- This topic has 59 replies, 20 voices, and was last updated 6 years, 9 months ago by AlexG.
-
AuthorPosts
-
January 20, 2017 at 11:39 pm #133517PhoenixParticipant
Oh, hey. It’s me. Poking the thread again. Maybe something more visual can cause a reaction? 😉
Homepage:
News Page:
Browsing Stories: (Might remove the 10 recent stories as they are listed on the actual homepage as well)
January 20, 2017 at 11:41 pm #133518PhoenixParticipantStory Submission 1/2:
Story Submission 2/2:
Reading Page:
Alright, let me leave a few words to the current state of development:
Whats working:
- Registration & Login
- Story Submission
- Browsing & reading submitted stories
Next up:
- Searching stories (Will include search after tags, authors and titles)
- adding voting system and comments for stories
- editing and deleting stories
So far there are 4 User groups. Admin, Mod, Author and User. While I propably don’t have to loose much words about the first two, the other two are rather interesting.
Guests can read and browse, no rating, no commenting available.
Users can read, browse, rate and comment on stories. NO story submission, I’m afraid.
Authors are users with the privledge of submitting stories of course. They also are able to change their submitted stories and delete them if they feel so.
Mods will be able to promote a user to author and (eventually) change and delete stories which violate the rules.So some of you might question: How do you become a author?
Well as a means to prevent spamming and other trolls on the internet, you will have to ASK a mod or admin for it. Said person will then promote your account and thus give you the privledge.What you see up there is on my local machine and not available to the public yet, despite it’s ability to already deliver the core functions. But I want to add at least the search system, votes and comments as well as the editing and deleting functions before I will make it public.
Last but not least, I spent some thoughts on new tags to open brawna more for more content. They are not implemented yet as I would like some feedback on them, but if things remain just as silent as they are at the moment, I will just add them how I see fit. Here’s the link to the sheet I wrote and you see below so you can read it a bit better and comment on it. No changing though.
Tags WIP:
January 21, 2017 at 12:18 am #133519Avery LeckroneParticipantOkay… this feels like a lot of data to absorb, to be honest. The functionality seems to make sense; is there any way to make sure that mods won’t either neglect their responsibilities or show preferential treatment to certain users over others? I think this is something that ought to be addressed before it becomes an issue, as I’ve seen group admins (on other sites) show both of these failings.
January 21, 2017 at 1:30 am #133520PhoenixParticipant:laugh:
Good point actually. But let me answer your question in a different way:As for now, there is noone I know and trust enough to give him/her the status of moderator. So consider this more a “in-case-of” solution. In case I announce a mod, the system is prepared.
The site itself doesn’t have a ticket system, so unless people want to email me for wanting to be upgraded to author, we would need a forum. Or at least a subforum in an excisting one.(wink-wink) I’d be fine with either way as long as it’s performant enough.(WINK WINK) 😛January 21, 2017 at 3:54 am #133522jdrabbit1ParticipantOk, just to clarify for me and the other morons out there… This site is up a running, at least partially? Is there a link?
January 21, 2017 at 4:10 am #133523PhoenixParticipantNo.
What you see is run by a local server on my personal computer. No outside access.
I want to add the mentioned features before this goes live on the Internet. And before that I need a server to host on and a domain. Brawna.org still belongs to lingster and since I don’t seem to be able to reach him, we would have to settle for Brawna.net for example.January 29, 2017 at 7:00 pm #133640PhoenixParticipantJust a small update:
Search engine as well as editing and deleting functions are implemented and working. Gonna work on commenting and ratings this week and if everything goes well, I think I can release it in Febuary 2017.
January 30, 2017 at 7:09 pm #133647AidenParticipantHey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.
January 30, 2017 at 7:09 pm #133648AidenParticipantHey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.
January 30, 2017 at 9:11 pm #133650PhoenixParticipantHey there. Just a quick question, though I do feel it’s the most important factor: How do you intend to handle password storage and hashing with Brawna 2.0, compared with how it was done so with the original Brawna? I reckon more than a few people would feel the site could go off to a very rocky start if that’s not implemented yet.
I felt like I answered such a question before, but I didn’t. Just felt similar regarding the captcha. So first of all, I have actually no idea how the original handled anything. I haven’t had an account or stories on brawna. But I did attempt to register a couple of times but couldn’t even find a “register”-Button. But back to your question:
The password is encrypted and stored in my database. So even if I as admin would go in the db and look at your password, all I would see is gibberish that looks like this: “$2y$12$P13eCbHogg0amXfzgdpqXeh6awmd4ucI8TTiWp99fRz9lEABcvo/q”
I took a framework for the User Management System called “UserSpice”. The owners wrote this about their security on November 15th 2016:
“We just passed a security audit as of 4.1.8 and everything we do is pretty industry standard. Bcrypt for password encryption, SSL/TLS compatible out of the box, token system to prevent XSS attacks, automated sanitization of all form and database input.”I hope this answered your question. 🙂
-
AuthorPosts
- You must be logged in to reply to this topic.