Collect [GUI] | App Store

Hey,

I've been working on a program that I call 'Collect' for the past few days.

It's a really basic app store, with the ability to upload apps from the CC client.

The pastebin code: eKV1GeMg

Screenshots:

Spoiler

Change log:

Spoiler

a0.3 - 23rd June, 2015

Spoiler

Quite a big overhaul! I redid the app from the ground-up. A lot of things have been changed. The changes:
- Converted to work with Dannysmc's app store database.
- Redid the front page interface, more coming in the next release.

For reference, this app is not complete. It is in a very early state (alpha), and there is a lot more work I need to do.

I am aware of a few bugs/glitches present in the program, but I'm in the process of fixing these. Should be done by the next release.

It would be interesting to hear your thoughts and criticism on this.

Thanks,

- Sam :)/>

Important: There are A LOT of incomplete things in this release, I'm planning a new release soon with all of these features added. These are kinda important, like the other page and the settings page.

Oh, and also, the screenshots are currently out of date. I'll fix that soon.

SGunner2014, on 07 June 2015 - 05:26 PM said:

Oh, and passwords are hashed using md5.

Please use one of the sha2 algorithms, like sha256. md5 is known to be breakable. Also, consider salting the passwords.

Anyway, it's interesting to see another app store being built for the CC community. It's nice to see more app stores here, maybe one will become very popular.

MKlegoman357, on 07 June 2015 - 05:51 PM said:

SGunner2014, on 07 June 2015 - 05:26 PM said:

Oh, and passwords are hashed using md5.

Please use one of the sha2 algorithms, like sha256. md5 is known to be breakable. Also, consider salting the passwords.

Anyway, it's interesting to see another app store being built for the CC community. It's nice to see more app stores here, maybe one will become very popular.

I'm in the process of switching the system over to SHA512.

Salting is also coming in the next update, don't worry :)/>

And finally, thanks!

- Sam

MKlegoman357, on 07 June 2015 - 05:51 PM said:

SGunner2014, on 07 June 2015 - 05:26 PM said:

Oh, and passwords are hashed using md5.

Please use one of the sha2 algorithms, like sha256. md5 is known to be breakable. Also, consider salting the passwords.

Anyway, it's interesting to see another app store being built for the CC community. It's nice to see more app stores here, maybe one will become very popular.

I believe you don't have any evidence to back that up about md5.

Mayushii, on 07 June 2015 - 07:44 PM said:

MKlegoman357, on 07 June 2015 - 05:51 PM said:

SGunner2014, on 07 June 2015 - 05:26 PM said:

Oh, and passwords are hashed using md5.

Please use one of the sha2 algorithms, like sha256. md5 is known to be breakable. Also, consider salting the passwords.

Anyway, it's interesting to see another app store being built for the CC community. It's nice to see more app stores here, maybe one will become very popular.

I believe you don't have any evidence to back that up about md5.

Have a look here

Mayushii, on 07 June 2015 - 07:44 PM said:

I believe you don't have any evidence to back that up about md5.

You're right, I never actually looked at why md5 is considered insecure. Here's a nice link I found which has a nice answer.

MKlegoman357, on 07 June 2015 - 07:47 PM said:

Mayushii, on 07 June 2015 - 07:44 PM said:

I believe you don't have any evidence to back that up about md5.

You're right, I never actually looked at why md5 is considered insecure. Here's a nice link I found which has a nice answer.

MKlegoman357, on 07 June 2015 - 07:47 PM said:

Mayushii, on 07 June 2015 - 07:44 PM said:

I believe you don't have any evidence to back that up about md5.

You're right, I never actually looked at why md5 is considered insecure. Here's a nice link I found which has a nice answer.

Yeah, cracking an MD5 password would be considered fast.
Though salting MD5 passwords and containing a unique salt for each account would slow the process down significantly, despite the problems.

In the past, an attack on NDFJay's OS proved effective because the passwords were just purely md5'd with no salt.

I agree that using SHA256 would be more effective, but not because there are any underlying "exploits" or reversibility involved.
More than anything, it's about slowing down the cracking process and using salts to prevent Dictionary attacks like This site.

Version a0.3 released! See the post for more information.

I tried it on ccemuredux, and it gave me an error.

collect:38: attempt to index ? (a nil value)

If this ever works, then Collect will surely be welcome in the CC community.

You might be getting that error because CCEmuRedux is still CraftOS v1.6. I looked at the code and it doesn't seem to be an issue, but I know I've had weird issues going from CraftOS 1.6 to 1.7

I got the same error as LDDestroyer

LDDestroier, on 23 June 2015 - 03:24 AM said:

collect:38: attempt to index ? (a nil value)

Because your website is currently offline. Though I am unable to launch the program it looks like it will be cool.

Thefdjurt, on 10 July 2015 - 08:09 PM said:

I got the same error as LDDestroyer

LDDestroier, on 23 June 2015 - 03:24 AM said:

collect:38: attempt to index ? (a nil value)

Because your website is currently offline. Though I am unable to launch the program it looks like it will be cool.

Yeah, at the moment my host is having some trouble with connectivity. Sorry about that, should be back up in the next few days (hopefully)