Free tube script w/o user uploads (embed only) + sponsor imports
 

For everybody who has been keeping track of my sponsor addon script which recently launched I have a BASIC tube script that is both unencoded and completely free for you to use. It uses a codebase I put out over 2 years ago now (stock template shows its age) with mainly just minor modifications to make room for my sponsor import addon.

If you'd like to check it out please go here: http://entertainmentscript.com/free/ It was mainly ~ 1 days worth of work and I will be making a few more modifications to it in the near future. Please install it and test it out for me and give me some feedback on it.

I have also put a demo of TODAYS build of my sponsor import so it will be outdated in just a few days and may not see daily build updates. http://entertainmentscript.com/free/paid/ the STXT feed processor for user submitted URL's is still a bit too buggy at this moment to be included in the current release but every feed I've tested properly is currently on the supported list. I will be testing more as they come in. I'm currently tweaking things daily.

As of right now there are now 4 scripts supported by my import script and it is now easier than ever to support and test additional scripts.

1) Entertainmentscript.com
2) ES free
3) x10media.com
4) vidiscript.com

If you want to download this free script get it here: http://entertainmentscript.com/free.zip

just to let you know the paid version of your script is on some nulled script forums

are the guys that are putting up the nulled scripts generally good coders themselves?... like they are on a mission to make all scripts free of charge for everyone?

curious what the motivation is

People do not want to pay for anything.

I guess it is the same as torrent and rapidshare uploaders, they get a sense of recognition from their peers when they upload something or null a script :2 cents:

:disgust

yeah those are primarily V1.3 and V1.5 I haven't seen V1.6 on any the V1.3 that I saw I had leaked myself and inserted some very fatal security flaws. Attempting to fight piracy over a $40 script is pointless. I never encoded that script and never even locked it to certain domains. Anybody with any form of decency will simply pay the $40 for the script. I get more support requests from these idiots who've pirated the script than I get from my actual customers. If I don't see the persons email address in my customer DB I ask them for proof of purchase which ends most support questions right there.

Anybody looking for a different layout style I've put up http://www.entertainmentscript.com/free2/ and http://www.entertainmentscript.com/free2.zip

I'm still working on working the paid script into a template like that but I just haven't had enough free time these past few days.

Farkedup,

Just a word of warning,
do you know the script is open to SQL injections and possible remote injections?

Youve also included google ads in an adult script?
Also view.php links back to ianag?

Not meaning to troll, just thought I would raise a heads up.

crap, you're right... looks like I did these latest mods to the WRONG codebase LOL now I just have to figure out what changes I had done before.... that view.php actually isn't used anymore, it was used back when this was used for something else.

editing rating.php and using this:

instead of the other variables makes sure people don't exploit that rating.php problem.

search.php, category.php and play.php also have some GET vars vulnerable. updating the .zip packages in a few minutes

Just took a look at the new zip ;)

Your search box can now only be a number as your run it with (int) and not mysql_real_escape_string() also want to add into to all ints to as a safe measure.

Might also want to protect those with register_globals on in functions/cookie.php

makes me wonder how bad his paid version is :(

great script. good info

damn sounds bad wont buy that:helpme

Oops, that wasnt my intention.
Was meant to help improve rather than put people off.
Ive only looked at the free version so its expected ;)

man im playin this guy is good as far as i kno he is here to make money he will make it right:2 cents::thumbsup

considering the paid version hasn't had any exploits come up in a year or more... This is a FREE version which is a modified core of a free script that's been available for 2+ years When I updated it last I simply used the wrong package which didn't have this fix in like 4 files, one of which was a file that isn't even used anymore.

That exploit that is public knowledge of my script was based on a special release I did of V1.4 which littered dozens of warez sites with a version of this script that had exploits CODED INTO IT. I did this so that I can take 2 seconds to knock down an illegal site.

The free script is NOT a focus for me as far as support or any other aspect, my focus is on the paid scripts. When I re-released this free version I simply searched my hard drive for that free.zip file and started with the first one I found and that exploit is fixed with a simple (int) to clean the form fields. I also tossed in a fix for remote form submissions inside config.php

Please use free2.zip for now, free.zip will be fixed when I get back home.

from the looks of it the version I used to build the free2.zip had those exploits in it while all of the people who have had free.zip have been safe for quite a while.

Like I said above it was a mistake of simply having OLD files sitting around my computer.

The free2.zip file was actually only uploaded a couple of days ago so shouldn't be on anything with any traffic yet anyway.

I'm adding a sitemap.php file and applying additional fixes to free2.zip but I thought I'd let you know that free.zip has been safe all along.

on the free.zip you might want to include the root functions.php in functions/cookie.php still open to abuse if register_globals is on.

In your functions.php you pull all vars to local ones and do nothing but stripslashes to ints you could be open to other exploits by pulling all vars to local ones (which is what register_globals used to do)

play.php uses _GET and not the local vars so open to abuse you might want to include your functions file and use your local vars.

Fuck yeah that is awesome with the inserted security flaws :thumbsup

:1orglaugh:1orglaugh:1orglaugh

his kind of talk doesn't give much confidence to his potential paying customers or people considering trying his script either :2 cents:

With my code being completely unencoded except for my addon whoever purchases is free to view and modify anything they wish. I simply don't have anything to hide. The sponsor import tool is the only thing I've released to date which is encoded. This sponsor tool doesn't do any form of skimming, it is simply to protect the source from quick duplication and stealing my hard work.