I have realised how unsafe is what I have done, and in the next version I will solve this. (I was storing the token, hashed, without checking if it's the real one.)
3 Days ago I've introduced you to the SteemCasino, my latest project, that it's slowly coming to life. It only had a deposit function and a login/register.
You can see our github here.
Pull request here.
What's new?
- We've added Coinflip!
Coinflip can only be played with your balance from the website so we are not using so much bandwith!
Coinflip dosn't yet have an animation or a history page. Coming in the next update!
- We've added a new withdraw function!
You can now withdraw your hard earned SBD!
How did we implement the withdraw function?
We are using the SteemConnect's API to send a transaction from your account to our bot's account and inform him that you want to withdraw some SBD.
var memed = json[i].memo.split(" ");
if(!withdrawMemo.localeCompare(memed[0])) {
var trans = json[i].transaction.split(" ");
var username = trans[4];
var withdraw = parseFloat(memed[1]);
withdraw = withdraw.toFixed(3);
console.log(username + " wants to withdraw: " + withdraw + " SBD.");
withdrawReceived(username, withdraw);
}
Then it calculates if you have enough money in your balance, or if him has enough balance to send (might happen, but not often).
function withdrawReceived(username, withdraw) {
con.query("SELECT * FROM users WHERE username = '" + username + "'", function (err, result) {
if (err) throw err;
var balance = result[0].balance;
if(balance >= withdraw) {
var newBalance = balance - withdraw;
steem.api.getAccounts([botName], function(err, result) {
var botBalance = result[0].sbd_balance.split(" ");
botBalance = botBalance[0];
botBalance = botBalance - 0.001;
if(botBalance >= withdraw)
{
con.query("UPDATE users SET balance = '" + newBalance + "' WHERE username = '" + username + "'", function (errr, rresult) {
steem.broadcast.transfer(activekey, botName, username, withdraw + " SBD", "Your withdrawal has been successful! New balance: " + newBalance + " SBD", function(err, result) {
console.log(username + " has withdraw " + withdraw + " SBD.");
});
});
} else {
steem.broadcast.transfer(activekey, botName, username, "0.001 SBD", "We don't have this amount of money at this moment. Please wait until we add more or withdraw less than: " + botBalance + " SBD", function(err, result) {
});
}
});
} else {
console.log(username + " dosn't have enough money in balance. Balance: " + balance + ". Wants do withdraw: " + withdraw);
steem.broadcast.transfer(activekey, botName, username, "0.001 SBD", "You dont have enough money in balance. Balance: " + balance + " SBD", function(err, result) {
});
}
});
How do we display the games of coinflip?
We do a simple mysql query that searches for open games, win = 0. If it finds that, then it displays the games, if it dosn't then it displays a message saying No games avalabile.
$query = $db->prepare('SELECT * FROM coinflip WHERE win = ?');
$query->bind_param('i', $win);
$query->execute();
$result = $query->get_result();
if($result->num_rows) {
$body = "";
while ($row = $result->fetch_assoc()) {
$gameid = $row['ID'];
$player1 = $row['player1'];
$player2 = $row['player2'];
$bet = $row['bet'];
$reward = $row['reward'];
$hash = $row['hash'];
if($player1 == "")
$players = "Steem - <a href=\"#\" onClick=\"MyWindow=window.open('confirmcoinflip.php?game=".$gameid."','MyWindow',width=600,height=300); return false;\">Enter game</a><br>Bitcoin - ".$player2;
else if($player2 == "")
$players = "Steem - ".$player1."<br>Bitcoin - <a href=\"#\" onClick=\"MyWindow=window.open('confirmcoinflip.php?game=".$gameid."','MyWindow',width=600,height=300); return false;\">Enter game</a>";
else
$players = $player1."<br>".$player2."<br><a href=\"#\">View game</a>";
$body .= "
<div>
<h1>Game #".$gameid."</h1>
<h3>Players<br>".$players."<br><br>
Bet: ".$bet." SBD (Reward:".$reward." SBD)<br><a href=\"#\" onClick=\"MyWindow=window.open('hash.php?hash=".$hash."','MyWindow',width=600,height=300); return false;\">
See hash
</a>
</div>
";
}
} else {
$body = "<h1 style=\"color:red\">No games avalabile.</h1>";
}
Last but not least, now your steemconnect token gets hashed with BCRYPT and gets inserted into our database and we check it every time with your cookie to be sure it's you! (If somebody knows how to make this more secure, please hit me up!)
Posted on Utopian.io - Rewarding Open Source Contributors
Follow, I follow back, let's support each other 😊
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
As per the Updated Utopian rules "The repository must contain a readme file with usage and install instructions, as well as an appropriate open source license.", please update your README.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Updated
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You should also write what exactly SteemCasino is in the README
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Updated again
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank you for the contribution. It has been approved.
You can contact us on Discord.
[utopian-moderator]
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Hey @andreistalker I am @utopian-io. I have just upvoted you!
Achievements
Community-Driven Witness!
I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!
Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
hallo @andreistalker i need your email
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You can contact me on github or on utopian discord (SpargeCase)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Wow, you are really doing a great job with SteemCasino @andreistalker
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit