News:

Server address: server.convoytrucking.net
Get SA-MP 0.3.7 here: Click Here to download SA-MP 0.3.7

Main Menu

H3lp

Started by TheFoxman, December 03, 2016, 11:47

TheFoxman

How to change my ig stats picture settings (tried to find it)





Martin

You need to be a VIP to be able to do that.
LAST SEEN
TOTAL TIME ON SERVER
SCORE
TRUCK LOADS
CONVOY SCORE
ACHIEVEMENTS
ARTIC
DUMPER
VAN
FUEL
CEMENT
ARRESTS
CARS STOLEN
COACH
PLANE
HELICOPTER
TOW TRUCK
LIMO
TRASH
ARMORED VAN
BURGLARIES
ARMORED VANS STOLEN
MISSIONS FAILED
OVERLOADED
FINES PAID
TOTAL SPENT ON FUEL
INTEREST EARNED
DISTANCE TRAVELLED
TIME IN JAIL
LAST MISSION

TheFoxman






Ethan

Quote from: Martin on December 03, 2016, 14:10
You need to be an [active] VIP to be able to do that.

fixed it

Deff

or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.

Ethan

Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.
wait, dont you have to have the VIP active to change your sig because of they way the signature is done?

Shock

Quote from: Ethan on December 05, 2016, 00:21
Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.


wait, dont you have to have the VIP active to change your sig because of they way the signature is done?

Yes you do and there is already a script when u have active vip that lets u customize the individual signature things

Quote from: Dux on April 22, 2017, 06:22First of all!! You are not supposed as an admin to check chatlogs!!



Kake

Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.
idk what she did but i can create a custom ct signature using her link without vip

u can see my signature below

Deff

yeah only VIPs can do it from cvt website, but this one is public, its done from django rest framework, all it needs is player stats like time online, score, etc, which are publically available already on django rest framework or the cvt website, it can get player info easily
If admins don't allow it, i will disable it, no problem.
and it might be buggy as it was a quick script, if someone wants me to improve let me know

Ethan

this is awesome, TY Viky/Deff

CarlJohnson

Quote from: Deff on December 05, 2016, 16:39
yeah only VIPs can do it from cvt website, but this one is public, its done from django rest framework, all it needs is player stats like time online, score, etc, which are publically available already on django rest framework or the cvt website, it can get player info easily
If admins don't allow it, i will disable it, no problem.
and it might be buggy as it was a quick script, if someone wants me to improve let me know
I see your are familiar with Django rest framework, interested in helping us with the website?
LAST SEEN
TOTAL TIME ON SERVER
SCORE
TRUCK LOADS
CONVOY SCORE
ACHIEVEMENTS
ARTIC
DUMPER
VAN
FUEL
CEMENT
ARRESTS
CARS STOLEN
COACH
PLANE
HELICOPTER
TOW TRUCK
LIMO
TRASH
ARMORED VAN

TheFoxman

Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.

The script is good but i wanted to do a different things like removing  my achievements from my signature but ty anyway





Kake

Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.

@viky I think the achievements data is bugged. It is showing that i have 6 achievemnts(I have only 4) and ethan is having 57/17 :D

Joshy

Quote from: Kakeshi on December 06, 2016, 15:25
Quote from: Deff on December 04, 2016, 21:59
or you can try this:
http://cvt.is-great.net/signature/

Just made a quick script when I saw this thread.

@viky I think the achievements data is bugged. It is showing that i have 6 achievemnts(I have only 4) and ethan is having 57/17 :D
@viky player.achievements is an integer field containing a bitwise representation of achievement states.

I know (1 << 0) is artic (1)
And that (1 << 1) is probably dumper (2)

You can check an achievements status by bitwise-ANDing the field against the achievement number, e.g. how to check if i have dumper achievement is:
var hasDumper = player.achievements & (1 << 1) == (1 << 1)
You can count the number of set bits (I.e. number of achievements) by either iterating through all bits and adding them up, or use an algorithm called popcount/Hamming weight. This is the iterative approach:

var achCount = 0;
for (var achIndex = 0; achIndex < 18 /*There are 17 achs*/; achIndex++) {
    if (player.achievements & (1 << achIndex) == (1 << achIndex)) {
        achCount++;
    }
}


Idk what the achievement numbers are but if all you're after is the count, the above code should do.
[comment]test[/comment]
LAST SEEN
TOTAL TIME ON SERVER
SCORE
TRUCK LOADS
CONVOY SCORE
ACHIEVEMENTS
ARTIC
DUMPER
VAN
FUEL
CEMENT
ARRESTS
CARS STOLEN
COACH
PLANE
HELICOPTER
TOW TRUCK
LIMO
TRASH
ARMORED VAN
BURGLARIES
ARMORED VANS STOLEN
MISSIONS FAILED
OVERLOADED
FINES PAID
TOTAL SPENT ON FUEL
INTEREST EARNED
DISTANCE TRAVELLED
TIME IN JAIL
LAST MISSION
Generated using Azure Functions & CloudFlare Workers using the Convoy Trucking API. Updates every around 5 minutes. See the original SVG image. View source code (not updated with function yet)




TheFoxman

If viky can make a signature that shows 17/17 will be great :3





Ethan

Quote from: TheFoxman on December 07, 2016, 10:44
If viky can make a signature that shows 17/17 will be great :3
for people who actually have 17/17, sure, itd be great.... but since you dont, why ask for it?

TheFoxman

Quote from: Ethan on December 07, 2016, 16:37
Quote from: TheFoxman on December 07, 2016, 10:44
If viky can make a signature that shows 17/17 will be great :3
for people who actually have 17/17, sure, itd be great.... but since you dont, why ask for it?
Well u dont have 17 or 57 but it shows that u have 57 so i want only 17 :)





Deff

Thanks for the explanation Joshy :D
Fixed that way.

TheFoxman

Quote from: Deff on December 08, 2016, 22:45
Thanks for the explanation Joshy :D
Fixed that way.
Not surprised :D





Ethan

yeah, for some odd reason my profile picture I chose changed to some random thing.. I had to change it... maybe becasue of Viky updated it?

Deff

Quote from: Ethan on December 09, 2016, 01:29
yeah, for some odd reason my profile picture I chose changed to some random thing.. I had to change it... maybe becasue of Viky updated it?

Oh its public, anyone can make signature for anyone. But I have disabled it now. Those who have already made, it will work for them, no one can make/edit signatures now, this can't be authenticated as of now, hence disabled.

Joshy

#21
Quote from: Deff on December 09, 2016, 06:23
Quote from: Ethan on December 09, 2016, 01:29
yeah, for some odd reason my profile picture I chose changed to some random thing.. I had to change it... maybe becasue of Viky updated it?

Oh its public, anyone can make signature for anyone. But I have disabled it now. Those who have already made, it will work for them, no one can make/edit signatures now, this can't be authenticated as of now, hence disabled.
That's quite unfortunate, it was good to see the API being used by someone other than Mick (CT Android app).

You should suggest API authentication (OAuth2 or something), Django REST framework probably has it built in.

As a short term workaround you could send people unique URLs that only work for their profile via PM, that way in order to make a signature they'll have to PM you and then you make them a URL / token for their account. Idk if it's worth the effort though.


edit: here's how I would do this in PHP (it's been a while since I wrote any PHP, C# ftw) (also this is totally untested) (it's probably not bulletproof and/or cryptographically secure but who cares lol ¯\_(ツ)_/¯):

const SECRET_KEY "some secret constant string here";

function 
generate_token($username) {
   return 
hash_hmac("sha256"$usernameSECRET_KEY);
}

// function which is able to verify a MAC for a given username
function verify_token($username$token) {
    
// basically you re-create the MAC for a given username and then verify it against the passed in MAC
    
return hash_equals(generate_mac($username), $token); // interesting fact: hash_equals isn't susceptible to timing attacks, however "==" is
}

// to verify a URL
$username = isset($_GET["username"]) ? $_GET["username"] : NULL;
$token = isset($_GET["token"]) ? $_GET["token"] : NULL;

if (empty(
$username) || empty($token)) {
    echo 
"kek nice try...";
    return;
}

$isActuallyTheUser verify_token($username$token);

if (
$isActuallyTheUser) {
    
// Do signature stuff
} else {
    
// Firewall the user's IP address into oblivion
}

////////////////

// for giving out URLs (put this behind a password or something)
const BASE_URI "http://cvt.is-great.net/signature/";
// URL generation
function generate_url_with_token($username) {
    
$token generate_token($username);
    return 
BASE_URI "?" http_build_query(array("username" => $username"token" => $token));
}

$username = isset($_GET["username"]) ? $_GET["username"] : NULL;
if (empty(
$username)) {
    echo 
"Good joke viky... srsly";
    return;
}
echo 
generate_url_with_token($username);


The result I got with that "secret" key and my username is http://cvt.is-great.net/signature/?username=Joshy&token=44939cf6f335a44a6a7acdc09566691d7c5f7bec3c1b321f13dc6f9e64d80ea2

You can use the code at https://repl.it/EmJm/3 to test your environment to make sure it works properly (some web hosting disable hash_hmac for "security" - klol).
[comment]test[/comment]
LAST SEEN
TOTAL TIME ON SERVER
SCORE
TRUCK LOADS
CONVOY SCORE
ACHIEVEMENTS
ARTIC
DUMPER
VAN
FUEL
CEMENT
ARRESTS
CARS STOLEN
COACH
PLANE
HELICOPTER
TOW TRUCK
LIMO
TRASH
ARMORED VAN
BURGLARIES
ARMORED VANS STOLEN
MISSIONS FAILED
OVERLOADED
FINES PAID
TOTAL SPENT ON FUEL
INTEREST EARNED
DISTANCE TRAVELLED
TIME IN JAIL
LAST MISSION
Generated using Azure Functions & CloudFlare Workers using the Convoy Trucking API. Updates every around 5 minutes. See the original SVG image. View source code (not updated with function yet)




Deff

Thanks alot joshy! Did it that way.
Now everyone will have a unique URL for editing/making the signature. To get this, they will need to PM me on forum.

TheFoxman

Quote from: Joshy on December 09, 2016, 19:36
Quote from: Deff on December 09, 2016, 06:23
Quote from: Ethan on December 09, 2016, 01:29
yeah, for some odd reason my profile picture I chose changed to some random thing.. I had to change it... maybe becasue of Viky updated it?

Oh its public, anyone can make signature for anyone. But I have disabled it now. Those who have already made, it will work for them, no one can make/edit signatures now, this can't be authenticated as of now, hence disabled.
That's quite unfortunate, it was good to see the API being used by someone other than Mick (CT Android app).

You should suggest API authentication (OAuth2 or something), Django REST framework probably has it built in.

As a short term workaround you could send people unique URLs that only work for their profile via PM, that way in order to make a signature they'll have to PM you and then you make them a URL / token for their account. Idk if it's worth the effort though.


edit: here's how I would do this in PHP (it's been a while since I wrote any PHP, C# ftw) (also this is totally untested) (it's probably not bulletproof and/or cryptographically secure but who cares lol ¯\_(ツ)_/¯):

const SECRET_KEY "some secret constant string here";

function 
generate_token($username) {
   return 
hash_hmac("sha256"$usernameSECRET_KEY);
}

// function which is able to verify a MAC for a given username
function verify_token($username$token) {
    
// basically you re-create the MAC for a given username and then verify it against the passed in MAC
    
return hash_equals(generate_mac($username), $token); // interesting fact: hash_equals isn't susceptible to timing attacks, however "==" is
}

// to verify a URL
$username = isset($_GET["username"]) ? $_GET["username"] : NULL;
$token = isset($_GET["token"]) ? $_GET["token"] : NULL;

if (empty(
$username) || empty($token)) {
    echo 
"kek nice try...";
    return;
}

$isActuallyTheUser verify_token($username$token);

if (
$isActuallyTheUser) {
    
// Do signature stuff
} else {
    
// Firewall the user's IP address into oblivion
}

////////////////

// for giving out URLs (put this behind a password or something)
const BASE_URI "http://cvt.is-great.net/signature/";
// URL generation
function generate_url_with_token($username) {
    
$token generate_token($username);
    return 
BASE_URI "?" http_build_query(array("username" => $username"token" => $token));
}

$username = isset($_GET["username"]) ? $_GET["username"] : NULL;
if (empty(
$username)) {
    echo 
"Good joke viky... srsly";
    return;
}
echo 
generate_url_with_token($username);


The result I got with that "secret" key and my username is http://cvt.is-great.net/signature/?username=Joshy&token=44939cf6f335a44a6a7acdc09566691d7c5f7bec3c1b321f13dc6f9e64d80ea2

You can use the code at https://repl.it/EmJm/3 to test your environment to make sure it works properly (some web hosting disable hash_hmac for "security" - klol).

Still dont know who created the coding that doesnt make sence at all :)