Oops.
Printable View
Oops.
:)
Hehe. Well like I said, I apologise if it sounded harsh. It helped me vent out my anger (not just to do with the project), all in one go! That's my rant over for the next two years :)
Can I quote you on that? :D
Erm............................................
Oh go on then :D
:rolleyes:Quote:
Originally posted by j2k
That's my rant over for the next two years :)
ooooooookkkkkkkkk
Everything ripped apart in a new york minute? -
gee...
nice =P
--
First of all, i dunno who's leader here (i still think it's j2k so) - I just want to see a few answered cleared up eh?
first of all;
is this is a fun project OR is there a bit of seriousness in the project (as in, yes there is a posibility that the app can really be marketed all over the world)
2nd
Bitching over and over again... Make a design doc!, and if this is a serious development group, make sure that you make some kind of document that people have to agree with (as in, not distribution sources, what kind of communicational things are used (Icq, Irc, etc)). And keep TIGHT scheduled meetings. (With meeting agenda's!)
3th
In a way I don't agree with EiSecure, and in a way I do, since he has done a lot for this project he does 'own' his piece, but on the other hand, (directed towards eiSecure himself) You ain't gonna get for with that attitude.. really.. you ain't...
4th (pfew.. long text ;) )
If someone is able to put up an small document of what kind of application it should be, what tasks there are and if possible even a list of all the people involved with their 'specialism' you can put up a way better taskforce to handle these kind of projects.
and uhh, if no'one has an idea how to create such a thing, i'll be happy to help along..
my 2 cents,
What you said is what the professionals do. We can't just write code.
"What you said is what the professionals do. We can't just write code." < -does that mean you get what I say and hopefully to make this project succesful or.... ?
Success is good. :cool:
That sounds more like it :D
Boo-yeah. :D
And STOP replying soo fast! I'm typing 4 lines of code and it goes 'PloInk' New Mail .. again :)
:D
New mail has arrived. Would you like to read it now?
:p
I finally uploaded the prototype of the login info verification CGI.
This CGI checks user name and password.
use it this way "http://www.alsoft.f2s.com/ocarina/network/checkpsw.cgi?lname=TheLoginName&pword=Password"
it will return one of the following output texts:
NONAME - the name var was not set
NOSUCHUSER - You entered a name that doesn't exist
WRONGPASSWORD - the password is wrong
ACCEPT - User name and password accepted
Luv yur hamburger btw =)
-
oh yah... one more thing
AAAAAAAAAAAAAAAAAAH!! =D
That's not exactly encrypted. :rolleyes:Quote:
Originally posted by Andreas@ALSoft
I finally uploaded the prototype of the login info verification CGI.
This CGI checks user name and password.
use it this way "http://www.alsoft.f2s.com/ocarina/network/checkpsw.cgi?lname=TheLoginName&pword=Password"
it will return one of the following output texts:
NONAME - the name var was not set
NOSUCHUSER - You entered a name that doesn't exist
WRONGPASSWORD - the password is wrong
ACCEPT - User name and password accepted
People, about the server, it is NOT a CGI/Perl/Javascript! It is a program that we write (probably in Java to multithread) that accepts connections, parses sent data, and chucks back a response.
*mumble* write *mumble* a doc ;)
-
But I agree fully with Filburt, You don't write a cgi/php thingy to handle over 1000 connections (uhh.. if it does get that many users) =)
As I said the verification script IS ONLY A PROTOTYPE so far
Okay,
If I may give a suggestion:
Make a prototype in VB or C++ (also good ;)) or JAVA (yeah yeah MultiThread all tha way!) =) -
Make a encryption algorithm.. Your own.. or maybe a simple base64 or DS3 or whatever(tm) encryption.
And preferably make modules if you make it in VB. (Or Class DLL's)
This Perl/CGI Script DOES NOT handle the users, it just does the password verification
The server side scripts ARE NOT the server, they ONLY CONNECT the Server and the Web Frontend
That is not what we are implying on, the password authentication will be triggered 50+ per minute (on a busy day). So it's JAVa or C++ all tha way. Not HTTP based.
and it still has to be encrypted :D
Users will be kept track of using the server, and they will connect to the server. No Apache required.Quote:
Originally posted by Andreas@ALSoft
This Perl/CGI Script DOES NOT handle the users, it just does the password verification
The server side script can handle an unlimited count of passwort verifications a minute the only limit is the server's speed and the amount of space you can use to store the (READ PROTECTED) user identification files
"The server side scripts ARE NOT the server, they ONLY CONNECT the Server and the Web Frontend"
In my eyes it should go like this:
Client accesses web via its web frontend. It downloads a nice applet (ofcourse, rite?) or we use PHP which would also suit pretty well, Server only gives out an IP and port,
PHP opens a socket and retrieves whatever it needs, Though JAVA could do the same so... i leave those options open for you guys to discuss ;)
But I strongly advice NOT to use any http password verification or anything in that direction.. CGI or PHP Redirected password checks (like bla.php?password=bla&username=etc)
in PHP you can encrypt any password with md5(x) so a very nice 128 bit encryption is layed over the password (which is btw.. not reversable,so the password in the database must be MD5'd) - (also means if a user wants to change his or her password she must create a new one. (cannot change))
my few cents.. (i'm getting broke this way) :)
Absolutely NO CGI for the server! Not only is there too much overhead, but it is considered a cheap hack. :cool:Quote:
Originally posted by filburt1
Users will be kept track of using the server, and they will connect to the server. No Apache required.
The thing is quite simple, a password stored on the webserver (IT IS PROTECTED, YOU CAN'T READ IT) can easily be verified by the server app, but just try to make a server side script access another computer connected to the 'net... (try it, I wish you lot's of fun)
CGI is a dynamic module (also known to be slow as hell if multiple users connect). so IF it is ever needed use alteast ISAPI modules (yah yah. i know.. ;) )
AGAIN: The Server Side Scripts ARE NOT the Server
To confirm: Yes I am the leader still, and yes it's fun, however it is serious too. I do want the project to be finished, and attempt to be marketed.
A design doc would be good - but don't look at me!
no offence, but a project leader should manage and create such a doc and also keep a note of what people are doing :P
btw..
Does ANYone on the team have IRC? it is sooo much easier to communicate.. (or even ICQchat :P)
First: The Script I just uploaded IS ONLY used once per login and session ant Second: It will output the IP of the real server in a second line so the Client prog always connects to the right server (e.g. if we change the server's IP)
None taken :) I'd like to create the doc but I don't know what is required in the doc, how to format the doc etc :)Quote:
Originally posted by Devion
no offence, but a project leader should manage and create such a doc and also keep a note of what people are doing :P
Ok, heres a small example what such a doc should look like...
very simple, and no real 'looks' been added.
Here's what I did some time ago:
A little prog that allows you to chat and transfer files after entering the IP of the one who starts the prog as server
Forgot to add stuff to the doc.. oops:
forgot
- Add technical data; Explain what things do and how they co-op within.
For instance for a program I wrote I just took a pen and paper and wrote down how my Auth protocol worked,
C/P below.. :)
-------------
AUTH PROTOCOL
15-09-2001 - Rob Janssen
CL = Client || SV = Server
This document shows how the authentication steps are followed in the communication protocol.
-------------------------------------
CL] Connect to the server
SV] Accept ALL Connections to port 10023 - SendDATA ["Milestone Server Vx.x - Type '1' for telnet connection"].
CL] Respond to server - SendDATA ["MILESTONE_CLIENT"] (Telnet is streaming so can only type 1 char.)
SV] Close TELNET Sessions. Accept and setup client on server for MILEStone user.
SV] SendDATA ["AUTH"]
CL] Send user & password in format ( USER@PASSWORD )
SV] Fetch, Check user and password
SV] If Password and username are correct, SendDATA ["OK"] else SendDATA ["NO"] or SendDATA ["ERR@errormsg"]
CL] If Authentication is Correct then application will go on, if not then return to Login screen - if error show the error and quit.
-------------------------------------
For almost EVERY thing that is important you are almost required to make something like this, either in wordpad, notepad or word or even in Visio or any other flowchart app.
Age call! How old is everybody? I'm 17.
20....
so there goes your excuse fil ;)
*mumbles a number under his breath*