Scratch

sparks · 2011-10-01 16:37:49

Oh.... yes, Total name confusion! Sorry! Anyone is welcome to try if theSuccessor is not doing it anymore?

ProgrammingFreak · 2011-10-01 17:36:40

sparks wrote:
Oh.... yes, Total name confusion! Sorry! Anyone is welcome to try if theSuccessor is not doing it anymore?

I might try...

Hardmath123 · 2011-10-02 02:30:00

ProgrammingFreak wrote:
sparks wrote:
ProgrammingFreak wrote:

For the Block website?
Yes
I don't remember saying I was going to do it.
I thought that was TheSuccessor, remember?
I can do it though.

I can make it in JS. It'll support text in inputs, too!

sparks · 2011-10-02 05:24:09

go for it!

rookwood101 · 2011-10-02 06:03:43

could you give me the code that the sucessor already had?

sparks · 2011-10-02 06:32:34

yes, hang on....

Code:

    <?php
     
    /*
    * Purpose: Parses the given blockspec
    * and generates a block image. Supports
    * Scratch and Panther blocks so far.
    * Maybe someone could optimise it and
    * expand it to BYOB at some point.
    * Form accepted: spec=spec&type=(stack|boolean|stop|reporter)&color=(category name|hex colour)
    * or spec=fullblockspec&color=(category name|hex colour)
    */
     
    if(!isset($_GET['spec'])) die(); //Exit if we have no spec
    $font = 2; //The most appropriate font IMO that PHP has preinstalled (still not particularly good though - Scratch uses Verdana Bold Narrow Space)
    $arg_widths = array(/*Text*/ 10, /*Boolean*/ 25, /*Number*/ 15, /*Color*/ 13, /*Dropdown menu*/ 22); //Width in pixels of the arguments
    $n_arg_w = array('String' => 10, 'Boolean' => 25, 'Number' => 15, 'Color' => 13, 'Other' => 22); //Same here, but with names attached
    $spec = $_GET['spec'];
    $spec = str_replace('\\', '', $spec); //Clear out backslashes before '
    function full_spec($spec){ //Parse full block spec - currently incomplete
    $bspec = $spec; //Get a local copy of $spec for the full spec parser
    $tspec = array();
    trim($bspec); //Get rid of surrounding whitespace
    if(substr($bspec, 0, 1) == "("){ //Take off any surrounding brackets
    $bspec = substr($bspec, 1);
    if(substr($bspec, -1) == ")") $bspec = substr($bspec, 0, -1);
    }
    trim($bspec); //Get rid of surrounding whitespace again
    $tspec[0] = extractString($bspec);
    echo $tspec[0]."<br />";
    echo $bspec."<br />";
    if($tspec[0] === false) return false; //Only return here if the returned value was actually false, not just equivalent to false
    trim($bspec); //Get rid of whitespace again
    if($bspec == "") return false;
    $spacepos = strpos($bspec, " ");
    if(!$spacepos){
    $tspec[1] = $bspec;
    return $tspec;
    }
    $tspec[1] = substr($bspec, 0, $spacepos); //Get the type identifier from the spec
    if(substr($tspec[1], 0, 1) == "#") $tspec[1] = substr($tspec[1], 1); //Remove a preceding # symbol from the start of it if necessary
    $bspec = substr($bspec, $spacepos + 1); //Chop it off
    echo $bspec."<br />";
    $spacepos = strpos($bspec, " "); //Find where the method name ends
    if(!$spacepos) return $tspec; //If we can't find an ending space, it must take up the rest of the string so we just return $tspec as it is
    $bspec = substr($bspec, $spacepos + 1); //Chop off the method
    echo $bspec."<br />";
    $args = array();
    $i = 0;
    $loopbuster = 0;
    while($bspec && $loopbuster < 100){ //Repeat until we've got rid of everything
    $args[$i] = extractString($bspec);
    if($args[$i] === false){
    $spacepos = strpos($bspec, " ");
    if($spacepos == 0){
    $args[$i] = $bspec;
    $bspec = null;
    }else{
    $args[$i] = substr($bspec, 0, $spacepos);
    $bspec = substr($bspec, $spacepos + 1);
    }
    }
    trim($bspec);
    $loopbuster++;
    }
    $tspec[2] = $args;
    return $tspec;
    }
    function extractString($source){ //Removes the first smalltalk string from $source and returns it
    $next = 1;
    $loopbuster = 0; //Helps prevent an infinite loop
    if(!substr($source, 0, 1) == "'") return false; //If it doesn't start with a smalltalk string delimiter, return false
    while($loopbuster < 100){ //Try and find the end of the string
    $next = strpos($source, "'", $next);
    if(!$next) return false;
    $dsq = strpos($source, "''", $next); //Let's find out if they're doubled single quotes
    if(!$dsq || $dsq > $next){ //One single quote ends string
    $res = substr($source, 1, $next - 1); //Save the string
    $source = substr($source, $next + 1); //Chop it off the original
    return $res; //Return it
    }else{
    $next += 2; //They're DSQs, skip over them
    }
    $loopbuster++;
    }
    }
    $type = isset($_GET['type']) ? $_GET['type'] : 'stack';
    if($type == 'cap') $type = 'stop'; //Cap is probably more accurate, but stop is what I programmed it with originally, so we change it if necessary
    $args = array();
    /*$fs = full_spec($spec);
    if($fs != false){ echo $fs[0]."hi<br />";
    $spec = $fs[0];
    //$type = $fs[1];
    if($fs[2]) $args = $fs[2];
    }
    echo $fs[2];*/
    $color = isset($_GET['color']) ? $_GET['color'] : 'control'; //Control's the default color
    if($color == 'sounds') $color = 'sound'; //Sound is the correct name, but it accepts sounds as that's how I made it originally
    $colors = array(
    'control' => 'E7AD21',
    'motion' => '4A6BD6',
    'sensing' => '0094DE',
    'looks' => '8C52E7',
    'sound' => 'CE4ADE',
    'operators' => '63C610',
    'pen' => '00A57B',
    'variables' => 'F77318',
    'files' => '2C78C3',
    'colors' => '191919', //Not sure about this one - I modified my version of Panther and don't want to re-install
    ); //The hexadecimal RGB colours of the different categories
    if(isset($colors[$color])) $color = $colors[$color]; //Insert preset colour if applicable
    if(substr($color, 0, 1) == '#') $color = substr($color, 1); //Get rid of a preceding # in the colour
    $color = array(intval(substr($color, 0, 2), 16), intval(substr($color, 2, 2), 16), intval(substr($color, 4, 2), 16)); //Parse colour into decimal rgb values
    $highlights = computeHighlightColors($color[0], $color[1], $color[2]); //Get the highlight variations
    $shadow = array($color[0] * 0.7, $color[1] * 0.7, $color[2] * 0.7); //Get the shadow variation
    $scratch = array('/%s/', '/%b/', '/%n/', '/%[cC]/', '/%[^\ssbncC]/'); //Scratch arg regexs
    $panther = array('\$String\$', '\$Boolean\$', '\$Number\$', '\$Color\$', '\$Other\$'); //Panther args
    $panther_regex = array('/\$String\$/', '/\$Boolean\$/', '/\$Number\$/', '/\$Color\$/', '/\$Other\$/'); //Panther arg regexs
    $spec = preg_replace($scratch, $panther, $spec); //Panther arg identifiers make much more sense - replace them in
    $text_width = imagefontwidth($font) * strlen(preg_replace($panther_regex, '', $spec)); //Get the total text length
    for($i = 0; $i < sizeof($panther); $i++){
    $text_width += (substr_count($spec, str_replace('\\', '', $panther[$i])) * $arg_widths[$i]); //Add the length of the arg inserters
    }
    $text_bits = explode('$Arg$', preg_replace($panther_regex, '$Arg$', $spec)); //Get the different text sections
    $results = array();
    preg_match_all('/\$(String|Boolean|Number|Color|Other)\$/', $spec, $results); //Get the arg inserters
    $arg_bits = $results[1];
    if(sizeof($arg_bits) + 1 !== sizeof($text_bits)) exit('Error parsing argument inserters'); //Exit if we have a strange number of one or the other
    $w = $text_width + 12; $h = 25; //Set the width and height
    if($type == 'reporter' || $type == 'boolean' || $type == 'color'){ $h = 20; } //Shrink it for reporters
    if($type == 'boolean'){ $w += 6; } //Booleans need to be wider than other blocks
    $w = max($w, 40); //Apply a minimum width or it can end up with nasty looking blocks
    $img = imagecreate($w, $h); //Create an image for the block
    $bck = imagecolorallocate($img, 0, 0, 0); //Set the back colour
    $color = imagecolorallocate($img, $color[0], $color[1], $color[2]); //Convert $color into a colour
    $highlight1 = imagecolorallocate($img, $highlights[0][0], $highlights[0][1], $highlights[0][2]); //Same with the highlights
    $highlight2 = imagecolorallocate($img, $highlights[1][0], $highlights[1][1], $highlights[1][2]);
    $shadow = imagecolorallocate($img, $shadow[0], $shadow[1], $shadow[2]); //And the shadow colour
    $white = imagecolorallocate($img, 255, 255, 255); //White colour for the text
    if($type == 'boolean'){ $x = 10; drawBool($img, $w - 1, $h); }
    else if($type == 'reporter'){ $x = 7; drawRep($img, $w - 1, $h); }
    else if($type == 'color'){ $x = 6; drawColor($img, $w - 1, $h - 1); }
    else{ $x = 6; topEdge($img, $w); body($img, $w, $h); if($type == 'stop') smoothBottomEdge($img, $w, $h - 3); else bottomEdge($img, $w, $h); }
    imagestring($img, $font, $x, 4, $text_bits[0], $white); //Write the first bit of text
    for($i = 0; $i < sizeof($arg_bits); $i++){
    $x += imagefontwidth($font) * strlen($text_bits[$i]); //Move the x locator along
    $x += $n_arg_w[$arg_bits[$i]];
    imagestring($img, $font, $x, 4, $text_bits[$i + 1], $white); //Write bit i of text
    }
    imagecolortransparent($img, $bck); //Make the, background transparent
    header('Content-type: image/png'); //Tell the user's browser it's a png image, not text
    imagepng($img); //Output the image
    imagedestroy($img); //Destroy it to save resources
    function computeHighlightColors($r, $g, $b){ //Based on code from http://www.actionscript.org/forums/archive/index.php3/t-50746.html
    $result = array();
    $r_decimal = $r / 255;
    $g_decimal = $g / 255;
    $b_decimal = $b / 255;
    $min_decimal = min($r_decimal, $g_decimal, $b_decimal);
    $max_decimal = max($r_decimal, $g_decimal, $b_decimal);
    $del_Max = $max_decimal - $min_decimal;
    $V = $max_decimal;
    if ($del_Max == 0){
    $H = 0;
    $S = 0;
    }else{
    $S = $del_Max / $max_decimal;
    $del_R = ((($del_Max - $r_decimal ) / 6 ) + ( $del_Max / 2 )) / $del_Max;
    $del_G = ((($del_Max - $g_decimal ) / 6 ) + ( $del_Max / 2 )) / $del_Max;
    $del_B = ((($del_Max - $b_decimal ) / 6 ) + ( $del_Max / 2 )) / $del_Max;
    if ($r_decimal == $max_decimal) $H = $del_B - $del_G;
    else if ($g_decimal == $max_decimal) $H = ( 1 / 3 ) + $del_R - $del_B;
    else if ($b_decimal == $max_decimal) $H = ( 2 / 3 ) + $del_G - $del_R;
    if ($H<0) $H++;
    if ($H>1) $H--;
    }
    /*
    $minRGB = min(min($r,$g),$bl);
    $maxRGB = max(max($r,$g),$bl);
    $delta = $maxRGB-$minRGB;
    $b = $maxRGB;
     
    if ( $maxRGB!=0 )
    $s = 255*$delta/$maxRGB;
    else
    $s = 0;
     
    if ( $s != 0 ) {
    if ( $r == $maxRGB )
    $h = ($g-$bl)/$delta;
    else if ( $g == $maxRGB )
    $h = 2+($bl-$r)/$delta;
    else
    $h = 4+($r-$g)/$delta;
    }
    else
    $h = -1;
    $h *= 60;
    if ( $h < 0 )
    $h += 360;
     
    $H = $h / 360;
    $S = floor($s*100/255);
    $v = floor($b*100/255);*/
    return array(HSV_TO_RGB($H, $S - 0.13, $V + 0.05), HSV_TO_RGB($H, $S, $V + 0.07));
    }
    function HSV_TO_RGB ($H, $S, $V){
    if($S == 0){
    $R = $G = $B = $V * 255;
    }else{
    $var_H = $H * 6;
    $var_i = floor($var_H);
    $var_1 = $V * (1 - $S);
    $var_2 = $V * (1 - $S * ($var_H - $var_i));
    $var_3 = $V * (1 - $S * (1 - ($var_H - $var_i)));
    if ($var_i == 0) { $r_decimal = $V ; $g_decimal = $var_3 ; $b_decimal = $var_1 ; }
    else if ($var_i == 1) { $r_decimal = $var_2; $g_decimal = $V; $b_decimal = $var_1; }
    else if ($var_i == 2) { $r_decimal = $var_1; $g_decimal = $V; $b_decimal = $var_3; }
    else if ($var_i == 3) { $r_decimal = $var_1; $g_decimal = $var_2; $b_decimal = $V; }
    else if ($var_i == 4) { $r_decimal = $var_3; $g_decimal = $var_1; $b_decimal = $V; }
    else { $r_decimal = $V; $g_decimal = $var_1; $b_decimal = $var_2; }
    $R = $r_decimal * 255;
    $G = $g_decimal * 255;
    $B = $b_decimal * 255;
    }
    return array($R, $G, $B);
    }
    function topEdge($image, $width){ //Code hereon is based off that in Scratch. I didn't write the original Smalltalk, and won't comment my PHP translation
    global $color, $highlight1, $highlight2, $shadow;
    imageline($image, 2, 0, 11, 0, $highlight1);
    imageline($image, 25, 0, $width - 3, 0, $highlight1);
    imageline($image, 1, 1, 11, 1, $highlight2);
    imageline($image, 25, 1, $width - 2, 1, $highlight2);
    imageline($image, 0, 2, 12, 2, $color);
    imageline($image, 24, 2, $width - 1, 2, $color);
    imageline($image, 0, 3, 13, 3, $color);
    imageline($image, 23, 3, $width - 1, 3, $color);
    imageline($image, 0, 4, $width - 1, 4, $color);
    imageline($image, 13, 4, 23, 4, $highlight1);
    }
    function stopBody($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    imagefilledrectangle($image, 0, 5, $width - 1, $height - 3, $color);
    imagefilledrectangle($image, 0, 2, 2, $height - 3, $highlight2);
    imagefilledrectangle($image, $width - 1, 2, $width, $height - 3, $shadow);
    }
    function body($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    imagefilledrectangle($image, 0, 5, $width - 1, $height - 7, $color);
    imagefilledrectangle($image, 0, 2, 2, $height - 7, $highlight2);
    imagefilledrectangle($image, $width - 1, 3, $width, $height - 7, $shadow);
    }
    function bottomEdge($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    imageline($image, 1, $height - 7, $width - 2, $height - 7, $color);
    imageline($image, 2, $height - 6, $width - 3, $height - 6, $color);
    imageline($image, 11, $height - 5, 25, $height - 5, $color);
    imageline($image, 12, $height - 4, 24, $height - 4, $color);
    imageline($image, 12, $height - 3, 24, $height - 3, $color);
    imageline($image, 12, $height - 2, 23, $height - 2, $color);
    imageline($image, 3, $height - 5, 11, $height - 5, $shadow);
    imageline($image, 25, $height - 5, $width - 3, $height - 5, $shadow);
    imageline($image, 13, $height - 1, 23, $height - 1, $shadow);
    imagesetpixel($image, 11, $height - 4, $shadow);
    imagesetpixel($image, 11, $height - 3, $shadow);
    imagesetpixel($image, 12, $height - 2, $shadow);
    imagesetpixel($image, 24, $height - 4, $shadow);
    imagesetpixel($image, 24, $height - 3, $shadow);
    imagesetpixel($image, 23, $height - 2, $shadow);
    imagesetpixel($image, $width - 2, $height - 6, $shadow);
    }
    function smoothBottomEdge($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    imageline($image, 1, $height - 3, $width - 1, $height - 3, $color);
    imageline($image, 2, $height - 2, $width - 2, $height - 2, $color);
    imageline($image, 3, $height - 1, $width - 3, $height - 1, $shadow);
    imagesetpixel($image, $width - 2, $height - 3, $shadow);
    imagesetpixel($image, $width - 3, $height - 2, $shadow);
    }
    function drawRep($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    $topDraw = $bottomDraw = $hh = floor($height / 2);
    if($hh * 2 == $height) $topDraw = $bottomDraw - 1;
    while($topDraw >= 0){
    $indent = $hh - round(sqrt((pow($hh, 2) - pow($hh - $topDraw - 1, 2))));
    $col = $color;
    if($topDraw == 0) $col = $highlight1;
    if($topDraw == 1) $col = $highlight2;
    imageline($image, $indent, $topDraw, $width - $indent, $topDraw, $col);
    if($indent > 0 && $topDraw > 1){
    imagesetpixel($image, $indent, $topDraw, $highlight1);
    imagesetpixel($image, $width - $indent, $topDraw, $highlight1);
    }
    $col = ($bottomDraw == $height - 1) ? $shadow : $color;
    imageline($image, $indent, $bottomDraw, $width - $indent, $bottomDraw, $col);
    if($indent > 0){
    imagesetpixel($image, $indent, $bottomDraw, $shadow);
    imagesetpixel($image, $width - $indent, $bottomDraw, $shadow);
    }
    $bottomDraw++;
    $topDraw--;
    }
    }
    function drawBool($image, $width, $height){
    global $color, $highlight1, $highlight2, $shadow;
    $topDraw = $bottomDraw = floor($height / 2);
    if($topDraw * 2 == $height) $topDraw = $bottomDraw - 1;
    $indent = 0;
    while($topDraw >= 0){
    $col = $color;
    if($topDraw == 0) $col = $highlight1;
    if($topDraw == 1) $col = $highlight2;
    imageline($image, $indent, $topDraw, $width - $indent, $topDraw, $col);
    if($topDraw > 1 && $indent > 0){
    imagesetpixel($image, $indent, $topDraw, $highlight1);
    imagesetpixel($image, $width - $indent, $topDraw, $shadow);
    }
    $col = ($bottomDraw == $height - 1) ? $shadow : $color;
    imageline($image, $indent, $bottomDraw, $width - $indent, $bottomDraw, $col);
    if($indent > 0){
    imagesetpixel($image, $indent, $bottomDraw, $shadow);
    imagesetpixel($image, $width - $indent, $bottomDraw, $shadow);
    }
    $indent++;
    $bottomDraw++;
    $topDraw--;
    }
    }
    function drawColor($image, $width, $height){ //I wrote this myself without looking at Panther's code, so it may not be completely correct
    global $color, $highlight1, $highlight2, $shadow;
    imagefilledrectangle($image, 0, 0, $width, $height, $color);
    imageline($image, 0, 0, $width, 0, $highlight1);
    imageline($image, 1, 1, $width, 1, $highlight2);
    imageline($image, 0, 0, 0, $height, $highlight1);
    imageline($image, 1, 1, 1, $height, $highlight2);
    imageline($image, 0, $height, $width, $height, $shadow);
    imageline($image, $width, 1, $width, $height, $shadow);
    }

Remember to credit TheSuccessor if you use any of this! I hadn't actually looked at it before, very long!

Last edited by sparks (2011-10-02 06:35:29)

zorket · 2011-10-02 17:06:32

New operator! Sorry, I haven't been here in a while, and this isn't tested.

Blockspec: ('%s even' #b #isEven:)

Code:

Code:

isEven: t1
^ t1 even

Here's a similar one:

Blockspec: ('%s odd' #b #isOdd:)

Code:

Code:

isOdd: t1
^ t1 odd

Hey, I have a great idea for this!

There should be a forum to post blocks in, and weekly someone takes all the blocks and sends them to the library.

Pecola1 · 2011-10-02 17:20:36

zorket wrote:
New operator! Sorry, I haven't been here in a while, and this isn't tested.

Blockspec: ('%s even' #b #isEven:)

Code:
Code:
isEven: t1
^ t1 even
Here's a similar one:

Blockspec: ('%s odd' #b #isOdd:)

Code:
Code:
isOdd: t1
^ t1 odd
Hey, I have a great idea for this!

There should be a forum to post blocks in, and weekly someone takes all the blocks and sends them to the library.

I think its good enough if they are posted here. smile But great idea. It would save some room, and then the questions and stuff would be somewhere else.

Hardmath123 · 2011-10-03 03:38:31

I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.

sparks · 2011-10-03 04:41:26

It is a tricky one... potentially misuseable yet also useful...

scimonster · 2011-10-03 06:10:23

Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.

It's no different from guessing it at the login page.

sparks · 2011-10-03 06:16:57

scimonster wrote:
Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.
It's no different from guessing it at the login page.

I think what hardmath means is that someone asking for your Scratch username and password in a project could technically use that information not just to confirm it, but also send that information through a GET command to one of their own websites. However, they can ask you that using the Scratch API anyway.

Hardmath123 · 2011-10-03 06:48:40

sparks wrote:
scimonster wrote:
Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.
It's no different from guessing it at the login page.
I think what hardmath means is that someone asking for your Scratch username and password in a project could technically use that information not just to confirm it, but also send that information through a GET command to one of their own websites. However, they can ask you that using the Scratch API anyway.

Yeah, but do we really want to give access to something that dangerous? Besides, with a block, one can potentially write a script that sits back and guesses until it finds a match. It could take me maybe 20 minutes to write it up in XCode with the API (not that I would).

sparks · 2011-10-03 07:21:17

Well 20 mins to write up, but it would take a long time to guess correctly. Anyone with enough technical knowledge to send the password to themselves in a Panther project or Scratch project is going to know about the API anyway, which can be accessed without the need for custom blocks. Panther has custom block warnings installed and Scratch changes apply to that image only anyway so the risk is comparatively low.

Hardmath123 · 2011-10-03 07:53:46

sparks wrote:
Well 20 mins to write up, but it would take a long time to guess correctly. Anyone with enough technical knowledge to send the password to themselves in a Panther project or Scratch project is going to know about the API anyway, which can be accessed without the need for custom blocks. Panther has custom block warnings installed and Scratch changes apply to that image only anyway so the risk is comparatively low.

Well, firstly, I accidentally wrote 20 minutes to write. In reality, maybe ten minutes to write and 20 minutes to run (which is what I meant). Besides, having the block there just lets people know about the api. I didn't know about it until the block came along, and I'm sure neither do many others. Do we really want to publicize a danger?
I suggest we get expert advice—I'm going to report this post and see what an admin says, if you think it's a good idea (if you do, feel free to report it yourself). smile

joefarebrother · 2011-10-03 12:44:26

Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.

I agree. It is theoreticly possible to write a panther project where you enter someone's username and it goes through every possible combination of passwords that are possible untill it finds the password, THEN writes the password to a file for you to read later. It is dangerous.

sparks · 2011-10-03 13:50:09

Okay, we'll see what the moderators say, I think removing it might be a good course of action.

scimonster · 2011-10-03 13:51:16

sparks wrote:
Okay, we'll see what the moderators say, I think removing it might be a good course of action.

DD:

rookwood101 · 2011-10-03 13:54:04

joefarebrother wrote:
Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.
I agree. It is theoreticly possible to write a panther project where you enter someone's username and it goes through every possible combination of passwords that are possible untill it finds the password, THEN writes the password to a file for you to read later. It is dangerous.

You can't have it going through every combination, it would take forever. And if it were that easy, everyone would do it on everything.

TuragaTreeko · 2011-10-03 17:25:57

joefarebrother wrote:
Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.
I agree. It is theoreticly possible to write a panther project where you enter someone's username and it goes through every possible combination of passwords that are possible untill it finds the password, THEN writes the password to a file for you to read later. It is dangerous.

It is potentially dangerous, but it is also excedingly useful. And, if you're someone who even bothers to go into the advanced topics, the scripting behind the "find a password" project would be rather easy to build. I agree that it should be removed.

Another thing, it never really worked for me. On one version of scratch I edited, it spewed true at me every time I clicked it, and on another version I edited, it just froze the software.

Although, on the flipside, anyone willing to do that would probably have already been caught by the mods. hmm (^—^)

sparks · 2011-10-03 17:35:49

It's not hard in most programming languages and plenty are more suited to it than Scratch or a derivative. One with a POST function for one thing. I assume that the Scratch team have appropriate safeguards in place though. This is why it's a good idea for passwords to have numbers, letters of both case and other characters in them, it increases the possible number of combinations exponentially, making it much harder for a computer program to methodically fire possibilities into the password field.

Pecola1 · 2011-10-03 19:47:38

Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.

No not really, tell me how you could, its just as easy as using the login!

Pecola1 · 2011-10-03 19:50:46

sparks wrote:
scimonster wrote:
Hardmath123 wrote:
I think you should officially remove the password for [] is [] block. It is now theoretically possible to get somebody's password.
It's no different from guessing it at the login page.
I think what hardmath means is that someone asking for your Scratch username and password in a project could technically use that information not just to confirm it, but also send that information through a GET command to one of their own websites. However, they can ask you that using the Scratch API anyway.

Just as much as making a project bring up a bad website, or making it delete multiple files on the computer, it is not the block, it is the user, not just the creator, but the person playing a project should ALWAYS check the scripts if it is in a mod with blocks like this. Even then, it would have to upload to the internet, which would be the internet block as the dangerous one.

Pecola1 · 2011-10-03 19:57:26

I actually made a project once which would guess the password, the password was a variable. It would go through all possibilities of case and numbers. It took 10 whole minuets to guess a 2 LETTER PASSWORD. And if your smart, don't make your password 2 letters. XD Anyways, it would be simple to get the password using the block in this case, but the problem is the hacker using the game to UPLOAD the password, you see again it is the posting blocks which give a problem without them it is fine, someone could without the password block make a project which looks through your files on your comp and uploads private files, and it would be the uploading blocks which make it wrong. You see, the password block itself isn't bad, someone could use the url block to get the password just as easily, or the run code block, etc. It is THE POSTING BLOCK WHICH HAS A FAULT.

sparks · 2011-10-04 05:12:24

I completely agree that, like the URL blocks, file blocks and webpage opening blocks, the password block itself is not at fault, it is the programmer who may seek to exploit it's use. What people are arguing, and I sort of agree with them, is that the block is making more people aware of the API, so more people may get dangerous ideas. It's not just about using the block to GUESS passwords, it can be used in conjunction with the URL blocks and a bit of MySQL to send the username and password of a user from a project to a website for the creator's viewing pleasure.

Scratch

archived forums

#2151 2011-10-01 16:37:49

Re: ITopic: Welcome to your local block library!

#2152 2011-10-01 17:36:40

Re: ITopic: Welcome to your local block library!

sparks wrote:

#2153 2011-10-02 02:30:00

Re: ITopic: Welcome to your local block library!

ProgrammingFreak wrote:

sparks wrote:

ProgrammingFreak wrote:

#2154 2011-10-02 05:24:09

Re: ITopic: Welcome to your local block library!

#2155 2011-10-02 06:03:43

Re: ITopic: Welcome to your local block library!

#2156 2011-10-02 06:32:34

Re: ITopic: Welcome to your local block library!

Code:

#2157 2011-10-02 17:06:32

Re: ITopic: Welcome to your local block library!

Code:

Code:

#2158 2011-10-02 17:20:36

Re: ITopic: Welcome to your local block library!

zorket wrote:

Code:

Code:

#2159 2011-10-03 03:38:31

Re: ITopic: Welcome to your local block library!

#2160 2011-10-03 04:41:26

Re: ITopic: Welcome to your local block library!

#2161 2011-10-03 06:10:23

Re: ITopic: Welcome to your local block library!

Hardmath123 wrote:

#2162 2011-10-03 06:16:57

Re: ITopic: Welcome to your local block library!

scimonster wrote:

Hardmath123 wrote:

#2163 2011-10-03 06:48:40

Re: ITopic: Welcome to your local block library!

sparks wrote:

scimonster wrote:

Hardmath123 wrote:

#2164 2011-10-03 07:21:17

Re: ITopic: Welcome to your local block library!

#2165 2011-10-03 07:53:46

Re: ITopic: Welcome to your local block library!

sparks wrote:

#2166 2011-10-03 12:44:26

Re: ITopic: Welcome to your local block library!

Hardmath123 wrote:

#2167 2011-10-03 13:50:09

Re: ITopic: Welcome to your local block library!

#2168 2011-10-03 13:51:16

Re: ITopic: Welcome to your local block library!

sparks wrote:

#2169 2011-10-03 13:54:04

Re: ITopic: Welcome to your local block library!

joefarebrother wrote:

Hardmath123 wrote:

#2170 2011-10-03 17:25:57

Re: ITopic: Welcome to your local block library!

joefarebrother wrote:

Hardmath123 wrote:

#2171 2011-10-03 17:35:49

Re: ITopic: Welcome to your local block library!

#2172 2011-10-03 19:47:38

Re: ITopic: Welcome to your local block library!

Hardmath123 wrote:

#2173 2011-10-03 19:50:46

Re: ITopic: Welcome to your local block library!

sparks wrote:

scimonster wrote:

Hardmath123 wrote:

#2174 2011-10-03 19:57:26

Re: ITopic: Welcome to your local block library!

#2175 2011-10-04 05:12:24

Re: ITopic: Welcome to your local block library!

Board footer