After the php5.6 changes this is not working on https.
But I can make fake commissions from my browser http://mysite.com/myfolder/sale/amount/ ... de/$COOKIE
I write the values into the variables.
I think everybody can make fake commission who "know" the script.
I think it is a security risk.
It is a better method to post (with a security ID) than this.
Or another possibility if I can change the route from "myfolder/sale/amount/" to "myfolder/sale23tqprz65kst/amount/" for example.
Or if you not encrypt a file - the sale.php I think.
If the file is "open source" (only this file) we can implemet own our secure transactions.
Community Based Support for JROX Affiliate Manager Only
1 post • Page 1 of 1