Forum posts

Forum: Transformers: Prime - The Game

Thread: The DS version should be its own category and game

Started by: Martron7Martron7

Thanks, I've created the new game here: https://www.speedrun.com/tptgds

I'm rejecting your submission here, can you resubmit it to that game?

 

Forum: Transformers: Prime - The Game

Thread: The DS version should be its own category and game

Started by: Martron7Martron7

I mean, the way you're putting it is that these are effectively two games:

1. Transformers: Prime - The Game
2. Transformers: Prime - The Game (DS)

The same way that there are two games for Sonic Colors and Sonic Colors (DS), for the same reason. I agree with you! So OK -- let's live in that world. But we don't have to create the game called Transformers: Prime - The Game (DS) to live in that world. We can just change the officially listed platforms for Transformers Prime - The Game (underneath the box art, and a dropdown when submitting a run) from "WiiU, DS, 3DS, Wii" to "WiiU, 3DS, Wii".

The other game, if and when it gets a run, should be called Transformers Prime - The Game (DS), and its only platform listed beneath the box art and during run submissions should be DS.

Even if no one ever runs that game and therefore it never gets created on speedrun.com, we can still represent _this_ game correctly by changing its platforms to reflect that the DS game is not included.

Does that sound good to you? If so I'm happy to make the change.

 

Forum: Transformers: Prime - The Game

Thread: The DS version should be its own category and game

Started by: Martron7Martron7

Totally on board with splitting them, but the DS version would need a run first to exist. For now we can change the platforms of this one?

 

Forum: Transformers: The Game

Thread: Transformers DS variants

Started by: JoeyS111JoeyS111

Sure! I can make separate games for them. I'm about to get on a plane, will add them a bit later.

JoeyS111JoeyS111 likes this. 

Forum: Transformers: Fall of Cybertron

Thread: Other difficulties

Started by: Rabid_RobotRabid_Robot

Yes, please do! I will add any difficulties as categories as people run them.

 

Forum: Transformers: Fall of Cybertron

Thread: PS4

Started by: Rabid_RobotRabid_Robot

Yeah that would be more than fine. Splits are not required, just video.

 

Forum: The Site

Thread: Report a site bug

Started by: ZephilesZephiles

Splits I/O dev here, this should be fixed. We had a temporary API bug.

toca_1toca_1, Trollbear666Trollbear666 and ROMaster2ROMaster2 like this. 

Forum: Transformers: Fall of Cybertron

Thread: Verification

Started by: TimedRuby9TimedRuby9

Thanks for the contact, I don't come by much so sorry for the slow approval! I've promoted you so you don't have to wait on my slow butt anymore 😛

 

Forum: The Site

Thread: Any plans to open source?

Started by: GlacialsGlacials

Smashboards runs on XenForo (Ctrl+F page source for XenForo), which anyone can purchase the source for: https://xenforo.com/
TASVideos uses phpBB for its forum (see footer), which is open source: https://github.com/phpbb/phpbb
Shoryuken uses Vanilla (see forum footer), which is open source: https://github.com/vanilla/vanilla

You bring up good points though. The problem with getting everyone who ¤would¤ work on it if it were open source to work on it while it's closed is that it's incredibly hard to discover these people. The pool is already very small (speedrunner-engineers) and the people in it are likely not seeking to join an inner circle just to make their change. They just want to fix a typo, or speed up an endpoint, or adjust the alignment on an out-of-place div.

The best way to get good long-term developers is to lower the barrier to entry such that you don't have to trust them with the keys to the castle just for them to figure out if they enjoy working on SRDC. Then, the people who do eventually turn into long-term devs won't be turned off before they start.

 

Forum: The Site

Thread: Any plans to open source?

Started by: GlacialsGlacials

Having an API and being open source solve different problems. APIs are for data (games, runners, WRs, etc.). Open sourcing allows people to fix bugs or write features. Like if I noticed a page loading slowly, I could go figure out why, and maybe make a pull request to the SRDC guys with some code that runs more efficiently.

As for security: it's like sharing strats for your game. Everyone wants to bring times down, so you share info. When the community has an air of openness, people generally don't keep things to themselves for their own benefit. This is why blueprints for buildings go on public record. More eyeballs is better, not worse. We all collectively want SRDC to be 100% secure, and we'll help if we can. But right now we can't.

Other open source speedthings:
LiveSplit
PBTracker
Splits I/O
WSplit

 

Forum: The Site

Thread: Any plans to open source?

Started by: GlacialsGlacials

An open sourced Speedrun.com would be awesome and I was wondering if there are any plans to get there. Enabling the community to help with bugs, issues, and features would be massive boon to the site and to developer sanity. LiveSplit has had success here with around 40 people so far contributing code that's been merged.

Is there anything we can do to help move in this direction?

 

Forum: The Site

Thread: Serious Security Issue on Speedrun.com

Started by: AuroraAriAuroraAri

This issue is not fixed. By hashing passwords before storing them in cookies, all you're doing is changing the definition of a password. The information needed to fake yourself into becoming someone has changed from [username, password] to [username, password hash]. This information is still passed over plaintext in every page request made to speedrun.com. So if I'm a snooper, the only thing that's changed for me is that now it seems like your password is just really long and really complicated. I no longer need what you consider your password, because I only need the thing that speedrun.com considers your password -- the hash. It's no harder for me to become you.

Solution to above: Use $_SESSION instead of $_COOKIE.

MD5 is too much of a beaten dead horse to be used anymore. Reverse lookup tables are everywhere on the internet. At ¤minimum¤ you should be salting your hashes. But you should also just be using a more modern hashing function.

Solution: Change from md5($password) to password_hash($password, PASSWORD_BCRYPT). It will handle salting.

Please open source speedrun.com. We want to help but we can't if everything remains closed off.

NokiDokiNokiDoki, GyooGyoo and 2 others like this.