VGCollect Forum
VGCollect Site Stuff => VGCollect for Android => Topic started by: matt on August 02, 2012, 03:39:05 pm
-
Just an open call to see if we have any Android devs out in the community? Let me know!
-
I've been trying to learn, but unfortunately at this time I am not that good.
-
I played around with developing for Android a little while back, I have a degree in programming just haven't really used it much lately. I'd love to help though, the site is great!
-
I keep meaning to learn Android/Java/programming in general. About the most I've done is a batch file here and a bit of editing to PHP/Python to make things work for me. One day..
-
I have some basics on android programming and i'm still improving my skills on my university. If You need any help let me know, i can help. By the way, this is great site. Greetings from Poland!
-
I have some basics on android programming and i'm still improving my skills on my university. If You need any help let me know, i can help. By the way, this is great site. Greetings from Poland!
Thanks! I want to just open source the app and get it up on github I simply just don't have the time right now to manage it. Hopefully I'll make some progress on that soon.
-
Ok, I will be happy to help.
-
Ok, I will be happy to help.
Do you have any experience working with git/github? The main issue that I'm dealing with it that I don't want to expose some of the server side API that I've written for VGC. I think with little effort I could rewrite some of it to store the API key in a file and just add it to .gitignore. I'd also need to create a few keys for developers to use.
-
I haven't worked with git, so I can't help you with that. I worked only with svn.
-
I have a buddy who dabbles into android if you are still looking for someone to help with the code.
-
Matt, I am a software developer who has been using the site and app for a while. Finally got tired of waiting for updates and found the forum.
I would be happy to take a look at the code and try to update and fix things.
-
Matt, I am a software developer who has been using the site and app for a while. Finally got tired of waiting for updates and found the forum.
I would be happy to take a look at the code and try to update and fix things.
Hey - shoot me a message over at matt@vgcollect.com. If you've got Android experience I can send you an updated apk and give you access to the repo.
-
Sent you an email.
-
Hi, I'm a junior app developer. I'm familiar with Windows Phone, Windows Store and Android. If you need any help on a subject about Git or Android then I can happily help you out. If you want to open source the app that'd be great too. As it would open up opportunities to develop for other platforms as well. If you want an example of my work, here's an app I've made with two friends of mine: https://play.google.com/store/apps/details?id=be.ana.nmct.multimania&ah=x2VF3LA-5S02ImMlV5LGyzX9o1o
I can't promise I'll be available instantly or at all times but I would be able to squeeze some time out of my schedule to help you guys out!
-
Do you have any experience working with git/github? The main issue that I'm dealing with it that I don't want to expose some of the server side API that I've written for VGC. I think with little effort I could rewrite some of it to store the API key in a file and just add it to .gitignore. I'd also need to create a few keys for developers to use.
Security through obscurity isn't a thing. If it's just an API key you're hiding, someone could easily sniff that. :-)
-
I got a Diploma in Android app development earlier this year, and I'm always using github.
-
Do you have any experience working with git/github? The main issue that I'm dealing with it that I don't want to expose some of the server side API that I've written for VGC. I think with little effort I could rewrite some of it to store the API key in a file and just add it to .gitignore. I'd also need to create a few keys for developers to use.
Security through obscurity isn't a thing. If it's just an API key you're hiding, someone could easily sniff that. :-)
Even worse, they have an api with keys, but they "hide" the key in a php file that is used by the app to forward requests to the actual api. ;D
If I wanted to use your api I shouldn't even worry about sniffing a key that you'll disable.
Unfortunately once you expose an API on the web, you can only make it harder for people to use it, but there's no way to hide. You could replace JSON data with HTML scraping, but the performance will decrease dramatically.
Also, you should hash a password before sending it to the api, then check if the created hash matches the one in your database (unless you're storing clear passwords, in 2015).
http://vgcollect.com/api/api.php?action=validate&username=vektor&password=MYPASSWORDINCLEARTEXT
is not safe, use MD5 or SHA.