Silverwulfess Posted October 29, 2017 Share Posted October 29, 2017 Anyone looked into this or use it? I see one post about it being available for a game but still see it looks to be in development. Any insight would be fantastic Quote Link to comment Share on other sites More sharing options...
SilverBrick Posted October 29, 2017 Share Posted October 29, 2017 @Design1online - she is developing and creating the pgf framework and @Vix use it for making celestial equine an nice horse game ^^ i was also using it but i choosed mysidia because i think mysidia have a great amount of potential if we use it in correct way Quote Link to comment Share on other sites More sharing options...
Design1online Posted October 29, 2017 Share Posted October 29, 2017 (edited) It is still in development, however there are multiple pre-orders that already have access to the code. @Vix is currently using it on her game Celestial Equine, that's the only one I know of that is open so far. It won't be out of development until all the pages are converted to use bootstrap and it has 100% unit test coverage. We're at about 30% test coverage right now but there are over 10,000 lines of code. Edited October 29, 2017 by Design1online Quote Link to comment Share on other sites More sharing options...
Design1online Posted October 29, 2017 Share Posted October 29, 2017 This is from about a month ago. 1 Quote Link to comment Share on other sites More sharing options...
Digital Posted October 29, 2017 Share Posted October 29, 2017 @Design1online, I believe what was kinda asked wasn't so much testing or code coverage, but features or benefits to PGF over say another framework. Can you elaborate on that? Quote Link to comment Share on other sites More sharing options...
Design1online Posted October 30, 2017 Share Posted October 30, 2017 (edited) 17 hours ago, Digital said: @Design1online, I believe what was kinda asked wasn't so much testing or code coverage, but features or benefits to PGF over say another framework. Can you elaborate on that? It's designed specifically for pet games and generic frameworks are not. The list of features is below: Easy Installer Upload the files and you’ll be walked through the installation process Includes 5 pets, 9 items and default game configuration data to get you started Documentation Fully documented code base PDF help file Section for owners Section for developers Protocol Support Http or Https Optimization Follows PSR standards Stash filesystem caching to reduce database load PHPDocumentor code comments PHPUnit tests Full code coverage Mod-rewrites for easy to remember URLs Dynamically loaded javascript files Dynamically loaded css stylesheets Layouts HTML5 Bootstrap 3.5 Fully responsive for websites, tablets and phones Customizable style sheets Customizable meta data Customizable player and pet pages Customizable icons customizable icon animations 3 page arrangements TinyMCE WYSIWYG editors Font Awesome icons 50 color themes Multi-Language Support Languages files included English Spanish Italian German French Danish Swedish Russian Romanian Norwegian Polish Portuguese Set a default game language Allow players to switch the game language if multiple are enabled 71 languages officially supported PayPal Payments Integration Manual payments IPN Automated payments Payment reports and transaction log Permissions System Administrators – full game customization and moderation functionality Staff – limited game customization and moderation functionality Moderators – only moderation functionality Players – a user with no additional permissions Customizable to add additional permission groups Extensive Admin Panel Manage the game, pets and players without any programming knowledge Custom Emails Join/lost password email Mass emails players General Gameplay Generate alpha accounts Open/close joining the game Open/close the entire game Daily/hourly cron jobs Toggle entire game functionality Genetics Dynamic Images (only if GD support enabled) Clubs Player Shows Players Toggle multiple accounts Username Player name Avatar Referral system Encrypted passwords Player editable page Upgrades Inventory Shops Pets Custom breeds Custom colors Custom traits strength, speed, etc Custom attributes health, energy, etc Custom genetics Dynamic images (only if GD support enabled) Items Equippable Consumable Breeding Customizable % of traits passed down to offspring Single offspring or litters Offspring List Pedigree Competitions Training Sales/Auction Shelter Rescue Abandon Upgrades Enter special competitions Access to upgraded forums Custom avatar image Access to player journal Higher allowance Higher bank interest Monthly special item Licenses Limit the number of pets a player can own Search Pets Players Items Competitions Mail In game messages Friends List Quick access to the player’s friends Blocked List Allows player to block other users from messaging them or responding to their posts Bank Allowance Interest Savings Transaction log Clubs Elections for president and vice president Customizable page Can create shows Pets/players can join Hall of Fame Players Pets Message boards Categories Topics Sticky posts Bump posts Recent posts Active topics Newspaper Comments Up vote/down vote Polls PHP Chat Room Mini Games Hangman Tic-Tac-Toe Guess the Number Pong Rock, Paper, Scissors, Lizard, Spock Edited October 30, 2017 by Design1online 2 Quote Link to comment Share on other sites More sharing options...
nobackseat Posted July 18, 2018 Share Posted July 18, 2018 Quote Players Toggle multiple accounts Username Player name Avatar Referral system Encrypted passwords Player editable page I really hope you're not encrypting passwords and you're just mixing up the terminology here. There's no reason to need to decrypt passwords and it's frankly an invasion of privacy. Passwords should be hashed. NBS Quote Link to comment Share on other sites More sharing options...
Design1online Posted July 18, 2018 Share Posted July 18, 2018 18 hours ago, nobackseat said: I really hope you're not encrypting passwords and you're just mixing up the terminology here. There's no reason to need to decrypt passwords and it's frankly an invasion of privacy. Passwords should be hashed. NBS No it's not a typo. Passwords are encrypted with SHA256 so they can be sent back out in an email without having to reset them every time you forget them. Even passwords that are hashed can be unhashed with enough time or through the use of hashing databases. Nothing is ever completely fool proof, even a password that's being hashed can be caught over wireshark, keylogger, unsecure wifi or a wifi pineapple -- hence why there are multiple types of hashing and encryption algorithms out there. The beauty of PGF is that if you don't like how something is done you can easily change it to do something different so you're free to hash it, reverse it, plain text it or convert it into emoticons or lolcatz if you really wanted to. Quote Link to comment Share on other sites More sharing options...
nobackseat Posted July 19, 2018 Share Posted July 19, 2018 (edited) Woah, hang on. Quote No it's not a typo. Passwords are encrypted with SHA256 so they can be sent back out in an email without having to reset them every time you forget them. SHA256 is a hashing algorithm. So what are you actually using for your encryption? Password resetting should be the expected behavior here. It's what I expect when I've forgotten my password and I'm sure most people would say the same. I don't think anyone actually expects their passwords to be emailed to them. This also opens your users up to huge risk because odds are many of them use the same passwords on sensitive accounts such as their email or bank account. Quote Even passwords that are hashed can be unhashed with enough time or through the use of hashing databases. Nothing is ever completely fool proof, even a password that's being hashed can be caught over wireshark, keylogger, unsecure wifi or a wifi pineapple -- hence why there are multiple types of hashing and encryption algorithms out there. I'm not following your point here. Because it could be compromised elsewhere means it's OK to store them improperly and send them over email? Besides, it's a false equivalence. The cleverly named password_hash function if you're using PHP has a built-in salt and is rainbow-table safe. If you were to leave the cost set to the default, and you have some basic password requirements (eg, minimum of 6 characters, etc) it would take years to find a match, conservatively speaking. Quote The beauty of PGF is that if you don't like how something is done you can easily change it to do something different so you're free to hash it, reverse it, plain text it or convert it into emoticons or lolcatz if you really wanted to. That's great, but I believe the responsible thing is to have it secure by default. Anyone else want to chime in here? I think this is a good discussion to have. NBS Edited July 19, 2018 by nobackseat Quote Link to comment Share on other sites More sharing options...
FearZero Posted July 19, 2018 Share Posted July 19, 2018 @nobackseat is very correct here. Affirmation/Clarification for anyone unaware: Hashing algorithms are a branch of cryptographic algorithms, definitely not "encryption" as the input for these algorithms are not designed to be reversed. Best practices in handling passwords is to NEVER email passwords. Email is not a secure channel of communication, even if your mail server reaches out over SSL initially. You never know how email gets routed after it leaves your network. If the use of the word "unhash" means to be equivocal to "decrypt", there is a fundamental misunderstanding somewhere here. Due to the rare potential of collisions in hashing algorithms, you can't assuredly get the original input for a resulting hashsum. The only way to this very day to reverse engineer the input from a hash table is by either pre-computed (think rainbow table lookups) or active brute forcing. When it comes to handling passwords, you as an entity do not want to know the user password or transmit it. You only want to receive it as input and forget that input immediately. Ideally if you can receive some form of token, a token would be better than a password for security. Especially if it's like the tokens provided by Google Authenticator or one of the RSA algorithms. Failure to do anything less than forgetting the password as soon as you receive it results in more vectors of vulnerability that an intruder can use to exploit your user base. As a result, this also has vast legal implications. Lets Talk About Cryptography! (I like crypto! WOO!) Going to try to stay pretty broad here. Generically the very fundamental meaning of cryptography is to use an algorithm to take input and yield an output that is indistinguishable from the initial input. These algorithms are known as ciphers. Most ciphers aim to typically achieve 1 of two potential goals which are encryption or message verification. The AES cipher intends to take input and provide ouput that can only be deciphered if you know the key used to make the output. Typically you will see ciphers for this intended us are rooted deeply in symmetric algorithms, where you have one algorithm for encryption with at least 2 inputs (message, key) and another algorithm for decryption the requires at least 2 inputs (encoded_message, key). The actual math used between the encryption and decryption assumes a shared number of sorts. The SHA family of ciphers take input and provide what is known as a hash sum that can not be deciphered by design. Most hashing algorithms are intended for verifying authenticity of a message (or some other input). Hashing algorithms typically have a form of recursion, so that after iterating input, math can still continue to product output. Before output is provided, it is expected that only part of the yielded sum from whatever math is being done gets arbitrarily lopped off. A really major use of hashing algorithms right now is in cryptocurrencies, due to the inherent nature of verifying data on a block chain. There's a lot more to this topic really, because there's so many ciphers with varying degrees of purpose, in addition to cipher suites (just tool kits essentially), that provide tools for signing, verifying, encrypting, decrypting, and even doing math on encrypted data. If you ever want to learn more, I highly recommend picking up some blockchain knowledge. The simplest "Writing your own Blockchain" guide I ever read that explains it decently is probably here: https://medium.com/@mycoralhealth/code-your-own-blockchain-in-less-than-200-lines-of-go-e296282bcffc Back to the topic at hand? (lol) So to kinda roll this back into the original discussion, @Design1online you are writing a VPG framework? Is this on github? I'm been a fan of what I have watched @owlmanatt do historically with making KittoKittoKitto and he's like low key working on ZuttoZuttoZutto from what I can tell. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.