1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Stuck, Having problems with creating your mod? Let us help you: Mod Support

UI apps networking?

Discussion in 'Programming' started by gigawert, Jul 19, 2017.

  1. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    Ok, I'll look into that.
    I provide a very noticeable disclaimer on the registration page to not use your BeamNG forum password for beam.trader.
    --- Post updated ---
    I tried compiling the Hello World example from at least 2-3 different websites in Visual Studio 2017 with several errors. I'm still going to code the client in C++
     
  2. Inertia

    Inertia
    Expand Collapse

    Joined:
    Dec 29, 2015
    Messages:
    1,658
    You clearly have zero idea of how to deal with sensitive data, much less people's login and passwords. I'm starting to think that you even lack simple common sense.
     
  3. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    Look, I am still learning about web development and we don't need that attitude here. No, I don't know how to deal with sensitive data yet but just because I do not know yet does NOT mean I lack common sense. Common sense =/ technical knowledge.
     
  4. Inertia

    Inertia
    Expand Collapse

    Joined:
    Dec 29, 2015
    Messages:
    1,658
    Storing people's passwords in an encrypted format has everything to do with common sense.
     
  5. Funky7Monkey

    Funky7Monkey
    Expand Collapse

    Joined:
    Oct 12, 2014
    Messages:
    1,042
    Fuck no. YOU NEVER, EVER STORE PASSWORDS IN PLAIN TEXT. I don't care what it is for, YOU DON'T FUCKING DO IT. Passwords are expected to be secure. In addition, you damn well should not store passwords in any form, even encrypted, on any of your servers. They should be hashed. That way, you don't have a security problem if there is a breach.

    NEVER, EVER STORE PASSWORDS IN PLAIN TEXT.
     
    • Agree Agree x 2
  6. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    First of all, please calm down, you can make your point without reaching that level.
    Secondly, does a database count as plain text?
     
  7. Inertia

    Inertia
    Expand Collapse

    Joined:
    Dec 29, 2015
    Messages:
    1,658
     
  8. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    It won't help anybody to post a facepalm gif. In fact, if you want your passwords to be secure maybe you should help me learn to do that to my website and not waste my time typing this.
     
  9. Funky7Monkey

    Funky7Monkey
    Expand Collapse

    Joined:
    Oct 12, 2014
    Messages:
    1,042
    Let me put it this way. If you have any way to find out what any user's password is, you're doing it wrong.
    I will give you a few videos to watch for why you must never store passwords in any format, and how you must handle login authentication.



    --- Post updated ---
    Alternatively, you could have user's log in through Steam or Google or something else. Then you don't have to store passwords at all. And, tbh, it'll be a lot easier for you to deal with.
    Use MSDN. Here's the C# portal. It has all of the up to date information you need.
     
    • Agree Agree x 1
    • Informative Informative x 1
  10. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    It would be easier on the website, but I'm not sure how I would integrate those login services with the client program. Ideally users would log in with their BeamNG forum accounts but I don't think this place is set up for that.
    You forgot to paste a link :p I searched msdn c# portal on Google and the only results that came up were for Visual Studio versions of the mid-2000s.
     
  11. tdev

    tdev
    Expand Collapse
    Developer
    Staff Member

    Joined:
    Aug 3, 2012
    Messages:
    2,714
    You can break most common, salted, hashed passwords via Rainbow tables: https://en.wikipedia.org/wiki/Rainbow_table - It all depends on the determination and computer specs ;)
     
    • Informative Informative x 1
  12. thomatoes50

    thomatoes50
    Expand Collapse
    Staff Member

    Joined:
    Jan 31, 2013
    Messages:
    421
    For someone who was trusted by @kaiser imnop and was named admin on a discord server.
    Talking about security issues even when you destroy our server 3 times is a bit over the limit.

    What you said about passwords is true but i really don't know what are you doing.
    Are you trying to convince @gigawert that you are a super man so he give you too much power and them you have a free website/server?
    or you will try to hack him later?

    And on top of that you are talking to him like shit, he just want to do a project and learn from doing it. If he does mistake he will learn (it's always better to avoid them before doing a really big one)
     
    • Agree Agree x 1
  13. pinefruit

    pinefruit
    Expand Collapse

    Joined:
    Jun 27, 2017
    Messages:
    33
    I have no idea how to code, although I would love to learn one day...

    Anyway, I hope this works, it seems like a great idea, all the best :D
     
  14. Neo

    Neo
    Expand Collapse

    Joined:
    Oct 31, 2015
    Messages:
    175
    Idea: You may don´t need any login at all. It is only an Idea, but what if you use the Information wich is already unique on the pc, like the processor id and the mainboard id. Even if two guys have the same pc specs, they could be distinguishable based on the hardware id´s.
    Reminder this is only an Idea, you can use it as the basic concept of your authenticator. Be creative with your program, the only limit is your imagination ... and your disk space ;)

    Oh and always remember:
     
    • Like Like x 2
  15. SixSixSevenSeven

    SixSixSevenSeven
    Expand Collapse

    Joined:
    Sep 13, 2013
    Messages:
    7,051
    public class Hello1
    {
    public static void Main()
    {
    System.Console.WriteLine("Hello, World!");
    }
    }
    Done. Was that so hard, dumbass.
    --- Post updated ---
    Yes. Yes it does. As already mentioned before, your existing solution included the username and password to the database in the public domain. Allowing me to log into the database and read its entire contents, or alter it. That and should someone somehow hack you and get hold of your database through other means, again, theyve got passwords in it. Did you know its actually a criminal offense in the US and europe to store user data in non encrypted/obfuscated formats? Encrypting the database file itself, does not count.

    Passwords you dont ever store. You calculate the hash of the password and store that, when a user enters their password, you hash what they enter and compare that. You never ever keep a password. Its because websites dont keep passwords that when you click lost my password to a website, they cant give you the password back, you have to get a new one, they cant give you your old one because they dont have your old one.
     
  16. gigawert

    gigawert
    Expand Collapse

    Joined:
    Sep 6, 2015
    Messages:
    2,117
    :|

    That attitude is not needed.

    And, upload_2017-8-8_13-29-57.png
     
  17. SixSixSevenSeven

    SixSixSevenSeven
    Expand Collapse

    Joined:
    Sep 13, 2013
    Messages:
    7,051
    you havent followed the tutorial at all. I can see from the filename. MainPage.xaml.cs, thats a WPF project. Every single tutorial orders you to create a console project, and the microsoft hello world sample download is a console project.So here you go.
    upload_2017-8-8_22-3-40.png
    Its not microsofts fault you clicked the wrong thing ;)
     

    Attached Files:

    • Informative Informative x 1
  18. Funky7Monkey

    Funky7Monkey
    Expand Collapse

    Joined:
    Oct 12, 2014
    Messages:
    1,042
    Welll, with enough money and determination, practically anything can be done :p. It's just a matter of making it so secure that the evil people run out of determination, or money.
     
  19. Funky7Monkey

    Funky7Monkey
    Expand Collapse

    Joined:
    Oct 12, 2014
    Messages:
    1,042
    Hey, at least we're helping. We could just not bother, and let you write a heap of unsecured trash.
     
    • Agree Agree x 2
  20. SixSixSevenSeven

    SixSixSevenSeven
    Expand Collapse

    Joined:
    Sep 13, 2013
    Messages:
    7,051
    That's funny. I just searched and the oldest document I got was for VS2010. it was still correct. C#is the language. Visual studio is the tool used only. Hello world has not changed since the mid 2000s