Hey, any updates on Openex?
yep. you can track current progress @ http://dev.openex.pw 
Topic: OpenEx: Progress Report - 95% launching this week - page 4. (Read 9538 times)
Hey, any updates on Openex?
Openex insurance soon available. Insure yourself against running devs coming soon.
trolololol
Openex insurance soon available. Insure yourself against running devs coming soon.
Did someone say mcx now?
Withdrawals are not automated because no one knows how
you're so right muddafudda. we built a trade engine that handles 900,000 queries per second and we can't figure out for the life of us how to handle withdrawals with jsonRPCphp...
Code:
...
$id = mysql_real_escape_string($_GET["id"]);
$sql = mysql_query("SELECT * FROM Wallets WHERE `id`='$id'");
$coin = mysql_result($sql,0,"Acronymn");
$ip = mysql_result($sql,0,"ip");
$port = mysql_result($sql,0,"port");
$bitcoin = establishRPCConnection($ip,$port);
$bitcoin->sendfromaccount($loggedInUser->display_username);
?>
Withdrawals are not automated because no one knows how
I started building a new gui this morning for launch. i was supposed to be taking a break for thanksgiving, but i just couldn't help myself. i ended up doing something no one has ever accomplished before, utilizing jquery to style the viewport with css3 animations. i think you're gonna like it, it looks pretty sick. think windows metro 8 start screen ;P
Considering the team consists of two devs which coins have failed what reassurance when shit for wrong that the team will not bail on their responsibilities like they did with their alts?
the exchange is 95% complete!
new features:
view server load.
view all servers.
ping servers, restart servers, restart coin clients.
user agreement added to registration page.
index.php trimmed of fat, all procedural code converted into functions and moved to funcs.general.php
change passwords.
send activation emails.
reset passwords by mail.
jquery loading animations complete(update spinner, slide up slide down)
chat scrolling animations fixed. works great now.
json wallet class complete and ready for beta testing.
withdrawal page completed with password confirmation. justin is working on email confirmations.
sitebanning. sitebanned users may no longer log in
lowered fee's: trade fee is .5%, withdrawal fee .1%
Tasks remaining:
click to ban users from mod page
Ajax handling of trade page, so tables are updated in real time.
order stacking(order, combine)
comprehensive vulnerability testing
beta test rpc
beta test trade engine(again)
MISC low priority tasks(either before or after launch depends on how much time we have.
API
General site improvements
Responsive layout.
new features:
view server load.
view all servers.
ping servers, restart servers, restart coin clients.
user agreement added to registration page.
index.php trimmed of fat, all procedural code converted into functions and moved to funcs.general.php
change passwords.
send activation emails.
reset passwords by mail.
jquery loading animations complete(update spinner, slide up slide down)
chat scrolling animations fixed. works great now.
json wallet class complete and ready for beta testing.
withdrawal page completed with password confirmation. justin is working on email confirmations.
sitebanning. sitebanned users may no longer log in
lowered fee's: trade fee is .5%, withdrawal fee .1%
Tasks remaining:
click to ban users from mod page
Ajax handling of trade page, so tables are updated in real time.
order stacking(order, combine)
comprehensive vulnerability testing
beta test rpc
beta test trade engine(again)
MISC low priority tasks(either before or after launch depends on how much time we have.
API
General site improvements
Responsive layout.
Pretty good going so far. Can you tell me who among the staff are actual coders? 
Would you be willing to take any suggestions privately via chat?
Good luck!
Would you be willing to take any suggestions privately via chat?
Good luck!
justin and i do all of the coding. and yes, i know we need to stop concatenating strings together and switch to PDO. this is like the roughdraft.
Pretty good going so far. Can you tell me who among the staff are actual coders?
Would you be willing to take any suggestions privately via chat?
Good luck!
Would you be willing to take any suggestions privately via chat?
Good luck!
Alot has changed in the past few days.
Tasks now complete:
Chat backend.
-Banned users now may not post.( a message is shown: " system: has been banned from chat."
-moderators are orange, admins are blue, and users are black.
Mod class:
-created the mod users and isUserMod() function.
-moderators may hand down chat bans from the mod screen.
Chatbanned class
-chatbanned user class
-isUserCBanned() function;
Access Denied:
-timestamps are logged along with ip, user account, and browser string. i'll give you a peak at the code this is a very complex script.
//--support system--//
last night, i spent time pouring through viewticket.php, the threaded view of a support ticket and all responses. i refactored the code and built a new css layout thats very user friendly and pleasant to look at now. i think you will like it. next i will reflect the changes in new ticket, just so that the theme is nice and consistent within the support system.
I'll try and update everyone a bit later on the updated work log.
Right now, i'm working on:
-mod functions to ban, and adding a table to show who the user was banned by, so mods will be able to see who is banned at anygiven time as well as who the ban was given by.
Next I'll be working on:
-converting the entire site to mysqli OOP prepared statements for maintainability and peace of mind.
Other participants:
-Don't know what justin's working on. he's supposed to be helping with sql and such but i find he's doing less and less contributing and more and more talking, which is never good, this is a business, and freeloading is not tolerated, talented programmer or not. last i heard he was going to build a permission system in order to make our functions more flexible and changeable at anytime.
-Ivan Peter. I have outsourced some jquery animations for the index, animation and scrolling functions of the chat, and ajax for the trade page to this guy. We'll see what happens with it.
Tasks now complete:
Chat backend.
-Banned users now may not post.( a message is shown: " system:
-moderators are orange, admins are blue, and users are black.
Mod class:
-created the mod users and isUserMod() function.
-moderators may hand down chat bans from the mod screen.
Chatbanned class
-chatbanned user class
-isUserCBanned() function;
Access Denied:
-timestamps are logged along with ip, user account, and browser string. i'll give you a peak at the code this is a very complex script.
Code:
require_once("models/config.php");
$account = $loggedInUser->display_username;
if(strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== FALSE) {
$u_agent = mysql_real_escape_string("Internet Explorer");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== FALSE) {
$u_agent = mysql_real_escape_string("Google Chrome");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Opera Mini') !== FALSE) {
$u_agent = mysql_real_escape_string("Opera Mini");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) {
$u_agent = mysql_real_escape_string("Opera");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Firefox/25.0') == TRUE) {
$u_agent = mysql_real_escape_string("Mozilla Firefox");
}
elseif(strpos($_SERVER['HTTP_USER_AGENT'], 'Safari') !== FALSE) {
$u_agent = mysql_real_escape_string("Safari");
}
else {
$u_agent = mysql_real_escape_string("Unknown");
}
$ip = mysql_real_escape_string(getIP()); //get user ip
//show the access denied message no matter what
echo "";
//check if user is logged in
if(isUserLoggedIn) {
//get user info's
if ($account != null) {
$account = $loggedInUser->display_username;
}
else {
$account = mysql_real_escape_string("Guest/Not Logged In");
}
}
//log with mysql
$date = date("F j, Y, g:i a");
$sql = @mysql_query("INSERT INTO access_violations (username, ip, user_agent, time) VALUES ('$account', '$ip', '$u_agent', '$date');");
//--support system--//
last night, i spent time pouring through viewticket.php, the threaded view of a support ticket and all responses. i refactored the code and built a new css layout thats very user friendly and pleasant to look at now. i think you will like it. next i will reflect the changes in new ticket, just so that the theme is nice and consistent within the support system.
I'll try and update everyone a bit later on the updated work log.
Right now, i'm working on:
-mod functions to ban, and adding a table to show who the user was banned by, so mods will be able to see who is banned at anygiven time as well as who the ban was given by.
Next I'll be working on:
-converting the entire site to mysqli OOP prepared statements for maintainability and peace of mind.
Other participants:
-Don't know what justin's working on. he's supposed to be helping with sql and such but i find he's doing less and less contributing and more and more talking, which is never good, this is a business, and freeloading is not tolerated, talented programmer or not. last i heard he was going to build a permission system in order to make our functions more flexible and changeable at anytime.
-Ivan Peter. I have outsourced some jquery animations for the index, animation and scrolling functions of the chat, and ajax for the trade page to this guy. We'll see what happens with it.
this is quite awesome 
How about posting some bug bounties. Peeking at the github, this would be fun once it goes live.
Maybe bounties ranging from 0.1 btc to 1 btc.
Hate for you to go live with this one a shiny new server that winds up with a shell the first day.
Maybe bounties ranging from 0.1 btc to 1 btc.
Hate for you to go live with this one a shiny new server that winds up with a shell the first day.
the github is pretty far behind the current version of the site. we're pretty confident in the live version. we're looing for two penetration/bug/vuln tester for the site. this is a paid staff position. the previous guy we had lined up has went AWOL.
see the first post here https://bitcointalksearch.org/topic/m.3686527
How about posting some bug bounties. Peeking at the github, this would be fun once it goes live.
Maybe bounties ranging from 0.1 btc to 1 btc.
Hate for you to go live with this one a shiny new server that winds up with a shell the first day.
Maybe bounties ranging from 0.1 btc to 1 btc.
Hate for you to go live with this one a shiny new server that winds up with a shell the first day.
Updated Work Log.
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
I don't know why withdrawal can't be automated. Why would it need any approval??
security measure just in case an exploit occurs, wallets go offline automatically while database is rolledback. if attacker exploits db somehow he won't be able to withdraw unless he can bruteforce the rpcssl connection, which is unlikely. whereas, with automated withdrawal attacker could squeeze the funds out before we'd know what hit us. this is why we are hiring so much staff.
Updated Work Log.
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
I don't know why withdrawal can't be automated. Why would it need any approval??
Updated Work Log.
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
2.password reset page
priority: high
-users need a way to reset passwords
-add mysql and functions.
**ive built a template for you: pages/reset.php
3.API
priority: low
-priority on this is : low
**template pages/api.php
5.json
priority: high
-fix this so that our withdraw/deposit functions work.
-ensure the security of this.
-investigate if this is compatible with rpcssl flag of clients(i think it is as the traffic should be automatically encrypted/decrypted by the server.
6.create function to prevent Sitebanned users from logging in.
priority: medium
-add a row for this to database.
7.Add option to pages/admin.php to click and ban users(both chatban and siteban).
priority: medium
8.Chat
--check input with jquery
--sanitize mysqli
priority: mediumDone!
9. XSS formkeys
--ive created the class and functions. you can find it in funcs.general.php
--just need to add them to forms and then validate them in each script.
--this should eliminate session jacking/cross site scripting hacks.
priority: low
10.Fee shares.
--ability to track fee shares in account page.
--automate fee shares.
priority: low
comment: we can work on this after the site launches.
1. Withdrawals
priority: extremely high
-withdrawal requests are sent into a queue for admin approval.
-once admin approval occurs, withdraw is processed.
**ive built a template for you: pages/withdraw.php
2.password reset page
priority: high
-users need a way to reset passwords
-add mysql and functions.
**ive built a template for you: pages/reset.php
3.API
priority: low
-priority on this is : low
**template pages/api.php
5.json
priority: high
-fix this so that our withdraw/deposit functions work.
-ensure the security of this.
-investigate if this is compatible with rpcssl flag of clients(i think it is as the traffic should be automatically encrypted/decrypted by the server.
6.create function to prevent Sitebanned users from logging in.
priority: medium
-add a row for this to database.
7.Add option to pages/admin.php to click and ban users(both chatban and siteban).
priority: medium
--check input with jquery
--sanitize mysqli
priority: medium
9. XSS formkeys
--ive created the class and functions. you can find it in funcs.general.php
--just need to add them to forms and then validate them in each script.
--this should eliminate session jacking/cross site scripting hacks.
priority: low
10.Fee shares.
--ability to track fee shares in account page.
--automate fee shares.
priority: low
comment: we can work on this after the site launches.
Beta version of the chat has been completed! woo! that was kind of exhausting but i learned to use ajax, so on the plus side, i now can make the trade page dynamic.
we still have a ways to go but things are looking nice.
we still have a ways to go but things are looking nice.
Jump to: