Messages

301

Add-Ons / Re: [Event] Apartment - Landlord like a boss

« on: September 12, 2016, 04:22:53 PM »

Oh, yeah, someone need to poke this so it wont go below the perimeter of binned topics.

302

Add-Ons / Re: Blockland Glass 3.0.0 - Chat

« on: September 11, 2016, 03:39:24 PM »

I haven't touched this much since then, I've been focusing on Glass Hosting as there's a greater need for that and it'll actually end up paying to keep the Glass servers themselves up.

No rush! I just wanted to let you know so you could put it way down on your todo-list. Unless you want someone else to poke into it. As I mentioned to one of you, my offer to help is still open.

303

Add-Ons / Re: Blockland Glass 3.0.0 - Chat

« on: September 10, 2016, 03:57:41 PM »

Thanks. I'll look to see what specifically is causing that.

I checked now after a couple of weeks and it looked better, but now it got other errors:

Code: [Select]

<span class="mu_global">$InputTarget_[<span class="mu_text">"</span>;Self"</span>] = <span class="mu_local">%brick</span>;</span>What I see is the semicolon before the name. I see a nestling of tags where they should probably not be.
https://blocklandglass.com/addons/review/code.php?id=411

Keep up the good work. It looks really great.

304

Add-Ons / Re: [Server] Autosaver - [Version 2.0]

« on: September 10, 2016, 03:48:32 PM »

I can't believe I've edited this mod for a long time and didn't realize that was there. (Is Dediloader not good enough credits?)

Code is a complete mess, I'm determining if I should rewrite this or not.

It is a mess. By rewriting it you ensure high quality, a possibility to remove people from credits and make it easier to add new functionality.

The worst part is that it would be a lot easier to introduce more bugs and that it would take some time to do it.

It's your time. You can do whatever you want with it.

(Is Dediloader not good enough credits?)

No, it definitely is not. It could give false assumptions for an another add-on, as there is a few out there with the same functionality.

Also, I used that function in several of my add-ons, so in DediLoader, as you mentioned in the comment, it's on server.cs:35. I haven't updated them since 2009 when I released them.

305

Add-Ons / Re: Support_AutoSaver - A better one

« on: September 10, 2016, 03:15:32 PM »

Ah, you were the one who wrote this, I'll include the original credits. I'll apply more updates when I get back home. Thanks for posting.

Code: (server.cs:309) [Select]

// Writes information from a file to an another file - Stole from DediLoaderserver.cs:47

I rather not poke you about it, but almost a year and still no proper credits? ;)

Still, I don't mind you using it as it's a general algorithm anyone could write and no one should claim credits on. But considering this is a perfect copy, I suggest you consider doing what you think is the right thing.

306

General Discussion / Re: Glass Hosting Poll

« on: September 02, 2016, 01:54:51 PM »

so from what i understand

menu connects to blockland over a TCP connection
menu asks for a username
blockland creates an expected hash from the username (if it exists), and the password sha1 hash (which i don't trust. at all. i'd rather use an external script to do all of this over sha256)
and if it works they get in etc etc blah blah, hash is sent with each command

Well, if you read it, it's more that it first hashes the password, then it hashes that with other variables together to make an another hash. To guess the password is almost impossible. Also, this system is only to make sure that you each time you send a request it makes sure that the content haven't been tampered with and that you are what you claim you are. As it says in the wiki:

These enhancements are designed to protect against, for example, chosen-plaintext attack cryptbrown townysis.

Yes, sha-1 is not a secure hash anymore, but when did you care about security in Blockland? It is also worth noting that even if it's insecure as it is broken, you still cannot decrypt it and need to guess what the hash contains by looking in a rainbow table.

For instance, as I mentioned earlier, I made a different way to handle this to add more randomness:
First you get the variables from the server(Please note that I used JSON for communication):

Code: [Select]

{
"nonce" : "346gw3e6hw3h6se5h6",
"opaque" : "90834g6908w3609g"
}Then the client responds:

Code: [Select]

{
"username" : "YourName",
"algorithm" : "sha1",
"nonce" : "346gw3e6hw3h6se5h6",
"nc" : "00000001",
"cnonce" : "8s3498",
"opaque" : "90834g6908w3609g",
"response" : "59e7b54eeef1a5d84aa99d19f3ef5bc6f11f4a8a",
"action" : {"cmd":"dostuff"}
}So, the client is sending back what the server requested and a bunch of other data that will identify it.

Code: [Select]

nonce = Random. It is like a token that is used for this connection
cnonce = Random. Issued by the client as an extra hash
response = algorithm(algorithm(username:password):nonce:nc:cnonce:algorithm(action))The action is hashed directly like so:

Code: [Select]

algorithm({"cmd":"dostuff"})On the server, the password is saved hashed with username. It's not perfect, but it will add some sort of security to avoid people to tamper with your server without your credentials. And as mentioned earlier, it's almost impossible to guess it unless someone have put it into a rainbow table. The only way to actually try to get into the system is to decrypt one of the response hashes and find the hash for the username and password pair.

If you want, try to guess the password.

307

General Discussion / Re: Glass Hosting Poll

« on: August 30, 2016, 01:01:44 AM »

working on it
the idea i have is to create a TCP server on blockland that the menu would connect to for interfacing. i plan on letting the menu generate a key/random string each time the server is started, and that key would be sent with each command to prevent someone just coming in and wreaking havoc

Digest access authentication
It's cool, really. Even if it's plaintext it's something that sure works. I implemented this kind of thing before, so you probably shouldn't have any problem with it. Also, instead of md5 you can use sha1(Unless you want to crack the nut and implement md5 in TorqueScript).

308

General Discussion / Re: How old were you when you joined Blockland?

« on: August 30, 2016, 12:46:09 AM »

Most people that joined back then that were adults have gone and done something more important with their lives, hence why most people posting here joined when they were under 18.

...

What am I doing here now again?

309

Add-Ons / Re: Blockland Glass 3.0.0 - Chat

« on: August 23, 2016, 02:15:46 PM »

I've been working on a new script inspector, primarily for reviewers. It's certainly not mobile compatible and probably won't work well with smaller displays, and given my experiences with JavaScript and Firefox, it probably won't work on that either. I'll be making small improvements on that to try to replace the current review system.

I think you already know it, but it could be worth mentioning:
On server.cs, when you're handling strings inside arrays, the html somehow is nesting badly:

Code: [Select]

<span class="mu_global">$InputTarget_[<span< span=""> class="mu_text"&gt;"Self"</span<></span>]
Looks really good otherwise. Just needs some more syntax colors for standard syntax if/while/for/else, etc...

310

Add-Ons / Re: [Event] Apartment - Landlord like a boss

« on: August 22, 2016, 12:41:32 AM »

So all I have to do is event a baseplate and they can build on it?

That's the gist of it.

311

Add-Ons / Re: [Event] Apartment - Landlord like a boss

« on: August 21, 2016, 06:26:58 AM »

Bump...

312

Add-Ons / Re: New Duplicator 1.4.3 | Super-Cut?

« on: August 12, 2016, 11:05:12 AM »

There's actually a vector parameter type, those are already handled.

Oh, I saw that you did rotation for fireRelay[direction], but might have missed the vector part. Good that was already done.

Ok, I've added something here if you want to test it: https://github.com/Zeblote/Tool_NewDuplicator/commit/7562957d839c19a2c3abbc4063f6c9a28ad2f4a5?ts=4
Seems to work fine with the default events.

I've tested it and it works perfectly. Great job there. Thank you.

313

Add-Ons / Re: New Duplicator 1.4.3 | Super-Cut?

« on: August 12, 2016, 05:12:16 AM »

Missed this post somehow.

Pewh... You almost got me worried there.

Having add-ons implement their own rotation is a bad idea, as everyone would have to make a seperate loop over all events and it simply stops working when someone does it wrong.

I guess I can add a generic solution that will detect directions in drop downs (up, down, north, east, south, west?) and attempt to rotate them. Maybe use a lookup table aswell to not lose performance with many rotated events.

Yes, it is bad and that's why I asked if you could somehow implement it. You could just read the current list of names ($OutputEvent_parameterList) and use that as the rotation.

I think it's good that you try to do it correctly from the start so there wont be popping up versions that will just make things worse and then people blame you for it.

Also, take note about spawnProjectile, as that does not handle cardinal directions, but instead a vector. I currently have no idea of how you're going to fix that one, but checking for three float fields and try to determine if they are a compound for a vector or not.

I'm not sure about the named brick that's not in the selection. I can disable rotation for those, but won't it get confusing if you have one named brick in the selection and another with the same name out of it?

No matter how you do it, it would break anyway. Just set a standard and people are obliged to follow it. In this case, don't do a thing. The problem is way too big to handle and you would require som sort of list to be displayed to the user to take certain actions for these kind of issues, and that would just make it way too complicated.

314

Add-Ons / Re: New Duplicator 1.4.3 | Super-Cut?

« on: July 30, 2016, 07:02:42 AM »

I didn't found anyone mention this, but I came to note that you're doing onRelay[direction] manually in classes/server/selection.cs:2358, but there was nothing that handles direction in event output parameters: setItemDirection, setEmitterDirection, spawnProjectile and my own fireRelayNum, to name a few. It shouldn't be that hard to add. In fact, in a short time I made my own version for fireRelayNum which should be quite easy to add for default add-ons at least and then each modder will do their own addition for their mods:

Code: [Select]

// Handle New Duplicator
function ND_Selection::plantBrick(%this, %i, %position, %angleID, %brickGroup, %client, %bl_id)
{
%brick = Parent::plantBrick(%this, %i, %position, %angleID, %brickGroup, %client, %bl_id);

// Handle error
if (%brick <= 0)
return %brick;

// Locate our event
for (%n = 0; %n < %brick.numEvents; %n++)
{
if (%brick.eventOutput[%n] !$= "fireRelayNum")
continue;

// Get direction and normalize it
%dir = %brick.eventOutputParameter[%n, 2] - 1;

if (%dir >= 0)
{
if (%dir >= 2)
{
if (%this.ghostMirrorX && %dir % 2 == 1 || %this.ghostMirrorY && %dir % 2 == 0)
%dir += 2;

%dir = (%dir + %angleID - 2) % 4 + 2;
}
else if (%this.ghostMirrorZ)
%dir = !%dir;

// Put direction back as it was
%brick.eventOutputParameter[%n, 2] = %dir + 1;
}
}

return %brick;
}

I also found out that if you've a named brick as target and if that brick is not in the duplication, it will still change direction. In some cases this is not a desired feature.

I like this new tool. Just came around recently to test it.

315

Add-Ons / Re: [Event] Apartment - Landlord like a boss

« on: July 27, 2016, 05:19:35 PM »

Thank you, regardless I'm still going to use this because it's badass, I'll just have to redo the house is all, but then they can make their own floor and such

Thank you for being so polite. Too bad I couldn't be of much help. It is always recommended to use as few baseplates as possible for each owner to avoid this kind of thing to happen. I'll update first post about this issue.