[QUOTE=Mega1mpact;43283418]I'm not a lawyer but I think you're going to get some major legal issues with this.
Maybe at least encrypt all the data serverside and give the private key to the user so that the actual movie is only present user side or something.[/QUOTE]
I won't argue that facing legal issues might be an issue into the future. Until then, nothing special will be done other than keeping the service small, private, and invite only. It works both ways because I don't believe I'm qualified enough to administrate a web application with more than a certain number of users alone anyways. I've also set up some extra precautionary firewalls on the server to mitigate detection.
I've been working on my own community software the past few weeks. I've wanted to learn a few things so I plan to put in as much stuff as I can.
This is how it looks right now:
[t]http://i.imgur.com/jB0YdiM.png[/t]
The Index page is still a WIP. So far almost all is static. I am still slowly converting it into its dynamic counter part.
[t]http://i.imgur.com/he1WXNZ.png[/t]
I made a custom directive that automatically saves any changes to a form and restores it when you reload, or otherwise get back to the page. This is to counter a possible crash/'backspace while not focused' etc...
[t]http://i.imgur.com/O6sUgt9.png[/t]
There are a few features that took me some time to figure out. But got solved with short code in the end.
Notably:
View Overriding: The forum will allow for plugins that can modify large parts of the existing code base. So they had to override parts of the view in case the changes are substantial. Now since I was using jade this meant that I had to hook into the render function of Express. It was an easy fix in the end. I just compiled a list of existings views and allowed plugins to be loaded afterwards, thus overriding the default values. This means that in development you have to restart the server when adding a view. It hasn't shown to be a problem though.
View Hooks: When making a plugin you don't always want to add a new page or modify an existing one as a whole. You might just want to add a small snippet. Like an announcement or ads. This works with Angular. Basically any view can export hooks by using a special directive which replaces itself with any hooks that had been defined. This list of potential hooks gets compiled on load in each plugin's angular module with a ServiceProvider. (Aka it's modular)
I am sure I will encounter a few more nuts (for me) to break.
I have added Tests and Travis to it. Simply because I always wanted to use both. Adding the tests showed me some bugs in my code. (As well what I presume to be Mongoose's.) Although I have the problem of working alone right now, so writing tests feels awkward as most of the time my tests orient themselves towards a possible solution. It doesn't feel optimal since I kind of bias myself already. So if anyone has any tips?
I am putting it out as an OpenSource project, you can view it here: [url]https://github.com/CommunityHub/ForumJS[/url]
So that's what I have been and still am working on.
Yesterday I implemented a feature into my framework but i'm not too sure about it. It gives the user an option to check the integrity of the core framework files (calculates hashes of the files and compares them against what's stored in a config file) and if any files have been modified, refuse to carry out the request.
Even though it's optional, it feels kinda dirty - opinions on it?
[QUOTE=Dorkslayz;43294047]Yesterday I implemented a feature into my framework but i'm not too sure about it. It gives the user an option to check the integrity of the core framework files (calculates hashes of the files and compares them against what's stored in a config file) and if any files have been modified, refuse to carry out the request.
Even though it's optional, it feels kinda dirty - opinions on it?[/QUOTE]
I'm not really sure what you are planning to protect against by doing this, if someone can alter the code in the first place they can alter where the hashes are too.
[QUOTE=benjojo;43294790]I'm not really sure what you are planning to protect against by doing this, if someone can alter the code in the first place they can alter where the hashes are too.[/QUOTE]
It's not supposed to protect as such, more supposed to notify in case of file corruption, etc.
For example, you're running your application on a production server and you're using modified versions of the core files, you've updated the file hashes to match the modified versions. If at any point those files get corrupted, accidentally deleted, etc - you're not exposing the application users to errors which would potentially contain information you don't want being revealed, you're exposing them to a clean error page.
If you have proper software deployment and/or version control you shouldn't have file corruption, ever.
[QUOTE=Jelly;43298535]If you have proper software deployment and/or version control you shouldn't have file corruption, ever.[/QUOTE]One of the servers we use for production sites started having some drive failures and files were getting randomly corrupted and deleted and having issues saving and such.
Have you benchmarked it to see what kind of performance hit you're getting by checksumming every file on every request? This seems really similar to premature optimization to me in the sense that you're spending time and server resources on something that is either a non-issue or a very very unlikely issue.
If you find out by a PHP script that your hard drive is failing then you're doing something wrong.
So, I'm gonna take on a project soon, but before I do I kinda wanna make sure that it's gonna be wanted. So, I made a survey!
Just take it, please:
[url]https://docs.google.com/forms/d/19N2KQyhRoITpj-6-zGeIORBZErrtGOC9YedcQKaltAk/viewform[/url]
danke C:
[QUOTE=KmartSqrl;43300841]Have you benchmarked it to see what kind of performance hit you're getting by checksumming every file on every request? This seems really similar to premature optimization to me in the sense that you're spending time and server resources on something that is either a non-issue or a very very unlikely issue.[/QUOTE]
This was one of the concerns I had, it takes about ~7ms or ~0.7ms (can't quite remember) to check all of the files. I'm planning to do a few more benchmarks and see how big of an impact it's having, I might remove it if it's having a significant impact on load times.
So I was setting up my new SSD when I accidentally my entire hard drive
so now I'm downloading windows on a Ubuntu boot disk I made special for cases like these
I lost all of my work :(
[QUOTE=Ac!dL3ak;43304904]So I was setting up my new SSD when I accidentally my entire hard drive
so now I'm downloading windows on a Ubuntu boot disk I made special for cases like these
I lost all of my work :([/QUOTE]
I think you forgot the word delete :)
[QUOTE=Ac!dL3ak;43304904]So I was setting up my new SSD when I accidentally my entire hard drive
so now I'm downloading windows on a Ubuntu boot disk I made special for cases like these
I lost all of my work :([/QUOTE]
A friend of mine happened this a few days ago, he thought he was on a usb stick and wanted to remove everything, a quick rm -r * and bam, his whole root was empty.
It will take some time until we can take any advice we give without a remark about his basic safety negligence. (And he had no backups either)
[QUOTE=Dorkslayz;43303272]This was one of the concerns I had, it takes about ~7ms or ~0.7ms (can't quite remember) to check all of the files. I'm planning to do a few more benchmarks and see how big of an impact it's having, I might remove it if it's having a significant impact on load times.[/QUOTE]
If it's 7ms I don't think it's worth it.
[QUOTE=commander204;43287725]I've been working on my own community software the past few weeks. I've wanted to learn a few things so I plan to put in as much stuff as I can.
This is how it looks right now:
[t]http://i.imgur.com/jB0YdiM.png[/t]
The Index page is still a WIP. So far almost all is static. I am still slowly converting it into its dynamic counter part.
[t]http://i.imgur.com/he1WXNZ.png[/t]
I made a custom directive that automatically saves any changes to a form and restores it when you reload, or otherwise get back to the page. This is to counter a possible crash/'backspace while not focused' etc...
[t]http://i.imgur.com/O6sUgt9.png[/t]
There are a few features that took me some time to figure out. But got solved with short code in the end.
Notably:
View Overriding: The forum will allow for plugins that can modify large parts of the existing code base. So they had to override parts of the view in case the changes are substantial. Now since I was using jade this meant that I had to hook into the render function of Express. It was an easy fix in the end. I just compiled a list of existings views and allowed plugins to be loaded afterwards, thus overriding the default values. This means that in development you have to restart the server when adding a view. It hasn't shown to be a problem though.
View Hooks: When making a plugin you don't always want to add a new page or modify an existing one as a whole. You might just want to add a small snippet. Like an announcement or ads. This works with Angular. Basically any view can export hooks by using a special directive which replaces itself with any hooks that had been defined. This list of potential hooks gets compiled on load in each plugin's angular module with a ServiceProvider. (Aka it's modular)
I am sure I will encounter a few more nuts (for me) to break.
I have added Tests and Travis to it. Simply because I always wanted to use both. Adding the tests showed me some bugs in my code. (As well what I presume to be Mongoose's.) Although I have the problem of working alone right now, so writing tests feels awkward as most of the time my tests orient themselves towards a possible solution. It doesn't feel optimal since I kind of bias myself already. So if anyone has any tips?
I am putting it out as an OpenSource project, you can view it here: [url]https://github.com/CommunityHub/ForumJS[/url]
So that's what I have been and still am working on.[/QUOTE]
Node gives an error when I try to run it; oh well.
[QUOTE=rbreslow;43311427]Node gives an error when I try to run it; oh well.[/QUOTE]
Post a stacktrace then?
[QUOTE=Dorkslayz;43294900]It's not supposed to protect as such, more supposed to notify in case of file corruption, etc.
For example, you're running your application on a production server and you're using modified versions of the core files, you've updated the file hashes to match the modified versions. If at any point those files get corrupted, accidentally deleted, etc - you're not exposing the application users to errors which would potentially contain information you don't want being revealed, you're exposing them to a clean error page.[/QUOTE]
You should always be exposing them to a clean error page, and you have control over that without having to implement such a thing.
[QUOTE=rbreslow;43311427]Node gives an error when I try to run it; oh well.[/QUOTE]
If it is on startup it might be because MongoDB is not started. You can contact me on Skype (com2040) if you have other trouble!
I kind of hate this article: [url]https://medium.com/design-things/61ef4f88218a[/url]
Talk about over doing it. Design is supposed to be a largely visual thing. I don't get the obsession with needing to find some formula to tell you that you put something in exactly the right spot. Why can't people just use their fucking eyes? Designer's tendency to take a good idea too far is hilarious to me sometimes. Especially because I think the icons would look better if they were pulled towards the center of the circle a little more so that the spacing between the vertical/horizontal straight edges and the icon was the same as the spacing between the rounded edge. Riiiiidiculous.
-snip-
[QUOTE=KmartSqrl;43315968]I kind of hate this article: [url]https://medium.com/design-things/61ef4f88218a[/url]
Talk about over doing it. Design is supposed to be a largely visual thing. I don't get the obsession with needing to find some formula to tell you that you put something in exactly the right spot. Why can't people just use their fucking eyes? Designer's tendency to take a good idea too far is hilarious to me sometimes. Especially because I think the icons would look better if they were pulled towards the center of the circle a little more so that the spacing between the vertical/horizontal straight edges and the icon was the same as the spacing between the rounded edge. Riiiiidiculous.[/QUOTE]
Agreed. Sometimes I talk to other designers and they come with these over-the-top theories and crap about UI and design and geometry when they could achieve the same conclusion by just looking at my work. People tend to make design super complicated but it's mostly just a matter of taste and care to detail. Also of always being on the lookout for good design and using it as inspiration.
My theory on why designers want to over complicated things is that they feel (wrongfully so) that their career isn't legitimate enough and they need to add a bunch of pseudo science shit to it so that they can feel good about themselves.
Also that circle prompt thing he did there is hideous as fuck.
I have found out about test coverages yesterday and found the idea quite promising. After some tinkering I got it also integrated into my project. Caught a few dangerous cases in my user class already. (Notably that you could sign up without an username. I forgot to add the case of an empty string. )
So after a few more tests:
[IMG]http://i.imgur.com/osV2Ch8.png[/IMG]
Success!
It's pretty neat. It tells you what paths have been taken and which cases you might have forgotten.
[URL]https://coveralls.io/files/107118459[/URL] in comparison to before: [URL]https://coveralls.io/files/106824835[/URL]
[QUOTE=Jelly;43311535]Post a stacktrace then?[/QUOTE]
Nevermind, it runs now but still bugs up.
[IMG]http://puu.sh/5ZwNY.png[/IMG]
[QUOTE=rbreslow;43317248]Nevermind, it runs now but still bugs up.
[IMG]http://puu.sh/5ZwNY.png[/IMG][/QUOTE]
You're only posting the bottom of the trace there.
[QUOTE=KmartSqrl;43315968]I kind of hate this article: [url]https://medium.com/design-things/61ef4f88218a[/url]
Talk about over doing it. Design is supposed to be a largely visual thing. I don't get the obsession with needing to find some formula to tell you that you put something in exactly the right spot. Why can't people just use their fucking eyes? Designer's tendency to take a good idea too far is hilarious to me sometimes. Especially because I think the icons would look better if they were pulled towards the center of the circle a little more so that the spacing between the vertical/horizontal straight edges and the icon was the same as the spacing between the rounded edge. Riiiiidiculous.[/QUOTE]
Haha, I thought the exact same thing while reading it. You could just nudge it until it looks right, instead of applying random maths to look smart.
[QUOTE=TerabyteS_;43323292]Haha, I thought the exact same thing while reading it. You could just nudge it until it looks right, instead of applying random maths to look smart.[/QUOTE]
So so true, who the hell would line it up based off the square perimeter of the circle?
Am I a bad designer because I just move it until it looks right? I don't think so!
[quote]Does anyone know other methods to get this done?[/quote]
Yes, use your eyes and your fingers and stop being so anal about a non-existant problem.
[QUOTE=KmartSqrl;43305513]If it's 7ms I don't think it's worth it.[/QUOTE]
I did some benchmarks on the hashing, etc. It adds an additional 9ms to the load time, a ~32% increase. Not sure a rare use case is worth that increase in load times, but I changed the whole process to being optional.
[editline]27th December 2013[/editline]
What's the best way to display a server-side framework to someone? I need to show what i've done so far on my framework but can't really think of a way other than diagrams.
[QUOTE=TerabyteS_;43323292]Haha, I thought the exact same thing while reading it. You could just nudge it until it looks right, instead of applying random maths to look smart.[/QUOTE]
The same could be said for many ancient Greek works. Does the golden ratio ring a bell?
Sorry, you need to Log In to post a reply to this thread.
