miner.php allow gen before (bgen) and after (gen) grouping
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114
diff --git a/API-README b/API-README
index a39d24f..303a62b 100644
--- a/API-README
+++ b/API-README
@@ -1380,10 +1380,10 @@ number of rigs on the network and some rigs are too slow to reply
Default:
$allowgen = false;
-Set $allowgen to true to allow customsummarypages to use 'gen'
-false means ignore any 'gen' options
-This is disabled by default due to the possible security risk
-of using it, see the end of this document for an explanation
+Set $allowgen to true to allow customsummarypages to use 'gen' and 'bgen'
+false means ignore any 'gen' or 'bgen' options
+This is disabled by default due to the possible security risk of using it
+See the end of this document for an explanation
---------
@@ -1674,7 +1674,7 @@ With cgminer 2.10.2 and later, miner.php includes an extension to
the custom pages that allows you to apply SQL style commands to
the data: where, group, and having
cgminer 3.4.2 and later also includes another option 'gen'
-cgminer 4.1.1 and later also includes another option 'fmt'
+cgminer 4.1.1 and later also includes 2 another options 'fmt' and 'bgen'
An example of an 'ext' section in a more complex custom summary page:
@@ -1792,20 +1792,27 @@ The fields passed to your function by miner.php:
contain the default class names used for formatting
-A 'gen' allows you to generate new fields from any php valid function of any
-of the other fields
+A 'gen' or 'bgen' allows you to generate new fields from any php valid function
+of any of the other fields
e.g. 'gen' => array('AvShr', 'POOL.Difficulty Accepted/max(POOL.Accepted,1)),
will generate a new field called GEN.AvShr that is the function shown, which
in this case is the average difficulty of each share submitted
-THERE IS A SECURITY RISK WITH HOW GEN WORKS
+The difference between 'bgen' and 'gen' is that 'bgen' is done before doing
+the 'group' and 'calc', however 'gen' is done after doing 'group' and 'calc'
+This means that 'group' and 'calc' can also use 'bgen' fields
+As before, 'gen' fields act on the results of the 'group' and 'calc'
+If there is no 'group' or 'calc' then they both will produce the same results
+Note that 'gen' fields are called 'GEN.field' and 'bgen' fields, 'BGEN.field'
+
+THERE IS A SECURITY RISK WITH HOW GEN/BGEN WORKS
It simply replaces all the variables with their values and then requests PHP
to execute the formula - thus if a field value returned from a cgminer API
request contained PHP code, it could be executed by your web server
Of course cgminer doesn't do this, but if you do not control the cgminer that
returns the data in the API calls, someone could modify cgminer to return a
-PHP string in a field you use in 'gen'
-Thus use 'gen' at your own risk
+PHP string in a field you use in 'gen' or 'bgen'
+Thus use 'gen' and 'bgen' at your own risk
If someone feels the urge to write a mathematical interpreter in PHP to get
around this risk, feel free to write one and submit it to the API author for
consideration
diff --git a/miner.php b/miner.php
index ca969ba..4b10e35 100644
--- a/miner.php
+++ b/miner.php
@@ -2441,12 +2441,12 @@ function genfld($row, $calc)
return $val;
}
#
-function dogen($ext, $section, &$res, &$fields)
+function dogen($ext, $wg, $gname, $section, &$res, &$fields)
{
- $gen = $ext[$section]['gen'];
+ $gen = $ext[$section][$wg];
foreach ($gen as $fld => $calc)
- $fields[] = "GEN.$fld";
+ $fields[] = "$gname.$fld";
foreach ($res as $rig => $result)
foreach ($result as $sec => $row)
@@ -2455,7 +2455,7 @@ function dogen($ext, $section, &$res, &$fields)
if (secmatch($section, $secname))
foreach ($gen as $fld => $calc)
{
- $name = "GEN.$fld";
+ $name = "$gname.$fld";
$val = genfld($row, $calc);
@@ -2470,9 +2470,9 @@ function processext($ext, $section, $res, &$fields)
$res = processcompare('where', $ext, $section, $res);
- // Generated fields (functions of other fields)
- if ($allowgen === true && isset($ext[$section]['gen']))
- dogen($ext, $section, $res, $fields);
+ // Generated fields (functions of other fields before grouping)
+ if ($allowgen === true && isset($ext[$section]['bgen']))
+ dogen($ext, 'bgen', 'BGEN', $section, $res, $fields);
if (isset($ext[$section]['group']))
{
@@ -2539,6 +2539,10 @@ function processext($ext, $section, $res, &$fields)
}
}
+ // Generated fields (functions of other fields after grouping)
+ if ($allowgen === true && isset($ext[$section]['gen']))
+ dogen($ext, 'gen', 'GEN', $section, $res, $fields);
+
return processcompare('having', $ext, $section, $res);
}
#