Easter Eggs?

[Naldru]

At which point, Amber will have to resort to placing javascript links in 'on click' tags and link-like formatting to spans around the links.

I don't know.  Unless you try to pick up the clicks with input or textarea tags, you are starting to get into the "results are undefined" territory.

I was thinking more of keystroke capture or image maps myself.  Of course, the classic from the movie would be to have a "search" input text field and show the secret page if a special word is entered in the field.

[Reese Tora]

Well, I was thinking more simple, for ease of page modification.  You can make a span tag that performs the exact same function as an anchor tag (but doesn't behave like one or show up to link highlighters) by inserting a single javascript line to change the page.  The other stuff, people may get sispicious when a new feature is added.

[llearch n'n'daCorna]

I believe the idea would be to implement the feature, and wait a month or so to put an easter egg into it.

I doubt Amber would go for that, though. I think she's more of the opinion that, if people are going to be like that, she might as well just link them on the cast page.

Which is a bit sad, really. I enjoyed looking for them, even though I'd been provided links to them to start with (on grounds of, "if anyone posts these, remove the post and beat them senseless, thank-you dear mods" or words to that effect...)

[Naldru]

Well, I was thinking more simple, for ease of page modification.  You can make a span tag that performs the exact same function as an anchor tag (but doesn't behave like one or show up to link highlighters) by inserting a single javascript line to change the page.  The other stuff, people may get sispicious when a new feature is added.

I don't think an onclick event can be received except by an element that can receive focus.  It might work on Internet Explorer 6, but that's always marched to the beat of a different drummer.  I just tried with Firefox and Safari 3, and it didn't seem to work there.  When you try to complicate things on web pages, my experience is that they tend to behave weirdly between browsers and between versions of the same browser.

That's why I liked llearch's little box creature icons.  It has a nice effect, but only required the basic portions of the HTML specification.

When it comes to what people will do to hack web sites, there doesn't seem to be any limit to what some people will do, regardless of whether it's DMFA, Second Life, or World of Warcraft.  I can think of ways in which things could be hidden so that hackers couldn't find it, but I don't see how anyone else would find it either.

As any good stage magician (as opposed to the people in DMFA who can really do magic), you should never repeat a trick because people will then know what to look for.  Perhaps there could be other fun things to be placed on the pages: word finds, coloring pages, perhaps something else.  Perhaps all the programmers (or people who claim to be programmers) on the forums could use their powers for good, creating games and amusements to be placed on the site.

[llearch n'n'daCorna]

That's why I liked llearch's little box creature icons.  It has a nice effect, but only required the basic portions of the HTML specification.

... My what?

[AndersW]

That's why I liked llearch's little box creature icons.  It has a nice effect, but only required the basic portions of the HTML specification.

... My what?

Your avatar, it keeps changing.

[Reese Tora]

I don't think an onclick event can be received except by an element that can receive focus.  It might work on Internet Explorer 6, but that's always marched to the beat of a different drummer.  I just tried with Firefox and Safari 3, and it didn't seem to work there.  When you try to complicate things on web pages, my experience is that they tend to behave weirdly between browsers and between versions of the same browser.

Hmm, that's odd, the on-click should be attachable to any visible screen element; that's how a lot of drop-down menus are created.

The point is, though, that the links could be hidden in on-click properties of various items in order to hide them from creative use of CSS.

[llearch n'n'daCorna]

... My what?

Your avatar, it keeps changing.

Oh, that.

Actually, that's just a script on the server side that returns a random image. No big deal.

[Naldru]

... My what?

Your avatar, it keeps changing.

Oh, that.

Actually, that's just a script on the server side that returns a random image. No big deal.

simple and effective

That's what's known as elegance of design, something that is sorely missing in many web site designs who are too interested in the bell and whistle count and not enough on how it affects the viewer.

[RobbieThe1st]

What about if you look at the code and simply Find "<a href=", and then F3 through all the links.. What do you say to that?

-RobbieThe1st

Wait wait wait, what program were you doing that in? I just pressed 'find next' each time... using notepad.

That would be notepad; F3 is the hotkey for "find next" in most microsoft programs

Also the hotkey in Firefox.
I meant you simply right-click> view source, press CTRL+F to bring up the find box, type in '<a href=', and F3 through the links. Simple!

Of cource, as it is now, there is pretty much no way to stop people from being able to view the source of a page with HTML.
That is why flash and java are used quite a bit for 'secure' data showing, such that people cannot view the source, however even that won't stop an experienced person. Simply, the problem with 'protecting' content from the viewer and only letting the user view it in the way it was intended to be viewed, is that no matter the amount of security you place on an bit of data, it has to be decoded on the viewing end, which means that at that point, the user can copy and mess with the data.

Just put a link like you were doing, and use CSS to have it be invisible or the same color as the surrounding text.

<_< I had an ebil idea: What if you had your hidden page be a normal page, and have it such that, depending on the referrer, it would show either the standard page or the hidden information(/both). As the decision would be server-based, it would be impossible to detect, and while you can fake a referrer, you would have to know the exact referrer in this case to trigger it. If you hot-linked the page, it would show up the normal information, which would confuse most people.
As Llearch knows, this is really simple to implement with php(about 2 lines), and, being server based, the viewer could not detect it.
Even knowing that the code is used, it would be impossible to use that information to any real advantage.

Code Select Expand


if(isset($_SERVER["HTTP_REFERER"]) && stristr($_SERVER["HTTP_REFERER"],"*page*")) {
echo "your hidden info";
} else {
echo "the normal info";
};

Quite simple, and adaptable to work with just about anything.
You could even replace the echo "";'s with include("");'s to display a full page.


-RobbieThe1st

[Reese Tora]

include, eh?

Does that work with including a flat HTML file?
(I've got some pages from when I was just learning PHP that seriously need updates... and that would certainly help in re-writing the security...)

[Amber Williams]

I'm not going to upgrade the difficulty bar just so a few people can feel more challenged.  Part of the point was that these were also supposed to be links people could randomly come across.  If people can't play by the rules, I'll just simply not let them know when there is a game.

[RobbieThe1st]

include, eh?

Does that work with including a flat HTML file?
(I've got some pages from when I was just learning PHP that seriously need updates... and that would certainly help in re-writing the security...)

Yup, thats the point - it basically just passes through the included file direct to the browser(as well as what other code has been echo'd).

I'm not going to upgrade the difficulty bar just so a few people can feel more challenged.  Part of the point was that these were also supposed to be links people could randomly come across.  If people can't play by the rules, I'll just simply not let them know when there is a game.

Well, true enough, however, as I just posted, for people doing the hunt properly, it would not change the difficulty at all, just it would make it nearly impossible to cheat.
I doubt that you(/llearch) will implement my suggestion, all things considered, but it would be much simpler to implement and work better than most things posted here.


-RobbieThe1st

[Anri]

Bweee! That was fun.

[llearch n'n'daCorna]

Bweee! That was fun.

.. and thus is the whole point. Congrats on finding them without assistance. ;-]

Edit:

include, eh?

Does that work with including a flat HTML file?

As Robbie says, yes. Basically, if you include a file, it treats the file as a standard php file - with all the restrictions that has; any code needs to be included in

Code Select Expand

<?php ?> tags, otherwise the whole file is treated as html.

So if you want to include html, just include it, and it'll magically work. This is often used to include -chunks- of html, in my experience; for example, having the whole site use a standard header or footer, and replace the bit in the middle. Or to load a default menu on every page, you can have the menu as a separate file. This means if you change one link, you change it in one place, rather than having to edit every single file on the site. This is what's known as "smart" ;-]

[Reese Tora]

I can see how that would be useful

The piece in question is a hoooge-arse form that I wrote before security was an issue(and before I figured out I could make a function for writting drop-downs that appear more than once in the form).  Then I wrote a header to perform authentication (after a logon screen that sets session ID and stuff) but I was left with the huge block of code I wanted to NOT appear if they loaded the page without being authenticated.

[Naldru]

I can see how that would be useful

The piece in question is a hoooge-arse form that I wrote before security was an issue(and before I figured out I could make a function for writting drop-downs that appear more than once in the form).  Then I wrote a header to perform authentication (after a logon screen that sets session ID and stuff) but I was left with the huge block of code I wanted to NOT appear if they loaded the page without being authenticated.

Look in the PHP books for session control and session awareness.  Starting with PHP 4, you have the ability to store variables that will be available to all of the pages in a session.  This would include a variable indicating that the session was authenticated.  You simply set the pages so that if the variable indicates the session hasn't been authenticated, all the user gets is a request to log in.

[Reese Tora]

book?

see, actually, I've been teaching myself PHP from PHP.org for the last year.  I should have looked at the section on session control more closely, because I missed the bit about authenticated sessions you mentioned.

[Gabi]

*Skims through the topic.* Why can't people just have fun?

PS: try php.net.

[candide]

I say that people who gloat about the methods they use are far worse than the people who use shady methods. And if they keep bragging about 'teh awesome' they are, they are going to get a bannin out of spite. 

(Edit note: Keep in mind there is a difference between saying "hey I used this to figure it out" and gloating.)

Who's gloating?  I haven't seen anyone doing that.

And what's wrong with praising a fellow member of the forums?!? 

[Reese Tora]

*Skims through the topic.* Why can't people just have fun?

PS: try php.net.

whups... did I say .org? i meant .net, I always type the wrong one in first and have load the other page.
(I meant he official one where you download the source or installer and submit bug reports  )

[llearch n'n'daCorna]

I can see how that would be useful

The piece in question is a hoooge-arse form that I wrote before security was an issue(and before I figured out I could make a function for writting drop-downs that appear more than once in the form).  Then I wrote a header to perform authentication (after a logon screen that sets session ID and stuff) but I was left with the huge block of code I wanted to NOT appear if they loaded the page without being authenticated.

Talk to me OOB about this. I've got two or three copies of something that does almost precisely this, which might show you some interesting ways of doing it.

Fairly simple code, too.

Try either the IRC or IM...

[Grenn]

Yay! Found one! The second one will drive me mad until I uncover it!

[Edit: And I like games, so I uncovered it the old fashoned way. Was fun!]

Worth the time to explore for!

[llearch n'n'daCorna]

[Edit: And I like games, so I uncovered it the old fashoned way. Was fun!]

Worth the time to explore for!

... I guess that means you -don't- want me to provide hints. ;-]

[Grenn]

Hmm.....

Nah. Much more rewarding to find it without them 

[Dayliss]

While it's true that finding them on your own is much more rewarding, I have to give in and ask for a push in the right direction.

So, hints please?

(Shameless, I know - but I'm a longtime reader, admirer and lurker.)

[Anri]

So, hints please?

(Shameless, I know - but I'm a longtime reader, admirer and lurker.)

The first hin~* MMFPHL! MMNHPHF! *thunk* 

[llearch n'n'daCorna]

While it's true that finding them on your own is much more rewarding, I have to give in and ask for a push in the right direction.

So, hints please?

(Shameless, I know - but I'm a longtime reader, admirer and lurker.)

Woot! One more, and I get a free set of steak knives... ;-]

[Dayliss]

While it's true that finding them on your own is much more rewarding, I have to give in and ask for a push in the right direction.

So, hints please?

(Shameless, I know - but I'm a longtime reader, admirer and lurker.)

Woot! One more, and I get a free set of steak knives... ;-]

Hah, I'll try to round up another lurker/lazy person for you then.

[llearch n'n'daCorna]

Hah, I'll try to round up another lurker/lazy person for you then.

Heh. I re-counted. I'm up to 37. So there's a couple more to go yet. ;-]