Brawna 2.0

Viewing 10 posts - 31 through 40 (of 60 total)
  • Author
    Posts
  • #133517
    Phoenix
    Participant

    Oh, hey. It’s me. Poking the thread again. Maybe something more visual can cause a reaction? 😉

    Homepage:

    News Page:

    Browsing Stories: (Might remove the 10 recent stories as they are listed on the actual homepage as well)

    #133518
    Phoenix
    Participant

    Story Submission 1/2:

    Story Submission 2/2:

    Reading Page:

    Alright, let me leave a few words to the current state of development:

    Whats working:

    • Registration & Login
    • Story Submission
    • Browsing & reading submitted stories

    Next up:

    • Searching stories (Will include search after tags, authors and titles)
    • adding voting system and comments for stories
    • editing and deleting stories

    So far there are 4 User groups. Admin, Mod, Author and User. While I propably don’t have to loose much words about the first two, the other two are rather interesting.
    Guests can read and browse, no rating, no commenting available.
    Users can read, browse, rate and comment on stories. NO story submission, I’m afraid.
    Authors are users with the privledge of submitting stories of course. They also are able to change their submitted stories and delete them if they feel so.
    Mods will be able to promote a user to author and (eventually) change and delete stories which violate the rules.

    So some of you might question: How do you become a author?
    Well as a means to prevent spamming and other trolls on the internet, you will have to ASK a mod or admin for it. Said person will then promote your account and thus give you the privledge.

    What you see up there is on my local machine and not available to the public yet, despite it’s ability to already deliver the core functions. But I want to add at least the search system, votes and comments as well as the editing and deleting functions before I will make it public.

    Last but not least, I spent some thoughts on new tags to open brawna more for more content. They are not implemented yet as I would like some feedback on them, but if things remain just as silent as they are at the moment, I will just add them how I see fit. Here’s the link to the sheet I wrote and you see below so you can read it a bit better and comment on it. No changing though.

    Tag Sheet

    Tags WIP:

    #133519
    Avery Leckrone
    Participant

    Okay… this feels like a lot of data to absorb, to be honest. The functionality seems to make sense; is there any way to make sure that mods won’t either neglect their responsibilities or show preferential treatment to certain users over others? I think this is something that ought to be addressed before it becomes an issue, as I’ve seen group admins (on other sites) show both of these failings.

    #133520
    Phoenix
    Participant

    :laugh:
    Good point actually. But let me answer your question in a different way:

    As for now, there is noone I know and trust enough to give him/her the status of moderator. So consider this more a “in-case-of” solution. In case I announce a mod, the system is prepared.
    The site itself doesn’t have a ticket system, so unless people want to email me for wanting to be upgraded to author, we would need a forum. Or at least a subforum in an excisting one.(wink-wink) I’d be fine with either way as long as it’s performant enough.(WINK WINK) 😛

    #133522
    jdrabbit1
    Participant

    Ok, just to clarify for me and the other morons out there… This site is up a running, at least partially? Is there a link?

    #133523
    Phoenix
    Participant

    No.
    What you see is run by a local server on my personal computer. No outside access.
    I want to add the mentioned features before this goes live on the Internet. And before that I need a server to host on and a domain. Brawna.org still belongs to lingster and since I don’t seem to be able to reach him, we would have to settle for Brawna.net for example.

    #133640
    Phoenix
    Participant

    Just a small update:

    Search engine as well as editing and deleting functions are implemented and working. Gonna work on commenting and ratings this week and if everything goes well, I think I can release it in Febuary 2017.

    #133647
    Aiden
    Participant

    Hey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.

    #133648
    Aiden
    Participant

    Hey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.

    #133650
    Phoenix
    Participant

    Hey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.

    I felt like I answered such a question before, but I didn’t. Just felt similar regarding the captcha. So first of all, I have actually no idea how the original handled anything. I haven’t had an account or stories on brawna. But I did attempt to register a couple of times but couldn’t even find a “register”-Button. But back to your question:
    The password is encrypted and stored in my database. So even if I as admin would go in the db and look at your password, all I would see is gibberish that looks like this: “$2y$12$P13eCbHogg0amXfzgdpqXeh6awmd4ucI8TTiWp99fRz9lEABcvo/q”
    I took a framework for the User Management System called “UserSpice”. The owners wrote this about their security on November 15th 2016:
    “We just passed a security audit as of 4.1.8 and everything we do is pretty industry standard. Bcrypt for password encryption, SSL/TLS compatible out of the box, token system to prevent XSS attacks, automated sanitization of all form and database input.”

    I hope this answered your question. 🙂

Viewing 10 posts - 31 through 40 (of 60 total)
  • You must be logged in to reply to this topic.