These are chat archives for MontCode/GeneralChat

30th
May 2016
Robert Maylie
@rmaylie9560
May 30 2016 01:13
I wonder if they change them at all...
you can always do a pull request to add more :p
i can link you the full list if you want spoilers
Robert Maylie
@rmaylie9560
May 30 2016 01:58
Ahh it's open sourced. That's where all the awesomeness comes from.
Lily Romano
@Lilyheart
May 30 2016 01:59
:smile_cat:
Robert Maylie
@rmaylie9560
May 30 2016 12:59
wow i feel like i havent even made a dent in this javascript section yet. I'm trying tnot to look at The Map
I feel like im in a bad episode of Dora The Explorer
Lily Romano
@Lilyheart
May 30 2016 13:00
I think it is one of the looooooogest and most annoying sections
Robert Maylie
@rmaylie9560
May 30 2016 13:04
agreed. (disclaimer: this statement is based entirely on speculation)
so ya got anything going on today? BBQ, Parade, Coding a simulation of a BBQ and/or a Parade?
Lily Romano
@Lilyheart
May 30 2016 13:07
playing catch up on my to do list.
Robert Maylie
@rmaylie9560
May 30 2016 13:13
But, do you really catch up if its always getting longer? :laughing: youre a busy girl.
David Castner
@davidjcastner
May 30 2016 13:28
on snap they put regex in the javascript tutorial
Lily Romano
@Lilyheart
May 30 2016 13:29
I know! So exciting!
David Castner
@davidjcastner
May 30 2016 13:30
exciting? more like terrifying
Lily Romano
@Lilyheart
May 30 2016 13:30
The js regex on fcc is super simple :p
David Castner
@davidjcastner
May 30 2016 13:30
if you haven't noticed by now I don't like regex
Lily Romano
@Lilyheart
May 30 2016 13:30
the most complicated is /\S/g which just counts all the non spaces.
David Castner
@davidjcastner
May 30 2016 13:31
phew...
@Lilyheart have you done the basic algorithm scripting part yet?
Lily Romano
@Lilyheart
May 30 2016 14:36
@davidjcastner yup
Lily Romano
@Lilyheart
May 30 2016 15:03
Issues?
David Castner
@davidjcastner
May 30 2016 16:15
Just curious, I had an issue but I hardcoded the answer in lol
Lily Romano
@Lilyheart
May 30 2016 16:16
@_@
David Castner
@davidjcastner
May 30 2016 16:16
if (str === "0_0 (: /-\ :) 0-0") { return true; }
got tired of trying to make a regex that would do a replace correctly
well that’s ugly xD but works
it should work with that one string, but the \ doesn't show up because it's an escape character
Not sure if that's a bug
Lily Romano
@Lilyheart
May 30 2016 16:23
i like your reverse join bbetter than my first last test xD
David Castner
@davidjcastner
May 30 2016 16:23
love the urls to these pages
Lily Romano
@Lilyheart
May 30 2016 16:23
easier on database storage i suppose
David Castner
@davidjcastner
May 30 2016 16:24
your's probably runs faster than mine
Lily Romano
@Lilyheart
May 30 2016 16:25
maybe. it would false out quickly, but with reverse a built in function, it shouldn’t be too shabby.
Robert Maylie
@rmaylie9560
May 30 2016 18:03
So you guys have all the regex validations memorized right?? :+1:
Lily Romano
@Lilyheart
May 30 2016 18:04
Have a book on my desk :smirk:
Robert Maylie
@rmaylie9560
May 30 2016 18:06
Hahaha, I swear who ever came up with that syntax is a horrible person.
David Castner
@davidjcastner
May 30 2016 18:06
I keep my regex commands stored on stack overflow
Lily Romano
@Lilyheart
May 30 2016 18:06
And the next award is to David, for Best Answer!
Robert Maylie
@rmaylie9560
May 30 2016 18:06
hahahaha.... I might have to follow suit from you two.
it seems handy...
David Castner
@davidjcastner
May 30 2016 18:10
In my opinion regex is really bad because it does not encourage well written programs. Code should be easy to read and understand what it does. A better way is to write a function that does string manipulation even if it's slightly slower
Lily Romano
@Lilyheart
May 30 2016 18:10
regex has a good purpose. And baked into a program is not one of them.
David Castner
@davidjcastner
May 30 2016 18:17
All my experiences with regex have been where someone tries to do string manipulation with it because there wasn't a string method for it. So I probably haven't come across a good use case for it yet except maybe html input patterns, but I would prefer to be able to use a function for pattern checking (of it were possible)
Robert Maylie
@rmaylie9560
May 30 2016 18:33
@davidjcastner how many forms of front end validations are recommended before sending data server side?
David Castner
@davidjcastner
May 30 2016 18:38
There must be validation on the server, so techniquely nothing on the client is necessary, but we run as much validation as possible on the client side as well to keep load off the servers. The pattern attribute on inputs is mainly used for user feedback not for validation
Most of the validation can be written as shared code between the server and client so it's not as bad as it sounds, so as long as the validation doesn't require server side permissions such as checking if some data belongs to a user, the validation can be done on the client side as well
Robert Maylie
@rmaylie9560
May 30 2016 19:00
Now by making sure the information belongs to the user you're talking about checking package headers or session id?
What would be a reliable way to check?
sorry for the silly questions.
David Castner
@davidjcastner
May 30 2016 19:02
I'm talking about interactions for a database, so checking if a user has permission or read and/or write certain ino in the database
all good I'm hear to help :smile:
Is there a specific example that you had a question about? I might be able to give a more well defined answer
Robert Maylie
@rmaylie9560
May 30 2016 19:06
You have me curious now. I'm going to research this at some point today. I'm sure I'll have some questions.im not the brightest bulb and often need the process spelled out in laymens terms.
thank you.
David Castner
@davidjcastner
May 30 2016 19:20

Alright have fun but I'll leave you with a quick example. Let's say you have a database that stores JSON object (example: mongodb) and you have a form for inserting a task for a certain user

// let's say the JSON looks something like this
{
    taskTitle: "My Task",
    taskDescription: "Blah Blah Blah gotta clean my room",
    taskPriority: "9001"
}

on both the client you might run a function like this (pseudo code)

// CLIENT CODE
// assuming that you've grabbed the information out of the html form
var cleanAndValidateTask = function(taskObject) {
    // removes extra properties, limits character count,insures that each field has the right data type, strips out html, etc..
};
// this client side validation is techniquely not required but it limits bad requests to your server and gives feedback to the user faster
cleanAndValidateTask(theTask);

but before sending it to the server or on the server it will attach some information about whos currently logged in, and then on the server you would run something like this

// SERVER CODE
var cleanAndValidateTask = function(taskObject) {
    // removes extra properties, limits character count, insures that each field has the right data type, strips out html, etc..
};
//using the same function that was on the client
cleanAndValidateTask(theTask);
checkIfUserIsOwnerOfTask(theTask, currentUser);
// finally is passed all checks, can now be inserted into the database
insertTask(theTask);
The reason all the checks need to take place on the server is incase someone sends stuff to your server not through your client which can happen. I hacked into the place I used to work by doing that. I hope my example helps example it a little better
David Castner
@davidjcastner
May 30 2016 19:37
Disclaimer: when I hacked into it, I was working there and testing one of the apps they made. It was ethical and legal
Robert Maylie
@rmaylie9560
May 30 2016 20:56
Perfect, that cleared things up for me quite a bit.
Robert Maylie
@rmaylie9560
May 30 2016 21:09
So essentially regardless if the packet is getting tampered with through a bad guys proxy. It still a: see's if the client has entered his password and currently logged on. Then strips all the potentially injections on the json.
David Castner
@davidjcastner
May 30 2016 21:17
@rmaylie9560 yes except the passwords are best handled via libraries or third party services such as log in with github or log in with facebook
Lily Romano
@Lilyheart
May 30 2016 21:22
While yes @rmaylie9560 a few new things ended up on my task list today, for the most part I got through a lot of the things I’ve been putting off. Taking a break and then trying to get the last of it done. Looks like I’ve missed some fun convo’s in here!
@davidjcastner do you remember who asked about which stack(s) to learn? Mouaz?
David Castner
@davidjcastner
May 30 2016 21:24
@Lilyheart I believe so, he was also asking about backend architecture like aws
Lily Romano
@Lilyheart
May 30 2016 21:25
Thanks. I found a cool link and I wanted to tag him when I posted. :heart:
Lily Romano
@Lilyheart
May 30 2016 22:05
Robert Maylie
@rmaylie9560
May 30 2016 22:22
To reroute the ip and skip the MITMs broken connection to the server. That's actually an awesome work around. I always thought of that as insecure for one reason or another. I see the logic behind it now.
Robert Maylie
@rmaylie9560
May 30 2016 22:51
What's that lik
Looks like it has some cool stuff in there