Free tube script w/o user uploads (embed only) + sponsor imports - GoFuckYourself.com

farkedup · 10-19-2008, 08:04 PM

For everybody who has been keeping track of my sponsor addon script which recently launched I have a BASIC tube script that is both unencoded and completely free for you to use. It uses a codebase I put out over 2 years ago now (stock template shows its age) with mainly just minor modifications to make room for my sponsor import addon.

If you'd like to check it out please go here: http://entertainmentscript.com/free/ It was mainly ~ 1 days worth of work and I will be making a few more modifications to it in the near future. Please install it and test it out for me and give me some feedback on it.

I have also put a demo of TODAYS build of my sponsor import so it will be outdated in just a few days and may not see daily build updates. http://entertainmentscript.com/free/paid/ the STXT feed processor for user submitted URL's is still a bit too buggy at this moment to be included in the current release but every feed I've tested properly is currently on the supported list. I will be testing more as they come in. I'm currently tweaking things daily.

As of right now there are now 4 scripts supported by my import script and it is now easier than ever to support and test additional scripts.

1) Entertainmentscript.com
2) ES free
3) x10media.com
4) vidiscript.com

If you want to download this free script get it here: http://entertainmentscript.com/free.zip

fris · 10-19-2008, 08:26 PM

just to let you know the paid version of your script is on some nulled script forums

d-null · 10-19-2008, 08:30 PM

Quote:

Originally Posted by fris

just to let you know the paid version of your script is on some nulled script forums

are the guys that are putting up the nulled scripts generally good coders themselves?... like they are on a mission to make all scripts free of charge for everyone?

curious what the motivation is

Barefootsies · 10-19-2008, 08:37 PM

Quote:

Originally Posted by d-null

curious what the motivation is

People do not want to pay for anything.

d-null · 10-19-2008, 08:51 PM

Quote:

Originally Posted by Barefootsies

People do not want to pay for anything.

I guess it is the same as torrent and rapidshare uploaders, they get a sense of recognition from their peers when they upload something or null a script

Barefootsies · 10-19-2008, 09:01 PM

Quote:

Originally Posted by d-null

I guess it is the same as torrent and rapidshare uploaders, they get a sense of recognition from their peers when they upload something or null a script

farkedup · 10-20-2008, 07:49 AM

Quote:

Originally Posted by fris

just to let you know the paid version of your script is on some nulled script forums

yeah those are primarily V1.3 and V1.5 I haven't seen V1.6 on any the V1.3 that I saw I had leaked myself and inserted some very fatal security flaws. Attempting to fight piracy over a $40 script is pointless. I never encoded that script and never even locked it to certain domains. Anybody with any form of decency will simply pay the $40 for the script. I get more support requests from these idiots who've pirated the script than I get from my actual customers. If I don't see the persons email address in my customer DB I ask them for proof of purchase which ends most support questions right there.

farkedup · 10-29-2008, 04:51 PM

Anybody looking for a different layout style I've put up http://www.entertainmentscript.com/free2/ and http://www.entertainmentscript.com/free2.zip

I'm still working on working the paid script into a template like that but I just haven't had enough free time these past few days.

jimbona · 10-29-2008, 05:21 PM

Farkedup,

Just a word of warning,
do you know the script is open to SQL injections and possible remote injections?

Youve also included google ads in an adult script?
Also view.php links back to ianag?

Not meaning to troll, just thought I would raise a heads up.

farkedup · 10-29-2008, 05:24 PM

Quote:

Originally Posted by jimbona

Farkedup,

Just a word of warning,
do you know the script is open to SQL injections and possible remote injections?

Youve also included google ads in an adult script?
Also view.php links back to ianag?

Not meaning to troll, just thought I would raise a heads up.

crap, you're right... looks like I did these latest mods to the WRONG codebase LOL now I just have to figure out what changes I had done before.... that view.php actually isn't used anymore, it was used back when this was used for something else.

farkedup · 10-29-2008, 05:31 PM

editing rating.php and using this:

Code:

$gameid				= (int)$_POST['gameid'];
$score 				= (int)$_POST['score'];
$gameid2			= (int)$_POST['gameid'];

instead of the other variables makes sure people don't exploit that rating.php problem.

search.php, category.php and play.php also have some GET vars vulnerable. updating the .zip packages in a few minutes

jimbona · 10-29-2008, 08:11 PM

Just took a look at the new zip ;)

Your search box can now only be a number as your run it with (int) and not mysql_real_escape_string() also want to add into to all ints to as a safe measure.

Might also want to protect those with register_globals on in functions/cookie.php

Porn Ass · 10-29-2008, 08:35 PM

makes me wonder how bad his paid version is

pamon · 10-29-2008, 08:39 PM

great script. good info

brassmonkey · 10-29-2008, 08:46 PM

damn sounds bad wont buy that

jimbona · 10-29-2008, 09:09 PM

Oops, that wasnt my intention.
Was meant to help improve rather than put people off.
Ive only looked at the free version so its expected ;)

brassmonkey · 10-29-2008, 09:12 PM

man im playin this guy is good as far as i kno he is here to make money he will make it right

farkedup · 10-30-2008, 08:06 AM

Quote:

Originally Posted by Porn Ass

makes me wonder how bad his paid version is

considering the paid version hasn't had any exploits come up in a year or more... This is a FREE version which is a modified core of a free script that's been available for 2+ years When I updated it last I simply used the wrong package which didn't have this fix in like 4 files, one of which was a file that isn't even used anymore.

That exploit that is public knowledge of my script was based on a special release I did of V1.4 which littered dozens of warez sites with a version of this script that had exploits CODED INTO IT. I did this so that I can take 2 seconds to knock down an illegal site.

The free script is NOT a focus for me as far as support or any other aspect, my focus is on the paid scripts. When I re-released this free version I simply searched my hard drive for that free.zip file and started with the first one I found and that exploit is fixed with a simple (int) to clean the form fields. I also tossed in a fix for remote form submissions inside config.php

Please use free2.zip for now, free.zip will be fixed when I get back home.

farkedup · 10-31-2008, 09:06 AM

from the looks of it the version I used to build the free2.zip had those exploits in it while all of the people who have had free.zip have been safe for quite a while.

Like I said above it was a mistake of simply having OLD files sitting around my computer.

The free2.zip file was actually only uploaded a couple of days ago so shouldn't be on anything with any traffic yet anyway.

I'm adding a sitemap.php file and applying additional fixes to free2.zip but I thought I'd let you know that free.zip has been safe all along.

jimbona · 10-31-2008, 09:58 AM

on the free.zip you might want to include the root functions.php in functions/cookie.php still open to abuse if register_globals is on.

In your functions.php you pull all vars to local ones and do nothing but stripslashes to ints you could be open to other exploits by pulling all vars to local ones (which is what register_globals used to do)

play.php uses _GET and not the local vars so open to abuse you might want to include your functions file and use your local vars.

The Duck · 10-31-2008, 10:13 AM

Quote:

Originally Posted by farkedup

yeah those are primarily V1.3 and V1.5 I haven't seen V1.6 on any the V1.3 that I saw I had leaked myself and inserted some very fatal security flaws. Attempting to fight piracy over a $40 script is pointless. I never encoded that script and never even locked it to certain domains. Anybody with any form of decency will simply pay the $40 for the script. I get more support requests from these idiots who've pirated the script than I get from my actual customers. If I don't see the persons email address in my customer DB I ask them for proof of purchase which ends most support questions right there.

Fuck yeah that is awesome with the inserted security flaws

d-null · 10-31-2008, 10:16 AM

Quote:

Originally Posted by kandah

Fuck yeah that is awesome with the inserted security flaws

his kind of talk doesn't give much confidence to his potential paying customers or people considering trying his script either

farkedup · 10-31-2008, 10:56 AM

Quote:

Originally Posted by d-null

his kind of talk doesn't give much confidence to his potential paying customers or people considering trying his script either

With my code being completely unencoded except for my addon whoever purchases is free to view and modify anything they wish. I simply don't have anything to hide. The sponsor import tool is the only thing I've released to date which is encoded. This sponsor tool doesn't do any form of skimming, it is simply to protect the source from quick duplication and stealing my hard work.

10-19-2008, 08:04 PM	#1
farkedup Confirmed User Join Date: Nov 2007 Location: Kalamazoo, MI Posts: 2,490	Free tube script w/o user uploads (embed only) + sponsor imports For everybody who has been keeping track of my sponsor addon script which recently launched I have a BASIC tube script that is both unencoded and completely free for you to use. It uses a codebase I put out over 2 years ago now (stock template shows its age) with mainly just minor modifications to make room for my sponsor import addon. If you'd like to check it out please go here: http://entertainmentscript.com/free/ It was mainly ~ 1 days worth of work and I will be making a few more modifications to it in the near future. Please install it and test it out for me and give me some feedback on it. I have also put a demo of TODAYS build of my sponsor import so it will be outdated in just a few days and may not see daily build updates. http://entertainmentscript.com/free/paid/ the STXT feed processor for user submitted URL's is still a bit too buggy at this moment to be included in the current release but every feed I've tested properly is currently on the supported list. I will be testing more as they come in. I'm currently tweaking things daily. As of right now there are now 4 scripts supported by my import script and it is now easier than ever to support and test additional scripts. 1) Entertainmentscript.com 2) ES free 3) x10media.com 4) vidiscript.com If you want to download this free script get it here: http://entertainmentscript.com/free.zip __________________ -- QUOTE ME IT MAKES ME FEEL SPECIAL --

10-19-2008, 08:26 PM	#2
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,262	just to let you know the paid version of your script is on some nulled script forums __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

10-29-2008, 04:51 PM	#8
farkedup Confirmed User Join Date: Nov 2007 Location: Kalamazoo, MI Posts: 2,490	Anybody looking for a different layout style I've put up http://www.entertainmentscript.com/free2/ and http://www.entertainmentscript.com/free2.zip I'm still working on working the paid script into a template like that but I just haven't had enough free time these past few days. __________________ -- QUOTE ME IT MAKES ME FEEL SPECIAL --

10-29-2008, 05:21 PM	#9
jimbona Confirmed User Join Date: Jan 2007 Posts: 190	Farkedup, Just a word of warning, do you know the script is open to SQL injections and possible remote injections? Youve also included google ads in an adult script? Also view.php links back to ianag? Not meaning to troll, just thought I would raise a heads up. __________________ Thanks Paul Thunder-Ball.net - Member

10-29-2008, 05:31 PM	#11
farkedup Confirmed User Join Date: Nov 2007 Location: Kalamazoo, MI Posts: 2,490	editing rating.php and using this: Code: $gameid = (int)$_POST['gameid']; $score = (int)$_POST['score']; $gameid2 = (int)$_POST['gameid']; instead of the other variables makes sure people don't exploit that rating.php problem. search.php, category.php and play.php also have some GET vars vulnerable. updating the .zip packages in a few minutes __________________ -- QUOTE ME IT MAKES ME FEEL SPECIAL --

10-29-2008, 08:11 PM	#12
jimbona Confirmed User Join Date: Jan 2007 Posts: 190	Just took a look at the new zip ;) Your search box can now only be a number as your run it with (int) and not mysql_real_escape_string() also want to add into to all ints to as a safe measure. Might also want to protect those with register_globals on in functions/cookie.php __________________ Thanks Paul Thunder-Ball.net - Member

10-29-2008, 08:35 PM	#13
Porn Ass Confirmed User Join Date: Aug 2007 Posts: 304	makes me wonder how bad his paid version is __________________

10-29-2008, 08:39 PM	#14
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	great script. good info __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More

10-29-2008, 08:46 PM	#15
brassmonkey Pay It Forward Industry Role: Join Date: Sep 2005 Location: Yo Mama House Posts: 76,968	damn sounds bad wont buy that __________________ TRUMP 2025 KEKAW!!! - The Laken Riley Act Is Law! DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

10-29-2008, 09:09 PM	#16
jimbona Confirmed User Join Date: Jan 2007 Posts: 190	Oops, that wasnt my intention. Was meant to help improve rather than put people off. Ive only looked at the free version so its expected ;) __________________ Thanks Paul Thunder-Ball.net - Member

10-29-2008, 09:12 PM	#17
brassmonkey Pay It Forward Industry Role: Join Date: Sep 2005 Location: Yo Mama House Posts: 76,968	man im playin this guy is good as far as i kno he is here to make money he will make it right __________________ TRUMP 2025 KEKAW!!! - The Laken Riley Act Is Law! DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

10-31-2008, 09:06 AM	#19
farkedup Confirmed User Join Date: Nov 2007 Location: Kalamazoo, MI Posts: 2,490	from the looks of it the version I used to build the free2.zip had those exploits in it while all of the people who have had free.zip have been safe for quite a while. Like I said above it was a mistake of simply having OLD files sitting around my computer. The free2.zip file was actually only uploaded a couple of days ago so shouldn't be on anything with any traffic yet anyway. I'm adding a sitemap.php file and applying additional fixes to free2.zip but I thought I'd let you know that free.zip has been safe all along. __________________ -- QUOTE ME IT MAKES ME FEEL SPECIAL --

10-31-2008, 09:58 AM	#20
jimbona Confirmed User Join Date: Jan 2007 Posts: 190	on the free.zip you might want to include the root functions.php in functions/cookie.php still open to abuse if register_globals is on. In your functions.php you pull all vars to local ones and do nothing but stripslashes to ints you could be open to other exploits by pulling all vars to local ones (which is what register_globals used to do) play.php uses _GET and not the local vars so open to abuse you might want to include your functions file and use your local vars. __________________ Thanks Paul Thunder-Ball.net - Member