Topic: [UPDATE] - BetSomeBits is ALMOST LAUNCHING ! - page 2. (Read 5496 times)
Just deployed an update, containing our first implementation of auto-rolling
quick stream of conscious feedback as i play
-nice colors
-my username has to be 6 letters, i wish it would have told me before i submit
-kind of annoying i have to use the slider instead of just typing in the amount
-not much feedback for winning or losing, a bit over complicated display
-a button to hide the secret stuff may be nice?
-i dislike the bitcoin pattern on the slider bar, maybe a simpler geometric shape design or solid color
-i wish i was able to drag the whole bar as one so i dont have to reposition both ends for the same range
-"prepare next bet" and "bet" could be two seperate buttons perhaps
-option to auto prepare next bet?
-this should say "break"
-blue on white very small text is hard for me to real
-these should be lined upppp ahhh
after changing the seed (successfully) the "seed was not changed" dialogue still is shown
(i was trying to break it with zalgo text, ahaha)
lmao i entered my seed as "Robert') drop table seed"
anyway, i had fun,
-nice colors
-my username has to be 6 letters, i wish it would have told me before i submit
-kind of annoying i have to use the slider instead of just typing in the amount
-not much feedback for winning or losing, a bit over complicated display
-a button to hide the secret stuff may be nice?
-i dislike the bitcoin pattern on the slider bar, maybe a simpler geometric shape design or solid color
-i wish i was able to drag the whole bar as one so i dont have to reposition both ends for the same range
-"prepare next bet" and "bet" could be two seperate buttons perhaps
-option to auto prepare next bet?
-this should say "break"
-blue on white very small text is hard for me to real
-these should be lined upppp ahhh
after changing the seed (successfully) the "seed was not changed" dialogue still is shown
(i was trying to break it with zalgo text, ahaha) lmao i entered my seed as "Robert') drop table seed"
anyway, i had fun,
Thx for the feedback,
i've fixed the typo
lined up the profile a little better (atleast on my tested resolutions),
and added the min length to the placeholders of the username and pass fields
Ive fixed the changeseed so that upon successfull change, the previous error dissapear.
Im adding your other comments to the to-do-list
Thx again.
Entertaining and interesting
quick stream of conscious feedback as i play
-nice colors
-my username has to be 6 letters, i wish it would have told me before i submit
-kind of annoying i have to use the slider instead of just typing in the amount
-not much feedback for winning or losing, a bit over complicated display
-a button to hide the secret stuff may be nice?
-i dislike the bitcoin pattern on the slider bar, maybe a simpler geometric shape design or solid color
-i wish i was able to drag the whole bar as one so i dont have to reposition both ends for the same range
-"prepare next bet" and "bet" could be two seperate buttons perhaps
-option to auto prepare next bet?
-this should say "break"
-blue on white very small text is hard for me to real
-these should be lined upppp ahhh
after changing the seed (successfully) the "seed was not changed" dialogue still is shown
(i was trying to break it with zalgo text, ahaha)
lmao i entered my seed as "Robert') drop table seed"
anyway, i had fun,
-nice colors
-my username has to be 6 letters, i wish it would have told me before i submit
-kind of annoying i have to use the slider instead of just typing in the amount
-not much feedback for winning or losing, a bit over complicated display
-a button to hide the secret stuff may be nice?
-i dislike the bitcoin pattern on the slider bar, maybe a simpler geometric shape design or solid color
-i wish i was able to drag the whole bar as one so i dont have to reposition both ends for the same range
-"prepare next bet" and "bet" could be two seperate buttons perhaps
-option to auto prepare next bet?
-this should say "break"
-blue on white very small text is hard for me to real
-these should be lined upppp ahhh
after changing the seed (successfully) the "seed was not changed" dialogue still is shown
(i was trying to break it with zalgo text, ahaha) lmao i entered my seed as "Robert') drop table seed"
anyway, i had fun,
quick post: the error you got was because you bet either at 0% or 100%, i changed the error text.
bet max btn has been fixed.
will post more when i get back
bet max btn has been fixed.
will post more when i get back
With investment option u wont earn any money with the site.Even stunna said this.
Like a said, these are just thought, and this is exactly why i posted them there, because i appreciate would like feedback on them, i am in no way saying that i am going to put it in..
Your thoughts on an affiliate system ?
About the site,why u shall type all these things SOME people dont understand, make a button where it shows all this,known as Probably fair? in most sites.
Bet id 2270880a-7fd6-11e4-a777-ee6e5c847eec
$hash = hash_hmac('sha512','27959a8df82f95f01153df66a01b6b9a:2270880a-7fd6-11e4-a777-ee6e5c847eec', 'WILL BE REVEALED AFTER TO ROLL');
//$hash = b4b7bc96f8af641be1d21d36f7d2bdab7a3dcdb7139136e0cd69068a51e5a697;
$firstfive = substr($hash, 0, 5);
if(hexdec($firstfive) > 1000000) {
$firstfive = substr($hash, 6,5);
}
$result hexdec($firstfive)/10000;
//$result =
on the betting screen?
Also the slider's picture is a bit annyoing.It isnt going together with the design.
An idea most sites dont have:Add an chat with emoticons like Kappa,most sites have just live chats without emoticons
add a rape face emoticon,kappa,doge,whatever u can think of,most of the people gambling also like chatting.there will be people which will come ONLY for the chat and not the site itself,so this will bring MORE TRAFFIC to ur site.When i press place bet,it types this Please dont screw with our system.
Edit:Now i can bet,but hwen i press bet max,it bets 50% of my balance,why is this?
With investment option u wont earn any money with the site.Even stunna said this.
Like a said, these are just thought, and this is exactly why i posted them there, because i appreciate would like feedback on them, i am in no way saying that i am going to put it in..
Your thoughts on an affiliate system ?
With investment option u wont earn any money with the site.Even stunna said this.
fixed the deploy, but i still cant seem to figure out why you are not seeing the charset properly ?
yep just noticed the same when checking mobile except the charset.
i was in to much of a hurry earlier today and deployed a buggy version.
i cant update for atleast another 12-14 hours as im bussy for a sec. im rlly sorry about the bad deploy.
can you provide more info regarding the charset, your browser, os, etc. as it displays proper for me ..
thx in advance.
i was in to much of a hurry earlier today and deployed a buggy version.
i cant update for atleast another 12-14 hours as im bussy for a sec. im rlly sorry about the bad deploy.
can you provide more info regarding the charset, your browser, os, etc. as it displays proper for me ..
thx in advance.
Well,
first thing is probably bad charset on website.
http://rovi.8u.cz/Projects/betsomebits/bad-charset.jpg
2nd thing Result over 100.
http://rovi.8u.cz/Projects/betsomebits/result104.jpg
3rd Empty Wallet notice
http://rovi.8u.cz/Projects/betsomebits/notice.jpg
Notice is visible even when I am not logged in.
Invalid captcha -> something with incorrect id for solvemedia
first thing is probably bad charset on website.
http://rovi.8u.cz/Projects/betsomebits/bad-charset.jpg
2nd thing Result over 100.
http://rovi.8u.cz/Projects/betsomebits/result104.jpg
3rd Empty Wallet notice
http://rovi.8u.cz/Projects/betsomebits/notice.jpg
Notice is visible even when I am not logged in.
Invalid captcha -> something with incorrect id for solvemedia
No cloudfare please.Everything else but no cloudfare.
UPDATE: all accounts, rolls and stats have been cleared, will now start testing the withdrawals with hexafraction
If all goes well we will be live before the end of this week !
If all goes well we will be live before the end of this week !
changes:
-seedForm is sanitised upon submit
-hide seedform between roll nand next roll (did not make sence changing seed when looking at result)
-username minimum 6 chars
-passwords minimum 8 chars
-added captcha to faucet
i think we are going to be ready pretty soon ...
-seedForm is sanitised upon submit
-hide seedform between roll nand next roll (did not make sence changing seed when looking at result)
-username minimum 6 chars
-passwords minimum 8 chars
-added captcha to faucet
i think we are going to be ready pretty soon ...
Vulnerabilities ^_^:
XSS (Cross site scripting) in the change seed thingie.
There is also no CSRF protection on this either.
Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607e
Possible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up.
-> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this.
Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000
.
Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300
Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much.
-> Cloudflare would probably be good.
XSS (Cross site scripting) in the change seed thingie.
Code:
">
Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607e
Possible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up.
-> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this.
Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000
.Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300
Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much.
-> Cloudflare would probably be good.
ill add a token and a sanitiser to the clientseed form today.
regarding the useramount. all calculations and processes are based on useramount. so if useramount is messed with. it doesnt really matter. it gets displayed. and is an inpit yes. but does not get processed
(havent watched videos yet, im on mobile atm) so ill adress those as soon as i can
pass length: your 100% right
ill add you to the list of rewards and ill reply regarding the videos when i gwt to the office.
thx
Vulnerabilities ^_^:
XSS (Cross site scripting) in the change seed thingie.
There is also no CSRF protection on this either.
Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607e
Possible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up.
-> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this.
Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000.
Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300
Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much.
-> Cloudflare would probably be good.
XSS (Cross site scripting) in the change seed thingie.
Code:
">
Video: http://gyazo.com/9eaa38097d913eb8b78cd957a94e607e
Possible places for vulnerabilities:
->On the withdraw page, you've got 2 post variables userAmount and realAmount. It seems that you validate userAmount but not realAmount. I cant test it as I cbf depositing $3 into your site but just make sure that the user cant put userAmount = 0.01 and realAmount = 5 and it will send them 5BTC sort of thing. I doubt you can, but just a heads up.
-> You're able to do negative numbers on roll amounts. Although this probably wouldn't change anything, there isn't any validation for this.
Silly errors:
0.00000100 BTC divide by 2 doesn't equal 5.70000000
.Video: http://gyazo.com/323eeb6bcc6deef1035005d2ea9b2300
Suggestions:
-> Require a minimum password length. I could have one character and it would accept it. This is just in case of a DB leak, although it's not going to really help that much.
-> Cloudflare would probably be good.
im liking the new design, really starting to look nice he
told you to do it!also told u the 2fa thing,is it going to be ready sooN?
im liking the new design, really starting to look nice he
update: i wont be working much this weekend so ill see you guys monday!
no feedback on the new design and ajax implementation?
thx
no feedback on the new design and ajax implementation?
thx
decided to work after all
more changelog:
security changes
confirm 2-fa auth code before actually enabling 2-fa
added "points"
changes to deposit modal
dont allow faucet if balance > 0
faucet added
blockchain api fixes
info on transactions screen
withdrawal iframe changes
ajax betting errors fixed
stay informed option on profile
massive ajax changes
for opinions, no, because everyone has them
For helping ? Well like a stated in my first post, anyone who finds a bug gets rewarded,
other then that, any info provided to me, that i feel is substantial, gets a reward.
update: i wont be working much this weekend so ill see you guys monday!
no feedback on the new design and ajax implementation?
thx
no feedback on the new design and ajax implementation?
thx
decided to work after all
more changelog:
security changes
confirm 2-fa auth code before actually enabling 2-fa
added "points"
changes to deposit modal
dont allow faucet if balance > 0
faucet added
blockchain api fixes
info on transactions screen
withdrawal iframe changes
ajax betting errors fixed
stay informed option on profile
massive ajax changes
for opinions, no, because everyone has them
For helping ? Well like a stated in my first post, anyone who finds a bug gets rewarded,
other then that, any info provided to me, that i feel is substantial, gets a reward.
Jump to: