Author

Topic: Want to build a website, 0 coding experience... Should I? (Read 1814 times)

legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Many years ago when I wanted to learn HTML I used this site:

http://www.lissaexplains.com/

It's designed to each children how to code, so it's explained in the absolute simplest terms and it gave me a great stepping stone to learn more advanced things later on.

Dude! I thought i was the only one that used that site when I was young. Too bad it's off-line meow. It was so helpful at teaching teeny boppers. Nostalgic...
legendary
Activity: 1190
Merit: 1000
www.bitcointrading.com
Many years ago when I wanted to learn HTML I used this site:

http://www.lissaexplains.com/

It's designed to each children how to code, so it's explained in the absolute simplest terms and it gave me a great stepping stone to learn more advanced things later on.
hero member
Activity: 812
Merit: 1000
What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead?  unless everything was strictly email then that might be different.
They aren't using the website to send anything but alert the store which address payment was made from so no diversion is possible, no BTC passes through the site.
For an attacker to divert funds they would need to modify the stores listed address. Payment address can be firstbits vanity address as domain name for the store.

store owner should periodically download a dump of the address list to make sure all of them are legit, and keep as few online as possible.

eg. start with a list of just 20 addresses, and every time the list gets down to 10, send an email to admin saying 'top up the address list'. that way, a tampering of the list will be easier to spot.
you might also do some kind of merkle magic on the list to make tampering even quicker to spot.
full member
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead?  unless everything was strictly email then that might be different.
They aren't using the website to send anything but alert the store which address payment was made from so no diversion is possible, no BTC passes through the site.
For an attacker to divert funds they would need to modify the stores listed address. Payment address can be firstbits vanity address as domain name for the store.
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.

What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead?  unless everything was strictly email then that might be different.
legendary
Activity: 1400
Merit: 1005
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.
Not bad...
member
Activity: 85
Merit: 10
I have a good idea for a bitcoin related website. It is somewhat simple but I have zero experience in coding. Would it be a waste of time for me to try and learn to code and build this site my self?

Editing to include what the website needs.
Log in/deposit bitcion ability
Ability to purchase something with bitcoin balance.

It will be easier to implement a payment gateway plugin to an already working opensource or otherwise ecommerce web app, maybe someone might have already done that, chek em out first, it is too complicated to do it right from scratch, especially if you have no experience.
full member
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.
legendary
Activity: 1358
Merit: 1002
Of course you should. There will be at least one hacker that will thank you but probably never say it with words lol
sr. member
Activity: 1008
Merit: 250
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project.
+1.  The biggest thing in building a website to handle money is security, especially in the hacker-friend Bitcoin community, and even though I've been programming websites for more than a decade, there's still a lot I do not know about security.  A newbie wouldn't have a clue where to start as far as security goes.

If you do decide to go ahead and build a site, then have it audited by at least 2 or 3 people for security flaws that need to be corrected before making it live.

This is kinda what I figured, maybe I will take up a partner who can code and we can share the profits.
legendary
Activity: 1400
Merit: 1005
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project.
+1.  The biggest thing in building a website to handle money is security, especially in the hacker-friend Bitcoin community, and even though I've been programming websites for more than a decade, there's still a lot I do not know about security.  A newbie wouldn't have a clue where to start as far as security goes.

If you do decide to go ahead and build a site, then have it audited by at least 2 or 3 people for security flaws that need to be corrected before making it live.
legendary
Activity: 2058
Merit: 1452
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project.

SQLi, anyone?
legendary
Activity: 1652
Merit: 2301
Chief Scientist
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project.
hero member
Activity: 558
Merit: 500
No, you should not
legendary
Activity: 2058
Merit: 1452
Would it be a waste of time for me to try and learn to code and build this site my self?
if you're not worried about getting the site up in a hurry, and you have the patience + time to study, sure. otherwise, hire a freelancer to do it.
legendary
Activity: 2506
Merit: 1010
You are describing an ecommerce shopping cart application.

There are many tools for this:
 - http://en.bitcoin.it/wiki/Category:Shopping_Cart_Interfaces

CoinDL for instance uses the OSCommerce Module for Bitcoin:
 - http://www.CoinDL.com

You can also build the site using blog software, and code the links using a hosted ecommerce solution, such as that offered by:
 - http://www.bit-pay.com
 or Mt. Gox has a hosted ecommerce solution
 - https://mtgox.com/press_release_20120306.html

 as does WalletBit and others.


If you just want to list items for sale, there are many marketplace / classifieds / auction types of sites.  For instance:
 - http://www.bitmit.net
sr. member
Activity: 1008
Merit: 250
I have a good idea for a bitcoin related website. It is somewhat simple but I have zero experience in coding. Would it be a waste of time for me to try and learn to code and build this site my self?

Editing to include what the website needs.
Log in/deposit bitcion ability
Ability to purchase something with bitcoin balance.
Jump to: