We are way more blackhat than you around here, remember that
Topic: bitcoinbounties.org - collect bounties! (Read 8865 times)
Take your trojans/wallet stealers elsewhere n00b.
We are way more blackhat than you around here, remember that
We are way more blackhat than you around here, remember that
Well for one I would directly like to be involved in the promotion of the bitcoin in general... youtube videos, links to mining pools etc.
I have a few partners who are interested in promoting the bitcoin as a lifestyle choice.
If you want to start up another website with a similar program we will definitely promote for you!
Already have a few youtube videos up with the tag pristine miner under the name Shao Ling - one of the developers of pristine miner (which is NOT available for download currently due to discretion of moderators)
I have a few partners who are interested in promoting the bitcoin as a lifestyle choice.
If you want to start up another website with a similar program we will definitely promote for you!
Already have a few youtube videos up with the tag pristine miner under the name Shao Ling - one of the developers of pristine miner (which is NOT available for download currently due to discretion of moderators)
I'm sorry to hear this.
Bitcoin bounties are all the rage in the underground network to which I belong.
You can make a heft sum, especially when done with a core mining base of course
Bitcoin bounties are all the rage in the underground network to which I belong.
You can make a heft sum, especially when done with a core mining base of course
Watcha saying? The site was only an example site. Working on testnet.
The VPS where it was hosted ended its yearly subscription. If I get an extra empty VPS I can donate again to put it live I will. At the moment I have none.
Not even sure if d33tah is still developing it actively.
I'm sorry to hear this.
Bitcoin bounties are all the rage in the underground network to which I belong.
You can make a heft sum, especially when done with a core mining base of course
Bitcoin bounties are all the rage in the underground network to which I belong.
You can make a heft sum, especially when done with a core mining base of course
This site is down, or at least I am only getting what looks like a default hosting page in chinese.
marked
marked
site has been down for awhile.
This site is down, or at least I am only getting what looks like a default hosting page in chinese.
marked
marked
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
Also just noticed. I tried to set up a user account to see if my use of the demo account was what threw my previous error message, only to get this message:
The login you have entered is too long (it has to be between 4 and 30 characters). Please choose a different one.
The login name I entered Was my forum tag, ZodiacDragon84, which is well within the parameters stated in the character length in the error message.
Is there anything specific on the user end that you would like to test for? Let me know what you are looking for, and I will beta test the crap out of this!
The login you have entered is too long (it has to be between 4 and 30 characters). Please choose a different one.
The login name I entered Was my forum tag, ZodiacDragon84, which is well within the parameters stated in the character length in the error message.
Is there anything specific on the user end that you would like to test for? Let me know what you are looking for, and I will beta test the crap out of this!
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
Also. The homepage is not very user friendly. I know sort of what is going on because I read the posts you put up previously. However, a newcomer who is reading deficient might not know whats going on when they get to your site. Maybe have a description on the homepage that lets newcomers know what you are about. and perhaps set up the bounties by category? Software bounties, hardware design bounties, mining bounties, startup bitcoin website bounties, etc. I would like to see where this goes otherwise!
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
I logged in as demo, and did a test bounty submission. I pulled the following error message:
Warning: move_uploaded_file(/var/www/uploads/test by ZodiacDragon84.txt): failed to open stream: Permission denied in /var/www/models/newsolution.php on line 29 Warning: move_uploaded_file(): Unable to move '/tmp/phpzcSAWc' to '/var/www/uploads/test by ZodiacDragon84.txt' in /var/www/models/newsolution.php on line 29
I would hazard a guess that the uploader didnt work, or I didnt have user permission under the demo account to upload a solution?
Warning: move_uploaded_file(/var/www/uploads/test by ZodiacDragon84.txt): failed to open stream: Permission denied in /var/www/models/newsolution.php on line 29 Warning: move_uploaded_file(): Unable to move '/tmp/phpzcSAWc' to '/var/www/uploads/test by ZodiacDragon84.txt' in /var/www/models/newsolution.php on line 29
I would hazard a guess that the uploader didnt work, or I didnt have user permission under the demo account to upload a solution?
With all due respect (since any contribution is always a huge investment of time), I must say you have a way to go in terms of security. mysql_real_escape_string() is not the function you must use to sanitize all inputs (although you can use it to help your cleanup), but each variable must be sanitized by its own limits (alphanumeric ones using, for example, a regex; the email using a different one; and values which are always integers using string-to-integer functions like intval(), doubleval() or floatval(), or directly using number_format() to take care of it...)
I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.
As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents.
I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.
As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents.
I understand you mean the script is insecure at the moment, right? Mind pointing me out some attack scenario I could reproduce? You might have a point that validation is incomplete somewhere.
It's already implemented, see the "donate" button.
I will be more interested when it is on main net.
You should include the ability for others to fund an existing bounty without registration simply sending funds to an address.
For example I make a bounty for xyz offering 5 BTC. Someone else says hey that is a great idea. Only 5 BTC? I will add to that. He clicks the "add to this bounty" link/button and gets and address. He sends 3 BTC to that address and after confirmation your website updates to reflect 8 BTC bounty on "xyz".
You should include the ability for others to fund an existing bounty without registration simply sending funds to an address.
For example I make a bounty for xyz offering 5 BTC. Someone else says hey that is a great idea. Only 5 BTC? I will add to that. He clicks the "add to this bounty" link/button and gets and address. He sends 3 BTC to that address and after confirmation your website updates to reflect 8 BTC bounty on "xyz".
With all due respect (since any contribution is always a huge investment of time), I must say you have a way to go in terms of security. mysql_real_escape_string() is not the function you must use to sanitize all inputs (although you can use it to help your cleanup), but each variable must be sanitized by its own limits (alphanumeric ones using, for example, a regex; the email using a different one; and values which are always integers using string-to-integer functions like intval(), doubleval() or floatval(), or directly using number_format() to take care of it...)
I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.
As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents.
I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.
As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents.
Honestly, I wish I had time to.
Have you implemented any (more) of my suggestions?
BUMP
BUMP
Service works like a charm so far under the demo account.
Currently running a test with a test project on there.I can't say more until it's finished.
Currently running a test with a test project on there.I can't say more until it's finished.
4. Have a way for the original bounty creator to edit the title/description of the project. Allow anyone to view previous versions of the title/desc.
The problem is - why bounty creator only? Why not the rest of the users as well? How'd we decide which description is right? Voting?
5. Have a comment thread for each bounty for others to ask questions, clarify, make suggestions to improve the bounty, propose/discuss solutions/implementations.
That'd be a huge piece of code unless I'd use some external toys. I thought of allowing to add a bitcointalk thread.
9. Have weighted voting on who wins the bounty after a solution(s) is submitted. Have weighted voting where the bounty starter and people who contributed more BTC to the bounty have most of the say, but let other users of the site also have a small vote. Have a comment thread for each proposed solution to discuss it / clarify problems. Allow the person who submitted the solution to revise/re-submit, etc.
Kind of already implemented/discussed, just without the small votes and the last sentence.
10. Have a way to close bounties that are no longer wanted.
Again, who and how would decide that?What language is the site written in? I'd be happy to do a code review for you if you want to post/send a zip file with your code.
BTW, did you have a look at my messed up code?
* There's no way to comment on bounties, there should be.
* There should also be a way to "claim" a bounty, meaning that I'm working on it. Why else bother if someone else can get the bounty while I'm halfway through. An estimate of completion should be included if you make a claim.
* If multiple solution exists there should be a way to choose/vote on who should work on their solution.
* Decide how many stakeholders must agree before a bounty is paid out. Expecting 100% is probably not realistic.
* A way to split bounties if only part of the solution is implemented. All or nothing is probably not a good idea.
Just a few suggestions off the top of my head. Feel free to do whatever you want with them, including ignoring.
* There should also be a way to "claim" a bounty, meaning that I'm working on it. Why else bother if someone else can get the bounty while I'm halfway through. An estimate of completion should be included if you make a claim.
* If multiple solution exists there should be a way to choose/vote on who should work on their solution.
* Decide how many stakeholders must agree before a bounty is paid out. Expecting 100% is probably not realistic.
* A way to split bounties if only part of the solution is implemented. All or nothing is probably not a good idea.
Just a few suggestions off the top of my head. Feel free to do whatever you want with them, including ignoring.
Jump to: