PtcPay Blog

GeN4 Secure+ (1.0.5) GPT/PTC/Bux Script Released
November 9, 2010

Hello,

I’ve been analyzing this industry and realized what it needed is improved security. Scripts right now try and protect themselves, but ultimately, they fail. This costs the owners of the sites thousands of dollars. I envisioned a GPT system that was hack proof, solid, and reliable. This vision is now reality.

We’re proud to announce the release of GeN4 1.0.5 later today, which we’ve named GeN4 Security+. This release implements our exclusive advanced security system that we just finished stress testing. There is no other security system in any GPT script(maybe any commercial script) that is this sophisticated and intelligent. It’s time for a change. It’s time for the scripts to fight back.

What our Security+ system does:
-Automated complete banning(user name, email, hostname, etc.) of anyone that even attempts to exploit your site.
-Automated banning of vulnerability scanners.
-Automated banning if anyone tries SQL, XSS, HTML, JavaScript, Tamper Data, or any other type of injection.
-Automated banning of anyone attempting to cheat the system
-Completely configurable from your admin area.
-See everything the system does. You can see who the system banned, when, why, what they tried, etc.
-This system gives you peace of mind about your site security and frees up your time so you can make more money.

In short, every query of the script is passed through this system, thoroughly checked, and than processed. We also optimized this system so that it hardly uses any of your server resources. In fact, it had the surprising ability to speed up queries much of the time.

That’s not all, for this release we’ve also:
=============================
-Checked every script query and transaction for vulnerability. Fixed and rewrote any possible exploits.
-Rewrote our rented referral system to make it completely reliable.
-Improved the proxy security and added database logging for events.
-Fixed all bugs and issues reported by sites running GeN4. The script is performing perfectly on sites with over 50,000 users.
-Modified the default CAPTCHA system to be more secure and configurable.
-Improved and secured the built in forum.
-Added more filtering options for all advertisement types, payments, and users.
-Rewrote default text and tooltips to better fit a GPT site.

Those are the major additions, many other small changes have been made to increase usability and improve functionality. As usual, this upgrade is free for our customers.

Changes:

MODIFIED:

//////////////////////////
ROOT
//////////////////////////

CHANGED
{
root/*.php
– Fixed preloaders to inlclude new security system.

root/banned_chk.php ->
– Added displaying of reason and fixed style

root/image.php
– Made default captcha more secure and difficult to bypass.

}

LIB

CHANGED
{
lib/lib_functions.php
– fixed hidestatus on registration.

lib/configuration.php
– added code related to lib_security
}

ADDED
{
lib/lib_security.php
– added totally new security system for filtering inputs & suspending users.
}

DELETED
{
flood.php
– obsolete
}

//////////////////////////
THEMES/GEN4
//////////////////////////

CHANGED
{
themes/GeN4/*.php
– Replaced filter system
– secured all user input through lib_security

themes/GeN4/ads.php
– added displaying of minimum ads required to click

themes/GeN4/cmp.php
– fixed bug with vacation mode and sites with no minimum click requirements.

themes/GeN4/index.php
– added BBCode to news,
– fixed slashes in news.
– added encrypted referral link

themes/GeN4/Register.php
– added encrypted referral link option.
– fixed IE terms of agreement bug.
– fixed slashes in news.

themes/GeN4/Login.php
– added another ip check for proxies.

themes/GeN4/prefs.php
– Fixed issue with data not being displayed after submit,
– Disallowed usage of referral links in profile page.

themes/GeN4/Banners.php
– added encrypted referral link option

themes/GeN4/acc.php
– fixed broken tags & injection holes.

themes/GeN4/advpanel.php
– fixed broken tags & injection holes

themes/GeN4/contact.php
– Fixed javascript issues in ie.

themes/GeN4/f_prefs.php
– Fixed javascript issues in ie.

themes/GeN4/dreferrals.php
– Fixed major injection holes added more security checks.

themes/GeN4/rreferrals.php
– Fixed major injection holes added more security checks.
– fixed bug with graphs not being displayed correctly.

themes/GeN4/t.php
– improved flood filter.
}

DELETED
{
flood.php
– obsolete
}

//////////////////////////
FORUM
//////////////////////////

CHANGED
{
forum/*.php
– Replaced filter system.
– fixed issue with slashes being displayed
– added option to filter out referral links.

forum/bb.php
– completely redone BBcode system.

forum/add_reply.php
– added maxmimum message length setting.

forum/view_topic.php
– fixed bug with users being able to ban themselves.
– added maximum message length setting.
– fixed possible security hole.

forum/header.php
– added security against exploiters.
forum/index.php
– added bold name for users.
– added displaying of pending approved items for moderators.
– added system for admin to move around subcategories.
– fixed bug with online users.

forum/moderator.php
– fixed bug where moderator panel would not show up if post approval was disabled.

forum/deletetopic.php
– fixed bug with post count on deletion.

forum/header.php
– improved flood filter.
}

//////////////////////////
ADMIN
//////////////////////////

CHANGED
{
/*.php
– replaced links with icons

admin/pre/forum.php
– added setting for maximum postlength.
– added option to move around subcategories, categories
– added option to edit category names.
– fixed broken tag.
– added option to filter out referral links.

admin/pre/js.php
– set suspension to use new system,

admin/pre/suspended_users.php
– modified to use the new table.

admin/pre/captchasettings.php
– added advanced settings for default captcha.

admin/pre/js/tooltips.js
– added tooltips for new features.

admin/pre/users.php
– added country flags with countryname tooltips

admin/pre/js/cookmenu.js
– modified menu for new features.

admin/pre/anti_proxy.php
– added option for proxy banning/suspending
– added option for logging proxies to database.

admin/pre/flinks.php / fads.php / manageads.php / banners.php / prepayments.php / ptsu.php / users.php
– added ordering of data

admin/pre/anti_flood.php
– added banning/suspending of flooders.
– added configuration of request time

}

ADDED
{
admin/pre/anti_inject.php
– added backend configuration for new secuirty system.