17 10 / 2011
Loads of Progress!
Since we last posted a few weeks ago, development on Apps@Glorbi have seriously surged!
Since we last blogged, findit was nearing completion, and we’ve decided to leave it a little incomplete (we have to reposition 3 buttons!), so we can get along with other things.
In that time, we’ve written quite a few awesome apps.
LinkSync is an app that let’s you find an interesting link on either your iPod, iPhone, iPad, Android Phone, Android Tablet, BlackBerry, WP, etc… PSP, PS3, Chrome, Desktop, Mac or Windows device, and you paste that link on LinkSync, and instantly, you have that link available at any time, on any device, instantly synchronized via the cloud, straight through your Glorbi account. If you open the app or bookmark on any device, login if you haven’t used LinkSync in a few days, and you get automatically redirected to the link you pasted. Pretty cool? :)
Contackt is an application that takes all your ParaNect friends’ contact data, like their Facebook username, Twitter username, Skype, Mobile number, Home number, Email, Website, Tumblr, Gmail, MSN, Gamertag, PSN, or any detail on our list, and makes it all available through a search. Search for their name or any one of their details, and you’ll get their contackt profile almost instantly, from there you can look at all that data, as well as their ParaNect profile, and built in ContacktCard, which is an app we’re releasing later this week. You’ll also get their ContacktCard QR code, which you can use to scan them up later :)
Indexr is quite a cool application, it let’s you scan and upload PDF and DOC files to our servers, and asks you to name it, and give it a description as well as tag it with a few tags, which get used to index it later. Basically, it’s a document virtualization and storage app for people with a lot of paper. Once again, thus app will work on any device that can interpret a PDF file, (including Chrome) which is why it’s even cooler. I honestly think this is one of the more useful apps we’ve made. :)
This is a modified pre-Glorbi project we’re in the process of modifying to fit Glorbi, and sadly only works on desktop devices and devices that accept the HTML upload form type. Basically, you upload a picture, tell the app what you want on the top, and ok the bottom, you tell it whether you want the text in black or white, and you hit enter, your meme gets published, and stored in a database along with a shortlink which you can share over social networks from within the site! We originally planned on creating a meme-social-network, but that would rival ParaNect, which is why we’ve decided to create a voting system, and get the top 10 Memes to blog about.
[*] hotmuze & hotappz
Two very similar apps, again, both pre-Glorbi projects which we’re refitting to meet Glorbi standards. hotmuze is a music discovery and music sharing app that let’s you add your own music to a giant centralized user-generated, moderated database of songs, +1 or -1 other songs to determine scores, and rank songs by score, for the hottest music. We find newly added music, paid / promoted music, we find music people near you are listening to, find music we think you might like, find random music for you to rate. Then you can listen to the song, vote on the song, or share the song via Twitter, G+, FB, Tumblr or ParaNect. hotappz is virtually the same thing, just for iPhone and Android apps.
A Chrome extension that instantly fetches your IP address, very useful, its live on the Chrome Webstore.
A Chrome extension that instantly fetches current Twitter trends, and allows you to tweet through the extension. Its underused! Also live on the Webstore.
All these apps are live to current Glorbi members, although we apologize, signups are closed till we fix up a bridge between apps :)
Other apps we plan on releasing soon: Bands, Startups, Marketplace, ParaNect Beta 2
We aren’t telling what those apps are just yet, we want them to be a surprise :)
Permalink 51 notes
27 9 / 2011
Find it’s progress!
Since our last post, find it’s receiving tonnes of attention, and is nearing completion. We’re probably 3 days away from a release. Find it (and other glorbi services) will require a Glorbi account to use.
Find it is releasing with an iPad Web app/tablet optimized website, as well as the primary website. We’ll be creating a mobile web application soon, and quick-adders for each platform very soon!
Be prepared for the release of Find it! 4 Days! :)
Permalink 36 notes
13 9 / 2011
Starting on the Messages app
Just dived in to the messages, and we’re pretty much done with the PHP side of the sender, I’m going to need that theme to apply some styling to the array we’re going to call out in to the inbox, as well as the conversation. So we aren’t going to worry about that for a while. :)
So far, the sender, database, empty files, are all ready - and interfacelessly (:P) we’re currently able to send messages. :)
We’ll also port the messages to have an API with encrypted data, tokens, keys, etc, so we can later grow glorbi in to a sole messaging platform as well (spoileralert) :D
Permalink 4 notes
13 9 / 2011
We’ve made one last adjustment to login
Login will no longer need to check for your permanent session id, as that causes too many hassles when running multiple queries, and it doesn’t make that much of a difference when we’re already validating for major changes such as the IP address and User Agent to prevent from XSS.
Now on to messages! We’ll leave the core platform for later :)
Permalink 13 notes
11 9 / 2011
Rewriting the Login Backend
We’ve been experiencing some problems with cookies, and they’re a bit unreliable and vunreble to XSS attacks, so we’ve switched over to a full session based system. Sadly, the small downside to sessions, is we won’t be able to remember you! :( You’ll have to login after every time you re-open your browser.
The security of the sessions are around about the same, aside from the fact that we aren’t running as many checks, as they aren’t necessary. But we do validate for some things that could be a possible indication of an XSS hack. We will validate the temporary session id for IP addresses, as well as your user agent. If either one is different in the same session, you’re flagged, and have to login again.
Although, we’re having some problems getting the login system up and running, our authorization is failing at the moment, and that should be resolved in the next few hours :)
Permalink 86 notes
09 9 / 2011
Login System Done!
Logging in on to glorbi is probably one of the safest login scripts I’ve ever written! When you login, it stores a large array of data in our database, and checks this data against even more pre-stored values, and variables running in sessions and cookies all around our site!
So much so, that on every single page, we run about 13 checks to make sure, you’re you, and your data won’t be compromised. In all, we have 3 pages that handle login, login.php, which processes the login, sessions.php which registers the session, and auth.php to make sure everything is working just right. :)
After all that, you’re logged in, and you gain access to home, as you. Once you logout, what we wrote about in the last post, then happens!
Funny how we’re putting so much effort in to all this! We haven’t even got to the core platform yet! Who knows how long and secure that’s going to be ;)
Permalink 28 notes
09 9 / 2011
Well, so far we’ve done a survey of 6 developers, and 27 people, and we’ve agreed that our logout system will automatically log users out after 1 month, unless you click logout, deleting your sessions. But, to keep you safer, when you close your browser, and reopen it, you will have to type in only your password, because on a money related website. Security versus Convenience, we’re going to have to make it more secure than convenient!
Permalink 12 notes
09 9 / 2011
Twitter account setup
I can’t write any code at the moment, and so I just set up our Twitter account on @glorbidotcom Follow Us! We won’t be tweeting much till later!
Permalink 8 notes
08 9 / 2011
sessions.php is very very complex.
The session id system we’ve integrated to keep our users safe from any sort of hacks, is looking so be so secure, so complicated, that we have 5 cookies, 7 sessions, and we’re encrypting all our session data with special cryptography tools.
We randomly generate 2 IDs, get the username, IP address, and user agent, save them all in an encrypted cookie, upload those values to our database cross reference those values with our sessions, cookies, database, and an external table value, so as to keep the system flawless.
The sessions system is only half done, and it’s already over 400 lines of PHP. :) we’ll finish it off tomorrow, then move on!
08 9 / 2011
While we’re at it: Logout, done.
I made the login script a while ago, and thought why not make a logout script as well. That’s done! It’s also pretty long! If your session doesn’t exist - it logs you out anyways (well it would have earlier), and creates a blacklist localstore on your computer, which will get the website to record your actions on your next visit.
Here’s the code, with variable names, column names, and cookie names, and session names blanked out! [security measures ;)]
$xx = $_SERVER[‘xxxxx_xxxxxx’];
$data1 = mysql_query(“SELECT * FROM xxxxxxWHERE xxxxxx=’$xxxxxxx’ AND xxxxxxx=’$xxxxxx’”);
$xxxxxx = $_COOKIE[‘xxxxxx’];
$xxxxxx = $_COOKIE[‘xxxxxx’];
mysql_query(“DELETE FROM xxxxxx WHERE xxxxxx=’$xxxxxx’ AND xxxxxx=’$xxxxxxx’”);
<meta http-equiv=”Refresh” content=”0;url=../index?louterr=x” />
if($_COOKIE[‘xxxxxx’]==”” && $_COOKIE[‘xxxxxx’] ==”” && $_SESSION[‘xxxxxx’]==”” && $_SESSION[‘xxxxxx’]==”“)
<meta http-equiv=”Refresh” content=”0;url=../index?logout=x” />
Permalink 33 notes