device

jducoeur

Justin du Coeur

Previous Entry Share Next Entry
The Order of Precedence is looking for a few good programmers!
device
jducoeur
August 13th, 2013
As a number of folks have noticed, the OP has been dormant for a long time. That's because we've been in the middle of a project to move from the old system (hundreds of hand-maintained files, which were kind of a labor of love for Caitlin but *wildly* hard to maintain) to a proper database. We're adapting the system from Atlantia, and it's mostly working.

But I could use some help at this point. The code needs some serious security reviews and bugfixes before it goes live, and the SQL could stand some tuning. More generally, I'd like to have a team of folks working on this in the long term, to maintain and gradually enhance it.

So: if you'd be willing to participate in this project, please drop me a line! (Or comment on this post.) I'm especially looking for folks who have significant experience in Security, SQL, PHP, or combinations of these.

Thanks!
Tags:
14 comments :
( 14 comments Leave a comment )
  • 1
jesse_in_boston
2013-08-13 07:06 pm (UTC)
I would be happy to help.
(Reply) (Thread)
jducoeur
2013-08-13 07:11 pm (UTC)
Excellent -- thanks much!
(Reply) (Parent) (Thread)
ilaine_dcmrn
2013-08-13 07:40 pm (UTC)
I can do design review (not code level) if that is any help.
(Reply) (Thread)
jducoeur
2013-08-13 07:43 pm (UTC)
Wouldn't be a bad idea, certainly. I mostly know what I'm doing, but this is more your specialty than mine. (But there exists no proper design for this -- it's a big soup of *many* PHP files -- so we may have to work in more of a "have you checked for this?" mode.)
(Reply) (Parent) (Thread)
ilaine_dcmrn
2013-08-13 07:47 pm (UTC)
or use it as an opportunity to create design documentation - a roles matrix, for example. Because you don't know what is incorrect behavior if you aren't sure what correct is.
(Reply) (Parent) (Thread)
jducoeur
2013-08-13 07:56 pm (UTC)
Could be, yes. At this point, I believe the code is simplistic in this regard -- all roles are either admins or not -- but it's likely that we'll want to gradually tease that apart.

The more immediate problem, though, is that I am *certain* that the code has SQL injection problems -- it took Gundormr all of about two minutes to find one when he began hosting it. So it's currently locked behind a server-level password, and we can't open it further until I have at least *some* confidence that we've addressed that and any other potentially severe risks...
(Reply) (Parent) (Thread)
(Deleted comment)
jducoeur
2013-08-14 12:47 pm (UTC)
I think I'm going to set up a mailing list (maybe a Google Group or something like that) for the project. If you're interested in participating, can you drop me a message with your preferred email address? I think we've mainly chatted via LJ messages recently, so I'm not sure I have one for you...
(Reply) (Parent) (Thread)
silverdragonma
2013-08-14 12:29 pm (UTC)
I would like to help. I have been using SQL for a while. I am guessing it is in MySQL?
(Reply) (Thread)
jducoeur
2013-08-14 12:45 pm (UTC)
Yep -- lots of MySQL queries, some of them impressively ornate.

Can you drop me a message (over LJ would be fine) with your email address? I think I'm going to set up a mailing list for the project. Thanks...
(Reply) (Parent) (Thread)
marphod
2013-08-14 04:31 pm (UTC)
I've got some security and SQL experience, and I've been meaning to learn PHP. I also have plenty of spare cycles. Shoot.
(Reply) (Thread)
jducoeur
2013-08-14 07:29 pm (UTC)
Glad to have you on board! Don't think I have your email address handy, though -- can you send it to me in an LJ message or something?
(Reply) (Parent) (Thread)
marphod
2013-08-14 07:45 pm (UTC)
I thought at least one address was in my profile (but I haven't checked the privacy rights on that lately).

at gmail works for me.
(Reply) (Parent) (Thread)
jducoeur
2013-08-14 07:55 pm (UTC)
Ah, so it is -- I'm actually unused to people using that feature...
(Reply) (Parent) (Thread)
( 14 comments Leave a comment )
  • 1
Archive

Apr2017

S
M
T
W
T
F
S
      1
2345678
9101112131415
16171819202122
23242526272829
30      
Links
The Art of Conversation
Facebook
Google+
Tags
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Powered by LiveJournal.com
?

Log in

No account? Create an account