Introducing BitCoinFeedback.com!

[Longmarch]

Good idea.

Tried to register, got this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '')' at line 3

[SgtSpike]

Thanks Longmarch, fixed.  I borked the registration when I added the private email option.   

[SgtSpike]

Gray-scaled the website for the most part, for you color-despising folk.  Let me know what you think of the new scheme.

Also, the "browse bitcointers" and Registered Members links work now... both leading to the same page.  I plan to add sort-by's on that page.

[SgtSpike]

Looking for some feedback () on some questions I've been wrestling with...

1. Should I show the username of the person who leaves the feedback on another person's profile?
2. Should I make it optional whether a person wants their username to be published on feedback they leave on other people's profiles?
3. Should I allow users to rate people/companies who have not yet signed up for the site?
4. If so, would I create a false profile that anyone could fill in the information for?  In other words, should I allow anyone to create the profile, but leave it up to the company/member to "claim" the profile if they own it?

[Longmarch]

Looks good.  Easy to use.

I'm not inclined to have an opinion on any of those questions you mention.  I can see pros and cons for all of it.  Gets me thinking, though.  Will post if I have a thought that might be useful.

[SgtSpike]

Yeah, they're the kind of questions that just make me...   So many variables and reasons for doing and not doing each one.

[SgtSpike]

Updated the website.  You can now add in vendors/merchants/individuals if they are not currently registered on the site.  I will create a way for these persons to claim ownership of those profiles shortly.

As an example, I created a profile for Veritus101, someone who has scammed a forum member here.  I would appreciate help listing any other scammers you hear about on the website so that other people can avoid them in the future.

http://www.bitcoinfeedback.com/viewuser.php?id=15

[SgtSpike]

Profile claiming has been implemented.  If someone else adds your business or name to the database, you can now claim it.

Also, I have now disallowed the changing of website addresses and business names.  I figured if people were leaving negative feedback on your profile, you would probably have a lot of incentive to try and change it to something else entirely to make it look like no one is leaving negative feedback for your business or screen name.

[BCEmporium]

Profile claiming has been implemented.  If someone else adds your business or name to the database, you can now claim it.

Also, I have now disallowed the changing of website addresses and business names.  I figured if people were leaving negative feedback on your profile, you would probably have a lot of incentive to try and change it to something else entirely to make it look like no one is leaving negative feedback for your business or screen name.

I would leave it to be changed, just not immediately changed. Or changed manually at request.
It may happen people with bad feedback to want to change but so does people with good. Put for an instance some guy who starts his business with a free domain, like dyndns.org or so, and as he succeeds buys the .com domain...

[SgtSpike]

Profile claiming has been implemented.  If someone else adds your business or name to the database, you can now claim it.

Also, I have now disallowed the changing of website addresses and business names.  I figured if people were leaving negative feedback on your profile, you would probably have a lot of incentive to try and change it to something else entirely to make it look like no one is leaving negative feedback for your business or screen name.

I would leave it to be changed, just not immediately changed. Or changed manually at request.
It may happen people with bad feedback to want to change but so does people with good. Put for an instance some guy who starts his business with a free domain, like dyndns.org or so, and as he succeeds buys the .com domain...

Agreed.  I will certainly make exceptions for people who contact me directly to get information changed, when it is obvious they aren't trying to hide the company from receiving negative feedback.

Also, I'm going to allow people to change it if they leave it blank during registration.

[BCEmporium]

Security issue! Critical!

Mails are displayed as is in your page, this is ground for harvest for spam crawlers.

Encode the mails with JS or PHP GD in order to prevent it.

The most simple to be this (not 100% effective, but still somewhat effective):
At the beginning of the list

Code:

<script language="javascript">
var users=new Array;
var domains = new Array;
<?php
foreach($users as $u){
  $l = explode("@",$u['email']);
?>
users.push('<?php echo $l[0];?>');
domains.push('<?php echo $l[1];?>');
<?php
}
?>
</script>

Within the cell that displays the email address:

Code:

<td>
<script language='javascript'>
if(users[<?php echo $row_nr;?>] != ""){
document.write(users[<?php echo $row_nr;?>] + "@" + domains[<?php echo $row_nr;?>]);
}else{
document.write('&nbsp;');
}
</script>
<noscript>Email protected</noscript>
</td>

[SgtSpike]

I will implement that, thanks for the heads up!

People can also, optionally, opt to hide their email addresses from the public to avoid such spam harvesting as well.  In that case, it would just be used in the future for password recovery.

[SgtSpike]

It's been implemented...!  Thanks!

[BCEmporium]

Just a small thing left, you forgot to skip the hidden emails when filling the arrays.

means something like this:

<?php
foreach($users as $u){
  $l = explode("@",$u['email']);
?>
users.push('<?php echo $l[0];?>');
domains.push('<?php echo $l[1];?>');
<?php
}
?>

Turn to this:

<?php
if($user['hidde_email'] == 0){
foreach($users as $u){
  $l = explode("@",$u['email']);
?>
users.push('<?php echo $l[0];?>');
domains.push('<?php echo $l[1];?>');
<?php
}
}else{
?>
users.push('');
domains.push('');
<?php
}
?>

[SgtSpike]

Good catch, thanks for poking holes in my security so I can fix them now! 

It should be fixed now.  No hidden emails showing up in javascript code.

[BCEmporium]

Good catch, thanks for poking holes in my security so I can fix them now! 

It should be fixed now.  No hidden emails showing up in javascript code.

Guess today I'm specially good on detecting security holes 
Found one on my casino engine that would let people to double bet (fixed now...  ). Nobody is perfect, eh?

[SgtSpike]

Nope, and certainly not myself, which is why I ask people to test it out and find holes!

New feature added:  Feedback is now calculated as a percentage of positive to positive+negative.  Neutral feedback is not counted towards the percentage, but it calculated towards the total number of feedbacks received.

I have created a test user, so anyone who wants to try it out (leaving positive/negative/neutral feedback) is welcome to leave whatever sort of ratings on the test user that you want.

[BCEmporium]

Just yet another idea:

Associate more than 1 URL with one account. Many people, like myself, has more than 1 site and URL.

[SgtSpike]

Just yet another idea:

Associate more than 1 URL with one account. Many people, like myself, has more than 1 site and URL.

I thought about that... but then again, what if the websites split out and become owned by two different people?  I suppose situations like that could be taken on a case-by-case basis.  I'd kind of like to see it be on a "per-business" basis than a "per person" basis, if the person owns more than one distinct business.

Thoughts?

[SgtSpike]

It looks like the website is *starting* to take off - I am seeing a new registration every couple of hours or so, without any incentive attached.  Let's hope that it's reached critical mass already and will continue building on its own.