BYONDdev

BYOND Forums

Announcements · BYOND Help · Bug Reports · Feature Requests · Beta Testers · Beta Bugs · Developer Help · Design Philosophy · Demos & Libraries · Tutorials & Snippets · Art & Sound · Classified Ads · Game Updates · Contests & Events · Linux Talk · On Topic · Off Topic

BYONDdev

ID:1489865

Feb 5 2014, 9:56 am

Sir Lazarus

Poll: BYONDdev: What do you think?

I think it's a good idea!	48% (17)
I think it's a bad idea!	28% (10)
I'm a clown. Woof! (I have no opinion.)	22% (8)

Hi,

Since the BYOND website is lacking in some features I've become interested in developing a website for BYOND developers. Specifically, to host helpful resources such as: tutorials and guides; (development) blogs; API's for BYOND games to use; and other stuff.

I decided that if I'm going to devote my time to this project I'd like to know the following:

That people support this idea and would like me to pursue it. While I understand that people are generally more inclined to join a project that's already developed somewhat I don't want to build this and then have BYOND.com receive an update.
I'd like to know what everyone finds the most important so that I don't end up writing a dev. blog system for it to be ignored in favor of the BYOND forum.
My intention is to be writing the back-end of the website and make sure everything is running smoothly. I'd prefer if other people handle the front-end department, i.e., actually filling it with content and providing me with a design.

If you'd like to help out with this or just have something to say about it, please leave a comment below.

Feb 5 2014, 10:07 am
Kozuma3	Blogs and user pages allowing them to customize their CSS and I'll be content :)

Feb 5 2014, 10:31 am

Sir Lazarus

For custom blogs and pages the idea is to put them on a separate sub-domain which allows more freedom in terms of CSS and JavaScript as cross-domain policies should prevent attacks against other users. (Whether or not this occurs will have to be examined and tested before going live, but I'm fairly certain such a set up would succeed.)

I've written an integration with the new BYOND forum in the past. If I can dig up that old code then I'll be able to make posts on the official BYOND forum. The downside to this approach is that it requires a valid BYOND username and password in order to make the post under that user. This can be avoided by using a single automated user but BYOND Staff will have to make some allowances for the fact that it's a shared name. Keeping a log of everything sent to BYOND.com is therefore mandatory.

What I'm mostly interested in at this point is a good design of the overall website. I'm sure I could come up with something myself, but I'd rather that the community is a big part of this because I'm not doing this for myself.

Unfortunately I've already seen two votes against this idea, without any commentary explaining why. While I don't want to turn this thread into a flame war I do want to know the opinions from both sides of the fence.

Regarding my credentials I can assure you that I have more than enough experience to produce a stable and competently written back-end. I prefer not to release the source-code as it contains proprietary code that I'd rather not release at this time. (I've developed my own framework for developing websites that may be used in other projects in the future.)

Feb 5 2014, 10:35 am

Kaiochao

Tutorials and guides belong in the Tutorials & Snippets forum.
Development blogs belong in the game or resource's hub forum, to be forwarded to the Game Updates or Demos & Libraries forum.
"APIs for BYOND games to use" could work as libraries, but I'm not sure what those even are.

If all you want are customizable blogs (since everything else you plan to offer already exists inside BYOND), there are already plenty of existing alternatives outside of BYOND. So, what more are you actually offering?

Feb 5 2014, 11:25 am
EnigmaticGallivanter	I took the last option, but I was lying. Just do it. Don't even ask us, just do the damn thing to see if it was worth the effort.

Feb 5 2014, 11:27 am
EnigmaticGallivanter	I don't want to merge my comments, but also make sure you openly state that you are not officially affiliated with BYOND.

Feb 5 2014, 11:27 am

In response to Kaiochao

Sir Lazarus

Kaiochao wrote:

Tutorials and guides belong in the Tutorials & Snippets forum.
Development blogs belong in the game or resource's hub forum, to be forwarded to the Game Updates or Demos & Libraries forum.

The forum sorts posts by age and not by quality, and digging through archives of forum posts is less entertaining than digging through well-written articles.

Tutorials, guides, demos, and libraries all become easier to manage once you put them in blog style. They can be categorized into groups more easily. Random articles can be posted on the front page so that they don't get buried. Upvoting articles allows the important material to remain available without having to dig through the archives.

Editors can be appointed to proof-read new entries and make sure that they follow a certain format and that any images and files are embedded instead of externally hosted, preventing them from becoming unavailable at a later date.

"APIs for BYOND games to use" could work as libraries, but I'm not sure what those even are.

One example of a public API is providing one for authenticating BYOND keys. This way you don't have to install DMCGI and can use pretty much any web host that supports PHP.

Another idea is providing a BYOND library that connects to an API to provide online storage of (save)files.

There was also a system around to track BYOND users and make a full list of keys and IP addresses used. I believe it was called wiz_net. Something like that could be included as well.

These features could be made available exclusively for Members, giving people more incentive to join up and support BYOND.

If all you want are customizable blogs (since everything else you plan to offer already exists inside BYOND), there are already plenty of existing alternatives outside of BYOND. So, what more are you actually offering?

Okay, okay. What about creating profiles for BYOND developers which allows them to showcase their skills? Oldbies could write exams for newbies to follow, which would earn them badges. People could give other people yay's or nay's and this would influence their standing.

When responding to a classified ad you can then check that person's profile and see if they're being honest. If someone has a lot of nay's you can question this.

I understand that some of these ideas are wild and may not be feasible under real world conditions, but these are just some of the things that this website could do.

The biggest thing that this website would be able to do is move the burden of updating certain parts of the website away from BYOND Staff, which frees up time for more important requests.

I think it would be positive for both new and old developers to build this website, but I'm still weary about spending too much time on it for fear of losing support.

Still, I hope I've made my point of view clear and that this helps with further responses by you/others to this idea. :)

Feb 5 2014, 11:30 am

In response to EnigmaticGallivanter

Sir Lazarus

EnigmaticGallivanter wrote:

I took the last option, but I was lying. Just do it. Don't even ask us, just do the damn thing to see if it was worth the effort.

I'm already working on some projects and I don't want to keep adding to that workload by giving myself a project that may not even stand a chance. I may work on it either way but I just would like to know what other people think of my train of thought & if they'd be willing to jump aboard if it takes off.

Feb 5 2014, 12:33 pm
Atol Soldier	Good Idea, Go for it Lazarus! ;)

Feb 5 2014, 12:56 pm
Ter13	Wordpress. Thank you.

Feb 5 2014, 1:15 pm

Ssj4justdale

I've already created an API that communicates with BYOND, unofficially and it works. I just take advantage of something BYOND may need to patch for security reasons, if you want to demo it out:

http://www.ssj4justdale.x10.mx/byond

~~ No Password is logged. It just authorizes you for a session if successful and if you subscribe, it logs your KEY into a MySQL database.

Try with a random key if you so desire, just create one for the heck of it just to test it and see for yourself.

Also do random users that don't exist, you will see it returns the user doesn't exist but if they do, it'll return wrong password if the password is incorrect.

If both values are true, then you are logged in.

http://www.ssj4justdale.x10.mx/byond

Feb 5 2014, 1:23 pm
Ssj4justdale	Should I attempt to post something as the user now??

Feb 5 2014, 2:08 pm

Toddab503

I'm iffy as to how effective this idea would be, but I love the spirit behind it, and I would definitely participate in it and tell anyone I thought might take interest all about it.

I think it's worth giving a try if nothing else. I mean, even if it did fail, you'd have a lot of code and what not that could be easily modified for another website. This could essentially be a social network for BYOND.

Facebook DID start out as a social network for college, so while I highly doubt it would take off as much as Facebook, it could be good.

Feb 5 2014, 6:14 pm

Ssj4justdale

My clunky Auhtorization code for BYOND (Speed Through)

This isn't what I use for my site, its just an example to communicate with my api.

<?php
if(isset($_GET['logout'])||isset($_GET['tryagain'])){
    if (isset($_SERVER['HTTP_COOKIE'])) {
        $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
        foreach($cookies as $cookie) {
            $parts = explode('=', $cookie);
            $name = trim($parts[0]);
            setcookie($name, '', time()-1000);
            setcookie($name, '', time()-1000, '/');
        }
    }
    header("Location: oAuthTest.php");
    die();
}
if(isset($_COOKIE['user'])){
    echo "Welcome, " . $_COOKIE['user'];
    echo "<br>";
    echo "<a href=\"?logout\">Logout</a>";
    die();
}

if (isset($_SERVER['HTTP_COOKIE'])) {
    $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
    foreach($cookies as $cookie) {
        $parts = explode('=', $cookie);
        $name = trim($parts[0]);
        setcookie($name, '', time()-1000);
        setcookie($name, '', time()-1000, '/');
    }
}
if(isset($_GET['auth'])&&isset($_GET['key']))
{
    $hashCheck=$_GET['auth'];
    $hashKey=$_GET['key'];
    $hashKey=md5(hash('sha256',md5(strtolower($hashKey))));
    if($hashKey==$hashCheck) {
        setcookie('user',$_GET['key']);
        header("Location: oAuthTest.php");
        die();
    } else {
        echo "Failed to Login! <a href=\"?tryagain\">Return</a>";
        die();
    }
?>

<?php
    
} else {

?>

<form method="POST" action="http://www.ssj4justdale.com/main/byond.api">
<input type="hidden" id="returnURL" name="returnURL" value="http://www.ssj4justdale.x10.mx/byond/oAuthTest.php" />
<input type="hidden" id="command" name="command" value="login" />
Key: <input type="text" id="byondKey" name="byondKey" /><br>
Password: <input type="password" id="byondPass" name="byondPass" /><br>
<input type="submit" value="Login with BYOND">
</form>


<?php

}
?>

Feb 5 2014, 7:12 pm
Nadrew	The problem with your approach is entering your password on a site that's not secure.byond.com, which we outright tell people never to do. The DMCGI approach puts people through the actual byond.com login process.

Feb 5 2014, 7:18 pm

Sir Lazarus

Yeah, I was talking to someone about the same problem. It's impossible to make forum posts under someone else's name unless:

1. Not use someone else's name, but use a fixed account instead.

2. Use Ajax to make the post, but this requires BYOND Staff to modify some headers to authorize my server to do this.

3. Ask for the username and password outside of secure.byond.com if you want to make forum posts. Obvious trust issues aside it also opens up a security issue since the password would have to be stored somewhere.

If there's going to be any posting at all then Option #1 is the only feasible one.

Feb 5 2014, 9:21 pm

Ssj4justdale

I totally agree with you Nadrew and I wouldn't suggest my method whatsoever because there are many phishy third-party sites that wish to take people's accounts.

But maybe if we get enough people to join together and "be stupid" and file a complaint with BYOND for the user's stupidity, we can see progress in this direction??

I personally would love some DMCGI but with it no longer being supported and nobody even knows what it is and I can't find help to configure it to set it up and all, I think my method is the second best course of action, 'til BYOND provides something much more "secure."

Feb 6 2014, 12:02 pm
A.T.H.K	http://www.byond.com/forum/?post=93429&hl=API#comment4467272 Good luck..

Feb 6 2014, 1:39 pm
Ssj4justdale	^@A.T.H.K haha its funny for almost 4 years the status stayed at open

Feb 7 2014, 4:12 pm
A.T.H.K	Yep.