Salmen (OP)
Legendary
Offline
Activity: 1059
Merit: 1020
|
|
December 19, 2016, 06:35:36 PM |
|
I don't recommend this script:
1. there's a critical vulnerability that can be used to bypass timer (reported in PM) 2. the way it's written is just asking for a SQL Injection vulnerability. Instead of using prepared statements or an ORM, variables are escaped in random places. I've already found an instance of variable that's escaped twice, it's not hard to imagine there is (or will be introduced in an update) a variable that's not escaped at all. 3. superglobal variables are overwritten 4. getipintel have a limit of 500 queries and will be too expensive to be used by faucets, so this bot shield is useless
Thank you for the feedback. - To the point one, I replied a message and an alternative script will be addded into it.
- To the point two, I'll find all possible leaks and fix it.
- o the point three, I'll look if I did anything wrong or the template script itself.
- To the point four, it is true that it has a limit and it was mentioned earlier. I couldn't find another API that suits it.
|
Young Developer amidst Europe. Specialized in Web Programming and Creating Telegram Bots. Looking for a developer? Feel free to drop a mail to me. Running JaguarBitcoin - Your Place For Scripts
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
Kazuldur
Legendary
Offline
Activity: 971
Merit: 1000
|
|
December 19, 2016, 06:43:16 PM |
|
To the point two, I'll find all possible leaks and fix it.
I'm not saying there are any leaks . Just that the way you've wrote it makes it very, very easy to create a leak. To the point four, it is true that it has a limit and it was mentioned earlier. I couldn't find another API that suits it.
So if you know it's not really useful, why did you add it and advertise it as "Bot shield"? Btw there's always http://nastyhosts.com/ (disclaimer: I'm still working for a company that runs nastyhosts)
|
Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
|
|
|
Salmen (OP)
Legendary
Offline
Activity: 1059
Merit: 1020
|
|
December 19, 2016, 07:21:26 PM |
|
To the point two, I'll find all possible leaks and fix it.
I'm not saying there are any leaks . Just that the way you've wrote it makes it very, very easy to create a leak. To the point four, it is true that it has a limit and it was mentioned earlier. I couldn't find another API that suits it.
So if you know it's not really useful, why did you add it and advertise it as "Bot shield"? Btw there's always http://nastyhosts.com/ (disclaimer: I'm still working for a company that runs nastyhosts) Thank you. An update will be launched shortly along with the fixed version.
|
Young Developer amidst Europe. Specialized in Web Programming and Creating Telegram Bots. Looking for a developer? Feel free to drop a mail to me. Running JaguarBitcoin - Your Place For Scripts
|
|
|
Salmen (OP)
Legendary
Offline
Activity: 1059
Merit: 1020
|
|
December 20, 2016, 11:37:03 AM |
|
Make sure to update the script! For the faucet who installed the new update between the last post, please update 'includes/core.php'.
|
Young Developer amidst Europe. Specialized in Web Programming and Creating Telegram Bots. Looking for a developer? Feel free to drop a mail to me. Running JaguarBitcoin - Your Place For Scripts
|
|
|
alfaboy23
|
|
December 23, 2016, 01:45:24 AM |
|
I have a query for the script, first, the ad banner above is not aligned in center: second: The banner on the sides are going above (left banner) and below (right banner) if the site was viewed in mobile.
|
|
|
|
ankit10
|
|
December 23, 2016, 02:23:46 AM |
|
Make sure to update the script! For the faucet who installed the new update between the last post, please update 'includes/core.php'.
Dear this script is tested by you ?and this is safe from BOTs?
|
|
|
|
alamin99
|
|
December 23, 2016, 03:13:59 AM |
|
Make sure to update the script! For the faucet who installed the new update between the last post, please update 'includes/core.php'.
Dear this script is tested by you ?and this is safe from BOTs? Many faucets using this script without any problems. I never installed but I will install this script. It's a nice script.
|
|
|
|
chixka000
|
|
December 23, 2016, 04:25:42 AM |
|
This faucet really is good i just have one some suggestion i hope that you could add it up, iI hope that after the claim button claims would be automatically sent to micro wallet like faucethub there is no need for them to store funds so that i could set up my faucet hub limitation easily
|
|
|
|
ankit10
|
|
December 23, 2016, 06:18:05 AM |
|
i recive THIS ERROR AFTER UPLOADING SCRIPT: Failed to connect to MySQL: Access denied for user 'kingoffu_kingoffu_tesst'@'localhost' (using password: YES) My service prividor says there is no issue from there side :oWHAT TO DO
|
|
|
|
WinBIts
|
|
December 23, 2016, 07:33:58 AM |
|
i was already using this script on bitcoin-gamez.com but was made for faucetbox and i cant find to change the script text to faucethub so i will download yours thanks
|
|
|
|
Salmen (OP)
Legendary
Offline
Activity: 1059
Merit: 1020
|
|
December 23, 2016, 05:35:35 PM |
|
I have a query for the script, first, the ad banner above is not aligned in center: second: The banner on the sides are going above (left banner) and below (right banner) if the site was viewed in mobile. Hello, Change in 'templates/index.tpl' the code to <div class="container"> <div id="containertop"> <div class="row"> <div class="col-md-12">Space top</div> </div> </div> </div> To the center thing, please use '<center> something here </center>'
Make sure to update the script! For the faucet who installed the new update between the last post, please update 'includes/core.php'.
Dear this script is tested by you ?and this is safe from BOTs? It has a bot protection
This faucet really is good i just have one some suggestion i hope that you could add it up, iI hope that after the claim button claims would be automatically sent to micro wallet like faucethub there is no need for them to store funds so that i could set up my faucet hub limitation easily
Thank you for the idea.
i recive THIS ERROR AFTER UPLOADING SCRIPT: Failed to connect to MySQL: Access denied for user 'kingoffu_kingoffu_tesst'@'localhost' (using password: YES) My service prividor says there is no issue from there side :oWHAT TO DO Please make sure you entered the right mysql login datas.
|
Young Developer amidst Europe. Specialized in Web Programming and Creating Telegram Bots. Looking for a developer? Feel free to drop a mail to me. Running JaguarBitcoin - Your Place For Scripts
|
|
|
alfaboy23
|
|
December 28, 2016, 01:55:04 PM |
|
...
Already done that, and the result is the same. Anyway,I guess I have to modify the constrution of your script, it will take long though, since I'm just a beginner in PHP.
|
|
|
|
rafael7418
Newbie
Offline
Activity: 7
Merit: 0
|
|
December 28, 2016, 07:29:28 PM |
|
Just tell me how I can put rates on looting and put maximum service limit
|
|
|
|
alfaboy23
|
|
January 09, 2017, 07:23:11 AM |
|
@Salmen or anyone, can help me on this? Some users reported to me that they haven't claim yet, since a day or more than an hour but still it appears. Then I checked the database and this is what I see Empty IP address column. Is there something I missed?
|
|
|
|
FBCTorg
|
|
January 09, 2017, 07:01:50 PM |
|
I'm testing the script, I use cloudflare and I enabled that option in admin and this message appears on top of the page "Warning: We only support Cloudflare as reverse proxy."...something's wrong?
|
|
|
|
LTU_btc
Legendary
Online
Activity: 3052
Merit: 1331
Slava Ukraini!
|
|
January 09, 2017, 11:17:06 PM Last edit: September 10, 2023, 10:38:51 PM by LTU_btc |
|
@Salmen or anyone, can help me on this? Some users reported to me that they haven't claim yet, since a day or more than an hour but still it appears. Then I checked the database and this is what I see Empty IP address column. Is there something I missed? I'm faced this issue on mostly faucets which are using this script. I even got this message after claiming from faucet first time. And I see many more members complaining about it. But finally today I didn't get this message from any of faucets.
|
|
|
|
AdolfinWolf
Legendary
Offline
Activity: 1946
Merit: 1427
|
|
January 10, 2017, 09:09:43 PM |
|
Hi there, my friend says that your script doesn't allow "iframes" in the advertising boxes, is there any fix on that? or alternative? Whenever he adds it he gets ;
"403 Forbidden" You don't have permission to access /admin.php on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
|
|
|
|
FBCTorg
|
|
January 11, 2017, 02:55:02 AM |
|
Hi there, my friend says that your script doesn't allow "iframes" in the advertising boxes, is there any fix on that? or alternative? Whenever he adds it he gets ;
"403 Forbidden" You don't have permission to access /admin.php on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
If he's on linux and he extracted script files on his system and then uploaded to server, the permission settings of files got modified. Tell him to extract the script archive on server. I had another problem adding ads, when the html code of ads got converted into strange syntax after saving it in admin, so I added ads directly to template file.
|
|
|
|
Salmen (OP)
Legendary
Offline
Activity: 1059
Merit: 1020
|
|
January 15, 2017, 07:31:59 PM Last edit: January 15, 2017, 07:50:01 PM by Salmen |
|
@Salmen or anyone, can help me on this? Some users reported to me that they haven't claim yet, since a day or more than an hour but still it appears. Then I checked the database and this is what I see Empty IP address column. Is there something I missed? I'm faced this issue on mostly faucets which are using this script. I even got this message after claiming from faucet first time. And I see many more members complaining about it. But finally today I didn't get this message from any of faucets. Thank you. I deploy the script on a fresh VPS and test it. Once it gets fixed, the update will be launched. Cheers Salmen Edit: I couldn't find the problem on the VPS. Are you using Cloudflare?
|
Young Developer amidst Europe. Specialized in Web Programming and Creating Telegram Bots. Looking for a developer? Feel free to drop a mail to me. Running JaguarBitcoin - Your Place For Scripts
|
|
|
rafael7418
Newbie
Offline
Activity: 7
Merit: 0
|
|
January 15, 2017, 08:02:20 PM |
|
Salmen how can I add fees in the "Withdrawals " ?? my help!!
|
|
|
|
|