(2010-12-31, 04:51 PM)pyridine Wrote: [ -> ]The reason I'm uncomfortable about it is because if I buy points, then you can refuse the order without any reason and not give my money back.
That's not how it works. "Refusing a purchase" would be refusing payment as well.
A refund would be a request from a customer. That would come when a customer isn't happy with post quality, number of posts, or the weather outside...The reason does not matter, but our policy is that once a deposit is approved, a refund is not offered under any circumstances. There are a lot of monitoring and control tools in place that empower forum owners to control the posts being made and points being earned in their forums.
If we do not approve your deposit and do not give you your points, of course you get your money back. Anything else would be illegal, and we're not thieves
I'll go back and reword the Terms to hopefully clarify things.
I see now, thanks. *Signs up*
Good deal, sorry for the confusion.
This sounds like an excellent idea! I have signed up and its quite fun to earn points!
Can anyone comment on the security of the file we are supposed to upload to our root directory? I want to make sure it is safe and hacker-resistant before uploading to my site. Here is the file:
<?php
define("IN_MYBB", 1);
require_once "./global.php";
if(isset($_GET['action'])) {
$action = $_GET['action'];
switch($action) {
case 'ping':
$query = $db->simple_select("users", "username", "", array('limit' => 1));
$result = $db->num_rows($query);
echo json_encode(count($result) > 0);
break;
case 'validateUser':
if(isset($_GET['username'])) {
$username = strtoupper($_GET['username']);
$email = strtoupper($_GET['email']);
if(strlen($username) <= 21) {
$query = $db->simple_select("users",
"username, postnum AS posts",
"UPPER(username)='".$db->escape_string(my_strtoupper($username))."'
AND UPPER(email)='".$db->escape_string(my_strtoupper($email))."'",
array('limit' => 1));
$result = $db->fetch_array($query);
echo json_encode($result);
} else {
echo json_encode(false);
}
} else {
echo json_encode(false);
}
break;
case 'get':
if(isset($_GET['username'])) {
$username = strtoupper($_GET['username']);
if(strlen($username) <= 21) {
$query = $db->simple_select("users",
"username, postnum AS posts",
"UPPER(username)='".$db->escape_string(my_strtoupper($username))."'",
array('limit' => 1));
$result = $db->fetch_array($query);
echo json_encode($result);
} else {
echo json_encode(false);
}
} else {
echo json_encode(false);
}
break;
}
} else {
echo json_encode(false);
}
?>
(2010-12-31, 09:14 PM)Kodaks Wrote: [ -> ]This sounds like an excellent idea! I have signed up and its quite fun to earn points!
Can anyone comment on the security of the file we are supposed to upload to our root directory? I want to make sure it is safe and hacker-resistant before uploading to my site. Here is the file:
<?php
define("IN_MYBB", 1);
require_once "./global.php";
if(isset($_GET['action'])) {
$action = $_GET['action'];
switch($action) {
case 'ping':
$query = $db->simple_select("users", "username", "", array('limit' => 1));
$result = $db->num_rows($query);
echo json_encode(count($result) > 0);
break;
case 'validateUser':
if(isset($_GET['username'])) {
$username = strtoupper($_GET['username']);
$email = strtoupper($_GET['email']);
if(strlen($username) <= 21) {
$query = $db->simple_select("users",
"username, postnum AS posts",
"UPPER(username)='".$db->escape_string(my_strtoupper($username))."'
AND UPPER(email)='".$db->escape_string(my_strtoupper($email))."'",
array('limit' => 1));
$result = $db->fetch_array($query);
echo json_encode($result);
} else {
echo json_encode(false);
}
} else {
echo json_encode(false);
}
break;
case 'get':
if(isset($_GET['username'])) {
$username = strtoupper($_GET['username']);
if(strlen($username) <= 21) {
$query = $db->simple_select("users",
"username, postnum AS posts",
"UPPER(username)='".$db->escape_string(my_strtoupper($username))."'",
array('limit' => 1));
$result = $db->fetch_array($query);
echo json_encode($result);
} else {
echo json_encode(false);
}
} else {
echo json_encode(false);
}
break;
}
} else {
echo json_encode(false);
}
?>
I skimmed over it and it looks safe, it could have been done differently but it should be secure.
Regards,
Jammerx2
The file is 1 million percent secure, it's just calling usernames, post counts, and email addresses, that's it.
OT: I use this. I have over 135 points at the moment and I've just been working on it for two hours. Once I get my first rating, I'll be able to withdraw my 135 points in exchange for $12.15. But, I might have earnt more by then.
This is really worth it. Two hours for $12, for posting on forums which I enjoy doing anyway. Definitely will carry on earning.
(2011-01-04, 11:52 PM)UndiscoveredTalent Wrote: [ -> ]The file is 1 million percent secure, it's just calling usernames, post counts, and email addresses, that's it.
OT: I use this. I have over 135 points at the moment and I've just been working on it for two hours. Once I get my first rating, I'll be able to withdraw my 135 points in exchange for $12.15. But, I might have earnt more by then.
This is really worth it. Two hours for $12, for posting on forums which I enjoy doing anyway. Definitely will carry on earning.
Postloop is definitely a lot of fun, but its hard to get user ratings. There should be some kind of requirement for a forum owner to rate the users once they have received X number of posts. I think I remember reading that the administrator is considering something like this.
Holy smokes!
I've earnt $17.20 on this so far, just tonight! Sign up now by clicking <snip>!
(2011-01-05, 02:10 AM)UndiscoveredTalent Wrote: [ -> ]Holy smokes!
I've earnt $17.20 on this so far, just tonight! Sign up now by clicking <snip>!
Disclosure, that's a referral link.
I signed up and have a user on my forum from it. I love this!
