Protect-X.com - Ethical and trustyworthy people? - GoFuckYourself.com

Tempest · 12-11-2006, 12:54 PM

Please don't post if you had a drink with them or simply use the script.

Are the guys that run it ethical and trustworthy? Don't want to put something on my website that could end up being another pornograph or worse.

V_RocKs · 12-11-2006, 03:05 PM

I wouldn't set it up with 777 permissions and I'd probably edit the script to completely remove the auto update feature altogether...

My only other problem with it is that if you have them, you also hack all of the TGP/MGP's using their included script... It is better to use Readfile also...

Tempest · 12-11-2006, 04:43 PM

Thanks V_RocKs...

Anyone else?

crockett · 12-11-2006, 04:52 PM

Quote:

Originally Posted by Tempest

Thanks V_RocKs...

Anyone else?

I was thinking the same thing.. I installed it on two small sites I have just to see if it's worth while. I don't like the idea of a 3rd party file that's set to 777.

Tempest · 12-11-2006, 07:51 PM

Any other opinions etc.?

Tempest · 12-12-2006, 02:01 PM

One more bump.

Protector · 12-18-2006, 05:43 PM

Hello Tempest

You can read other forum where people discuss about same questions, we also answer about it to our forum . and i repeat our answer here too:

Protect-X developers often see topics on the different forums about Protect-X script functions, security of using our script and other relevant questions. That is why we decided to put our script code with detailed comments on the site. The button code that you put in your page is including script code from protectx.php that stored in your resource directory. Protectx.php is the client part of the script. When someone hits on your page, client part connects to the server part of the script that records hit's information.

We are advising to enable CHMOD 777 on protectx.php file. This permission allows auto update of the script, as we add new functions to the system. This is the only reason for that permission. Often host administrators advise their users not to set this permission. This will not cause our script to work incorrectly. The only change is that the webmaster will be needed to update the script file manually when there will be a new update (if he wants to use the features of a new version). Also protectx.php script creates two files on your server:
1. Protectx_hl.jpg - graphic image which created once and used for correct work of the hidden links function.
2. Dynamic .php file - every time (once per day) name of this file is changing. URL of the hidden link refers to this file. When bot clicks on the hidden link, it passes to this file which redirects the hit bot to Protect-X server and records the information to your statistics.

All the php files of our script are open and not decoded so you always can see the source of them, we have nothing to hide.

<?
This function converts IP address from Point Decimal to Number
function ip2int($ip) {
$a=explode(".",$ip);
return $a[0]*256*256*256+$a[1]*256*256+$a[2]*256+$a[3];
}

This function converts IP address from number to Point Decimal
function int2ip($i) {
$d[0]=(int)($i/256/256/256);
$d[1]=(int)(($i-$d[0]*256*256*256)/256/256);
$d[2]=(int)(($i-$d[0]*256*256*256-$d[1]*256*256)/256);
$d[3]=$i-$d[0]*256*256*256-$d[1]*256*256-$d[2]*256;
return "$d[0].$d[1].$d[2].$d[3]";
}

Section 1: Checks the existence of files needed for Hidden Links function to work.
Checks the existence of protect_hl.jpg file, If there is no such file the script will download it from our server and save it on your side.
if (!file_exists('protectx_hl.jpg')){
$pimg=@file_get_contents(.../protectx_hl.jpg');
$handle = @fopen("protectx_hl.jpg", 'w');
@fwrite($handle, $pimg);
@fclose($handle);
}

If there is protectx_hl.jpg file on the server the script sets a flag that tells our server to include the section of hidden links, if not the hidden links will not be created.
if (file_exists('protectx_hl.jpg')){
$islink='1';
}
Creates a unique file (that the bot wouldn't analyze the static hard link and will not click on it) generates the content of that file that will send the click on the hidden link to our server.
$new_file="<? \$hct=@file_get_contents('.../hiddenlink.php?code='.\$_GET['code'].'&r=".'\'.$_GET[\'ref\']'."); ?>";
$hlfn = @file_get_contents('.../hiddenlinks/check.php');
list($old,$new)=explode('|',$hlfn);
if (!file_exists($new)){
if (file_exists($old))
unlink($old);

$w=@fopen($new,'w');
@flock($w,2);
@fwrite($w,$new_file."\n");
@flock($w,3);
@fclose($w);
}

section 2: collecting the information about the surfer and button generation.
Collecting the information about the surfer.
$parts=urlencode(serialize($_SERVER));
$ip=getenv("REMOTE_ADDR");
checking if there is a new version of the script.
$aurl='.../autoupdate/check. php?code=CODE_HERE';
$lfrom=urlencode("xttp://".$_SERVER['SERVER_NAME']);
getting from our server the information about which button to display.
$url='.../protectx.php?code=CODE_HERE&islink='.$islink.'&b=1 &f='.urlencode($_SERVER['HTTP_REFERER']).'&st='.ip2int($ip).'&lfrom='.$lfrom."&srv=$parts ";
$body = @file_get_contents($url);

displaying the button
echo $body;

section 3: Auto update
$check = @file_get_contents($aurl);
if (strlen($check)>2){
$protect_file='protectx.php';
if (is_writable($protect_file)){
$w=fopen($protect_file,'w');
flock($w,2);
fwrite($w,$check."\n");
flock($w,3);
fclose($w);
}
}
?>

Protector · 12-18-2006, 05:46 PM

Thanks to all our users who supported our service and Protect-X Team nominate for Innovative Product of the Year for the Fifth Annual
2007 XBIZ Awards!

12-11-2006, 12:54 PM	#1
Tempest Too lazy to set a custom title Industry Role: Join Date: May 2004 Location: West Coast, Canada. Posts: 10,217	Protect-X.com - Ethical and trustyworthy people? Please don't post if you had a drink with them or simply use the script. Are the guys that run it ethical and trustworthy? Don't want to put something on my website that could end up being another pornograph or worse.

12-18-2006, 05:43 PM	#7
Protector Registered User Join Date: Nov 2006 Posts: 14	Protect-X.com Include How it Works ! Hello Tempest You can read other forum where people discuss about same questions, we also answer about it to our forum . and i repeat our answer here too: Protect-X developers often see topics on the different forums about Protect-X script functions, security of using our script and other relevant questions. That is why we decided to put our script code with detailed comments on the site. The button code that you put in your page is including script code from protectx.php that stored in your resource directory. Protectx.php is the client part of the script. When someone hits on your page, client part connects to the server part of the script that records hit's information. We are advising to enable CHMOD 777 on protectx.php file. This permission allows auto update of the script, as we add new functions to the system. This is the only reason for that permission. Often host administrators advise their users not to set this permission. This will not cause our script to work incorrectly. The only change is that the webmaster will be needed to update the script file manually when there will be a new update (if he wants to use the features of a new version). Also protectx.php script creates two files on your server: 1. Protectx_hl.jpg - graphic image which created once and used for correct work of the hidden links function. 2. Dynamic .php file - every time (once per day) name of this file is changing. URL of the hidden link refers to this file. When bot clicks on the hidden link, it passes to this file which redirects the hit bot to Protect-X server and records the information to your statistics. All the php files of our script are open and not decoded so you always can see the source of them, we have nothing to hide. <? This function converts IP address from Point Decimal to Number function ip2int($ip) { $a=explode(".",$ip); return $a[0]256256256+$a[1]256256+$a[2]256+$a[3]; } This function converts IP address from number to Point Decimal function int2ip($i) { $d[0]=(int)($i/256/256/256); $d[1]=(int)(($i-$d[0]256256256)/256/256); $d[2]=(int)(($i-$d[0]256256256-$d[1]256256)/256); $d[3]=$i-$d[0]256256256-$d[1]256256-$d[2]256; return "$d[0].$d[1].$d[2].$d[3]"; } Section 1: Checks the existence of files needed for Hidden Links function to work. Checks the existence of protect_hl.jpg file, If there is no such file the script will download it from our server and save it on your side. if (!file_exists('protectx_hl.jpg')){ $pimg=@file_get_contents(.../protectx_hl.jpg'); $handle = @fopen("protectx_hl.jpg", 'w'); @fwrite($handle, $pimg); @fclose($handle); } If there is protectx_hl.jpg file on the server the script sets a flag that tells our server to include the section of hidden links, if not the hidden links will not be created. if (file_exists('protectx_hl.jpg')){ $islink='1'; } Creates a unique file (that the bot wouldn't analyze the static hard link and will not click on it) generates the content of that file that will send the click on the hidden link to our server. $new_file="<? \$hct=@file_get_contents('.../hiddenlink.php?code='.\$_GET['code'].'&r=".'\'.$_GET[\'ref\']'."); ?>"; $hlfn = @file_get_contents('.../hiddenlinks/check.php'); list($old,$new)=explode('\|',$hlfn); if (!file_exists($new)){ if (file_exists($old)) unlink($old); $w=@fopen($new,'w'); @flock($w,2); @fwrite($w,$new_file."\n"); @flock($w,3); @fclose($w); } section 2: collecting the information about the surfer and button generation. Collecting the information about the surfer. $parts=urlencode(serialize($_SERVER)); $ip=getenv("REMOTE_ADDR"); checking if there is a new version of the script. $aurl='.../autoupdate/check. php?code=CODE_HERE'; $lfrom=urlencode("xttp://".$_SERVER['SERVER_NAME']); getting from our server the information about which button to display. $url='.../protectx.php?code=CODE_HERE&islink='.$islink.'&b=1 &f='.urlencode($_SERVER['HTTP_REFERER']).'&st='.ip2int($ip).'&lfrom='.$lfrom."&srv=$parts "; $body = @file_get_contents($url); displaying the button echo $body; section 3: Auto update $check = @file_get_contents($aurl); if (strlen($check)>2){ $protect_file='protectx.php'; if (is_writable($protect_file)){ $w=fopen($protect_file,'w'); flock($w,2); fwrite($w,$check."\n"); flock($w,3); fclose($w); } } ?>

12-18-2006, 05:46 PM	#8
Protector Registered User Join Date: Nov 2006 Posts: 14	Protect-X nominated by XBIZ 2007 Awards Thanks to all our users who supported our service and Protect-X Team nominate for Innovative Product of the Year for the Fifth Annual 2007 XBIZ Awards!

12-11-2006, 03:05 PM	#2
V_RocKs Damn Right I Kiss Ass! Industry Role: Join Date: Dec 2003 Location: Cowtown, USA Posts: 32,409	I wouldn't set it up with 777 permissions and I'd probably edit the script to completely remove the auto update feature altogether... My only other problem with it is that if you have them, you also hack all of the TGP/MGP's using their included script... It is better to use Readfile also...

12-11-2006, 04:43 PM	#3
Tempest Too lazy to set a custom title Industry Role: Join Date: May 2004 Location: West Coast, Canada. Posts: 10,217	Thanks V_RocKs... Anyone else?

12-11-2006, 07:51 PM	#5
Tempest Too lazy to set a custom title Industry Role: Join Date: May 2004 Location: West Coast, Canada. Posts: 10,217	Any other opinions etc.?

12-12-2006, 02:01 PM	#6
Tempest Too lazy to set a custom title Industry Role: Join Date: May 2004 Location: West Coast, Canada. Posts: 10,217	One more bump.