Share your repls and programming experiences

← Back to all posts
Hackathon Social Media Built from Scratch
AdCharity (1326)

Moderators: Please don't enter your real password here since this isn't a secure website
Basically I can look at ur stuff so don't share real info or passwords :)


Today I made a somewhat sad social media site with firebase, html, css, and js at a hackathon.


If anyone can help me clean up the code, create an auto refresh, and other things, let me know!

Instructions (Read this or u won't understand)

It's pretty simple. Create an account (double click the button) and sign into DataPost! You can make posts with text and images (only one for now) by clicking on the + symbol in the corner.

How it works

Really, this is horribly insecure, but let's not go there. You can literally interject code. I will leave the feature 4 now though cause that's actually pretty lit. I am not responsible for any lost data or stolen info btw.
Basically, I push data out from firebase and retrieve it. For the posts, I push a set of variables to firebase under "post" and then take those vaues and split them into like 5 arrays. Lastly, the posts are appended to the document.


Login does not allow certain words (I deleted the full list to make it safe for the repl community), repeated users, and spam users.
Add posts in real time
Okay design


Just fyi in case anyone tries to do the same. The image uploading is really, really, really bad. Basically, I take the image upload, past it on a canvas, convert the canvas to the base image URL code and save it to firebase. It's the only method I could think of without disrupting CORS (or maybe I should've done iframes??? but that would be copying from the ceo)

botApi (1)

Firebase has also a Storage module

RicardoGonzlez1 (4)

how can i connect firebase to my fork of this?

AdCharity (1326)

@RicardoGonzlez1 in /scripts/configFirebase.js you can change the credentials to match your own (get one from firebase console)

TheNethrRaven (86)

Hello! Can I help moderate?

AdCharity (1326)

@Ravens0606 Well the project is out of date idk if there's anything to moderate lol

ms182199 (0)

please check the popup that keeps saying 1 it is super annoying

AdCharity (1326)

@ms182199 yeah the site is susceptible to xss and I'm kind of too lazy to fix that

and I fixed it anyways lmao

StringentDev (234)

xsspy is a usefull tool. @AdCharity

HackermonDev (2076)

I edited your post to tell people not to enter their real password in here since it isn't secure and your firebase token is in the code.

AdCharity (1326)

@PDanielY thanks. It kind of doesn't matter what you enter; it's more like proof of concept. btw I kind of said in the how it works that it is horribly insecure and what not. Plus idk who would enter real info (so I added I'm not responsible for lost/stolen info)

AdCharity (1326)

@PDanielY also I know we have repl talk. it just took a lot of effort just to get it running correctly and I've never successfully used firebase before. I can't imagine what kind of code had to be done to create repl. Honestly tho, is repl a heroku app?

ms182199 (0)

@AdCharity i do cybersec so i might be able to help you secure it

AdCharity (1326)

@ms182199 nah it's fine I've already learned Node.js and how to use firestore.

AdCharity (1326)

@ms182199 uh how exactly are servers not secure? I understand Datapost-1 is highly insecure because it has no protections, but all of my future projects are fairly protected.