Bitcoin Forum
December 05, 2024, 05:02:37 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 [All]
  Print  
Author Topic: Lendmecoin.com Released!! Now in Beta testing!  (Read 1590 times)
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 09, 2012, 04:38:54 AM
Last edit: July 10, 2012, 12:11:22 AM by bombartier357
 #1

Made a peer to peer bitcoin lending website.  I would appreciate some feedback if anyone would like to help me work out the kinks.

Check it out....
lendmecoin.com
**This doesn't work right now.
Use 72.181.135.42:81
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 09, 2012, 04:49:06 AM
 #2

Looks like my site is down outside of my network.....
notme
Legendary
*
Offline Offline

Activity: 1904
Merit: 1002


View Profile
July 09, 2012, 04:52:07 AM
 #3

I'm not getting a DNS response for your domain.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
unclemantis
Member
**
Offline Offline

Activity: 98
Merit: 10


(:firstbits => "1mantis")


View Profile
July 09, 2012, 04:56:28 AM
 #4

OpenDNS is giving me an error

http://www.website-unavailable.com/main?wc=EWJoHhd6Bx9fBhVuBAkE&url=lendmecoin.com&w=1440&h=809&ifc=0

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 09, 2012, 05:08:00 AM
 #5

Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.
unclemantis
Member
**
Offline Offline

Activity: 98
Merit: 10


(:firstbits => "1mantis")


View Profile
July 09, 2012, 05:14:34 AM
 #6

Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.

I am a web developer / programmer with 25 years of experience looking for work. Do you need assistance with this project?

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 09, 2012, 07:45:18 PM
 #7

Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.

I am a web developer / programmer with 25 years of experience looking for work. Do you need assistance with this project?

I would love a helping hand.  This is just a side project for me and I couldn't compensate you.  At least not until it became profitable...  I should really put this on a shared server, but I want to keep it relatively inexpensive until I know people will use it.  I will give you a shout when i get this port forward crap figured out.  Should be sometime tonight.  I did not want to do it last night because I spent 6 hours coding.
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 12:10:54 AM
 #8

Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.
unclemantis
Member
**
Offline Offline

Activity: 98
Merit: 10


(:firstbits => "1mantis")


View Profile
July 10, 2012, 12:58:37 AM
 #9

Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.

Still not working Sad


PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
unclemantis
Member
**
Offline Offline

Activity: 98
Merit: 10


(:firstbits => "1mantis")


View Profile
July 10, 2012, 12:59:46 AM
 #10

Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.

I am not concerned about the money. Toss me a few bitcoins here and there if you want but I am in this thing for the long haul. Drop me a message. Let's build this thing up RIGHT. I have the experience to take your idea from brain, to concept to prototype to beta to launch!

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
July 10, 2012, 01:06:59 AM
 #11

Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
July 10, 2012, 01:15:04 AM
 #12

Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.

come on dude, oversight? it just leads me to question how these passwords are being stored? Are they salted? Using bcrypt? Right now if I did a sql injection would it work? He probably uses mysql_* functions, not even mysqli_* and I eat my hat if he used PDO. This also leads me to be like well now he has all these security issues, how can this site be taken serious as a lending central point. I want to lend, but there are too many scammers and I was hoping a cool site would fix that I guess my wait continues.
I guess I take it for granted that everyone uses a different random password on every site (thanks, LastPass!), and never trusts one without SSL. The all caps warning just struck me as emotional, although I can see how this site would effectively gather in the newbies so perhaps it was warranted.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
gweedo
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000


View Profile
July 10, 2012, 01:27:54 AM
 #13

Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.

come on dude, oversight? it just leads me to question how these passwords are being stored? Are they salted? Using bcrypt? Right now if I did a sql injection would it work? He probably uses mysql_* functions, not even mysqli_* and I eat my hat if he used PDO. This also leads me to be like well now he has all these security issues, how can this site be taken serious as a lending central point. I want to lend, but there are too many scammers and I was hoping a cool site would fix that I guess my wait continues.
I guess I take it for granted that everyone uses a different random password on every site (thanks, LastPass!), and never trusts one without SSL. The all caps warning just struck me as emotional, although I can see how this site would effectively gather in the newbies so perhaps it was warranted.
exactly I just wanted to warn the newbies.
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 01:41:32 AM
 #14

Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
July 10, 2012, 01:49:24 AM
 #15

Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

I pointed out in the other thread SHA1 is pathetically weak for protecting passwords. 
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 02:21:46 AM
 #16

Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

use bcrypt it is the only hashing function I would use (it is impossible to have enough computer power to crack if used correctly), also you need at least a password salt something random. Get rid of the facebook stuff, there is so many other ways to do it person verification.

What do you recommend for person verification?
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 02:28:59 AM
 #17

Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

use bcrypt it is the only hashing function I would use (it is impossible to have enough computer power to crack if used correctly), also you need at least a password salt something random. Get rid of the facebook stuff, there is so many other ways to do it person verification.

What do you recommend for person verification?

you can always do text verification, like send a text with a random string, and have that be able to be entered on the site. you can do something where they have to spend a certain amount of time on the site before making a transaction. Have people enter in their bitcoin username and you send them a pm and have them pm you back. I mean just think there are a lot of ways

That is certainly an idea.  The facebook thing actually has nothing to do with facebook.  If you are logged into facebook it automatically fills in the data for you.  That is the only relation between the two.  Is that a problem?
bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 02:40:15 AM
 #18

your going to sit there and be like the only relation is that it autofills in your facebook info, IT IS FACEBOOK they want users like me who will never get a facebook js you know facebook sees the data.

Well yeah Facebook sees it.  I wanted something user friendly and familiar to people.  If it is such a huge problem I can change it to a different verification system...

Does anyone else feel the same way?  Or is this an isolated incident?  I really do appreciate the feedback Gweedo, this is exactly what I need.
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Wat


View Profile WWW
July 10, 2012, 02:47:32 AM
 #19

 I dont sign in to my bank using facebook connect  Smiley

bombartier357 (OP)
Full Member
***
Offline Offline

Activity: 148
Merit: 100


View Profile WWW
July 10, 2012, 03:04:47 AM
 #20

I dont sign in to my bank using facebook connect  Smiley

Alright, I will switch it off facebook this weekend.  I work a lot so I should have it done by the end of the week.
unclemantis
Member
**
Offline Offline

Activity: 98
Merit: 10


(:firstbits => "1mantis")


View Profile
July 10, 2012, 03:39:51 AM
 #21

I dont sign in to my bank using facebook connect  Smiley

Alright, I will switch it off facebook this weekend.  I work a lot so I should have it done by the end of the week.

I got your PM and I replied.

I am currently unemployed so I have more time than most. I do get contract jobs here and there and I am trying to get a stable 9to5 job but for now I got some time to put into your project.

Let me know.

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
Pages: 1 2 [All]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!