paulpooch / shoutbreak Goto Github PK
View Code? Open in Web Editor NEWAn android 2.x app that did localized anonymous messaging with game mechanics (think YikYak).
An android 2.x app that did localized anonymous messaging with game mechanics (think YikYak).
TO REPRODUCE ERROR:
Turn off location services
Open SB and click 'on' switch
Enable them now? Yes
Turn on location services
Return to SB
Click 'on' switch again
ERROR CAUSED BY:
Shoutbreak.java - ToggleGPSUsage() {
_mapController.animateTo(null location)
}
REASON:
_userLocationOverlay.getMyLocation() is returning null
POSSIBLE FIX:
LocationTracker should call the animateTo() method whenever the user's location changes. It should either call this directly or send an event to the UI / User that triggers it. The ToggleGPSUsage() method should still call the animateTo method when the GPS is turned on, however it should check to make sure the location isn't null.
Not sure why getMyLocation() is returning null. I assumed it returned the last known location regardless. If location services are disabled it likely restricts all location information (fresh or stale).
Approval will give a 1,0 post a 100
Score will give a 1,0 post a 27, & a 3,0 post like a 73. But that's better than a 1,0 post. so WTF.
Use whitelists & proper encoding on everything entering & leaving server.
multiple set's will cause unpredictable behavior. fix this. URGENT!
use droidsans.ttf
color icons? white?
use speech bubble shape in logo.
At some point do we need a load more button? Or just auto-delete old crap?
This is giving away info to attackers. Bad.
After 60 day period let's get a teaser page up on 1&1.
Make sure nobody can read the source code or do bad things on server.
We should globally catch all NullPointer and other exceptions. Just reboot app or something.
items expanding in multiples because of holder issues
GetScores uses getShout for each shout...
instead this should be 1 db call, that does where ID = ? or ID = ? or ID = ?, etc.
Auth = pw . hash(pw . nonce . uid) [over SSL]
Server Stores [ hash (pw . salt) | UID | salt ]
User Stores [ pw | UID ]
Of course technically now nobody knows the pw..... but this prevents massive account breach
general issue. try to find all use cases that lead to crash.
Same phone, new installation of app?
New phone, new installation, old user?
Account saving, retrieval.
Need the algorithm and everything here.
Cap # of failed login attempts
HOW TO REPRODUCE ERROR:
Open SB - service is now bound
Click Home button - service is unbound
Re-open SB. - service does NOT get bound
Click Back button - attempt to unbind a non-existent service, causes error below
ERROR REPORT:
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): FATAL EXCEPTION: main
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): java.lang.RuntimeException: Unable to pause activity {com.shoutbreak/com.shoutbreak.ui.Shoutbreak}: java.lang.IllegalArgumentException: Service not registered: com.shoutbreak.ui.Shoutbreak$ShoutbreakServiceConnection@45d526e0
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.performPauseActivity(ActivityThread.java:3567)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.performPauseActivity(ActivityThread.java:3524)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.handlePauseActivity(ActivityThread.java:3507)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.access$2500(ActivityThread.java:135)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2147)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.os.Handler.dispatchMessage(Handler.java:99)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.os.Looper.loop(Looper.java:144)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.main(ActivityThread.java:4937)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at java.lang.reflect.Method.invokeNative(Native Method)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at java.lang.reflect.Method.invoke(Method.java:521)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:868)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:626)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at dalvik.system.NativeStart.main(Native Method)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): Caused by: java.lang.IllegalArgumentException: Service not registered: com.shoutbreak.ui.Shoutbreak$ShoutbreakServiceConnection@45d526e0
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread$PackageInfo.forgetServiceDispatcher(ActivityThread.java:1107)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ContextImpl.unbindService(ContextImpl.java:897)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.content.ContextWrapper.unbindService(ContextWrapper.java:352)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at com.shoutbreak.ui.Shoutbreak.serviceOnUIOff(Shoutbreak.java:512)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at com.shoutbreak.ui.Shoutbreak.onPause(Shoutbreak.java:231)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.Activity.performPause(Activity.java:3883)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.Instrumentation.callActivityOnPause(Instrumentation.java:1332)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): at android.app.ActivityThread.performPauseActivity(ActivityThread.java:3554)
06-05 16:52:23.561: ERROR/AndroidRuntime(28166): ... 12 more
each vote image should have 2 states.
If the buttons are disabled because the user already voted, it should have one arrow highlighted to indicate which way the user voted.
fix this.
file permissions
close all ports
firewall settings for EC2
etc etc (general linux box lockdown)
seems wonky. i must've changed something.
are all random numbers being securely generated where this matters?
don't let non-server entities GET the cron urls. cookie? IP? Locked files instead of URLS?
launch app -> inbox screen -> home -> relaunch app
WTF?
This is wide open right now. Dar.......
What will happen to architecture when we can't count on things being in memory ever?
APP SHOULD NOT RELY ON MEMCACHED!!!!
THIS IS REALLY IMPORTANT
try doing movement based on top right pixel instead of center?
Implement observer pattern using ConcurrentHashMap instead.
Let users submit email address - recover accounts on new phones.
Rather than using ghetto sdb.php
Is this better?
What happens in the worst case scenario of 100% compromise. Can we rebuild from backups on new servers quickly?
Can you change the default github branch to client? It's a pain having to switch each time.
All account handshakes should be over SSL. A lot of other stuff too.
Cannot have 777 folders sitting on server (logs & crash reports)
When a new user signs up, the nearest live user gets a referral bonus (lots of points)
We need to increase inbox listview performance.
Perhaps we can only draw the collapsed state and only attach 1 click listener for expansion - onExpand somehow invalidate 1 or all views, and onDraw (getView) we can just add all the listeners and crap if and only if it's expanded.
Uhh... don't allow blank shit. Cap input length. Etc.
Make sure no SQL injection like attacks are possible on SDB.
Blocking IP's who hammer too hard
can we do anything about this?
We need to increase inbox listview performance.
Perhaps we can only draw the collapsed state and only attach 1 click listener for expansion - onExpand somehow invalidate 1 or all views, and onDraw (getView) we can just add all the listeners and crap if and only if it's expanded.
We shouldn't be storing phone numbers.
Encrypt these with monthly / daily keys pulled to thumb drives or something?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.