Users browsing this thread: 12 Guest(s)
Suggestions
This is something I've wanted for a while and I think it's being introduced with MyBB 2.0 but for now, it's not possible (unless I've been overlooking the feature for years somehow).
Reply
Thanked by: puggsoy
Ok, I have a small suggestion of my own in terms of submissions.

When I uploaded my sprite-rip of the special items from LEGO Battles, I got a message from Mighty Jetters about the sheet icon. The only reason I skipped that step is because it said "optional" , and ofc, it obviously was. I wouldn't have had a single problem with making an icon if that was required. That said, why not just make it mandatory? It would save your staff a LOT of effort, because whether it's making an icon themselves, or sending a PM that an icon is needed, productivity is lost from doing it. And it also further delays the sheet/model/whatever getting approved in the long run. Would this be possible to change? As I said, I have no issue with making icons, and to be blunt: anyone with the time/patience/skills to rip a sprite or model, or what have you, should have the time, patience, and skills to make an icon for it, if necessary.

Now, as for the model previewer, that sounds cool...
It'd definitely be nice, but as you've pointed-out, there are MANY inconsistencies with the models and textures that complicate matters. Now, as for html5 or flash, I'm obviously not going to say which you should use, but I would like to explain mine, and some others standpoint on the matter. Firstly, html5 is not entirely new. It's simply another version number, some new tags/features, etc... plastered on html, css, and javascript. It's being called a "standard" , but much of it is WIP, and all the web browser devs choose to implement it pretty much, however they want. (hence the vendor-specific tags in css3) Its performance when compared to flash also tends to be pretty poor, some of that may be directly tied to its core programming language, javascript. Another thing, javascript isn't truly object-oriented, and...ugh...the code to "Extend" a class in javascript, it gives me nightmares, it hurts my head, etc... That said, I avoid using inheritance in my html5/javascript programs, and will continue to till I have an IDE set-up for it. Now, flash... Performs generally a lot faster. I've had very few flash games cause me lots of lag, and these all had one or more of poor resource management, hd graphics, or they were extremely vector-heavy. I've personally never run into its security issues. Flash has graphical IDEs available, and as far as I know, html5 has very few. The only factor I've observed that generally (and dramatically) impacts flash performance for me has been the specs of the device I'm using, whereas html5 has varying performance, and even, compatibility, across different browsers. Flash has ok documentation/tuts, i find it hard finding anything super-reliable for html5 at times. Not gonna start the Apple/Google/whatever Propaganda thing, but...I'll say this much of Apple: I hold above anything else, disrespect, discontent, and distrust for them. This is based on some of their more recent actions, which quite frankly, are unethical and/or insane, but let's not go into a huge discussion about this, so, I leave it at that.

With all that said, when/if you add a model/previewer, develop with whatever you see fit. But, don't just dis or toss-aside the "old technology" , meanwhile praising the "new and improved" stuff as if it were Jesus Christ, himself. (no offense, but I kinda picked-up that vibe from your previous posts on this matter) Flash isn't perfect, but neither is html5. People have their reasons for choosing whichever of the two, and that is ultimately their decision. Also, whether we like it or not, flash, java, and other older, or ancient technologies still dominate the web. Unfortunately, just dropping them, and/or demonizing them to the point we cause others to drop them would be just as chaotic as leaving them there, forever, or never updating them. Also, I'll at least give credit to adobe and orcacle/sun for at least, making security patches. Flash does need to die, though not totally, there are too many games that go with it... that'd be comparable for all emulation/sprite sites to go and delete anything and everything to do with, let's say, nintendo gameboy, because it's "obsolete". Flash offers many benefits, the only way to get people to quit using it is to offer something with the same, or more. html5 so far can't compete in those regards... One of my personal programming projects is to port an as3 flash game, that's slowly dying internally for some reason, to html5. I've not found this an enjoyable experience. I've chosen to do pure javascript, with maybe one exception being jquery for loading external data files. Now, so far, I've been doing basic rendering/asset-related stuff. The graphics preparation, data-encoding, and other stuff have really been tedious and at times, frustrating. I'd be ok with nearly every part of flash dying forever, except for the graphics and animation capabilities. html5 really cannot match that right now. That's my $0.02 on that matter, but ugh...my intention wasn't this massive textwall...sorry gl with whatever you choose!
Reply
Thanked by:
That was quite a read and you brought up some fair points so I'll try to address them as well as I can.

With regards to icons being optional and the speed at which submissions are reviewed, there are a couple of things that need to be made a bit more clear. First and foremost, our staff is very small and handles a tremendous amount of submissions. Since the introduction of the new submission system, the volume of submissions has only increased. They volunteer their time and do their best but with so much to do, it takes a while to make it through the entire queue. Some submissions will be processed faster than others, notably when they come from someone who has proven themselves in the past and provides everything up front, which brings us to your point about optional icons.

Icons were originally made optional because they required very specific formatting. With the new icon setup, it's now just a specifically sized image and, in reality, could be made mandatory due to the ease of their creation. It's just something we never really discussed but now that it's been brought up, it's worth considering as it would greatly reduce the burden on staff. Where do we draw the line though? Do we make all icons required? How about the large preview icons on tMR? In theory, those should be just as easy if you're already making the main icon but tMR is also a special case in that the models need to be rendered to make the icons. Requiring them would take a huge amount of work out of the approval process for models but may also make people simply not submit them so there's a balance that needs to be considered here.


Edit: I spoke to Dazz about making the icons mandatory and he pointed out one very important point that I totally forgot - not everyone has the capability to work with transparency. Many submissions are laid out in programs like Paint which have no native transparency support. Sure, there are plenty of free programs, like GIMP, that can deal with it but forcing members to install software just to continue submitting is a horribly user-unfriendly process. Consider them optional in the sense that they're not required to submit the form but including them with a quality submission will definitely help with getting your content up on the site faster.


Now, on to your points about Flash vs. HTML5. I realize I was very vocal about wanting to be done with Flash but I'm not sure all of my reasoning was clear. I wasn't trying to imply that HTML5 is some magical environment where everything works and nothing bad can happen ever. I'm fully aware that what we're calling HTML5 in this context is actually just new tags combined with JavaScript and CSS. My two main issues with Flash are security and compatibility.

We'll cover security first since it's actually the lesser of the two concerns in this case, but only by a small amount. Flash has been riddled with holes for a long time. It's a constant source of exploits and often the gateway to larger issues. I don't disagree that Adobe does a good job reacting quickly but the problem there is that it's almost always reactionary and often after damage has already been done. When working with something like a game, these issues may not be too likely to surface but you need to remember that this model viewer has direct access to the filesystem on the server and, as such, poses a much more significant threat. While there is no way to completely avoid potential problems when giving applications filesystem access, using JavaScript as the primary method of interaction forces all of the processing to happen on the client and reduces the number of ways it can be abused.


Edit: It was pointed out that I overthought this a bit and that, server-side security considerations are more or less the same as they'd be for JavaScript unless I'm missing something. Client-side security is still a consideration but that remains regardless of whether or not we use Flash for the model viewer. When writing this post initially, I remembered my original reason for wanting an end to Flash and spun it for this specific context instead of sticking to my original point regarding Flash being insecure as a whole. Sorry for the confusion.


Even if we ignore the security issues though, the big one for a site like this is compatibility. Looking at the last month of visits to tMR, a little over 10% of them came from mobile devices (either phones or tablets). This may not seem significant since that implies 90% came from desktops but 10% is still a good number of visits and a Flash-based model viewer wouldn't work for any of them. I realize our sites aren't currently optimized for a mobile experience yet (though it is on our roadmap) but if we're going to spend time developing a feature as complex as an embedded model viewer, it needs to work everywhere. That automatically means Flash is off the table for the final product.

All of that said, I don't hate Flash. It is great for games and the initial Flash model viewer that we've been playing with works wonderfully. It's just not worth putting time into it for real given everything I've just said. If you have any questions or would like anything further explained, feel free to ask but I hope this clarifies my views a bit more.
Reply
Thanked by: Shade, puggsoy, Garamonde
(08-27-2015, 09:17 AM)Petie Wrote: When working with something like a game, these issues may not be too likely to surface but you need to remember that this model viewer has direct access to the filesystem on the server and, as such, poses a much more significant threat. While there is no way to completely avoid potential problems when giving applications filesystem access, using JavaScript as the primary method of interaction forces all of the processing to happen on the client and reduces the number of ways it can be abused.

Either I or you misunderstand something here. I believe SWF files are just like JS files in this regard. They just get downloaded and their codes run on client side. Flash player can send requests but without something to respond to them on the server side, nothing will happen. There's a Flash Media Server program but you don't need to install it on your server to have SWFs on your site. SWFs are played by the Flash Player on client PCs (like JS are run by JVM on client) and I think as long as there're no malicious codes in their sources, SWFs can't harm client side either. Also I don't think someone can embed malicious code in their model archives which will somehow run when viewed by the 3Dviewer so both client and server should be OK. At the very least, server should have no risk since SWF is not a server side file (unless your server has an ability to run them).

(08-27-2015, 09:17 AM)Petie Wrote: Even if we ignore the security issues though, the big one for a site like this is compatibility. Looking at the last month of visits to tMR, a little over 10% of them came from mobile devices (either phones or tablets). This may not seem significant since that implies 90% came from desktops but 10% is still a good number of visits and a Flash-based model viewer wouldn't work for any of them. I realize our sites aren't currently optimized for a mobile experience yet (though it is on our roadmap) but if we're going to spend time developing a feature as complex as an embedded model viewer, it needs to work everywhere. That automatically means Flash is off the table for the final product.

Well, this concern is understandable but I have to warn, HTML5 never guarantees perfect compatibility either. Some browsers/devices may not be able to handle properly so at the end of the day, there's no absolute solution for all here. Still I hope someone can make one in HTML5.
Reply
Thanked by:
(08-27-2015, 09:49 AM)aceres Wrote: Either I or you misunderstand something here. I believe SWF files are just like JS files in this regard. They just get downloaded and their codes run on client side.

You're right. The SWF does download and run on the client side. Re-reading what I wrote, I suppose I did overthink it a bit since the requests the SWF makes would be the same, in essence, as those made by JavaScript. The rest of what I said still holds, though I think the security holes in Flash generally affect the client side, not the server, so this is likely less of a concern than I initially implied. I updated my original post to reflect this.

(08-27-2015, 09:49 AM)aceres Wrote: Well, this concern is understandable but I have to warn, HTML5 never guarantees perfect compatibility either. Some browsers/devices may not be able to handle properly so at the end of the day, there's no absolute solution for all here. Still I hope someone can make one in HTML5.

You're not wrong here either. However, while HTML5 does not guarantee perfect compatibility, Flash guarantees no compatibility with mobile devices so the HTML5 route is still a better option if it can be done.
Reply
Thanked by:
yep, fair enough
I think our security concerns lie much, much, much deeper than flash, though...
And in those regards, some of these "Security" trends concern me... I like how they're trying to pass-off electronic banking with your phone, and sites like KeePass as "safe"
anyways... there is a deep-rooted security/stability issue in most of the web/personal computing infrastructure, especially... IDK how deep, but Flash, Java, npapi are probably just barely scratching the surface of what's wrong. More recent articles even confirm FIRMWARE is insecure, and pretty much, always has been.


The icon thing... hmm...
yeah, the models would prove a bit of a challenge
But if someone were smart, they'd test a model before submitting it, could always make even a mediocre render during that time. But yep... I suppose that is a special case.

I don't really have any questions left, seems everything was explained quite adequately.
Reply
Thanked by:
(08-27-2015, 10:27 AM)DarkGrievous7145 Wrote: yep, fair enough
I think our security concerns lie much, much, much deeper than flash, though...
And in those regards, some of these "Security" trends concern me... I like how they're trying to pass-off electronic banking with your phone, and sites like KeePass as "safe"
anyways... there is  a deep-rooted security/stability issue in most of the web/personal computing infrastructure, especially... IDK how deep, but Flash, Java, npapi are probably just barely scratching the surface of what's wrong. More recent articles even confirm FIRMWARE is insecure, and pretty much, always has been.

Oh, of course, Flash is not the pinnacle of security concerns but it is known to be frequently exploited so it still makes sense to avoid it when possible.
Reply
Thanked by:
(08-27-2015, 10:33 AM)Petie Wrote:
(08-27-2015, 10:27 AM)DarkGrievous7145 Wrote: yep, fair enough
I think our security concerns lie much, much, much deeper than flash, though...
And in those regards, some of these "Security" trends concern me... I like how they're trying to pass-off electronic banking with your phone, and sites like KeePass as "safe"
anyways... there is  a deep-rooted security/stability issue in most of the web/personal computing infrastructure, especially... IDK how deep, but Flash, Java, npapi are probably just barely scratching the surface of what's wrong. More recent articles even confirm FIRMWARE is insecure, and pretty much, always has been.

Oh, of course, Flash is not the pinnacle of security concerns but it is known to be frequently exploited so it still makes sense to avoid it when possible.

yep
Reply
Thanked by:
(08-27-2015, 11:07 AM)DarkGrievous7145 Wrote:
(08-27-2015, 10:33 AM)Petie Wrote:
(08-27-2015, 10:27 AM)DarkGrievous7145 Wrote: yep, fair enough
I think our security concerns lie much, much, much deeper than flash, though...
And in those regards, some of these "Security" trends concern me... I like how they're trying to pass-off electronic banking with your phone, and sites like KeePass as "safe"
anyways... there is  a deep-rooted security/stability issue in most of the web/personal computing infrastructure, especially... IDK how deep, but Flash, Java, npapi are probably just barely scratching the surface of what's wrong. More recent articles even confirm FIRMWARE is insecure, and pretty much, always has been.

Oh, of course, Flash is not the pinnacle of security concerns but it is known to be frequently exploited so it still makes sense to avoid it when possible.

yep

Just as a note, please don't make super short posts like this, as they don't really contribute anything.
[Image: sweet-capn-cakes-deltarune.gif]
Reply
Thanked by: DarkGrievous7145
(08-27-2015, 03:03 PM)Mighty Jetters Wrote: Just as a note, please don't make super short posts like this, as they don't really contribute anything.

gha!
sorry about that...
i usually don't...
My style usually is long-winded textwalls...xD

Thanks for the reminder!
Reply
Thanked by:
Since you no longer have a chatroom anymore, how about a chatroom for TSR on Skype instead?
Many use Skype and as such, this sort of chatroom won't be unused.

Also we would be able to converse on a more personal level. Smile
Reply
(09-06-2015, 01:32 PM)Thanatos-Zero Wrote: Since you no longer have a chatroom anymore, how about a chatroom for TSR on Skype instead?
Many use Skype and as such, this sort of chatroom won't be unused.

Also we would be able to converse on a more personal level. Smile
I would love something like that Smile
Reply
Thanked by: supersmashball, ~Axis~
Oh wow. these sites are becoming less and less Dial-Up friendly.
Anyways, i'd like to ask if any checking was made for Download Pausing. I know you guys have bigger fish to fry but it'd be nice for a little update (from like may I think?).
Reply
Thanked by:
I don't really think the site was ever particularly dial-up friendly but dial-up is so uncommon these days that it's really often simply overlooked in terms of development.

I did a little research and I do see that it's possible to accept ranges from a PHP download script but it was never really looked into much further because it's virtually never an issue. I suppose it couldn't hurt to include it at some point and it doesn't look horribly difficult so we'll see.

More importantly though, where are you that you're still on dial-up...?
Reply
Thanked by:
I was looking over somebody's reputation earlier and noticed something weird.
Although 1 +rep was given, somebody (an admin. okay fine puggsoy.), had been
able to 2+rep the user. Is it possible to do this if you are not an admin?
[Image: 3oEduVuAsde9E8A716.gif][Image: ness_stamp_by_yukidarkfan.png]
3DS Friend Code: 4098-7082-7654
Add me sometime. I've got Smash, Mario Kart, and a few others!
Reply
Thanked by:


Forum Jump: