ospap - Alpha1

[deadly7]

haha ron that thing is leet. You got pwned by the backstabbers. ;)

[iago]

Woah, 2 replies since I was fixing stuff!

Anyways, I just updated to ALPHA2.  It has the changes I suggested for myself in the first post.

My new to-do list:
- Show a "last updated" on each page
- On the main page, show categories/total pictures
<edit> - Number of comments
<edit> - Email on new comment to one of my images
<edit> - (Optional) Email on any new picture

[Blaze]

Alpha 2's comments are a good idea. :)

Very good job so far iago.

[Joe]

Unknown usernameLogin failed  Redirecting....
Hm, do I detect a bit of a.. missing <br />?

Please enter a password that is at least 6 characters (it's for your own protection!)
Security zealot.

# Redistribution and use in source and binary forms
/compile =p

[iago]

Unknown usernameLogin failed  Redirecting....
Hm, do I detect a bit of a.. missing <br />?

Bah, I fixed that, but overwrote the fix.  oops!

And no, I'm missing a <BR>.  I'm using HTML 4.01, not XHTML. 

Please enter a password that is at least 6 characters (it's for your own protection!)
Security zealot.

Well, anybody who uses a password shorter than 8 characters is stupid anyway.  My original requirement was 8-character passwords, but I decided to let people be dumb and use 6 characters passwords. 

And incidentally, the passwords are hashed; however, it's being sent over a plaintext link, so it's not totally safe. 

[Joe]

Couldn't they be scrambled clientside? I'll write a quck VBScript hash() function if you'd like.

[iago]

VBScript is garbage.  Primarely because it only works on Linux, but also because if you're allowing VBScript to be run on your computer, the website can do anything it wants to you.  I don't want to force people to do that. 

The other option is to do it in JavaScript.  But I don't like the idea of depending on JavaScript. 

[Warrior]

Looking awesome, will check out source when I get my comp fixed. :)

[Joe]

As far as I see it, VBScript is JavaScript in a different language. The only difference is the language="" variable of <script>, they even use the same tag to be executed.

[iago]

Will it run on non-Windows systems? 

Perhaps I misunderstand VBScript, but I thought you need a Windows system for it?

Anyway, hashing it before sending still doesn't protect against replay attacks. 

[iago]

# Redistribution and use in source and binary forms
/compile =p

Hmm @ editing your post while I was replying, I didn't even see that. 

Yes, I'm aware that the license mentions binary forms.  And if somebody wants to compile PHP to a binary form (which is possible -- there's a program that converts PHP to C++, I'm told) and distribute it, I don't care.  I mostly left that in because I wanted to leave the BSD license intact. 

[iago]

I updated to Alpha3 just now.  I had to wipe the database, unfortunately.  I have completed all the goals for this version successfully, and think it's ready to post.  I shouldn't have to change the database anymore, so hopefully I won't have to wipe it again. 

Please, everybody, try it!  Try to break it!

And you can still get it at http://www.javaop.com/~iago/ospap.tgz

To-do:
- Handle newlines in comments properly
- "Cancel" after uploading picture
- Fix the "back" jumps
- Allow .bmp and other formats that "convert" can handle
- Display the newly-uploaded filename on the preview page (helps me with naming, others too probably)
- Allow each table to be sorted by different criteria

[rabbit]

To-do+:
make it templated/skinnable
edit thread title

[Towelie]

should I hand out that site to freinds?

[AntiVirus]

Make it not so dull looking.  Make it have some character. :D

[Edit]
I can't spell..