc_list); $j++) {
-			$params["cc[$j]"] = $cc_list[$j];
+
+	if ($r->rowCount() == 1) {
+		$delivery = $r->fetch();
+
+		$url = 'https://api.sendgrid.com/';
+
+		$params = array(
+			'api_user'	=> $GLOBALS['sendgrid_user'],
+			'api_key'	=> $GLOBALS['sendgrid_pass'],
+			'subject'	=> $delivery['subject'],
+			'html'		=> $delivery['message'],
+			'from'		=> $delivery['from_email'],
+			'fromname'	=> $delivery['from_name'],
+			'bcc'		=> $delivery['bcc']
+		);
+
+		$to_list = explode(",", $delivery['to_email']);
+		for ($i=0; $i<count($to_list); $i++) {
+			$params["to[$i]"] = $to_list[$i];
+		}
+
+		if ($cc_list != "") {
+			$cc_list = explode(",", $delivery['cc']);
+			for ($j=0; $j<count($cc_list); $j++) {
+				$params["cc[$j]"] = $cc_list[$j];
+			}
 		}
+
+		$request =  $url.'api/mail.send.json';
+
+		$session = curl_init($request);
+		curl_setopt ($session, CURLOPT_POST, true);
+		curl_setopt ($session, CURLOPT_POSTFIELDS, $params);
+		curl_setopt($session, CURLOPT_HEADER, false);
+		curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
+		$response = curl_exec($session);
+		curl_close($session);
+
+		$json_response = json_decode($response);
+		if ($json_response->message == "success") $successful = 1;
+		else $successful = 0;
+
+		$q = "UPDATE async_email_deliveries SET time_delivered='".time()."', successful=$successful, sendgrid_response=".$app->quote_escape($response)." WHERE delivery_id='".$delivery['delivery_id']."';";
+		$r = $app->run_query($q);
+
+		echo "response from Sendgrid was: ".$response;
+	}
+	else {
+		echo "Not delivering the email, maybe it was already delivered.\n";
+		$keeplooping = false;
 	}
-
-	$request =  $url.'api/mail.send.json';
-
-	$session = curl_init($request);
-	curl_setopt ($session, CURLOPT_POST, true);
-	curl_setopt ($session, CURLOPT_POSTFIELDS, $params);
-	curl_setopt($session, CURLOPT_HEADER, false);
-	curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
-	$response = curl_exec($session);
-	curl_close($session);
-
-	$json_response = json_decode($response);
-	if ($json_response->message == "success") $successful = 1;
-	else $successful = 0;
-
-	$q = "UPDATE async_email_deliveries SET time_delivered='".time()."', successful=$successful, sendgrid_response=".$app->quote_escape($response)." WHERE delivery_id='".$delivery['delivery_id']."';";
-	$r = $app->run_query($q);
-
-	echo "response from Sendgrid was: ".$response;
-}
-else {
-	echo "Not delivering the email, maybe it was already delivered.\n";
 }
+while ($keeplooping);
 ?>

wallet.php

@@ -62,10 +62,10 @@
 
 		if ($user_game && $user_game['payment_required'] == 0) {
 			if ($_REQUEST['action'] == "save_address") {
-				$bitcoin_address = $_REQUEST['bitcoin_address'];
+				$bitcoin_address = strip_tags($_REQUEST['bitcoin_address']);
 
 				if ($bitcoin_address != "") {
-					$qq = "INSERT INTO external_addresses SET user_id='".$thisuser->db_user['user_id']."', currency_id=2, address='".$bitcoin_address."', time_created='".time()."';";
+					$qq = "INSERT INTO external_addresses SET user_id='".$thisuser->db_user['user_id']."', currency_id=2, address=".$app->quote_escape($bitcoin_address).", time_created='".time()."';";
 					$rr = $app->run_query($qq);
 					$address_id = $app->last_insert_id();