Friday Facts #287 - Just bugs again
Re: Friday Facts #287 - Just bugs again
Changes: old bugs fixed, new bugs added.
Re: Friday Facts #287 - Just bugs again
Oh Sanqui that was your chance to bring XKCD on again: https://xkcd.com/327/
Re: Friday Facts #287 - Just bugs again
well, since factorio login didn't accept my steam name in kanji, spaces in name are less issue imo
Re: Friday Facts #287 - Just bugs again
99 little bugs in the code.
99 little bugs in the code.
Take one down, patch it around,
117 little bugs in the code.
99 little bugs in the code.
Take one down, patch it around,
117 little bugs in the code.
Don't forget, you're here forever.
Re: Friday Facts #287 - Just bugs again
That's awesome that bug fix! I notices it many times. But that usernames.. really? No server-side validation? :/ I hope that you store our passwords in slow hashes like 'bcrypt' (or another alternatives) and not in MD5 or at worst in plaintext.
Re: Friday Facts #287 - Just bugs again
For some reason every pic/webm went 404. Is it my local ISP blocking stuff? Anyone else with same problem?
EDIT: it's gone. Refresh do the trick. Perhaps I came too earliy that cdn didn't fetch stuff properly yet.
EDIT: it's gone. Refresh do the trick. Perhaps I came too earliy that cdn didn't fetch stuff properly yet.
Last edited by glee8e on Fri Mar 22, 2019 4:18 pm, edited 1 time in total.
Re: Friday Facts #287 - Just bugs again
I think just hearing some of those usernames must have made that mistake more than worth it.
Was ' or 1=1; -- the cause of your matching server problems yesterday?
Anyway, good work continuing to fix bugs and tell me my 1-in-a-million flukes aren't going to get fixed. It's also nice to hear of (hopefully) an end to the obscure splitter bugs.
Was ' or 1=1; -- the cause of your matching server problems yesterday?
Anyway, good work continuing to fix bugs and tell me my 1-in-a-million flukes aren't going to get fixed. It's also nice to hear of (hopefully) an end to the obscure splitter bugs.
There are 10 types of people: those who get this joke and those who don't.
Re: Friday Facts #287 - Just bugs again
Server-side validation is the thing that got accidentally broken (bypassed).
Passwords are hashed with bcrypt.
ovo
- SuperSandro2000
- Filter Inserter
- Posts: 742
- Joined: Sun Jan 12, 2014 3:54 am
- Contact:
Re: Friday Facts #287 - Just bugs again
Press F for NOT THE BEES!!!!!, your mum lives in a tent, and ' or 1=1; --
Please call me simply Sandro.
My Main Mods: Sandro's fixes, Expanded Rocket Payloads Touched by an AngelBob and more can be found here
My Main Mods: Sandro's fixes, Expanded Rocket Payloads Touched by an AngelBob and more can be found here
Re: Friday Facts #287 - Just bugs again
Would have been simpler, and a better idea, to just let the ban commands have proper quoting applied, so you can ban "awkward user name".
The restrictions on usernames just suggest laziness around the "we don't want to have to care about sanitising our string-handling, we'll just limit what the user can put in a username", with knock-on effects like unbannable users because of a string-handling mistake in an entirely different service months before.
Seriously, guys, there are TONS of sensible string-handling libraries that could have managed this for you, and then people could have spaces in their names... like... ooh... I don't know... 99% of the English-speaking populations out there?
It's all very Windows 3.1. What next, we can't have more than 8 characters?
The restrictions on usernames just suggest laziness around the "we don't want to have to care about sanitising our string-handling, we'll just limit what the user can put in a username", with knock-on effects like unbannable users because of a string-handling mistake in an entirely different service months before.
Seriously, guys, there are TONS of sensible string-handling libraries that could have managed this for you, and then people could have spaces in their names... like... ooh... I don't know... 99% of the English-speaking populations out there?
It's all very Windows 3.1. What next, we can't have more than 8 characters?
-
- Fast Inserter
- Posts: 138
- Joined: Wed Apr 26, 2017 11:29 pm
- Contact:
Re: Friday Facts #287 - Just bugs again
There's some quite good reasons to disallow spaces in usernames on principle. The question is if we should have usernames at all. In my opinion the best setup is permanent id + email (for login) + display name, where the display name can be anything. But that is quite difficult to change at this point, even though it's on my roadmap.ledow wrote: ↑Fri Mar 22, 2019 4:24 pmWould have been simpler, and a better idea, to just let the ban commands have proper quoting applied, so you can ban "awkward user name".
The restrictions on usernames just suggest laziness around the "we don't want to have to care about sanitising our string-handling, we'll just limit what the user can put in a username", with knock-on effects like unbannable users because of a string-handling mistake in an entirely different service months before.
Seriously, guys, there are TONS of sensible string-handling libraries that could have managed this for you, and then people could have spaces in their names... like... ooh... I don't know... 99% of the English-speaking populations out there?
It's all very Windows 3.1. What next, we can't have more than 8 characters?
ovo
- BlueTemplar
- Smart Inserter
- Posts: 2637
- Joined: Fri Jun 08, 2018 2:16 pm
- Contact:
Re: Friday Facts #287 - Just bugs again
michael wrote:Our UX guy is asking us to allow spaces in usernames. The caveat is that they should be allowed anywhere.
user568458 wrote:suppose I enter my username as Experts Exchange, the system will silently translate it into expertsexchange, and the system will direct queries for a user with username Expert Sex Change to my account?
P.S.: Doesn't "email (for login)" have its own set of problems ?
(Albeit, a much smaller set... mostly an issue when email change is not allowed ad/or that email gets undesirable/unavailable...)
BobDiggity (mod-scenario-pack)
Re: Friday Facts #287 - Just bugs again
Just hash the username on the way in and store that in the DB.
Re: Friday Facts #287 - Just bugs again
I don't see a difference between 1st and 2nd animated gif with splitters.
I see fully filled belt of fuel, where you inserting plates, two in a row. They fit like ...fffffPfPfff... Splitter takes one from each side and move to output. What else could we expect? Actually I never thought how splitters merge two belts, now I see - they do it one by one. Other possible way was, that they works like inserters, and grab several items at once.
Do you mean that on 1st picture output belt becomes not fully compressed, and there was a gap at some point?
I see fully filled belt of fuel, where you inserting plates, two in a row. They fit like ...fffffPfPfff... Splitter takes one from each side and move to output. What else could we expect? Actually I never thought how splitters merge two belts, now I see - they do it one by one. Other possible way was, that they works like inserters, and grab several items at once.
Do you mean that on 1st picture output belt becomes not fully compressed, and there was a gap at some point?
-
- Long Handed Inserter
- Posts: 69
- Joined: Tue Apr 17, 2018 11:45 pm
- Contact:
Re: Friday Facts #287 - Just bugs again
In the first gif, the splitter introduces gaps in the output when it merges in the iron plates, highlighted by the debug option (the white lines). In the second gif it's fully compressed.Dixi wrote: ↑Fri Mar 22, 2019 7:43 pmI don't see a difference between 1st and 2nd animated gif with splitters.
I see fully filled belt of fuel, where you inserting plates, two in a row. They fit like ...fffffPfPfff... Splitter takes one from each side and move to output. What else could we expect? Actually I never thought how splitters merge two belts, now I see - they do it one by one. Other possible way was, that they works like inserters, and grab several items at once.
Do you mean that on 1st picture output belt becomes not fully compressed, and there was a gap at some point?
-
- Burner Inserter
- Posts: 6
- Joined: Fri Mar 01, 2019 5:11 am
- Contact:
Re: Friday Facts #287 - Just bugs again
I notice that you're using a loader in the belt compression examples, albeit with the placeholder asset. Loaders also show up in the NPE, although they cannot be crafted by players. Is this indicative of plans to fully implement loaders, or are you planning on leaving them as 'campaign only' items? Will there be any benefit to using a loader for, say, side-loading a belt, as in the example you're using compared to direct belt side loading or using a stack inserter?
Re: Friday Facts #287 - Just bugs again
Very interesting to see the crash data graph, especially since the changelogs aren't showing as many "fixed crash" lines in the past week.
- 5thHorseman
- Smart Inserter
- Posts: 1193
- Joined: Fri Jun 10, 2016 11:21 pm
- Contact:
Re: Friday Facts #287 - Just bugs again
Maybe one bug caused 1000 crashes.