Wowee! I love the site changes! I'm sorry I haven't been on much recently.
The site is looking amazing now. I love the admin page, LS97! I assume the admin value "2" is admin and "1" is moderator? I was surprised to see that the admin setting is set to a cookie rather than checked up on the database on page connection. I've never done that before, but come to think of it that probably speeds pageload up a bit!
I appear to be able to downgrade myself to "mod" (I made myself admin first via the database) and then appear to be able to upgrade myself as a mod back to admin with the tools, perhaps we need admin privileges for user-editing tools?
In the stylesheet, the code to center .box elements in the centre of the page seem to be commented out. Did we not want them in the centre?
Due to the data protection act 1998, I believe this passage added to our privacy policy may be a good plan:
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee to cover delivery may be payable. If you would like a copy of the information held on you please email 'SOMEEMAIL'.
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.
Er... what else? For the contact, perhaps since we don't have a shared email address for this, we should set up a contact form - messages sent with it can be dealt with using a tool on the admin page?
I think our terms of use could do with being a little friendlier, or even linking to the Terms of Use that Scratch use?
Very good job though guys!
@Bonechill: what?
Offline
LS97 wrote:
I hope I'm not being obnoxious, but I'm doing this in a constructive spirit:
str_replace(" ", "", $string) can be a problem when you're just trying to trim something.
If a user has a password "I love Scratch", then the form would parse it as "IloveScratch" and any subsequent login trials would fail. Better to use trim()
Oh and, best not to trim passwords.
Well, that's why I had a note that all spaces would be removed from usernames, passwords and emails. But whatever floats your boat.
LS97 wrote:
Done editing the site.
I did a cool administration page with awesome user management, modified terms, overhauled site structure, added deletedusers database, started on user profiles (I think we can leave it at that though).
I think that's it for now, would like sparks to have a say on what to do next...
Looks awesome. Nice job! The deleted users page is returning 404 so I presume you're not done that yet.
Also, can someone fix the bug where a left/right horizontal scroll bar appears on the page even though the resolution is fine?
Offline
Is the website running slow for anyone else? I can't seem to access it or the Scratch Wiki. D:
Also, you might want to tell users that if they're under 13 to use their parent/guardian's email. I think it's required by law somewhere...
Last edited by technoboy10 (2012-07-13 12:30:23)
Offline
sparks wrote:
Wowee! I love the site changes! I'm sorry I haven't been on much recently.
The site is looking amazing now. I love the admin page, LS97! I assume the admin value "2" is admin and "1" is moderator? I was surprised to see that the admin setting is set to a cookie rather than checked up on the database on page connection. I've never done that before, but come to think of it that probably speeds pageload up a bit!
Well, technically it's stored on our site, with only a simple session ID stored as a cookie. So there is no way the user could change the value without compromising other tied values (therefore logging themselves out).
sparks wrote:
I appear to be able to downgrade myself to "mod" (I made myself admin first via the database) and then appear to be able to upgrade myself as a mod back to admin with the tools, perhaps we need admin privileges for user-editing tools?
Ah, that's because we store the admin value as a cookie. Logging yourself out and back in would have had effect. In fact, I cleverly already thought about it and when a mod (status 1) views the user page, only the block button appears. Of course, this is a downside of having this kind of cookie that has to be changed. How can we?
sparks wrote:
In the stylesheet, the code to center .box elements in the centre of the page seem to be commented out. Did we not want them in the centre?
Didn't think of that, but it would sure be cool! I think I'll leave fg123 to it, since he did most of the CSS for the box. On a side note, the little popup dialogues in user management could do with proper centring too, as right now they're just at 40% from top-left.
sparks wrote:
Due to the data protection act 1998, I believe this passage added to our privacy policy may be a good plan:
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee to cover delivery may be payable. If you would like a copy of the information held on you please email 'SOMEEMAIL'.
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.Er... what else? For the contact, perhaps since we don't have a shared email address for this, we should set up a contact form - messages sent with it can be dealt with using a tool on the admin page?
Excellent idea. I put a webmaster's email that links to my address for now just as a placeholder but we should definitely implement a non-emailing form.
And yes, we should add the 1998 Act as well as the DCMA.
sparks wrote:
I think our terms of use could do with being a little friendlier, or even linking to the Terms of Use that Scratch use?
I did those just as a placeholder for future -- definitely friendlier -- text. I have no doubt that anybody could write something more humane than me, since I'm only used to this half-legal speech.
Last edited by LS97 (2012-07-13 13:16:39)
Offline
fg123 wrote:
LS97 wrote:
I hope I'm not being obnoxious, but I'm doing this in a constructive spirit:
str_replace(" ", "", $string) can be a problem when you're just trying to trim something.
If a user has a password "I love Scratch", then the form would parse it as "IloveScratch" and any subsequent login trials would fail. Better to use trim()
Oh and, best not to trim passwords.Well, that's why I had a note that all spaces would be removed from usernames, passwords and emails. But whatever floats your boat.
LS97 wrote:
Done editing the site.
I did a cool administration page with awesome user management, modified terms, overhauled site structure, added deletedusers database, started on user profiles (I think we can leave it at that though).
I think that's it for now, would like sparks to have a say on what to do next...Looks awesome. Nice job! The deleted users page is returning 404 so I presume you're not done that yet.
Also, can someone fix the bug where a left/right horizontal scroll bar appears on the page even though the resolution is fine?
Oh I'm sorry, didn't see the note. Well, all the better that I edited that code, because if I didn't see it others mightn't either
Indeed I wasn't done with the deleted users page. I'm going to have a go at that now.
I wonder how we could fix that style bug, I'll ask my web designer friends...
Offline
Got rid of the scrollbars! Well, they still appear when needed.
Last edited by LS97 (2012-07-13 13:49:34)
Offline
To do:
- deleted users list
- actually implement the ban system (right now it's only a number in a database)
- update the ToU and PPol
- make contact form
- make change password and scratch linking (I know what it is, I'll do it )
Then we're cleared to start the GUI and renderer, finally!
If anyone wants to do any of these before I do, feel free.
Last edited by LS97 (2012-07-13 16:55:58)
Offline
I love how site setup has taken this long and we're not even on to the API part We should've had two teams of people!
Bonechill, I'm no good at voices - how do you even know how I sound? Also, please don't post asking about this here; its off-topic (So sorry, no, I don't want to do a voice for you )
Offline
Eek, I can't access the site!
Edit: It's fine now, I think my router was acting up.
Oh, and sparks, if you need more help, I know a good deal of CSS, HTML, and a little JS.
Last edited by technoboy10 (2012-07-15 10:37:24)
Offline
Oh, we're using cookies? I don't like that because it can be easily changed. And we have to change the PP to show that we DO use cookies.
I'll be on vacation until next saturday, so hopefully you'll be done with the site setup. And I can test it. Looking forward. I might get internet, so maybe.
Offline
fg123 wrote:
Oh, we're using cookies? I don't like that because it can be easily changed. And we have to change the PP to show that we DO use cookies.
I'll be on vacation until next saturday, so hopefully you'll be done with the site setup. And I can test it. Looking forward. I might get internet, so maybe.
We're not using cookies. If I mentioned that somewhere, I meant the PHP session.
Offline
A question of style -- should we make our own buttons in CSS?
Offline
Worked on site:
- added deleted users management
- implemented ban system and tightened security
- made contact form
- made change password
Still to do:
- improve ppol and tou (someone else please do it!!)
- make public user profiles
- make skin sharing system
- make renderer
- make gui
I'm still working on the site right now, and I think today's the big day when someone finally starts with the GUI. I'll follow the planning sparks and I put down in the first pages of this collab.
Last edited by LS97 (2012-07-15 07:38:23)
Offline
LS97 wrote:
A question of style -- should we make our own buttons in CSS?
IMO, yes. You might try Scratch 2.0 blue as a background color if you do.
BTW, nice job on the human-readable Privacy Policy!
@sparks That's fine.
Last edited by technoboy10 (2012-07-15 11:07:57)
Offline
technoboy10 wrote:
LS97 wrote:
A question of style -- should we make our own buttons in CSS?
IMO, yes. You might try Scratch 2.0 blue as a background color if you do.
Done. Do you like them?
Offline
Cool updates! Very exciting! I develop websites as a job so I can edit my privacy policy template and adapt it to this one
For the public user page, I suggest we keep it simple. Name and public images for viewers, additional private images and account management for the user.
Offline
sparks wrote:
Cool updates! Very exciting! I develop websites as a job so I can edit my privacy policy template and adapt it to this one
For the public user page, I suggest we keep it simple. Name and public images for viewers, additional private images and account management for the user.
I already did account management and images for user. The public profiles I think will come later once we've done the basic GUI and renderer.
Also, I'm still actively working on the site, so if you're going to update the policy now, please don't drift onto other pages as you might get overwritten
Offline
Here's the HTML for a possible privacy policy update:
<div class="inner"> <p> </p><p>This privacy policy sets out how ScratchAPI uses and protects any information that you give us when you use this website. Together with our Terms & Conditions this policy governs our relationship with you in relation to this website. <br><br> ScratchAPI is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Accidental Games may change this policy from time to time by updating this page. You should check this page occasionally to ensure that you are happy with any changes. This policy is effective from the 15th of July 2012.</p> <p></p><h2>What information do we collect?</h2> We collect information primarily when you signup. When signing up/registering, you will be asked for your email, and optionally, your scratch username and password. You can, however, visit the site anonymously, but you won't be able to use our service without signing up. <br><br> We also save your IP address when you log in for security reasons.<br> <h2>What do use that information for?</h2> Your username and password will be used only for logging in on this site, and your email is used so we have a way of contacting you if needed. If you choose to enter your scratch username and password, it will be used to verify you as a user, and to enhance your experience. <br> <h2>How is the information stored?</h2> Your information is stored in our secure database. The passwords you choose to use on our site are hashed, and the passwords of your scratch accounts are never stored. All we keep is the username and unique ID. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. <br> <h2>Do we use cookies?</h2> Nope, we just use PHP sessions — that means only one cookie with your unique ID. No passwords or other info is kept on your computer! <br> <h2>Do we disclose any information to outside parties?</h2> <p>We will not pass on, rent or sell your password to any third parties, nor will we pass on or sell your user name, password, email or Internet Protocol (IP) address to any third parties unless requested by law or you are issued with a permanent ban for spamming, in which case we reserve the right to pass this information on to an anti-spam website in the interests of making both our and others’ websites safer and friendlier. You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee to cover delivery may be payable. If you would like a copy of the information held on you please use the contact email given below. If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.</p> <p>Of course, remember that your API2 username will be disclosed to the public on this site at every content submission.</p> <h2>Contact</h2> <p>If there are any questions regarding this privacy policy you may contact us using the information below. Remember that although we are providing a service connected with the Scratch website, we are not endorsed by scratch.mit.edu.<br><br> E-mail for technical questions: <a href="mailto:webmaster@api2.comeze.com">webmaster@api2.comeze.com</a><br> E-mail for other purposes: TBA (Sparks's email?)</p> <p></p> </div>
Firebug seems to have put the tabbing out of whack, sorry!
Last edited by sparks (2012-07-15 13:26:14)
Offline