signup.php
[php]
$secret = mksecret();
$passhash = md5($secret.$password.$secret);
[/php]

takelogin.php
[php]
$password = trim($_POST['password']);
if ($row['passhash'] != md5($row['secret'] . $password . $row['secret']))
{
//Invalid Login
}
[/php]

Nobody can see user’s passwords. They are secured while registering and logging so xam’s (templateshares) source looks secure.

We’re still checking his source and nothing noticed wrong so far.

the last version of his code I saw wasn’t encrypted, and along with some security holes (that made a back door for him) the code was basically TBDev code with a bunch of modifications and code by different coders at TBDev including myself (and many many others)… he didn’t even bother trying to hide it lol.

he managed to take advantage of some people who didn’t know he was a scammer, then basically held them hostage for as long as they kept using the code..

I agree if you want to build a site, you should know how to code, but not all communities are built that way… some start with a community and a need for a home. My site started like that, and that’s how I got into coding… but I was totally lost for the first 2 years, and it took about 4 years to even start to “get it” lol.

people like xam make it bad for everyone in the torrent scene, there is nothing about community or sharing involved where he is there.

my 2 cents,
xox,
snuggs

Or are they just ‘raising the alarm’…?

If you have any common sense you use different usernames and passwords, at the bare minimum you use different ones from your piracy to your more legit stuff.. If you use the same stuff everywhere then it’s no ones fault but your own when someone logs it and tries to use it elsewhere..

i mean, why the hell would they use something thats known to have backdoors, what a bunch of dolts.

please, if your a dumbass dont run a torrent site. save the other idiots from getting in trouble.