Pages:
Author

Topic: bitcoinbounties.org - collect bounties! (Read 8897 times)

legendary
Activity: 1358
Merit: 1002
April 18, 2012, 08:43:45 PM
#53
Take your trojans/wallet stealers elsewhere n00b.

We are way more blackhat than you around here, remember that Wink
newbie
Activity: 42
Merit: 0
April 18, 2012, 07:17:03 PM
#52
Well for one I would directly like to be involved in the promotion of the bitcoin in general... youtube videos, links to mining pools etc.

I have a few partners who are interested in promoting the bitcoin as a lifestyle choice.

If you want to start up another website with a similar program we will definitely promote for you!

Already have a few youtube videos up with the tag pristine miner under the name Shao Ling - one of the developers of pristine miner (which is NOT available for download currently due to discretion of moderators)
legendary
Activity: 1358
Merit: 1002
April 18, 2012, 07:08:07 PM
#51
I'm sorry to hear this.

Bitcoin bounties are all the rage in the underground network to which I belong.

You can make a heft sum, especially when done with a core mining base of course Smiley

Watcha saying? The site was only an example site. Working on testnet.
The VPS where it was hosted ended its yearly subscription. If I get an extra empty VPS I can donate again to put it live I will. At the moment I have none. Sad Not even sure if d33tah is still developing it actively.
newbie
Activity: 42
Merit: 0
April 18, 2012, 06:41:57 PM
#50
I'm sorry to hear this.

Bitcoin bounties are all the rage in the underground network to which I belong.

You can make a heft sum, especially when done with a core mining base of course Smiley
member
Activity: 99
Merit: 10
April 16, 2012, 01:54:37 PM
#49
This site is down, or at least I am only getting what looks like a default hosting page in chinese.


marked

site has been down for awhile.
full member
Activity: 168
Merit: 100
April 16, 2012, 01:50:21 PM
#48
This site is down, or at least I am only getting what looks like a default hosting page in chinese.


marked
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
January 02, 2012, 02:00:56 AM
#47
Also just noticed. I tried to set up a user account to see if my use of the demo account was what threw my previous error message, only to get this message:

The login you have entered is too long (it has to be between 4 and 30 characters). Please choose a different one.

The login name I entered Was my forum tag, ZodiacDragon84, which is well within the parameters stated in the character length in the error message.

Is there anything specific on the user end that you would like to test for? Let me know what you are looking for, and I will beta test the crap out of this!
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
January 02, 2012, 01:54:42 AM
#46
Also. The homepage is not very user friendly. I know sort of what is going on because I read the posts you put up previously. However, a newcomer who is reading deficient might not know whats going on when they get to your site. Maybe have a description on the homepage that lets newcomers know what you are about. and perhaps set up the bounties by category? Software bounties, hardware design bounties, mining bounties, startup bitcoin website bounties, etc. I would like to see where this goes otherwise!
sr. member
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
January 02, 2012, 01:50:11 AM
#45
I logged in as demo, and did a test bounty submission. I pulled the following error message:

Warning: move_uploaded_file(/var/www/uploads/test by ZodiacDragon84.txt): failed to open stream: Permission denied in /var/www/models/newsolution.php on line 29 Warning: move_uploaded_file(): Unable to move '/tmp/phpzcSAWc' to '/var/www/uploads/test by ZodiacDragon84.txt' in /var/www/models/newsolution.php on line 29

I would hazard a guess that the uploader didnt work, or I didnt have user permission under the demo account to upload a solution?
newbie
Activity: 47
Merit: 0
January 01, 2012, 05:12:56 PM
#44
With all due respect (since any contribution is always a huge investment of time), I must say you have a way to go in terms of security. mysql_real_escape_string() is not the function you must use to sanitize all inputs (although you can use it to help your cleanup), but each variable must be sanitized by its own limits (alphanumeric ones using, for example, a regex; the email using a different one; and values which are always integers using string-to-integer functions like intval(), doubleval() or floatval(), or directly using number_format() to take care of it...)

I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.

As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents. Smiley

I understand you mean the script is insecure at the moment, right? Mind pointing me out some attack scenario I could reproduce? You might have a point that validation is incomplete somewhere.
newbie
Activity: 47
Merit: 0
December 29, 2011, 08:34:06 PM
#43
It's already implemented, see the "donate" button.
donator
Activity: 1218
Merit: 1079
Gerald Davis
December 29, 2011, 06:22:51 PM
#42
I will be more interested when it is on main net. 

You should include the ability for others to fund an existing bounty without registration simply sending funds to an address.

For example I make a bounty for xyz offering 5 BTC.  Someone else says hey that is a great idea.  Only 5 BTC?  I will add to that.  He clicks the "add to this bounty" link/button and gets and address. He sends 3 BTC to that address and after confirmation your website updates to reflect 8 BTC bounty on "xyz".
sr. member
Activity: 490
Merit: 250
December 29, 2011, 06:00:00 PM
#41
With all due respect (since any contribution is always a huge investment of time), I must say you have a way to go in terms of security. mysql_real_escape_string() is not the function you must use to sanitize all inputs (although you can use it to help your cleanup), but each variable must be sanitized by its own limits (alphanumeric ones using, for example, a regex; the email using a different one; and values which are always integers using string-to-integer functions like intval(), doubleval() or floatval(), or directly using number_format() to take care of it...)

I've not seen all the code, only a good part of it, and I must say you have tried hard to make it safe.

As I said, I hope this project (and so the time you've spent on it) gets the recognition it deserves, since it's a great initiative.
And I know you already said the security on the script was not yet production-ready; just wanted to give my 2 cents. Smiley
newbie
Activity: 47
Merit: 0
December 28, 2011, 01:13:55 PM
#40
Honestly, I wish I had time to.
full member
Activity: 154
Merit: 102
Bitcoin!
December 28, 2011, 12:39:51 PM
#39
Have you implemented any (more) of my suggestions?
newbie
Activity: 47
Merit: 0
December 28, 2011, 07:18:37 AM
#38
BUMP
newbie
Activity: 47
Merit: 0
December 18, 2011, 05:54:09 PM
#37
BUMP
legendary
Activity: 1022
Merit: 1000
Freelance videographer
December 04, 2011, 06:18:02 PM
#36
Service works like a charm so far under the demo account.

Currently running a test with a test project on there.I can't say more until it's finished.
full member
Activity: 154
Merit: 102
Bitcoin!
November 28, 2011, 08:46:09 AM
#35
4. Have a way for the original bounty creator to edit the title/description of the project.  Allow anyone to view previous versions of the title/desc.

The problem is - why bounty creator only? Why not the rest of the users as well? How'd we decide which description is right? Voting?
Make it editable by all members, like a wiki. Everyone can see the edit history.

5. Have a comment thread for each bounty for others to ask questions, clarify, make suggestions to improve the bounty, propose/discuss solutions/implementations.

That'd be a huge piece of code unless I'd use some external toys. I thought of allowing to add a bitcointalk thread.
A linked bitcoin talk thread (or more than one) would be better than nothing.

9. Have weighted voting on who wins the bounty after a solution(s) is submitted.  Have weighted voting where the bounty starter and people who contributed more BTC to the bounty have most of the say, but let other users of the site also have a small vote.  Have a comment thread for each proposed solution to discuss it / clarify problems.  Allow the person who submitted the solution to revise/re-submit, etc.

Kind of already implemented/discussed, just without the small votes and the last sentence.
Bounty hunters still need a way to revise/improve/resubmit their solution IMO.

10. Have a way to close bounties that are no longer wanted.
Again, who and how would decide that?
A voting system, along with some discretion by a site administrator/moderators, would take care of that. 

What language is the site written in?  I'd be happy to do a code review for you if you want to post/send a zip file with your code.

BTW, did you have a look at my messed up code?
I did.  For the time being I mostly looked for possible security vulnerabilities, of which I didn't find anything obvious.  As for stylistic/philosophical comments, I don't see a lot of need for that.  I would have done a lot of things differently (OOP, class design, MVC design, separation of concerns), but since this was a learning project for you, that's ok.
sr. member
Activity: 378
Merit: 250
November 24, 2011, 05:32:32 PM
#34
* There's no way to comment on bounties, there should be.
* There should also be a way to "claim" a bounty, meaning that I'm working on it. Why else bother if someone else can get the bounty while I'm halfway through. An estimate of completion should be included if you make a claim.
* If multiple solution exists there should be a way to choose/vote on who should work on their solution.
* Decide how many stakeholders must agree before a bounty is paid out. Expecting 100% is probably not realistic.
* A way to split bounties if only part of the solution is implemented. All or nothing is probably not a good idea.

Just a few suggestions off the top of my head. Feel free to do whatever you want with them, including ignoring.
Pages:
Jump to: