 Show Posts
|
|
Pages: « 1 [2] 3 4 5 »
|
That code does work, it seems to be your server with the issue unless Settings::fee is 100 or cannot be found. Try require 'Mysql.php';
require 'Util.php';
$file = file_get_contents("http://blockchain.info/ticker");
$vars = json_decode($file, true);
$usd = $vars['USD']['15m'];
echo $usd;
$net_usd = number_format((($usd) * (100 - Settings::fee)) / 100, 2); See what that returns. If it doesn't return the correct value, then your server is unable to connect to the blockchain ticker. |
|
|
|
why don't you pay the rewards directly to user bitcoin wallet
my bitcoin wallet is
1AK7oAdLSuiYri6GNhBZXWF8LXVBbxcznn
and i think others also posted their wallet address here
It was part of the announcement that payments will be made this way. There is a reason for that and i.e. all our Bitcoins are with the Network Account and for accounting purposes it needs to go through that. Please make an account and your funds will be credited. It only takes 5 minutes for you to withdraw after that if you want to. Done & PM'ed. Thanks. |
|
|
|
Sorry guys. Little Busy. We have launched the platform. Please sign up for an account and pm me your secondary email address registered. Funds will be credited to that account. Please use a coupon code "signup" to get transaction credit.
Thanks.
So, were these rewards just for going towards fees credit  ? E.g. We cannot withdraw it? |
|
|
|
Hey members of bitcointalk, For a limited time (while I actually have the spare time), I'm willing to offer FREE security audits for your company or website. Security is vital in the technological age that we are in and it's better to fix them now before it severely impacts your company in the future. Companies such as Poloniex and Mt Gox were hit hard when hackers stole millions worth of bitcoins. What do I provide?
- Any vulnerabilities I find within your website.
- Suggestions to fix vulnerabilities I find within your website.
- Possible vulnerabilities within your website in the future.
- Any points of weakness with the setup of your website.
Guarantees
- Any vulnerabilities found will be sent back to you promptly and I can help you fix them if need be.
- No information about security holes in your website will be published.
- I DO NOT GUARANTEE I WILL FIND ALL SECURITY HOLES.
What I require from you
- Proof of ownership of the website through one of the following:
- Upload a page to the root directory of your website with the text "Free Security Audit 1084".
- An email from the email listed on the whois of the website.
Of course some of you will be a bit sceptic on why I would bother doing this for free but I personally enjoy learning more about possible security holes in different kinds of sites and helping people resolve them before they become an issue. I also am currently studying this area in my college degree, however I've been interested and have participated in this area for many years. I personally also have an extensive background in PHP and .NET development so I'd be happy to look through code as well if need be. Send me a PM with proof of ownership or post here and I'll get started ASAP!
Vouches on BitcoinTalkSent you a few errors that you may want to look at  . Congrats and Thanks to PotatoPie on finding a Major Bug! Vulnerabilities ^_^:
XSS (Cross site scripting) in the change seed thingie. "><script>alert(document.cookie)</script> There is also no CSRF protection on this either. Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607ePossible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up. -> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this. Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000 . Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much. -> Cloudflare would probably be good. ill add a token and a sanitiser to the clientseed form today. regarding the useramount. all calculations and processes are based on useramount. so if useramount is messed with. it doesnt really matter. it gets displayed. and is an inpit yes. but does not get processed (havent watched videos yet, im on mobile atm) so ill adress those as soon as i can pass length: your 100% right ill add you to the list of rewards and ill reply regarding the videos when i gwt to the office. thx I can also provide off site proof if you would like to view that as well. |
|
|
|
|
Seems 100% legitimate. A quick inspect element could change that value. Escrow the account and then you may get a buyer.
|
|
|
|
|
Sweet my btc addy is in my Sig for the 14th.
|
|
|
|
|
PM me when you have it done and I'll look through the code for any possible security flaws.
|
|
|
|
|
If you want security testing / pen-testing, then hit me up. This is vital when starting a website with anything to do with bitcoin.
|
|
|
|
Vulnerabilities ^_^:
XSS (Cross site scripting) in the change seed thingie. "><script>alert(document.cookie)</script> There is also no CSRF protection on this either. Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607ePossible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up. -> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this. Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000 . Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much. -> Cloudflare would probably be good.
|
|
|
|
|
Honestly mate, nobody is going to bother with that large of a job when you explicitly say that you have a low budget. You want a full managed website and I'm betting you're not going to pay that much for it either. Just do it yourself if you're not willing to pay much.
1. Download Wordpress
2. Download WooCommerce
3. Download WooCommerce payment plugins
4. Create the pages you want / products
5. Pick a theme.
However, you'll probably find it hard to find "---Venmo payment integration" as there isn't any plugins (this would have to be custom made) and "-Need basic mySQL database to be easily created here and be able to send out customer/subscriber emails" would have to be custom as well.
Good luck with that though.
|
|
|
|
|
I've done it now, PM me if you have any problems. If you think this is an acceptable job, please pay the BTC to 1VmD3SwFpdjGjX1wPSavcLuvjVjtF4xVn
|
|
|
|
I personally don't really care about pay also because it advances my personal knowledge by creating things for other people. If I sat there just bitching that the money wasn't worth my time then I wouldn't learn anything. I used to spend hours making PHP scripts for $1, and due to that, I've heavily advanced my PHP knowledge since then.
while i agree with you that advancing your knowledge helping someone out for cheap is cool and all, but it still does not disguise the fact that the wages offered here are not good. I wouldn't go out of my way to do a job here, but if I had free time then might as well. You won't really make a living wage on this forum by just crawling through the services thread though. People know they can get away with offering shit all, so why would they bother offering more ? |
|
|
|
|
I personally don't really care about pay also because it advances my personal knowledge by creating things for other people. If I sat there just bitching that the money wasn't worth my time then I wouldn't learn anything. I used to spend hours making PHP scripts for $1, and due to that, I've heavily advanced my PHP knowledge since then.
|
|
|
|
|
It literally is a couple lines of code. Coindesk even has an API for it. If you still want to do it, then PM me with the currency you want and all of the features and I'll get it done tomorrow.
|
|
|
|
|
There used to be methods to get cheap codes through promotions or upgrade accounts but not really any more. As of now, nobody really sells the codes and your best bet is to see if you can get spotify student (just spotify with 50% off) if the promotion is still running. There are also plenty of account sellers around, but the account likely is going to be shared and seeing as you want to keep your playlists, I would recommend against this.
|
|
|
|
|
This forum is not really exclusive and you've got young people who are willing to work for shit all to get their first slice of bitcoin. People also do these sorts of things just to have something to do. It's better to earn money doing something then nothing. I personally would either work for a decent amount of money or do something for free.
|
|
|
|
i agree the rates posted in this thread are a joke. why would anyone worth a damn do this for a whopping .01. thats about .240 to little
I personally wouldn't mind as I generally don't do pen-testing / vulnerability assessment for money as it's more of a hobby. Although OP seems to have a delusion that you need to be a full member or higher to be trusted, so that rules me out. |
|
|
|
|
