Pages:
Author

Topic: OpenEx: Progress Report - 95% launching this week - page 4. (Read 9605 times)

hero member
Activity: 686
Merit: 504
always the student, never the master.
Hey, any updates on Openex?
yep. you can track current progress @ http://dev.openex.pw
hero member
Activity: 630
Merit: 500
Hey, any updates on Openex?
legendary
Activity: 1030
Merit: 1000
Openex insurance soon available. Insure yourself against running devs coming soon.

trolololol
legendary
Activity: 1008
Merit: 1022
Openex insurance soon available. Insure yourself against running devs coming soon.
legendary
Activity: 1008
Merit: 1022
Did someone say mcx now?
hero member
Activity: 686
Merit: 504
always the student, never the master.
Withdrawals are not automated because no one knows how

you're so right muddafudda. we built a trade engine that handles 900,000 queries per second and we can't figure out for the life of us how to handle withdrawals with jsonRPCphp...

Code:
...
$id mysql_real_escape_string($_GET["id"]);

$sql mysql_query("SELECT * FROM Wallets WHERE `id`='$id'");

$coin mysql_result($sql,0,"Acronymn");

$ip mysql_result($sql,0,"ip");

$port mysql_result($sql,0,"port");

$bitcoin establishRPCConnection($ip,$port);
$bitcoin->sendfromaccount($loggedInUser->display_username);

?>
legendary
Activity: 1008
Merit: 1022
Withdrawals are not automated because no one knows how
hero member
Activity: 686
Merit: 504
always the student, never the master.
I started building a new gui this morning for launch. i was supposed to be taking a break for thanksgiving, but i just couldn't help myself. i ended up doing something no one has ever accomplished before, utilizing jquery to style the viewport with css3 animations. i think you're gonna like it, it looks pretty sick. think windows metro 8 start screen ;P
legendary
Activity: 1008
Merit: 1022
Considering the team consists of two devs which coins have failed what reassurance when shit for wrong that the team will not bail on their responsibilities like they did with their alts?
hero member
Activity: 686
Merit: 504
always the student, never the master.
the exchange is 95% complete!

new features:

view server load.

view all servers.

ping servers, restart servers, restart coin clients.

user agreement added to registration page.

index.php trimmed of fat, all procedural code converted into functions and moved to funcs.general.php

change passwords.

send activation emails.

reset passwords by mail.

jquery loading animations complete(update spinner, slide up slide down)

chat scrolling animations fixed. works great now.

json wallet class complete and ready for beta testing.

withdrawal page completed with password confirmation. justin is working on email confirmations.

sitebanning. sitebanned users may no longer log in

lowered fee's: trade fee is .5%, withdrawal fee .1%

Tasks remaining:

click to ban users from mod page

Ajax handling of trade page, so tables are updated in real time.

order stacking(order, combine)

comprehensive vulnerability testing

beta test rpc

beta test trade engine(again)

MISC low priority tasks(either before or after launch depends on how much time we have.

API

General site improvements

Responsive layout.
hero member
Activity: 686
Merit: 504
always the student, never the master.
Pretty good going so far. Can you tell me who among the staff are actual coders? Cool

Would you be willing to take any suggestions privately via chat?

Good luck!

justin and i do all of the coding. and yes, i know we need to stop concatenating strings together and switch to PDO. this is like the roughdraft.
legendary
Activity: 1030
Merit: 1000
Pretty good going so far. Can you tell me who among the staff are actual coders? Cool

Would you be willing to take any suggestions privately via chat?

Good luck!
hero member
Activity: 686
Merit: 504
always the student, never the master.
Alot has changed in the past few days.

Tasks now complete:

Chat backend.
-Banned users now may not post.( a message is shown: " system: has been banned from chat."
-moderators are orange, admins are blue, and users are black.

Mod class:
-created the mod users and isUserMod() function.
-moderators may hand down chat bans from the mod screen.

Chatbanned class
-chatbanned user class
-isUserCBanned() function;

Access Denied:
-timestamps are logged along with ip, user account, and browser string. i'll give you a peak at the code this is a very complex script.

Code:
require_once("models/config.php");
$account = $loggedInUser->display_username;
if(strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== FALSE) {
$u_agent = mysql_real_escape_string("Internet Explorer");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== FALSE) {
$u_agent = mysql_real_escape_string("Google Chrome");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Opera Mini') !== FALSE) {
$u_agent = mysql_real_escape_string("Opera Mini");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) {
$u_agent = mysql_real_escape_string("Opera");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Firefox/25.0') == TRUE) {
$u_agent = mysql_real_escape_string("Mozilla Firefox");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Safari') !== FALSE) {
$u_agent = mysql_real_escape_string("Safari");
}
else {
$u_agent = mysql_real_escape_string("Unknown");
}
$ip = mysql_real_escape_string(getIP()); //get user ip
//show the access denied message no matter what
echo "";

//check if user is logged in
if(isUserLoggedIn) {
//get user info's
if ($account != null) {
$account = $loggedInUser->display_username;
}
else {
$account = mysql_real_escape_string("Guest/Not Logged In");
}
}
//log with mysql
$date = date("F j, Y, g:i a");
$sql = @mysql_query("INSERT INTO access_violations (username, ip, user_agent, time) VALUES ('$account', '$ip', '$u_agent', '$date');");


//--support system--//
last night, i spent time pouring through viewticket.php, the threaded view of a support ticket and all responses. i refactored the code and built a new css layout thats very user friendly and pleasant to look at now. i think you will like it. next i will reflect the changes in new ticket, just so that the theme is nice and consistent within the support system.


I'll try and update everyone a bit later on the updated work log.

Right now, i'm working on:

-mod functions to ban, and adding a table to show who the user was banned by, so mods will be able to see who is banned at anygiven time as well as who the ban was given by.

Next I'll be working on:
-converting the entire site to mysqli OOP prepared statements for maintainability and peace of mind.

Other participants:
-Don't know what justin's working on. he's supposed to be helping with sql and such but i find he's doing less and less contributing and more and more talking, which is never good, this is a business, and freeloading is not tolerated, talented programmer or not. last i heard he was going to build a permission system in order to make our functions more flexible and changeable at anytime.

-Ivan Peter. I have outsourced some jquery animations for the index, animation and scrolling functions of the chat, and ajax for the trade page to this guy. We'll see what happens with it.
legendary
Activity: 2100
Merit: 1167
MY RED TRUST LEFT BY SCUMBAGS - READ MY SIG
this is quite awesome Smiley
hero member
Activity: 686
Merit: 504
always the student, never the master.
How about posting some bug bounties. Peeking at the github, this would be fun once it goes live.

Maybe bounties ranging from 0.1 btc to 1 btc.  

Hate for you to go live with this one a shiny new server that winds up with a shell the first day.


the github is pretty far behind the current version of the site. we're pretty confident in the live version. we're looing for two penetration/bug/vuln tester for the site. this is a paid staff position. the previous guy we had lined up has went AWOL.

see the first post here https://bitcointalksearch.org/topic/m.3686527
sr. member
Activity: 420
Merit: 250
How about posting some bug bounties. Peeking at the github, this would be fun once it goes live.

Maybe bounties ranging from 0.1 btc to 1 btc. 

Hate for you to go live with this one a shiny new server that winds up with a shell the first day.


hero member
Activity: 686
Merit: 504
always the student, never the master.
Updated Work Log.

1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php

I don't know why withdrawal can't be automated. Why would it need any approval??

security measure just in case an exploit occurs, wallets go offline automatically while database is rolledback. if attacker exploits db somehow he won't be able to withdraw unless he can bruteforce the rpcssl connection, which is unlikely. whereas, with automated withdrawal attacker could squeeze the funds out before we'd know what hit us. this is why we are hiring so much staff.
full member
Activity: 182
Merit: 100
Updated Work Log.

1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php

I don't know why withdrawal can't be automated. Why would it need any approval??
hero member
Activity: 686
Merit: 504
always the student, never the master.
Updated Work Log.

1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php


2.password reset page
priority: high
-users need a way to reset passwords
-add mysql and functions.
**ive built a template for you: pages/reset.php


3.API
priority: low
-priority on this is : low
**template pages/api.php

5.json
priority: high
-fix this so that our withdraw/deposit functions work.
-ensure the security of this.
-investigate if this is compatible with rpcssl flag of clients(i think it is as the traffic should be automatically encrypted/decrypted by the server.

6.create function to prevent Sitebanned users from logging in.
priority: medium
-add a row for this to database.

7.Add option to pages/admin.php to click and ban users(both chatban and siteban).
priority: medium

8.Chat
--check input with jquery
--sanitize mysqli
priority: medium
Done!

9. XSS formkeys
--ive created the class and functions. you can find it in funcs.general.php
--just need to add them to forms and then validate them in each script.
--this should eliminate session jacking/cross site scripting hacks.
priority: low

10.Fee shares.
--ability to track fee shares in account page.
--automate fee shares.
priority: low
comment: we can work on this after the site launches.
hero member
Activity: 686
Merit: 504
always the student, never the master.
Beta version of the chat has been completed! woo! that was kind of exhausting but i learned to use ajax, so on the plus side, i now can make the trade page dynamic.

we still have a ways to go but things are looking nice.
Pages:
Jump to: