Mysidia Adoptables Support Forum  

Home Community Mys-Script Creative Off-Topic
Go Back   Mysidia Adoptables Support Forum > Community Board > Mysidia Adoptables Official Announcement

Notices

Closed Thread
 
Thread Tools Display Modes
  #101  
Old 04-28-2012, 09:29 PM
Hall of Famer's Avatar
Hall of Famer Hall of Famer is offline
Administrator, Lead Coder
 
Join Date: Dec 2008
Location: South Brunswick
Posts: 4,448
Gender: Male
Credits: 482,121
Hall of Famer is on a distinguished road
Default

Quote:
Originally Posted by nobackseat View Post
Hey,

Wow didn't realize my post had been noted here so fast.

I realize I got increasingly sarcastic throughout the post, but I was being honest on my view of it, and I had listed plenty of examples.

I also, like before, realize that some of these issues aren't your fault, but after all they are being released under your name. I'm glad to hear you're working on them for the next release.

In my strong opinion, globals often mean that code was designed 'wrong'. There's always a better way to achieve what you want without using globals. I can understand if the way the code is setup makes it hard to transition from globals, but it's still being released with them and I was asked to give an honest review.

The jab at the encryption was mostly at how dramatic it was. There's easier ways to obtain equally secure encryption. I would call that secure, but how you encrypted it is just odd, not common at all, which just might make it more secure overall anyway.

Good luck, I'll keep checking it out every few releases.

NBS
No worries. Actually its good to know that you had this many problems with the registration/authentification system. This makes my latest work on them more worthy than a waste of time. XD

I wont say its a problem to point out old programming flaws from rusnak script. We've tried our best to fix many of them, but it will take a while for everything to be fixed. We took care of the top priority issues, such as password encryption, insecure cookies and while loop running only once. The others will come when we are overhauling a specific script. Of course it speeds up the process if someone brings them up to me, with or without offering a possible solution.

Regarding database, yes I agree it is a waste to grab all fields of a row from database when we only need one or two. Since we are using PDO at this point, Id use fetchColumn() in circumstances when we only need one field from a row. The database class is very well designed by Fadillzzz, and it is just about time when we begin making the best use of it.

And you are right that superglobals exist because the original script was designed in a wrong way. In Mys v1.3.1 I already got rid of database superglobals such as $GLOBALS['localhost'] and so on. You still find superglobals with the current user information such as $GLOBALS['money'] in this release though. The best way to fix this is to overhaul the user system completely. A user object can store the current user information, and it will be passed into function or class method as argument when needed. Thats what I am doing right now, it will most likely have some issues when the initial design is completed. If you are around by then, lemme know what problems you find in the script and Id appreciate comments.

Like I said before, the reason why the encryption function looks messy is that we need to compensate for users upgrading from old script. This is what the script is supposed to look like in the first place:

PHP Code:
function passencr($username$password$salt){     
$pepper grabanysetting("peppercode");     
return 
hash('sha512'$pepper.$username.$password.$salt);

Id say it looks less messy this way, and tbh thats what it was originally designed. But then there is no way for old users using old versions of this script to update their members passwords. Instead, they have to force everyone to reset passwords. Of course ideally everyone just starts over when the next major release is available so I dont have to worry about upgrading issues. Not sure if it will happen though, but its possible.
__________________


Mysidia Adoptables, a free and ever-improving script for aspiring adoptables/pets site.
  #102  
Old 05-01-2012, 10:24 AM
Kesstryl's Avatar
Kesstryl Kesstryl is offline
Member
 
Join Date: Feb 2012
Posts: 125
Gender: Female
Credits: 21,259
Kesstryl is on a distinguished road
Default

@nobackseat

I'm really glad you have pointed out areas where this script still needs work, but I'm also a member of VPL, and your tone there is very different than here. I do see you apologizing about that on these forums, but not even an edit on VPL which is where harsh words are smearing the name of this project. We appreciate help and pointers, but why be like that over there. I wouldn't even have a site if it weren't for this project as I'm an artist and not a programmer. I checked out other adoptable software and none of it is as supported as this project with an active community helping each other and regular updates. You called the programming "beginner" but people need to begin somewhere. Being constructive will help this move beyond a beginners project into something more viable for a larger community.
  #103  
Old 05-01-2012, 03:13 PM
AlexC's Avatar
AlexC AlexC is offline
Moderator
 
Join Date: Dec 2009
Location: Canada
Posts: 753
Gender: Unknown/Other
Credits: 77,664
AlexC is an unknown quantity at this point
Default

I kinda have to agree with Kesstryl with that. I mean, even in the short time I've been here, the script has come a long way - I don't see why we're getting picked on things we've yet to fix.

I mean, I don't think anyone has even bothered to attempt to hack a mys site anyway. The majority of people using these sites could be considered "hobbyists", not shoppers or bankers or people who need every-single-bug-fixed. The whole thing is just for fun, and the whole thing works /great/.

Give it time - we've had our priorities and I don't see why that shouldn't be acknowledged.
__________________
  #104  
Old 05-01-2012, 04:40 PM
nobackseat nobackseat is offline
Member
 
Join Date: Feb 2011
Posts: 13
Gender: Male
Credits: 1,325
nobackseat is on a distinguished road
Default

Kesstryl,

Is this thread really the place for this? You could've PM'd me, pretty synonymous with your attempted ping.

Let's be clear first. I didn't apologize here. And I certainly am not sorry for the tone I used. If you were looking for me to sugarcoat it then you're out of luck. The script is in a pretty bad state, and if you were in my shoes, as an experienced programmer, you would be appalled.

The reason for the change of tone was that people here accept the script in the state it's in (see below). You guys aren't going to be persuaded in any way. At VPL, I wanted to make it clear that the script is not recommended (obviously not something I'd post here...) before it's too late and they rely on it (as much as you do). My mood also had a bit of influence too.

Case in point:
Quote:
I don't think anyone has even bothered to attempt to hack a mys site anyway.
And? This is a pretty silly statement. Just because you appear to be OK with a site being hacked doesn't mean that the rest of the community is.

I honestly believe that my 'tone' and posts are making the programmers realize some things and be more motivated on bringing fixes than if it had been 'sugarcoated'.

Should this project improve radically I may consider recommending it in the future.

Until then, good luck.

NBS

Last edited by nobackseat; 05-01-2012 at 04:47 PM.
  #105  
Old 05-01-2012, 06:04 PM
AlexC's Avatar
AlexC AlexC is offline
Moderator
 
Join Date: Dec 2009
Location: Canada
Posts: 753
Gender: Unknown/Other
Credits: 77,664
AlexC is an unknown quantity at this point
Default

@nobackseat: I merely meant that everyone isn't running around like headless chickens yelling "oh no, the script's hackable, don't touch it!" I don't think anyone here classifies as an experienced coder of your level, so you can't get upset at them for trying hard and not catching everything.

I'm proud of these people - they take pride in what they do, and they know there is problems but they work to fix them. This is the nicest coding community I've been to yet and yeah, there is a lot of problems, but they fix things instead of waiting months in between updates and they care about their users.

But obviously I shall be shot down so feel free to keep talking, I just wanted to make it clear I feel a little upset you're ruining our image before we even properly began.
__________________
  #106  
Old 05-01-2012, 06:14 PM
SilverDragonTears's Avatar
SilverDragonTears SilverDragonTears is offline
I am your Nemesis.
 
Join Date: Jun 2011
Posts: 1,113
Gender: Female
Credits: 96,047
SilverDragonTears is on a distinguished road
Default

^ This. I completely agree with you Gloometh. Thanks to this script I have a wonderful base to work with and two VERY active sites.
__________________

Check out SilvaTales
  #107  
Old 06-07-2012, 11:27 AM
Kesstryl's Avatar
Kesstryl Kesstryl is offline
Member
 
Join Date: Feb 2012
Posts: 125
Gender: Female
Credits: 21,259
Kesstryl is on a distinguished road
Default

Quote:
Originally Posted by Hall of Famer View Post
Well actually I am revising the user system including user registration now. The plan was to have Nobackseat review it after Mys v1.3.2 release, but nvm. He has some good point and it is clear that the user registration system does need an overhaul immediately. You will see this in next release, which I promise. The remaining superglobals are gone too in Mys v1.3.2, just incase you are wondering. In a few occasions I will use global keyword in functions or classes, but no more superglobals like $GLOBALS.

I do not quite agree with what he said about password encryption being messy, I personally see no problem in it. You may wonder why the password is md5'd at first, it was done to compensate old users trying to upgrade. The old encryption method is md5 without salting, and I can redesign a new function called updatepass() which accepts md5'd passwords and update them to new and secured version. If the encryption method is altered without using md5 initially, old Mys sites will have to force all of their members to reset passwords after upgrading. This is not what I wanted, not sure what you think. Also I dont understand what he means by 'Guys, are ya sure that's the final password...' though. Not secured enough? If so I will improve it.
Just wondering if there is a ETA for 1.3.2, been holding off on doing anything as I'd rather have the globals gone and a better registration system, and will probably blow everything away and reinstall. Was hoping to get my site into an Alpha state by July 1 which is the birthdate of a beloved family member who passed a few years ago. If not that's cool, I'd rather have a program that works than rush something because it's sentimental. Can always do a coming soon preview for July 1.
  #108  
Old 06-07-2012, 12:15 PM
Hall of Famer's Avatar
Hall of Famer Hall of Famer is offline
Administrator, Lead Coder
 
Join Date: Dec 2008
Location: South Brunswick
Posts: 4,448
Gender: Male
Credits: 482,121
Hall of Famer is on a distinguished road
Default

Well it should be released before July 1, unless I got hit by some kind of illness. I actually had it planned for the last week of May before, but didnt make it since I had to keep moving/packaging while the user system overhaul seems more complicated than I envisioned back in April. Though delayed, it should not be that long.
__________________


Mysidia Adoptables, a free and ever-improving script for aspiring adoptables/pets site.
  #109  
Old 08-24-2012, 03:25 AM
A.F.M A.F.M is offline
Member
 
Join Date: Aug 2012
Posts: 4
Gender: Male
Credits: 860
A.F.M is on a distinguished road
Default

Hi. Hall of Famer.

I got a question! Is it possible to add Mysidia Adoptables to IPB?
  #110  
Old 08-24-2012, 04:50 AM
Hall of Famer's Avatar
Hall of Famer Hall of Famer is offline
Administrator, Lead Coder
 
Join Date: Dec 2008
Location: South Brunswick
Posts: 4,448
Gender: Male
Credits: 482,121
Hall of Famer is on a distinguished road
Default

I think it is possible, but will require you to modify the script manually. Also keeps in mind that you will not be able to upgrade your forum with IPB's upgrader if you do this.
__________________


Mysidia Adoptables, a free and ever-improving script for aspiring adoptables/pets site.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mysidia Adoptables v1.3.3[Security Release] Hall of Famer Mysidia Adoptables Official Announcement 122 05-18-2013 04:02 PM
Mysidia Adoptables v1.3.0[Security Release] Hall of Famer Mysidia Adoptables Official Announcement 180 04-01-2012 10:16 PM
Mysidia Adoptables v1.2.0[Security Release] Hall of Famer Mysidia Adoptables Official Announcement 21 03-22-2011 04:13 PM
Mysidia Adoptables v1.1.4[Security Release] Hall of Famer Mysidia Adoptables Official Announcement 15 01-28-2011 11:48 AM
Mysidia Adoptables v1.1.3[Security Release] Hall of Famer Mysidia Adoptables Official Announcement 27 01-26-2011 02:59 PM


All times are GMT -5. The time now is 02:42 AM.

Currently Active Users: 853 (0 members and 853 guests)
Threads: 4,081, Posts: 32,029, Members: 2,016
Welcome to our newest members, jolob.
BETA





What's New?

What's Hot?

What's Popular?


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
vBCommerce I v2.0.0 Gold ©2010, PixelFX Studios
vBCredits I v2.0.0 Gold ©2010, PixelFX Studios
Emoticons by darkmoon3636