[PROJECT] Gold Coin based Single Currency & Banking System

[mgm]

Can i propose any other way communicating then this forum thread, as i was thinking of somekind of groupchat. For fast communication and so on.

I suggest Team Speak then, it is freely available and lightweight, and there are many free TeamSpeak servers available.

 

For any project meetings, would someone please post brief updates in the forum (could be just simple bulletpoints) so that whomever didn't make it to the audio chat session can still stay up to date?

[Sven2157]

On 999 calls.

 

For securing 999 calls, various techniques could include

• Locking down the sql query ('key' parameter) passed to server_functions.sqf by validating before firing to the DB much as you would to try and protect against sql injection attacks.
• Further lock down the queries with only parameters being passed from the client calls in the key parameter to the server_hivereadwrite function and then that 'key' parameter is checked, verified and if seems valid is inserted in to canned sql queries in the server side functions to create the final sql query to be fired at the DB. Each server could have their own canned sql queries.

Neither are particually hard to do and will give, if implemented correctly, a secure use of the calls. 

 

Even without those restrictions, damage limitation can also be enforced by limiting the functions the Epoch DB user account has.  As standard it should not be able to do much more than UID (update, insert and delete) to a limited set of tables.  I read somewhere about people being concerned that 999 calls could be used to drop tables.  Why would the Epoch DB account have access to that command ?.  The only reason I can think of would be because the person setting up the account was not aware of best practices for secure application account creation and no guide seems to have been produced as part of the Epoch install.

Everything you mentioned there, requires compiling a NEW DLL! As the saying goes, "either put up, or shut up!". Since the Epoch team and AWOL are not good enough to determine what is going on with their code, we should wait for your findings. Please keep cluttering this thread with absolutely ZERO contribution, back seat driving and second guessing.

 

Whilst it is great that you are looking to expand the hiveext.dll for this project, I am looking to see how the hiveext.dll could be leveraged to provide better DB interaction for all mods without people needing to go to ARMA2NET.

Why? Are you going to program and recompile that then? Why not just start now with the bank system? That way you can give out your "low hanging fruit", whilst you work on the other MOD's interaction with the database. I am the one that pointed out that ARMA2NET requires a Windows based hosting. So users renting game servers, wouldn't be left out; which is about 90% of the servers out there.

This is completely out of the scope of this thread, and borderline thread hijacking.

 

For custom calls, a more open solution would be

• Being able to write parameters to a set table via one hive call and then calling a stored procedure with another. The stored procedure would then only take data from the table the first call writes to.

This would depend more heavily on sql procedures for results which some are not so comfortable with but would lock the sql code away on the DB server rather than in scripts.

 

Creating a custom call to modify only a set table is great but will you then be creating more custom calls for any other tables that any other mods would like as / when requested by other mod makers ?.

What are you talking about? This is spoken like a true IT Manager. A bunch of big words, strung together, which make no sense. I have been a DBA, software/web developer for 25 years, and I have NO earthly idea what you think you are saying. Again if it is so easy, then have it!

 

Last I read (which you linked to) was "If I have time, I could dust off my C++ skills..." which would indicate nothing has been done.  If you have started working on this then fantastic.  It would be good to see what progress you have made.

Yep! Based on comments and people like you, I decide if my time is worth giving. More so, whether or not it is deserved. The gall and entitlement of the users of the Arma/DayZ community is staggering!

Don't attack me like I am some kind of jerk, because you think you know what is best! In the future, if you have an issue or something to say to me, then do so privately!

=170= Sven2157

[Zupa]

 

I believe it would helpful to start a "feature set" documentation going.

Below is my draft contribution, please let us know what else should be included here (or removed).

 

 

 

 

SUGGESTED FEATURE SET FOR VERSION 1.0

Based on a previous post titled "NOTES ON "Zupa's fully working Gold Coin based Single Currency & Banking System"

 

1. Modification to default Epoch Chernarus Map:

   I suggest we use pre-existing trade cities to place a "Banker" trader, so the banking features will be accessible by the player when they visit Bash, Stary, Klen trade cities

 

 

Agree on everything but #1

 

I would not suggest a banker inside the safezone traders. The money will never leave the safezone in that case? This is good for pve. But on most pvp servers it's boring.

[Sven2157]

Hey Zupa,

Have you tried inserting with a 501 or 502 at all? Would this not be the syntax?

_key = format["CHILD:502:dayz_epoch.banking_data:[""UPDATE SET [""player_money""] = 900""]:""CharacterID"",""="",""%1"":[0,8]:", _playerID];

Or:

_key = format["CHILD:502:dayz_epoch.banking_data:[""INSERT INTO [""player_money""] VALUES ( '900' )""]:""CharacterID"",""="",""%1"":[0,8]:", _playerID];

Something along those lines?

=170= Sven2157

[Zupa]

Hey Zupa,

Have you tried inserting with a 501 or 502 at all? Would this not be the syntax?

_key = format["CHILD:502:dayz_epoch.banking_data:[""UPDATE SET [""player_money""] = 900""]:""CharacterID"",""="",""%1"":[0,8]:", _playerID];

Or:

_key = format["CHILD:502:dayz_epoch.banking_data:[""INSERT INTO [""player_money""] VALUES ( '900' )""]:""CharacterID"",""="",""%1"":[0,8]:", _playerID];

Something along those lines?

=170= Sven2157

 

 

Hey Sven

 

I never tried that syntax as the documentation never really mentioned sql syntax. It all looked abstract with only vallues and  < > =.

[Sven2157]

Hey Sven

 

I never tried that syntax as the documentation never really mentioned sql syntax. It all looked abstract with only vallues and  < > =.

Yeah the documentation will cause your head to mushroom cloud. However, using it and the comments in the C++ code, it works like this:

Think of the 500 calls this way:

500 = change table access

501/502 = data request

503 = data status

504 = data fetch row / data close

Ok. So the first example:

request the medical data for a specific character:

_key = format["CHILD:501:dayz_epoch.character_data:[""Medical""]:""CharacterID"",""="",""%1"":[0,8]:", _playerID];

CHILD:501 = Using 501 is synchronous to the server, so if there is a problem, it is immediately caught and displayed. If you used 502, then it is an asynchronous call, and higher priority queries will execute first. If there is an error, it will not display right away, or possible for several seconds/minutes, depending on how busy, fast the server is.

dayz_epoch.character_data = This is a combination of the database name, and the table you are asking for data from.

[""Medical""] = This is the column you are requesting data from.

""CharacterID"",""="",""%1"":[0,8]:", _playerID = Ok... :huh:

This is what the query is based off of. Essentially, this is the WHERE clause. The first part is what the WHERE is looking at, then whether it is '=','>','<','<>','IS NULL','IS NOT NULL','NOT LIKE','LIKE','NOT RLIKE','RLIKE'. - The RLIKE is the equivalent to REGEXP 'something1|something2'

The %1 is a formatted placeholder.

This next one, [0,8], is interesting. According to the C++ source files this is a LIMIT.

Lastly, you have data to base this query off of; in this case, it wants the Arma scripts to grab the player's ID.

So when you combine all of this logic, you produce a SQL query:

SELECT `Medical` FROM `character_data` WHERE `CharacterID` = '_playerID' LIMIT 0,8

I am going through the C++ code right now, but I thought that may be, it would automatically recognize the SQL Statement, when it auto updates the database. I figured we could squeeze some updates/inserts in there. Oh well, it was worth a shot! ;)

REGARDING TEAM COMMUNICATION

I can offer my TeamSpeak 3 as a place to discuss and meet. If that is not acceptable, I highly recommend Razer Comms - imagine Skype, back when it was good, and if it had been made by Gamers. Lots more features than Skype, NO ADS( So far )!

=170= Sven2157

[mgm]

<snip>

REGARDING TEAM COMMUNICATION

I can offer my TeamSpeak 3 as a place to discuss and meet. If that is not acceptable, I highly recommend Razer Comms - imagine Skype, back when it was good, and if it had been made by Gamers. Lots more features than Skype, NO ADS( So far )!

Is it your own server, 24/7 up & running?

Thanks

[RimBlock]

=170= Sven2157

 

You are either not reading what I am writing or there is some sort of language problem.  As such there really is no point in trying to communicate with you based on your aggressive and deliberately argumentative responses.

 

@mgm, zuba & TacticalStealth.

 

Sorry guys, I am going to bow out as I really don't need the abuse from this guy.  Clearly there is something stopping us being able to communicate and I seem to be provoking more and more aggressive responses.  I am happy to provide ideas and suggestions but will no longer monitor this thread.  Feel free to reach out to me via PM or in my other threads.

 

@ Zuba

 

Thanks for the dll, I may reach out to you via PM on this.  I will continue to work at seeing if it can be leveraged of the modding communities use if a safe manner without any recompilation.

[mgm]

Agree on everything but #1

 

I would not suggest a banker inside the safezone traders. The money will never leave the safezone in that case? This is good for pve. But on most pvp servers it's boring.

In any case money will have to leave the tradecity (safezone or not) because the players will have a bank account limit. 

In the light of your comment, I will probably keep the limit lower though.

[mgm]

<snip>

 

@mgm, zuba & TacticalStealth.

 

Sorry guys, I am going to bow out as I really don't need the abuse from this guy.  Clearly there is something stopping us being able to communicate and I seem to be provoking more and more aggressive responses.  I am happy to provide ideas and suggestions but will no longer monitor this thread.  Feel free to reach out to me via PM or in my other threads.

 

<snip>

I do not have moderation power obviously but for all of us, It is easy to ignore a particular person if you feel unhappy about their posts and don't see a point to try and resolve the issue via PM.

I am still using your SQL db improvements and you are one of the few technical people responding in this thread, you're actually punishing us by leaving abruptly. I hope you'll reconsider your decision.

[Sven2157]

Is it your own server, 24/7 up & running?

Thanks

Yes, it is 24 / 7 / 365; and 6 on leap year.

=170= Sven2157

[mgm]

Yes, it is 24 / 7 / 365; and 6 on leap year.

=170= Sven2157

Likewise, since you are one of the few technical people I think it will help to use your server rather than a random server (e.g.: you'll be more likely to be found there). Please post the address and I'll update the 1st post.

[Sven2157]

I do not have moderation power obviously but for all of us, It is easy to ignore a particular person if you feel unhappy about their posts and don't see a point to try and resolve the issue via PM.

I am still using your SQL db improvements and you are one of the few technical people responding in this thread, you're actually punishing us by leaving abruptly. I hope you'll reconsider your decision.

Seriously? What has he contributed? I fail to see what he has given, with the exception of back seat driving and second guessing EVERYTHING! Everyone of his responses to mine belittle me. By basically saying I can't read, and insulting me. Now he is going to be a drama queen! FUCK THIS! Keep him...

[mgm]

Seriously? What has he contributed? I fail to see what he has given, with the exception of back seat driving and second guessing EVERYTHING! Everyone of his responses to mine belittle me. By basically saying I can't read, and insulting me. Now he is going to be a drama queen! FUCK THIS! Keep him...

No need to make this "him or me". Seriously pretty please you stay tooo.

Please can you two not just ignore each other and focus on the project? You both address Zupa directly maybe as he is the lead dev and understands this stuff.

[TacticalStealth]

Sven, and RimBlock, im on this with mgm, Just look at it like once the project is finished you wont have to speak just stay, and we can finish it quicker with everyone's help.

[mgm]

1st post updated - thank you Logan for free TeamSpeak server access for project team.

[Gr8]

Is this gona be compatible with the latest update 1.0.5.1 ?

[Zupa]

currently building it on 1.0.5 from dayzcommander

[SN1P3R]

What is the ETA on this fully completed released for the public :)

Looking forward for this.

[STENCHOVDETH]

WIP | No Timeline Est | Patients Req |  :P

[ZamboniBambino]

You should perhaps try a more formal development place, like GitHub, Sourceforge, or somewhere else, so that you can track your changes in a consistent way. And so that idiots who are unable to code, but who take a great deal of satisfaction criticising others who can, can show truly how inept they are, and thus remove themselves from any meaningful consideration in a project. 

 

I don't know how far on you are, but you can find the specifics in the C++ code, as you mentioned. From the Epoch Hive, I can see that there are some additional binds added:

HiveExtApp::HiveExtApp(string suffixDir) : AppServer("HiveExt",suffixDir), _serverId(-1)
{
//custom data retrieval
handlers[500] = boost::bind(&HiveExtApp::changeTableAccess,this,_1);	//mechanism for setting up custom table permissions
handlers[501] = boost::bind(&HiveExtApp::dataRequest,this,_1,false);	//sync load init and wait
handlers[502] = boost::bind(&HiveExtApp::dataRequest,this,_1,true);	//async load init
handlers[503] = boost::bind(&HiveExtApp::dataStatus,this,_1);	//retrieve request status and info
handlers[504] = boost::bind(&HiveExtApp::dataFetchRow,this,_1);	//fetch row from completed query
handlers[505] = boost::bind(&HiveExtApp::dataClose,this,_1);	//destroy any trace of request
//server and object stuff
handlers[302] = boost::bind(&HiveExtApp::streamObjects,this,_1);	//Returns object count, superKey first time, rows after that
handlers[303] = boost::bind(&HiveExtApp::objectInventory,this,_1,false);
handlers[304] = boost::bind(&HiveExtApp::objectDelete,this,_1,false);
handlers[305] = boost::bind(&HiveExtApp::vehicleMoved,this,_1);
handlers[306] = boost::bind(&HiveExtApp::vehicleDamaged,this,_1);
handlers[307] = boost::bind(&HiveExtApp::getDateTime,this,_1);
handlers[308] = boost::bind(&HiveExtApp::objectPublish,this,_1);

// Custom to just return db ID for object UID
handlers[388] = boost::bind(&HiveExtApp::objectReturnId,this,_1);
// for maintain
handlers[396] = boost::bind(&HiveExtApp::datestampObjectUpdate,this,_1,false);
handlers[397] = boost::bind(&HiveExtApp::datestampObjectUpdate,this,_1,true);
// For traders
handlers[398] = boost::bind(&HiveExtApp::tradeObject,this,_1);
handlers[399] = boost::bind(&HiveExtApp::loadTraderDetails,this,_1);
// End custom

handlers[309] = boost::bind(&HiveExtApp::objectInventory,this,_1,true);
handlers[310] = boost::bind(&HiveExtApp::objectDelete,this,_1,true);
handlers[400] = boost::bind(&HiveExtApp::serverShutdown,this,_1);	//Shut down the hiveExt instance
//player/character loads
handlers[101] = boost::bind(&HiveExtApp::loadPlayer,this,_1);
handlers[102] = boost::bind(&HiveExtApp::loadCharacterDetails,this,_1);
handlers[103] = boost::bind(&HiveExtApp::recordCharacterLogin,this,_1);
//character updates
handlers[201] = boost::bind(&HiveExtApp::playerUpdate,this,_1);
handlers[202] = boost::bind(&HiveExtApp::playerDeath,this,_1);
handlers[203] = boost::bind(&HiveExtApp::playerInit,this,_1);
}

Look up the relevant handlers in the same file (HiveExtApp.cpp) in GitHub. https://github.com/vbawol/DayZhiveEpoch/blob/9e09db3af6093f682e8db7cae17235a8e730ff3a/Hive/Source/HiveLib/HiveExtApp.cpp

 

Good luck with the project. My advice would be let people who don't know how to code, or who aren't providing any constructive, or quantifiable benefit, provide support and suggestions, but if they're getting in the way of those who can, shove a pineapple up their ass sideways.

[Zupa]

Some Info: 

 

I will soon get a US and EU (Thx to volunteers) server up for testing out the banking & single currency system. You can post feedback on what you like about it or dislike. Advice to change the current system is always welcome.

 

I will add the most popular scripts asswell to make it more fun to play/test. (eg: selfbloodbag).

 

More info about the 2 servers later on.

[cen]

self bloodbag is included in 1051 now :D

[mgm]

Some Info: 

 

I will soon get a US and EU (Thx to volunteers) server up for testing out the banking & single currency system. You can post feedback on what you like about it or dislike. Advice to change the current system is always welcome.

 

I will add the most popular scripts asswell to make it more fun to play/test. (eg: selfbloodbag).

 

More info about the 2 servers later on.

Thanks for yet more good news. Can't wait for the test server :)

[Gr8]

Idea for test server. 

Make it easy for testers to get started on making money on the server.

Spawn with a good gun and a vehicle > bike ?

Enforce rules to maintain stability. 

Spawn with some money. more trading means more testing.