Don't worry. Send them as much traffic as you want. They're not doing anything wrong. I've only used them as an example :)

I've known it for a long time, and I've tried to get an answer for as long time.

Alreayd been posted.

EDIT: fedfest can verify it too. I showed him an example.

<input type=hidden name=clientAccnum value='925383'><input type=hidden name=clientSubacc value='0001'><input type=hidden name=formName value='120cc'>

How about this...

Say your linkcode for paysitex is this:

http://refer.ccbill.com/cgi-bin/clic...w.paysitex.com

What if 10% of the time, the index page of http://www.paysitex.com changed their "Enter" link to:

http://refer.ccbill.com/cgi-bin/clic...com/enter.html

Shouldn't this overwrite the original cookie set when the surfer clicked on the link on the affiliate's site?

It will. But I don't promote any sites where you have to click on an enter button to get in, they're sent directly to the tour. But I get your point. Same thing could be done with the "Join" link for example. So Yes, it can be done that way too.

925383 is the main account ID, here is the affiliate ID

<input type=hidden name=ccbill_referer value='767551'><input type=hidden name=referingURL value='http://www.gofuckyourself.com/showthread.php?p=6568608&posted=1#post6568608'>

works everything correctly

damn this is something i was hoping i'd never hear

What the problem is here is that sponsors can change who will get credit for a surfer.
What legit reason is there for a sponsor to be able to change who will get credit for a surfer that was sent in a legit way?

Like many here have said, there's no way to be 100% safe from shaving. But don't we want to work towards limiting the possibilities?

It was just an example. As you said, it can be done with any site, include a 1 page tour with an http redirect to the join page.

Just to make this clear, What i was shown was an example of how to overwrite the cookie, I was not shown any site that cheated !

I still can't see how this becomes a ccbill problem though, and still think that if theres actually a site doing this (witch i'm starting to doubt), then they should be exposed rather than making this sound like it's something done by all us ccbill programs.

Imo. if anyone was actually shaving don't you think they would hide it behind some kind of affiliate/program script instead of doing it on a pure ccbill program where everyone can catch them just by checking the join page ?

good point

It didn't overwrite the cookie. I overrode (sp?) the cookie.
That was my whole point with the demonstration. I wanted to show you an example.

Where have I said that all CCBill programs are shaving?

The only thing I've said is that it's POSSIBLE. A way that shouldn't even exist in the first place.

How can there be so many morons that have so little technical knowledge?

CCBill should only use that variable IF there is NO cookie.

Interesting CCBill haven't commented yet...

That one wasn't pointed at you, sorry if it came out that way :)

And yes you did show me an example, my point is that thats all it was, an example, and not something actually used. :)

BINGO!

One more who got it :)

Are you offering to rewrite and deploy HTTP? :helpme

I was not talking about the redirect.

The thing is that CCbill in my opinion is the best guarante of you NOT being shaved by the pure fact that THEY host the join page so if any cheating is going on it's very easily discovered.. EVERYONE can just check the sourcecode on the join page !

Imo. the one thing that can prevent a cheater from cheating is the fear of being discovered, so to cheat on a ccbill link you'd have to be extremely dumb and unfurtunatly i don't think cheaters are.

To cheat you have to be able to hide it, and you just don't have that ability when CCbill is hosting the last link..

100 ways to shave ccbill...

The world is full of dumb people.

Several got caught cheating when CCBill made it publicly available if and how long you were getting paid for signups and rebills.

Right, and my example of changing the link to the join page to set a new cookie and new PA link in the form are just as dangerous. I can't believe you are wasting so much time on this. :2 cents:

If you can't trust the sponsor don't use them, it still isn't a CCBill issue.

It certainly is.

If a cookie exist, CCBill should not use the variable that can set the webmaster ID.
If a cookie doesn't exist, they can use it.

There are 10 other ways to shave with ccbill...
No matter what ccbill does it will still be possible to shave. Same goes for any other affil processor/software, it's not possible to have an affiliate system where shaving is impossible...

Yeah.. but i doubt those are the ones shaving you :2 cents:

That really just proves my point, when they where able to hide it yes,,

Now that CCbill closed that hole and made it easy to check do you think that would be anyones prefered method of shaving.. NO, too easy to discover right.. Same with the Join page, too easy to discover too if theres shaving going on so anyone with a little sence would do it some other way.. Like hosting their own join page and making the shave after the join..

Does that automatically mean that softwares should not be improved or limiting the possibilities for shaving?

I believe it's better the fewer ways there are to shave.

well, it turns out that there are legitimate uses for setting ccbill_referer variable... removing possible shave feature would also reduce ccbill's functionality...

Tell me the legitimate reason to override the cookie and assign the signup to someone else?

For example, it might be useful if an affiliate program wants to start paying pay per signup and process the payments themselves. So the pay per signup webmasters might send traffic like this: http://www.site.com/?id=123&pay=pps
Then, when the script sees pay=pps, on the join page it sets ccbill_referer to a house account, and then the rest of the sale tracking process is done using a custom script.

Then CCBill link codes are not used = no cookie is set.

why would it do that? You can't track the productive traffic/affiliates that way.

You could still use ccbill link codes, so old affiliates wouldn't have to change any of their pages.

Why wouldn't you be able to?

Since they still process with CCBill just turn on the per signup option in the admin.

I meant a situation like installing an affiliate script (mpa3 for example) and not forcing people to change all their old ccbill links. So new webmasters use mpa3, old webmasters continue getting credit for all sales generated through old ccbill linking codes.

Ain't nuthin 2 fcuk wit!
 

Cash Rules Everything Around Me, CREAM, get tha money, dolla dolla bill y'all! :thumbsup :thumbsup

Then you use your own join script, not CCBill's.

but then what happens to old affiliates who created 1000s of tgp galleries with the old ccbill links? They have to change them? Or do those links not work anymore?

yea you know how ccbill should run thier business.

this thread is funny

there are a million ways for someone to shave if they really want to, some people were smart enought to find a way you could shave using ccbill and now think ccbill has to change things in thier system because there is a slight possibility that someone could use to to shave?

LOL

I would be suprised if someone from ccbill even comments here.

Usually what sponsor do is that they have the old CCBill link code go to a separate tour with the old join page, no need to fiddle with the cookie or anything like that.
Or they force the webmaster to change link codes since they are doing cascading billing (you mentioned MPA3) now and have their own join/billing page, not CCBill's.

Good morning.