XFileSharing Pro - possible point system chack

Message
Author
dzimi83
Posts: 66
Joined: Mar 09, 2009 1:08 pm

possible point system chack

#1 Postby dzimi83 » Mar 27, 2009 2:37 am

I saw that system give a point to the user when the file was not been downloaded at all (the free user break the downloading and the system give the point).
That issue can be used for scam the money from the file hosting website owner when some scripts can read/break the captcha code.. (remember when the russian/ukrainain/turkish hackers forces the cats & dogs RapidShare captcha ? :>)
Even if it's not possible right now - some users are able to seat behind own computers and clicking, clicking, clicking to get a points...
Lets calculate more..
I think I don't like the XYZ.com files hoster... so what can I do to kick his ass ? :>
I may load the file, buy an e-mail marketing service, let me see.. oh yes, I can send the direct link to the file to the 100 000 users using the CPC ads mailing system for $10. They can load the site, click the button and cancel the downloads. So i will be able to get the points.
Wow, I got the 100 000 points for $10. If the XYZ.com site pay for the 10 000 points $5 i got for the 100 000 points $50. Great, I cheat that site :]

IT'S A BIG PROBLEM IN MY OPINION RIGHT NOW. NEXT XFS PRO RELASE SHOULD TAKE A CARE FOR THIS PROBLEM.

User avatar
PilgrimX182
Posts: 2186
Joined: Mar 22, 2006 1:39 pm

#2 Postby PilgrimX182 » Mar 27, 2009 3:15 am

I don't wanna talk much on this now, but this sounds to me like a paranoia. Any other site owners comments?

filesmart
Posts: 19
Joined: Apr 12, 2008 5:47 pm

#3 Postby filesmart » Mar 27, 2009 8:01 pm

If I see points piling up and my bandwidth not moving I'll just ban the person. I don't think anyone has a filehost so big they can't figure out if someone is cheating them.

Giorgi
Posts: 20
Joined: Feb 25, 2008 9:22 pm

#4 Postby Giorgi » Mar 29, 2009 4:00 am

Yes, that's problem, users can easily cheat system, any other way to count points? on download completion it would be really cool.

C40
Posts: 5
Joined: Nov 20, 2008 2:10 pm

#5 Postby C40 » Mar 29, 2009 12:49 pm

filesmart wrote:If I see points piling up and my bandwidth not moving I'll just ban the person. I don't think anyone has a filehost so big they can't figure out if someone is cheating them.
My thought exactly, you have to check the file and make an evaluation of potential dll ...if it exeeds what you predicted you can become suspicious...at best you could "protect" yourself with a text (*) saying that all "Points collected may be subject to verification, any cheat will result in deletion of user account and balance will not be given".

It's like the free user bypass "bug" (fixed on 1.4 i guess), it's not like everyone will do this.

If i get 100 000 users on my website, it's worth the 50 $ for me.

abboodeh
Posts: 94
Joined: Jan 23, 2009 6:31 pm

#6 Postby abboodeh » Apr 12, 2009 8:46 am

guys guys...
it doesn't make any sense to keep tracking the bandwidth, i don't know about you but when your site is active and many members are uploading and others are downloading....
you will get lost!

now pilgrim:
1. would it be possible to control giving points upon the completion of the download?(meaning member will not get the point if the downloader canceled the download)
2. would it be possible to assign minimum file size to be eligible for the point (i.e. uploads bellow 100MB will not give points to member)
3. if same IP (or registered user) downloaded the same file twice, the uploader will get only one point...

4. even if all the above not possible in this version or even next version, even if it need custom download:
A- how much would it be?
B- how long time would it take for you to finalize?

i'm going to allow points to money in my site but i'm just afraid of the people taking advantage that's why i want to be 100% sure before i start giving money...

Thanks

User avatar
PilgrimX182
Posts: 2186
Joined: Mar 22, 2006 1:39 pm

#7 Postby PilgrimX182 » Apr 12, 2009 9:34 am

1) Possible, but with dl.cgi only

2) Possible

3) This is how it works right now

4) Will add 2 in next version I think.

th3hotcake
Posts: 51
Joined: Apr 07, 2009 7:24 pm

#8 Postby th3hotcake » Apr 12, 2009 7:07 pm

The points to money system can be easily abused as it stands currently, I agree.

If I had to say, this biggest problem is that the download is counted and the user is given a point even if the download is not complete. Pilgrim, this is what I would recommend and encourage you to fix.

Only giving points for a certain file sizes is a good idea too, but that would be easier to fix than the above. On the other hand, any file host admin can look at which files are producing the most points. And take away points from a user who has 4000 points on a .5MB file. It's not that hard.

Pilgrim, I would ask if you could make the system where it only gave a point to the uploader when (and only when) the download was complete by the user. This would be the best way to fix this problem.

abboodeh
Posts: 94
Joined: Jan 23, 2009 6:31 pm

#9 Postby abboodeh » Apr 12, 2009 10:09 pm

PilgrimX182 wrote:1) Possible, but with dl.cgi only
not possible for all direct download at all?

User avatar
PilgrimX182
Posts: 2186
Joined: Mar 22, 2006 1:39 pm

#10 Postby PilgrimX182 » Apr 12, 2009 10:39 pm

With direct links you just can't catch 'file download complete' even any way.

abboodeh
Posts: 94
Joined: Jan 23, 2009 6:31 pm

#11 Postby abboodeh » Apr 12, 2009 11:29 pm

PilgrimX182 wrote:With direct links you just can't catch 'file download complete' even any way.
ok back to the bandwidth tracking...

so:
when someone click the download buttom in a 500MB file, after 1 min. of download stated the downloader cancelled the download...

will the file have 500MB bandwidth?
or
the amount that's already been downloaded before the downloader stopped his download?

(have i confused you:$ )

User avatar
PilgrimX182
Posts: 2186
Joined: Mar 22, 2006 1:39 pm

#12 Postby PilgrimX182 » Apr 19, 2009 10:30 pm

Will have 500 MB. BW adding in the moment of generating direct link.