[17:28:38] the voting platform goes live in about an hour [18:10:19] we're doing it live! [18:49:21] iangcarroll: you there? [18:49:32] 11 minutes unti the platform is live [18:50:15] hi [18:50:15] iangcarroll [18:50:31] uh oh [18:50:39] hopefully it doesn't break [18:56:24] what's the URL again? [18:57:23] nvm, found it [19:00:13] annd it's live [19:00:34] if anyone wants to nominate me, my id is 1703721839841382 :p [19:02:50] i presume you'll make a post gsingh93 [19:02:59] yea [19:03:01] one sec [19:04:09] "The first election will elect 3 admins and will accept nominations starting 3 minutes ago." [19:04:17] edge cases :P [19:04:48] lol, i intended to build a better interface but never did [19:06:37] i nominated you ian [19:06:53] do you see anything on your end? [19:06:56] <3 [19:07:00] like do you know who nominated you? [19:07:02] it doesn't do anything until you hit three [19:07:12] so you don't even know if you have two, right? [19:07:16] yes [19:07:24] i nominated myself though, so I can assume I have two [19:07:40] so when someone hits three, can you see the candidates before voting starts? [19:07:46] and where? [19:07:59] when someone hits three their candidacy page allows them to mark themselves as running [19:08:11] and then where do they all show up? [19:08:19] on the voting page [19:08:27] is that accessible before voting starts? [19:08:30] no [19:08:43] that might be an issue for nominating people with 3 already [19:08:45] we should be able to see that [19:08:53] hmm [19:09:19] the only thing is, i want to monitor how many people are running before voting starts [19:09:37] at least the number, if not the names [19:09:47] well, you can [19:09:50] just not anyone else :p [19:11:06] i just think it'll be bad if voting starts and you're the only candidate [19:11:08] lol [19:11:27] so i'd like to know how much we should be promoting this to get more participation [19:11:39] wolfcore: you there? [19:11:45] you should pin this [19:13:51] ah, that would be an issue [19:13:55] for others, at least [19:14:01] yes [19:14:08] what do you think we should do? [19:18:22] also [19:18:34] do you think everyone should only have one nomination? [19:18:59] it's hard to figure out what numbers work best the first time we're doing it [19:19:11] but i think it'd be better to err on the side of more nominations -> more candidates [19:19:41] not entirely sure [19:19:50] we can see how it plays out halfway into it? [19:25:32] http://pastie.org/private/jenzanojcq9qk3dfwwow [19:25:32] Title: Private Paste - Pastie [19:25:36] look good? [19:25:43] i'll also add that everyone has one nomination [19:29:53] look good iangcarroll? [19:30:27] yes, but tell them that the UID must come from the app [19:30:38] because FB does some weird stuff with app-specific UIDs [19:31:11] as in, someone has to tell you their UID from the candidacy page [19:31:25] wait a second [19:31:40] are these the same UIDs we're releasing afterwards? [19:31:43] well [19:31:45] no no lol [19:31:51] lol, good [19:31:58] there are the fb app uids [19:32:00] these* [19:32:05] you nominate someone with their app-scoped FB UID and we release a random UUID [19:32:11] yea [19:33:03] should we make the nomination UIDs public? [19:33:10] kind of like a write-in on a ballot [19:34:03] i think some people will be inspired to run after receiving some nominations for it [19:34:21] that was your earlier suggestion, right? [19:34:27] public list of nominees [19:34:58] don't know which suggestion [19:35:00] but sure [19:35:18] 7:09 PM the only thing is, i want to monitor how many people are running before voting starts [19:35:29] oh no [19:35:45] that was a count of how many people had more than three nominations [19:36:03] oh; i'll just make that list include everyone >= 1 nominations [19:36:07] the current suggestion is having the UIDs be public, so you can nominate anyone without asking for their UID [19:36:11] yup [19:36:13] oh x2 [19:36:34] problem is that we don't have an app specific UID until they auth [19:39:39] you can't see the main page until they auth, correct? [19:39:45] that's still a decent enough solution [19:47:10] yeah [19:50:55] i think we should at that before i release it [19:51:12] the "how many people are nominated" can come later [19:51:30] so, an API endpoint for all users, or a UI? [19:52:04] preferably UI, API endpoint is fine if it's faster [19:52:46] kk [19:53:13] give me an hour or so [19:53:15] eating arm [19:53:18] atm [19:53:46] kk [19:53:51] though tbh I wouldn't block posting it before this [19:53:54] how does arm taste? [19:54:13] well, people aren't going to know what to do when i post this [19:54:19] because they'll have no UIDs but their own [19:57:47] fair enough I suppose; people who want to run will know their UID though [19:58:54] yea, i'm worried people are going to generally be shy about promoting themselves until someone has nominated them [19:59:02] also, let's bump the number of nominations up to two [19:59:25] down? [19:59:30] it's at three lol [19:59:47] no, i mean the number of people i can nominate [19:59:51] ah [19:59:53] as long as it's not too hard [20:00:16] no [20:00:18] considering you'll need to make sure people don't nominate the same person twice and count as two [20:00:24] but i won't block posting on that [20:00:33] oh [20:01:17] that won't be difficult to deal with [20:01:27] cool [20:01:30] i'll leave it to you then [20:01:37] i'll be back in a bit [20:01:42] will post once the UID list is up [20:01:59] kk [21:08:43] attempt 1 going up on fgm.ian.sh [21:13:48] https://fgm.ian.sh/data/users [21:13:48] Title: Unknown [21:13:54] ignoring styling it's done gsingh93 [21:24:37] awesome, thanks [21:24:41] making post now [21:24:59] kool [21:26:45] can you set the callback env variable to https://? [21:26:45] Title: Unknown [21:26:57] for maximum securiteh [21:27:46] http://127.0.0.1 [21:27:47] Title: william woodruff [21:27:49] lol [21:27:59] woodruffw: blacklist internal IPs :p [21:28:14] http://169.254.169.254/latest/meta-data/ [21:28:15] Title: Unknown [21:28:21] http://169.254.169.54/latest/meta-data/ [21:28:30] lol, I wish it would show the contents [21:28:47] !help [21:28:47] iangcarroll: Commands: http://git.io/38F1qA - Use !help for info. [21:29:18] https://www.facebook.com/groups/wearehx/permalink/1709867255924459/ [21:29:19] Title: Log into Facebook | Facebook [21:29:23] wolfcore: pin please [21:29:51] haha [21:29:54] internal ips [21:29:58] classic [21:30:28] Title: Unknown [21:30:38] !isitup 169.254.169.54 [21:30:41] iangcarroll: 169.254.169.54 is currently offline. [21:30:49] !isitup 169.254.169.254 [21:30:50] iangcarroll: 169.254.169.254 is currently offline. [21:30:58] !isitup 127.0.0.1 [21:30:59] iangcarroll: 127.0.0.1 is currently offline. [21:31:08] !isitup ian.sh [21:31:09] iangcarroll: ian.sh is currently online [200]. [21:35:12] where can the user get the actual UUID [21:35:24] for verification [21:37:10] homepage [21:37:13] under the UUID section :p [21:37:27] it's only generated after you cast a vote though [21:37:34] so you'll see "You do not have a UUID attached to your account." [21:37:42] got it [21:38:04] ayy, someone else nominated me [21:38:10] nice :) [21:38:23] so things to do before voting starts [21:38:32] add a number (or list?) of people running [21:38:37] i think a list is fine [21:38:54] i can just add that to the user list (?) [21:38:54] maybe you can just show the voting page with all the candidates, but not allow voting on that page [21:38:58] or that [21:39:03] either way works [21:39:18] yeah, voting page sounds better actually [21:40:01] second thing was make the number of nominates you get configurable through an env [21:40:11] and then make sure you can't use two nominations on the same person [21:40:21] yeah [21:41:37] hmm [21:41:41] what if someone has three nominations [21:41:51] and then you nominate that person not knowing they're already set [21:41:58] yes, that is another issue [21:41:58] you waste your nomination, right? [21:42:15] i think I'll write a fix for that now [21:42:20] yea, that would be good [21:44:51] oh crap, I forgot about serving the HSTS and CSP headers [21:45:07] nominations fix is more important IMO [21:45:12] yeah, after that [21:45:12] in terms of time sensitivity [21:45:14] iangcarroll: it's the same VPS serving yossarian-bot and my website [21:45:47] i figured, but as a rule you shouldn't fetch content from user-supplied internal IP ranges [21:46:27] lol jonah is trolling the thread [21:46:58] haha [21:47:01] yea [21:47:29] there's no real way to implement this without being told someone else could run, is there? [21:47:34] i guess it's not that much of a problem [21:48:15] yea [21:48:17] that's fine [21:49:40] "Is there a routine that checks to make sure voters are actually members of this group?" [21:49:42] good call [21:50:03] we can't [21:50:11] because your employer doesn't let us access that parameter :p [21:50:29] spam incoming [21:50:33] !admin plugin list [21:50:33] woodruffw: Available plugins: ArtistInfo, BTC, Beedogs, BOFHExcuses, BookInfo, BotInfo, BotAdmin, Catch22, CBSG, ChannelAdmin, ChannelModerator, Cleverbot, Clickbait, CommandHelp, CodeEval, CSTopics, CTCPVersion, CustomTriggers, CuteFaces, Dinner, DuckDuckGoSearch, ExchangeRates, FlipText, Fortune, Genres, GitHubInfo, Giphy, GoogleSearch, HAL, Hastebin, IBIP, IsItUp, IPInfo, Jerkcity, LastSeen, LeetSpeak, LennartQuotes, LinkTitling, ... [21:50:33] ... LinusQuotes, LTC, LutherInsults, Magic8Ball, MerriamWebster, MorseCode, OMDB, Ping, RainbowText, RegexReplace, Reminders, RMSQuotes, Rot13, ShakespeareanInsults, Slap, StockQuotes, TacoRecipes, TheoQuotes, TinyURL, UserIntros, UserQuotes, UserMail, UserPoints, UrbanDictionary, Weather, Wikipedia, WolframAlpha, WorldPopulation, XKCDComics, YouTubeSearch, Zalgo [21:52:05] why the fuck can we not check what groups your in [21:52:13] isn't that an app permission? [21:52:16] yes [21:52:33] but only for facebook clients implemented on a platform not serviced by official clients [21:52:48] what does that mean [21:52:51] lol [21:53:01] what's an "offical client" [21:53:03] if we build a facebook client for the palm pad, then we can apply for access [21:53:09] if we build a client for the web, we can't [21:53:13] well let's do it then [21:53:16] lol [21:53:21] lol [21:53:25] i don't get why [21:53:38] is there documentation on this? [21:54:14] yes, look up the user_groups permission [21:56:09] can i run a raw database query to see how many people nominated me? [21:56:20] easier [21:56:48] type `php artisan tinker` and run `App\Nomination::where("user_id", "10153385491939685")->count()` [21:56:57] well, type `heroku run php artisan tinker` [21:57:11] ack, change user_id to facebook_id [21:59:00] lmao [21:59:01] https://developers.facebook.com/docs/graph-api/reference/v2.5/group/members [21:59:01] Title: Graph API Reference - Group Members - Documentation - Facebook for Developers [21:59:11] i can query this every minute and store my own list of group members I guess [22:00:47] that could work [22:01:13] would you say it's urgent? [22:01:37] nope [22:02:21] lmao [22:02:26] i have two nominations [22:02:38] Shit shit shit gsingh93 [22:02:47] Set APP_DEBUG to false [22:02:51] lol [22:02:53] oops [22:02:55] Lmao the stack traces could show credentials [22:03:11] haha [22:03:19] can you paste the command [22:03:21] it's not in my history [22:03:25] different laptop [22:03:35] heroku config:add APP_DEBUG=false [22:03:52] done [22:04:04] lol, my bad [22:04:15] kk, world has not ended [22:04:21] yet [22:05:00] i'm gonna push out the nomination fix [22:05:03] whether or not it works [22:06:15] kk [22:06:25] oh [22:06:26] right [22:06:34] you need to set a bunch of things [22:06:37] lol [22:06:42] right now it's storing sessions to the filesystem [22:06:52] which means every new deploy wipes the sessions [22:07:00] run heroku config:add SESSION_DRIVER=database [22:07:38] done [22:07:41] kk [22:07:47] wait a second [22:07:48] should be all good now [22:07:57] were previous sessions wiped? [22:08:00] yes [22:08:11] like nominations and all that? [22:08:16] lol no [22:08:20] those are stored in the db [22:08:27] what wasn't stored in the db? [22:08:34] cookies [22:08:54] mainly just the user ID for each random cookie value [22:09:01] for authentication [22:09:12] ah [22:09:39] "I nominated myself just for testing how the site works and now I can't nominate anyone else" [22:09:40] lmao [22:10:02] it's his fault [22:10:06] not reading the post... [22:10:15] indeed [22:10:17] also hilarious [22:10:57] what's the name of the database lib you're using? [22:11:00] so i can read some documentation [22:11:13] PDO? [22:11:19] eloquent uses PDO [22:11:22] and the app uses eloquent [22:12:09] yea, eloquent is what i was looking for [22:12:25] is laravel's docs down? [22:12:25] inb4vuln [22:12:29] https://laravel.com/docs/5.1/eloquent [22:12:29] Title: Unknown [22:12:43] wait so that's why people are having issues [22:12:52] the https version doesn't work; are you using https everywhere? [22:13:19] yes, i am [22:13:27] that's probably what forced htts [22:13:29] https [22:14:16] yup [22:14:20] stupid laravel [22:14:39] you won't believe how long it took the guys at rust-lang.org to setup https [22:14:43] like there's a github thread [22:14:46] where i started to get pissed [22:14:50] lol [22:14:54] link? [22:14:57] one sec [22:15:57] https://github.com/rust-lang/rust/issues/13180 [22:15:58] Title: serve the rust-lang.org domain over https · Issue #13180 · rust-lang/rust · GitHub [22:17:24] lol [22:17:45] only took a year [22:19:07] i don't understand why they didn't think it was a serious issue... [22:19:17] like MITM a compiler download is the holy grail [22:19:31] inb4 rustghost [22:19:32] all the code you write ever is backdoored [22:19:35] haha [22:19:40] i should have done it [22:20:09] would've been better to have it break the outputted code instead of infecting it [22:20:22] that way the problem is immediately visible and nobody will ever suspect their compiler :p [22:20:38] App\Candidate::all()->count() [22:20:44] is that how i'd get the number of candidates? [22:21:02] yes, but note candidates only exist after they have 3 nominations and have confirmed [22:21:32] have you confirmed? [22:21:40] no [22:21:57] i have to write my 250 character bio [22:22:04] i think a test user is in the db [22:22:12] who? [22:22:20] maybe i'm just reading this wrong [22:22:28] user_id: 4? [22:22:36] is that facebook_id? [22:22:38] no [22:22:53] we have our own ID, even though we don't really need it [22:23:02] in the future i'll just rename facebook_id to id and make that the index [22:23:27] ok, so it's probably jason [22:23:40] App\User::find(4); [22:23:57] this is activerecord syntax in case you've used rails before [22:24:01] yup [22:24:05] haven't done rails [22:24:09] ah [22:24:11] anyways [22:24:20] what about counting all users with more than three nominations [22:24:29] regardless of accepting candidacy [22:24:39] that's tougher [22:25:10] probably not something you can do with eloquent [22:25:15] in one line [22:25:53] one line is not needed [22:26:13] one sec [22:35:35] should work: http://pastie.org/private/dkumvydbamqymndgpsmx2g# [22:35:36] Title: Private Paste - Pastie [22:38:48] do you just do this in tinker? [22:38:53] also, BadMethodCallException with message 'Call to undefined method Illuminate\Database\Query\Builder::each()' [22:39:00] for the App\Nomination::where linke [22:39:02] line* [22:39:10] sigh [22:40:02] http://pastie.org/private/ikpyo4e58enph5pklr0xq [22:40:02] Title: Private Paste - Pastie [22:40:03] there lol [22:40:08] and yes, in tinker [22:40:30] wolfcore: pls pin post [22:40:49] iangcarroll: the nominations post? yep [22:43:01] why does it print users when i iterate through them [22:43:26] the foreach? [22:43:36] yea [22:43:45] those are the numbers :p [22:43:55] facebook id: number_of_nominations [22:44:12] no [22:44:16] the second line [22:44:21] maybe we should randomize the Users page so that the people with the earlier names don't always show up first [22:44:25] where you map a function over teh users [22:44:40] wolfcore: don't think it matters, voting is more important [22:44:58] o [22:45:03] the $users array is still empty [22:45:06] after running that line [22:45:08] gsingh93: you don't think it will affect people's voting when they always see the same ones first? [22:45:21] the voting will be randomized once I fix the fact it isn't [22:45:34] the UID page should be alphabetical [22:45:42] easier to find people without ctrl+f [22:45:45] 👍🏻 [22:45:49] the page where you actually submit a vote [22:45:52] can be randomized [22:46:00] Oh okay [22:46:03] reasonable then [22:48:47] iangcarroll: any ideas? [22:49:01] the $users array isn't being populated [22:49:16] i feel like when you use a variable its modifications aren't stored [22:49:23] which would be unfortunate [22:49:54] ah [22:49:58] you need to do it by reference [22:50:19] worked [22:50:48] yay [22:52:24] but all users have 0 nominations? [22:52:51] oh [22:52:57] need to do reference for both closures [22:52:59] fucking php [22:53:04] lol sorry [22:53:50] i think it's time for you to learn python iangcarroll [22:54:12] did you mean to say php > python? [22:54:56] lol [22:55:08] i know basic python, but i'll eventually learn it for real [22:55:18] yes, that's what i meant to say [22:55:23] where > is the relation "less than" [22:56:08] not entirely confident that statement is true [22:56:24] it's true [22:56:42] i can define symbols to be whatever relation i want [22:57:22] type theorists do it all the time [22:58:03]