Hackathon Social Media Built from Scratch
Moderators: Please don't enter your real password here since this isn't a secure website
Basically I can look at ur stuff so don't share real info or passwords :)
Info
Today I made a somewhat sad social media site with firebase, html, css, and js at a hackathon.
300 LINES OF CODE IN 10 HOURS
HELP NEEDED
If anyone can help me clean up the code, create an auto refresh, and other things, let me know!
Instructions (Read this or u won't understand)
It's pretty simple. Create an account (double click the button) and sign into DataPost! You can make posts with text and images (only one for now) by clicking on the + symbol in the corner.
How it works
Really, this is horribly insecure, but let's not go there. You can literally interject code. I will leave the feature 4 now though cause that's actually pretty lit. I am not responsible for any lost data or stolen info btw.
Basically, I push data out from firebase and retrieve it. For the posts, I push a set of variables to firebase under "post" and then take those vaues and split them into like 5 arrays. Lastly, the posts are appended to the document.
Features
Login does not allow certain words (I deleted the full list to make it safe for the repl community), repeated users, and spam users.
Add posts in real time
Okay design
Images
Just fyi in case anyone tries to do the same. The image uploading is really, really, really bad. Basically, I take the image upload, past it on a canvas, convert the canvas to the base image URL code and save it to firebase. It's the only method I could think of without disrupting CORS (or maybe I should've done iframes??? but that would be copying from the ceo)
how can i connect firebase to my fork of this?
@RicardoGonzlez1 in /scripts/configFirebase.js you can change the credentials to match your own (get one from firebase console)
@AdCharity Ok, i will do it thx
Hello! Can I help moderate?
@Ravens0606 Well the project is out of date idk if there's anything to moderate lol
please check the popup that keeps saying 1 it is super annoying
@ms182199 yeah the site is susceptible to xss and I'm kind of too lazy to fix that
and I fixed it anyways lmao
@AdCharity fair enough
xsspy is a usefull tool. @AdCharity
and https://sqreen.com too which is free @AdCharity
I edited your post to tell people not to enter their real password in here since it isn't secure and your firebase token is in the code.
@PDanielY thanks. It kind of doesn't matter what you enter; it's more like proof of concept. btw I kind of said in the how it works that it is horribly insecure and what not. Plus idk who would enter real info (so I added I'm not responsible for lost/stolen info)
@PDanielY also I know we have repl talk. it just took a lot of effort just to get it running correctly and I've never successfully used firebase before. I can't imagine what kind of code had to be done to create repl. Honestly tho, is repl a heroku app?
@AdCharity i do cybersec so i might be able to help you secure it
@ms182199 nah it's fine I've already learned Node.js and how to use firestore.
@AdCharity it still isnt secure
@ms182199 uh how exactly are servers not secure? I understand Datapost-1 is highly insecure because it has no protections, but all of my future projects are fairly protected.
@AdCharity my notifications
@PDanielY sorry lmao
Firebase has also a Storage module