Random Thoughts & chat

  • That's an incorrect way of thinking...

    Way more important: User input is evil. This is sort of similar to your statement, but it is far more important in terms of security.

    User input is golden, because you cannot read people's minds (nor can I) and the best way of knowing what people want and need is for them to speak out.


    Getting more people to speak out is often a problem, because people tend to silently pass good or bad judgement without giving feedback and thus you're often clueless (or poorly misinformed based on too small of a group speaking out).


    So the key is to encourage more people to speak up and get feedback, because the more you have to pull from the more you know. ;)

    Edited once, last by Aslan ().

    • Official Post

    User input is golden, because you cannot read people's minds (nor can I) and the best way of knowing what people want and need is for them to speak out.

    I guess we're not talking about the same thing. With "user input" I mean all sort of data received by the application from the user. So many sites get compromised because they do not sanitize user input, SQL Injection to name the most common issue. This should be obvious to every developer, but they still fail for no reason.


    For example your page as an input field for numbers where the browser enforces the field to be filled in with numeric values only. A developer MUST validate the input received to check if it is actually a number, because a user can manipulate things to transmit bogus values. That's why I said it is somewhat similar to your statement that if a user can break something, it is just a matter of time.


    Yet your thought focuses a bit more on the user interaction and less on the criminal mindset behind trying to exploit security issues.

  • I guess we're not talking about the same thing. With "user input" I mean all sort of data received by the application from the user. So many sites get compromised because they do not sanitize user input, SQL Injection to name the most common issue. This should be obvious to every developer, but they still fail for no reason.
    For example your page as an input field for numbers where the browser enforces the field to be filled in with numeric values only. A developer MUST validate the input received to check if it is actually a number, because a user can manipulate things to transmit bogus values. That's why I said it is somewhat similar to your statement that if a user can break something, it is just a matter of time.


    Yet your thought focuses a bit more on the user interaction and less on the criminal mindset behind trying to exploit security issues.

    You're of course correct, but that is an automatic given (or at least it should be with any experence).


    My original thought was concerning the mentality and I sort of kept with that concept. Because I don't doubt the skill of most developers, but rather the mindset behind it.


    My original thought was concerning the mentality and I sort of kept with that concept. Because I don't doubt the skill of most developers, but rather the mindset behind it.

    ^ To clarify...


    I think most developers everywhere have a large disassociation between the consumer and end user.

  • Time out guys..


    So Adam, You are actually from where? What is your relation with Turkey since your nickname is Turkish and it's aslo the meaning of your avatar.

  • Time out guys..


    So Adam, You are actually from where? What is your relation with Turkey since your nickname is Turkish and it's aslo the meaning of your avatar.

    Ha ha ha ha ha. :P


    People are funny...


    When I want them to expand their horizons and think outside the box, they can't look past their nose. And yet when there is nothing more to see or know, they manifest things out of thin air.


    https://en.wikipedia.org/wiki/Aslan


    My relation and association with Turkey is I know a few folks who are from there (dated a girl once who was Turkish). I have done a few side jobs (administrative) on a few websites located or targeted toward people in Turkey. And it's one of the few places I wouldn't mind visiting, maybe (of course I want to see most of the world). But beyond that.... Not much else.

  • I don't spend my time to watch that kind of movies, i believe which have pointed for kids in first place, at least my kids like those kind of movies much more than anyone i see.


    However even you think out side of the box it doesn't change the fact that "Aslan" name is Turkish like your referred wikipedia page says. So thinking out side of the box doesn't change facts right?


    i hope you would like Woltlab's framework and softwares as much as we do which is another fact. ;)

  • Not everything is appropriate to bundle together.


    Thus you don’t learn it to do not post several posts after each other, the’re getting deleted now until you learned it.

    Enjoy the delete button. It's your new best friend.

  • It’s simply a rule here. So you have to respect it.

    It goes against my nature and the nature of how people use forums (this is the only place that does that). I can attempt to merge everything (as I have tried), but I cannot guarantee because it against my intuitive instinct.


    As I said, enjoy the delete button.

  • this is the only place that does that

    Ehrm ... nope.
    There are even plugins to disallow or auto-merge double posts for different forum softwares like phpBB or XenForo ;)

    » Hat zu tief ins Glas geschaut: Hellseher verletzt sich an Wahrheitskugel «

    GitHub

  • Ehrm ... nope.There are even plugins to disallow or auto-merge double posts for different forum softwares like phpBB or XenForo ;)

    The sites I visited either have those installed or do not have such rules. Either case, my posting habits and that of others are not required to change

  • I also don't know a single forum where double posting is not impossible or at least disallowed. This is definatley a web standard. On the other hand, in a thread like this it seems pretty okay to do so.


    It's called "random thoughts" - and a new thought added by editing doesn't get attention as the post isn't marked as new, afaik. Also it really doesn't make much sense to stack up random thoughts.


    But, rule is rule.

    Meine Beiträge stellen - sofern nicht ausdrücklich anders gekennzeichnet - ausschließlich meine subjektive und aus Erfahrung und / oder Reflexion gewonnene Meinung dar und sind nicht als Fakten zu verstehen. Meinungen sind persönliche Ansichten und benötigen keine Belege. In Deutschland gilt nach Artikel 5 des Grundgesetzes Meinungsfreiheit. Meine Beiträge stellen keine Rechtsberatung dar, hierzu bin ich nicht befugt.

  • You're right. :thumbup:


    I also don't know a single forum where double posting is not impossible or at least disallowed. This is definatley a web standard. On the other hand, in a thread like this it seems pretty okay to do so.


    It's called "random thoughts" - and a new thought added by editing doesn't get attention as the post isn't marked as new, afaik. Also it really doesn't make much sense to stack up random thoughts.


    But, rule is rule.

    It is sort of a web standard concerning forum conversations. And in a thread such as this one, it is all but guaranteed to happen.


    It's not something you consciously try to do good or bad... You just instinctively do it, because it is the general norm.


    edit: Auto merge post

  • Yes, this thread was not the best example but everybody who is active here for the last months knows exactly what my post was meant to be. It is disallowed here – in this topic really nobody cares I think, but in other topics it is just annoying – so it has to be discontinued by you, @Aslan.


    In this case there is no “free will” in following this instructions. It is a rule, which has to be followed.

  • Yes, this thread was not the best example but everybody who is active here for the last months knows exactly what my post was meant to be. It is disallowed here – in this topic really nobody cares I think, but in other topics it is just annoying – so it has to be discontinued by you, @Aslan.


    In this case there is no “free will” in following this instructions. It is a rule, which has to be followed.

    Please direct me and everyone else here to the written rules so that I and others may know them. I have not found any such rule.


    Also as pointed out... While it may be a rule... It is unintentional if broken, because it goes against how people naturally would conduct a conversation on any given forum... Especially, in this thread.

  • Sincerely, this case seems a personal problem. Yes, there are unwritten rules, for a good community. For example, when you have to add more information in a post, obviously the correct thing is edit the first post. But in some cases maybe a second post is the best solution, and we all know when to make an exception.


    This thread is a offtopic thread. One thread to take a break and speak easy. I think this thread don't need a very formal rules. Is not the same a bug report (a very important thread) than a offtopic thread about the life problems (a trivial thread).


    Obviously, different random thoughts need differents posts: because are independent ideas in differents moments.


    -----


    Sincerely, I don't like the current atmosphere of this community... (I participate less for this reason)


    A quick explanation of my case...

    (...) I know what is the feeling of frustration and I see how some active members of this community are frustrated (They receive negatives, bad answers, are ignored...) for some time now. Personally, sometimes I feel like a beta tester but paying. (...)

  • I completely agree. Although I would add that as far as I know there isn't any written rules either (anywhere on the site), which I feel is a problem. And as you stated, this thread should be a place to relax.


    Random thought...


    History will document fairly well that there was once a governing body that the only way you knew about the rules was once you broke them and then it was too late.





    edit:Woltlab Official Site Rules ?

    Edited once, last by Aslan ().

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!