The eAuction Support Forums

The eAuction Support Forums
https://www.everyscript.de/cgi-bin/yabb/YaBB.pl
eAuction 1.6.1.x >> Unsorted >> Remarks
https://www.everyscript.de/cgi-bin/yabb/YaBB.pl?num=1164496643

Message started by patnovack on 11/26/06 at 00:17:22

Title: Remarks
Post by patnovack on 11/26/06 at 00:17:22

Ok, I am going to put in my two cents.

1st let me say, I dont use eAuction, however I did start off with the account first script from phonewire at the core, I actually am just now learning about the eAuction and Dieter cause of recent problems you were having with attacks. Ive had this character trying to do something to a couple of my auctions sites as well. I believe cause of the different setup in architecture and file names he hasnt had much success other than some bogus listings where he would overun the item names and leave me with bad pictures that he would load up into the gallery, featured items to get them to my front page. Couldnt believe someone would even tooken the time to sign up under three different names and the like. He signed up on another one of our sites and the girls in the office reconized him right away.

My hat goes off to you Dieter, your a great man for all that your doing online.

As for the comments about contributing code; well were a company called Detroit Metro Area Networks, and this is serious business to us, we spend about $8000 a month just in advertisement here, so as we work on great code for our sites, were not actually anxious to give it away. There are a few others that we actually consider our competitors out there, however the majority of them we look at as some young guy sitting at his home computer at night and not very serious. This might explain your above comments to some extent.

Ps- after reading all your comments, I no longer am sure that our nemisis is the one and the same. My bad guy I believe is based in Jackson Michigan as far as I can tell. Good luck.
PNovack,
www.dmanonline.com

Title: Re: Remarks
Post by Dieter Werner on 11/26/06 at 15:49:42

Hi Patrick,

the use of the original version of firstaccount opens a wide range of security wholes.

I hope you rewrote the code (but that's almost impossible because the names of the variables are very long, very hard to identify and the system uses exclusively global variables).

On the other hand ...
in order to transfer CC data, you have to use a SSL system - did you install it?

Title: Re: Remarks
Post by patnovack on 11/26/06 at 17:41:41

Well actually that is how I ended up at your site. I have the account first from phonewire, their website led me to yours. I was hoping to find a newer version of thier software to implement a megalist. I downloaded your auction script to take a look at the files, but seems alot different, all the variables and file archetecture is much different. But at the same time many parts are the same. In fact your name is listed in a file as the author of a sub routine part that gets random data. So you can imagine how excited I was to find your site.

What I really need is to figure out where to go from here, as far as progression, for the accounting system. You seem to be many years ahead of me in that area. I have one system in cold fusion that claims it can handle the traffic. www.theauctionblock.com. But it is not open source and I dont really like it. Where do your users turn when the user load gets to much on the account first system? Did they make a new version that is more robust? Have you looked at going to sql databases?

Pat Novack, www.BiddersSite.com

Title: Re: Remarks
Post by Dieter Werner on 11/26/06 at 22:37:54

Yes, I was in contact with PhoneWire, I worked with the code of AccountFirst and I spent a lot of time to convert it into a useable system.
Because of license problems (I wasn't ready to put my work under the copyright of PhoneWire), the coding has never been finished.

I designed and coded another system (very different from AccountFirst) that handles user accounts and uses PayPal for transactions.

As for the storage system of eAuction ...
up to (at least) 50,000 items and ~300 simultaneous (user) access ...
the response of a flat file system is very much faster as a relational database ever can be.

In order to handle bigger auctions, I wrote a small sql-machine in order to convert the file-related I/O functions into sql-commands.

But all of this is not yet ready to become released.