Register | Login | |||||
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
| |
Acmlm's Board - I2 Archive - - Posts by guruzim |
User | Post | ||
guruzim Newcomer Level: 5 Posts: 1/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
How is a picture in a photo album more of a risk than a picture in a post layout, or as your posting icon, or included as an image in a post... Did you guys restrict that at some point that I'm not aware of? (I haven't posted here in at least a year, sorry if I'm not up to date). |
|||
guruzim Newcomer Level: 5 Posts: 2/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
Anyone seen this before? We've blocked off how it was done for now -- I'm just wondering if this is the first time this has been done to one of these boards, or if it has been done in the past. |
|||
guruzim Newcomer Level: 5 Posts: 3/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
Actually, you could go about doing this using a method similar to what is used for usenet news by most news browsers. Instead of putting a timestamp like you currently do, track the read threads by thread ID and build a comma delimited list that you can read from using implode and explode functions. You'd probably want to cheat and keep one entry per forum per user still, but set it up in this format: 1000, 1004, 1005, 1010, 1020 Where 1000 (the first entry) is the lowest number that has all threads read already (assume that it is really 0-1000) and then you store your read threads afterwards. Of course, you'd need the posts also, so it would probably be pairs instead of just the threads. You could use timestamps too, I guess. 1000;20004, 1001;20005, 1004;199451, etc Of course this really only works for the disk space constraint. You are still going to have some hefty processor usage to do all of the substringing and comparing. Also, it depends on your people marking forums as read occasionally so that you can get the baseline point. Actually, you'd probably want to just keep the current mark forum thread point as the baseline and then work the other part out. Nevermind, I'm rambling. Was any of that clear? |
|||
guruzim Newcomer Level: 5 Posts: 4/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
Wouldn't it be better to have the client app initiate the session with the server? I would think that you would want to have the client app send a username / password to your server, authenticate the person, and then write the IP address of the machine that your client is connecting from. Have the client send keepalives to the server to tell it that it is still connected. Then, you just send the packets to everyone in that table. If your server does not get the keepalive, then it would delete the row Alternatively, you could make the client acknowledge receipt of the packet, and after a certain number of non acknowledged packets you could cut them off. Granted, I've never written anything like this - but I'm interested. If you don't need to have security by obscurity, I'd like to talk about this here if possible. |
|||
guruzim Newcomer Level: 5 Posts: 5/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
I think I'm getting ahead of myself.. I've been trying to come up with a cool project to work on with mono or .NET, and I keep thinking of everything as a web service. So most of your hosts won't allow a java app to connect to the database... that would definitely make this much harder. The reason that I was thinking you would not want to allow the person to input their own IP address is that you would be opening yourself up to someone attempting to use your scripts as a method of DOSing someone / annoying someone with BlackICE or similar firewalll alerts. DOS woudln't be a huge risk because you aren't sending tons of packets, but depending on how much checking you do, and how creative people get, they could do some bad things with that by combining multple subscriptions and post flooding. I like the idea of a client app because you could avoid people using an HTTP proxy - but then I'm always looking for ways to ban people so that's probably my bias. |
|||
guruzim Newcomer Level: 5 Posts: 6/6 EXP: 359 For next: 170 Since: 03-15-04 Since last post: 472 days Last activity: 105 days |
| ||
http://secunia.com/advisories/12064/ Just an FYI. I've used it for a tooltip preview in our forums, not sure how this could be exploited exactly but something to be aware of. |
Acmlm's Board - I2 Archive - - Posts by guruzim |