tumbledry

Some Commenting Fixes

For the more prolific tumbledryers amongst you (I think it would be cool if that nickname for us caught on), opening many posts on which to comment on has been a nightmare. Even when you copied the letters in the security image very precisely, the code still said “nah nah nah try it again.” So, I have a gift for you (especially Dan, who was having commenting problems) - I have fixed some very pesky bugs in the commenting system that popped up when you tried to open a bunch of tumbledry pages and comment on each one. These were strange bugs - usually I work through them by coding on-the-fly, but I actually had to leave the computer and just concentrate hard on the problem to map it out on my head and figure out a fix. Hopefully, things are working better now. An outline of the patches/bug-fixes/thank-Gods follows.

(1) Image verification now works better. You (probably) no longer will type the correct security phrase, only to have the script boot you back and force you to “have another go at it” as they say in Britain. Now, you can open as many tumbledry pages as you want and image verification will work plus I fixed the strange bug we saw where a comment sometimes posted to the completely wrong thread (that was weird). You will encounter some minor weirdness with the verification if you open two posts, go to the first one opened, enter the image incorrectly, and then hit the back button on your browser. However, I do not expect this to be much of a problem, plus it is easily fixed by refreshing the page you are trying to comment on (which was the previous fix). Regardless, a majority of the image verification bugs should be squashed.

(2) Tumbledry saves your comment if something goes wrong in your submission so you don’t lose all your writing, but that saved comment used to follow the illustrious tumbledry visitor all over the site. This rather weird and I’m-being-chased-feel has now been fixed as well.

Further problems? Let me know.

12 comments left

Comments

Markoe

Thank you Alex. Your commitment to the excellence of this website and in all of your endeavors makes me proud to be a "prolific tumbledryer". Keep up the outstanding work.

Dan McKeown

I like "prolific tumbledryer" much more than Markoe's earlier description of "comment whore." This one makes me feel like more of a person.

Markoe

I was trying to dehumanize you, its what i do.

Alexander Micek

Also, it might be "tumbledrier" instead of "tumbledryer" but perhaps the misspell will add character. I don't know.

Richard Roche

if we were to have rankings, what would they be? I'm thinking you could start as a "wet blanket", mabye work yourself up to a "fabric softener", then eventually reach the level of "clothesline", and someday, if you're prolific enough, be a full flegdeged "tumbledryer/ier"

Dan McKeown

so is there another level beyond prolific tumbledryer? (i dont like tumbledrier as much)

Alexander Micek

No membership levels right now - I may refine that system yet to include fun names. However, there are other things in the tumbledry development pipelines.

Justin Gehring

Oh the fun it is to develope… I like the idea of ranks, although i should warn you, I'm prone to hacking those kind of systems (It's so much fun to give yourself a rank that doesn't exist, like… "Uber Cool Tumbley dried hacker"

By the way, if I was a really smart bot, I could post now on your page… I'd just have to come back to do it.

Alexander Micek

Well, yes. There are two ways a good bot could circumvent the protections I put into place here at tumbledry. First, it could employ an image reader (not all that uncommon) to scan the text of the image I provide, and enter the correct value thereof. This box is not as secure as it could be, but I plan on writing a couple lines of code to load TrueType fonts onto the image and make it more difficult for a machine to read it. Secondly, I believe you are referring to the PHP session ID's I am using to validate the entry of the image text. I didn't know bots could read these, but I suppose since sessions do use cookies, it is quite plausible. Do you have suggestions for making the storage of the text on the security image more secure? Perhaps global PHP variables server-side would do it. Let me know.

However, even if all these protections had been compromised, a bot located at one IP could leave a comment at most every 4 minutes (used to be 15, but at Mykala's recommendation, we took it down to 4). If the bot was really good, (that is, it not only read session variables or image text, but also rotated IPs using a proxy system), it could leave, at most, one comment every two minutes per section of the website. I may throttle this down further to, say, one comment every 10 minutes across all of tumbledry, which could be the more secure option.

Finally, I have considered attempting to "unlist" tumbledry. That is, to make it as anonymous as possible on the web by keeping it out of google and other search engines. If I can keep traffic to the very trusted and lovely people who regularly visit now, most of the battle will have been won in keeping tumbledry secure.

Nils

To hear you speak so patriotically of your website and the means you enlist to defend it makes me proud to be a prolific tumbledryer. The fact that I understand mostly nothing about web programming terminology, methods, and what have you is of no matter. It actually makes me more enamored. Keep fighting the good fight, keep TumbleDry secure!!!

John T F Larson

If you want to truly secure your site, I'd use some very bright lights, hooked up to motion detectors, and security cameras. Posting a "beware of dog" sign couldn't hurt, either. I figure, if these security devices are good enough for for many homes, they should be good enough for tumbledry. Make sure to lock the door, every time you leave, too.

Alexander Micek

It is a good fight! We will lock the doors and windows and grow a wonderful community! And Dan (along with his glasses) will organize a military defense system.

Left, left, left, RIGHT, left.

And in the meantime, we will continue to type meaningless phrases from a security image.

Essays Nearby