Blogs

Progress on the new tracker is going pretty well at the moment.  It's amazing to see how much I've learned about programming and computers in general over the last year.  The source code looks cleaner and I've used much better ideas and made better decisions overall while writing it.  Using Boost is probably one of the best decisions I've made while writing this because the Boost libraries I am using are becoming part of the standard and I don't have to wait 10-20 years for C++0x/C++1x/C++11 to be well supported on Linux and Windows (based on the adoption of C99 and how common C90 still is).  Just a few more decisions about threads and network APIs and the server backend should be ready for final refactoring and initial release.  I'm not sure if I will release it right away or if I will write the website front-end for it before releasing both parts together.

Soon I am taking down my bit torrent tracker project on github because the language may change as I'm researching which language would be best for the project and the fact that it needs quite a bit of refactoring and thought.

So, I've been wanting to learn Ruby on Rails for quite some time.  It looks like an interesting language and I am very surprised with how quickly people can make up new web applications using it, but I am still not sure about its speed.  This being said, I have not had any reason to try to learn Ruby on Rails.  Luckily for me, an opportunity presented itself today.  I was looking for an open source pastebin to extend to MathML or LaTeX (while still being able to do C,C#, C++, PHP, and so on), but I did not find any open source pastebins that fit my needs.  Naturally I did what any other programmer would do given this situation.  I decided to make my own pastebin using PHP and MySQL.  However, I decided that I should try to prototype it first using Ruby on Rails.  Hopefully it will be a fun project that will teach me the language that seemingly everyone else and their grandmothers already know.  I will be looking to create a repository for it on my GitHub account as soon as it is ready.

Also, I need to find a new theme for this website since I am getting sick of the current one.

That's right!  Now that classes are winding down that means I can do more code review and clean up on the torrent tracker that's currently running on the server.  Perhaps I should work my own project's code (I found some things that don't make sense anymore.  Perhaps I will also use a few more pointers) before I work on cleaning up torrent trader so it runs faster since this source code is more than enough to make most programmers cry.  Maybe it's not a good idea to even look at the source until summer, when I will have more time to recover from looking at the code, so it will not have the chance to adversely affect my GPA.  I'll try as much as I can though.

Note to self:  Remind Mike that Gentoo Linux is by far the best operating system in existence.

From: TorrentTrader Forums -> Premium Account Upgrade

TorrentTrader offers quality code which undergoes intense beta testing before being released publicly as an official and final build. We deliver our scripts free to everyone at NO cost, even though fees of running this site are high, and that a lot of time is taken to produce these absolutely free-to-use code, which is available to everyone.

However, there is limited support for these scripts by the actual developers of the project. By popular demand, we have introduced a Premium Support section!

Our Premium Support section is where you can get support for all your TorrentTrader problems directly from the TorrentTrader development team - the people who know the code the best because they wrote it!

We don't look at Premium Support as a "service" because the support we give for your problems, it's a thank-you for the financial support you give to the Project.

Bonuses of being a Premium Member Include:
• Priority support from the TorrentTrader Dev Team for all your related problems
• Ability to remove the TorrentTrader Copyright notice from your site
• Premium only access to beta source codes - get the goods long before the rest of the world.

Being a Premium Member is the fastest and easiest way to keep your TorrentTrader Tracker unique!

Costs:
$15 USD gets you unlimited (infinate - not limited by time) Premium Access

What quality code?  Oh!  By popular demand they will give you the quality code for only $15 USD!  Any halfway decent Developer/SysAdmin should be able to code the "premium mods" they sell in a few minutes.  However, they do have one true thing on this: no one knows anything about the source code except the ones who wrote it because it was so poorly written. (Don't believe me?  Look through the code in their SVN.)  Maybe they wrote the code so poorly so they could get people to buy premium accounts.  Maybe buying a premium account will make your TorrentTrader Tracker unique by giving people access to the "quality code" that gets rid of all the XSS (Cross-Site Scripting), CSRF (Cross Site Request Forgery), and other various vulnerabilities that make running a SVN or Official Release of TorrentTrader a huge mistake.  If this is true, then for a measly $15 USD you can secure your server in a way that running any other FOSS BitTorrent tracker would have done.

The code is so poor that not only does it have all these vulnerabilities, it's very hard to create themes for it and you have to hope you don't break any of its original functionality and error cases are not even handled most of the time!  But that's okay!  Most of the themes written for TorrentTrader (both first-party and third-party) take a page from their book and write their themes just as poorly.  They really need to get a theme engine or somehow separate design and function.

All of this is especially true for TorrentTrader 1.x, which is still officially supported and under somewhat active development.  By that I mean they do some bug fixes and once in awhile they'll ignore bug reports or forget to commit their bug fixes to the SVN after they fix their own copy leaving those who do not know how to fix the bugs with a completely useless and/or easily exploitable BitTorrent tracker.  One example of this is that they never bothered to package the XSS vulnerability fixes into an official release yet.  I even posted a bug fix that patches a CSRF vulnerability, but they never bothered to fix that even in their SVN.  I guess this is what you get for not knowing any better and using register_globals so PHP will automatically initialize $id instead of having to manually initialize it by writing $id = $_GET['id'].  Is it really all that hard to manually initialize all request variables?  You fix a lot of security flaws by doing this.  They have a lot of unnecessary code stemming from their use of register_globals and their form designs.  Their form designs just do not make sense.  In admin.php, they have many radio buttons that have values of ON1 or OFF1 and then they use register globals of course initialize the variables for them.  Then they check if the value is ON1.  If it is, then they initialize a new variable with the Boolean value "true".  If it isn't ON1, then they initialize a new variable with the Boolean value "false".  Why not just give the radio buttons values of "true" or "false" or whatever value it needs to be and just use $_POST['var']?

Their use of comments in the code is very sporadic at best.  Many of the comments are useless and the parts that should be commented are not.  This is fairly forgivable since many FOSS projects and even most other projects fall short on this front.  Their style is also pretty bad.  The indentation is not always correct and this makes debugging or plain reading the code quite difficult. (Though I cannot imagine why anyone would just want to read the source code of this particular project if they are not debugging it or adding a feature.)  The overall design between source files is also very inconsistent and this often breaks the functionality of the software.

I have a lot more to say about TorrentTrader, but I'm just going to stop it there since I hate thinking about the horror that is the codebase of TorrentTrader.  Needless to say, I don't want to even look at the codebase or write any new code for a long time.

Not much progress has been made on the new Torrent Tracker since last summer.  Since I am now done with college, I will be able to dedicate more time to designing and coding the tracker backend.  Hopefully after that I'll have an idea for the frontend.  For now I'm just hoping to finish the backend within a few months.

Due to the recent DDoSing (unintentional it seems), we're moving the TV-Nihon website to a new server, while keeping the tracker on this one.  Hopefully there won't be anymore DDoSes once the move is complete.  The traffic ever since Decade was released has tripled the load on the tracker and that has been causing most of the problems (also Hotmail seems to be port scanning us for some reason).

I've been slowly working on the torrent tracker server that we'll be using on TV-Nihon.  Once the tracker is done (we're over 25% on our way to version 0.2 when the actual server will be done, but not the website) it will be licensed under the GPL v2 most likely.  I may decide to license it under the GPL v3.

I may make a few scripts to show progress on this site too.

Also, if anyone wants to donate money so I can buy some programming reference books, my paypal is quatrerwin [at] gmail [dot] com or you can use the paypal link on the side.  If you have a book that I want and you wish to donate it to me, just contact me at quatrerwin [at] gmail [dot] com.