|
KarstenK wrote: What should I write?
What prevented you from voting a 4 or a 5. A ... remark.
KarstenK wrote: y point is that it stops from voting less than 4 stars
No way, you may also don't vote at all if you are too lazy to drop a comment. No one forces you to vote articles. And voting a 5 because you do not want to drop a comment for a 2 or a 3 is just plain nonsense, I hope you realize that.
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
OK. Thats fine.
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
Rage wrote: And voting a 5 because you do not want to drop a comment for a 2 or a 3 is just plain nonsense, I hope you realize that.
I think you didn't understand him.
He didn't say that he gives a 5 in places where a 1 is deserved.
He said that he does only vote 4 or 5 (where they are deserved), but doesn't give 3 or less votes.
It is not the same
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
If you're not willing to provide a reason you downvoted then I would prefer you don't vote at all. Telling smeone their article isn't great doesn't achieve anything if you don't also provide information on how the author can make their article better to avoid downvotes.
cheers
Chris Maunder
|
|
|
|
|
I dont want to discuss much about, because I dont want invest to much effort in it, but if I see such article I get a little disturbed about this discussion. It indicates that I am righter than you..
(The articles got 2 votes, which are resulting to an average of 4.67)
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
There seems to be so way to do that using the Web UI ?
|
|
|
|
|
0) Stand behind your chair (if you stand in front of it, this won't work)
1) Come up with a suitable chant that appears meaningless to passers-by
2) Wave your arms with flourish and style (remember to extend your arms, straighten your fingers and maintain a fluid motion at all times)
3) after about 30 seconds, shout "ACCOUNT BE GONE!"
4) If that didn't work, sit down so you don't look like too much of a retard.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
modified 5-Jul-14 12:48pm.
|
|
|
|
|
OK, that's scary, because his account is now gone.
How long did it take you to work that one out?
cheers
Chris Maunder
|
|
|
|
|
I'm a haxor with l33t skillz, fo shizzle.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Are you sure he was actually wanting his account deleted, after all it said "How Do I" not "Please delete my account"?
|
|
|
|
|
This blog: http://www.codeproject.com/script/Articles/ArticleVersion.aspx?waid=131643&aid=792410[^]
has some HTML characters comeing through to teh txt:
agree on what’s the difference and some HTML comments:
<!-- Cached "rss-item" item from 2014-07-02 09:47:46 --> Clocks in computers showing in the text - but I can't comment on it until it's approved, so I can't tell him there is a problem, or why it might be rejected.
I can understand it, but there should be some mechanism for saying "this looks very wrong on CodeProject because..." rather than giving it a generic "formatting required" vote.
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
I think the "format and layout" report applies. It looks like those HTML characters were in the original document and the article editor simply didn't like it. I cleaned it all up.
Thanks,
Sean Ewington
CodeProject
|
|
|
|
|
Back a few years ago, there was talk of creating a web service that would allow us to write apps that retrieved our reputation points and other info. Was that ever developed/released, or are we still relegated to scraping HTML for the data?
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
A couple of things have stalled this
1. We were flat out on other things, but those things are now done so we have time again
2. We've been battling the issue of how we protect the site against API overload and abuse. Lots and lots of ways to handle this, including requiring an API consumer to register and get a key, to throttling API requests, to building a separate cluster specifically to handle API calls.
Would registering your application in order to get an API key be too onerous? Is request throttling per API key a potential issue (assuming that we'd look at each on a case-by-case with a view to helping, not hindering)
cheers
Chris Maunder
|
|
|
|
|
Chris Maunder wrote: Would registering your application in order to get an API key be too onerous? That would be a perfectly reasonable idea.
Chris Maunder wrote: Is request throttling per API key a potential issue That would really depend on how popular your app got, but I wouldn't say it would be too burdensome. Potentially, if your app gets that popular, I'm sure that some enlightened chap wouldn't have an issue handing ownership of said app over to CP.
|
|
|
|
|
Whatever works for you should be fine. I'll be one of the first devs to write and publish an app or two if you get an API released
|
|
|
|
|
The application itself wouldbn't be appropriate because there could be many simultaneous users.
I thought this would be more about reputation points, or article status. Those are the only real categories of data that I think would be of interest to users. Maybe throttling and/or access in general could somehow be tied to the user's reputation points, MVP status, or some other identifiable metric. This would also involve the user registering for access, and having them click thru an agreement not to misuse/abuse the system in the process of using the data.
The rep points consists of nothing more than less than a dozen category name and a points value, and article status would be stuff displayed in the My Articles page (again, not a lot of data for 99.9% of the users here).
It might even be worth setting up a database of user-specific tables for people that actually use the APIs, and run a Sql SSIS package to populate it every night.
Lots of approaches...
As for registering an app, I wouldn't be opposed, but you'd probably have to generate an assembly for us to add to our app that would negotiate the authorization handshake and that doesn't involve a data file being stored on the user's computer.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
John Simmons / outlaw programmer wrote: The application itself wouldbn't be appropriate because there could be many simultaneous users.
Apps don't necessarily have user ID info sent and so an app would be the most appropriate registrant to an API, if registration made sense. Alternatively the API client request could include an Application Name that's sent as part of the request, but this obviously allows spoofing: A successful and popular app could be black-banned because someone else spoofed calls by that app to overload our servers. Sending a private key instead is better.
In general it's probably not going to be an issue. However, when something does become an issue, and you didn't put in plans, the issue can become far messier than if you'd just put in mechanisms in the first place.
Sounds like you're fine with whatever we do as long as it's halfway sensible. We're approaching, in our old age, the half way mark in sensible so we should be good.
cheers
Chris Maunder
|
|
|
|
|
I just had another thought - How about this:
0) A user runs an app that gets data from CP
1) The act of requesting that data causes the server to save the date/time of the request, the user's CP id, and the app id in the database.
2) The server creates a XML (or JSON) file for that user with the requesting app(s) data
3) For a period of N days (where N is determined by CP admins), the server automatically updates that file with that info every night at time convenient for the system.
4) The next time the app makes a request, the datetime is updated for that user/app, and the file is returned to him (since it already exists and is updated).
5) If the file expires (older than N days), the service can update it before returning the filename.
6) When the nightly job runs, expired files can be deleted (or marked for deletion).
The only thing that CP would have to do is provide the assembly that handles that negotiation, and the application would have to make all API calls via that assembly.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
You're describing a simple caching mechanism.
That's the easy part.
It's DDoS attacks against the API that are the issue.
cheers
Chris Maunder
|
|
|
|
|
Well, the DDoS attack will be aiimed at either the web service or the cached file the app is trying to download. Either way, it's not really affecting access to the database. You can also limit the number of accesses per hour for a requesting IP, and limit the number of simultaneous connections.
Will all the programmers at your immediate disposal that are willing to help, I'm pretty sure it wouldn't take too gawd-awful long to come up with an effective and effecient plan.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
One issue is that you can't just hand out a key for an application that is part of an article on the site, because then it's in the open. You have to provide a mechanism (a page on the site?) that allows a user to requesst and receive his own personal API key. At that point, the app in question would need to include a method by which the user can specify his api key so the app can access the API.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
An application key would be something that the application developer requests once and then bakes into their app. The app end-user wouldn't know (or need to know) anything about the key. We then ensure all API calls are done over SSL and the key is (mostly) safe from being sniffed and copied by others.
cheers
Chris Maunder
|
|
|
|
|
Chris Maunder wrote: It's DDoS attacks against the API that are the issue
Well, if it's REST based, whatever mechanisms your web server already has against DDOS should protect the API as well, wouldn't it?
|
|
|
|
|
How so?
cheers
Chris Maunder
|
|
|
|
|