New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Need feedback for our open source social network similar to facebook
Need feedback on our social network software
OSSN is a social networking software written in PHP its almost clone of facebook. It allows you to make a social networking website, helps your members build social relationships with people who share similar professional or personal interests.
https://www.opensource-socialnetwork.org
Kindly post your opinions
Sorry in advance if i posted in wrong place/topic.
Vote out of 5
- 143 votes
- 244.19%
- 3  6.98%
- 413.95%
- 534.88%
Comments
How does it compare to Friendica and similar projects?
@rds100 we focus on GUI of the project and care what users need. I never heard about Friendica before i viewed the site it seems they are also providing the social network script. that is good. We work as open source developers and wanted to help people for free.
We are also working to provide 'small organizations' free hosting for their social networks
If your going to build an open source social network, build a new one not a crappy replica of Facebook.
So you can set up an exact replica of Facebook with a different logo and less than 0.1% of the user base...?
I don't see any use cases for this script as it stands.
Make chat.
What is the scale we're voting on? Is 1 awful, and 5 is amazing? or is 1 amazing, and 5 awful?
It's astonishing that you start a project making a FOSS social network, without knowing about the existing developments in this area.
Here are some more: https://prism-break.org/en/categories/servers/#social-networks
Personally I like GNU Social http://www.gnu.org/software/social/
it looks very cool in action: https://quitter.se/
basically a full Twitter clone, except that it's decentralized, everyone can have their own server and follow people cross-servers.
So your project will have to answer two questions, 1) what does it provide over those mentioned in the prism-break list above, and 2), does it interoperate well with all or at least some of those.
And one more question, on your website you say "Globling The Future Today" , are you sure "Globling" is a word? If so, what does it mean?
P.S.: oh and the name is terrible, there's already more than one "opensource social network" on the market, you don't get to be "the" one, and I doubt you were aiming to be a generic "store brand" with this.
Yes exactly ^_^
I am not even sure if FB will allow this to continue. Seems like ....you will have some issues with them.
Lol, SZ1 is proving hosting for this (check hosting tab).
Ok so a few things. Posting video links don't actually get a thumbnail as facebook would. Your escaping is adding / to posts with contractions so the word can't comes out can/'t
Just a couple observations.
Yeah don't you remember him making a thread about a new Facebook clone?
Anyway, should have made it look like Google+ I think that looks better.
@rm_
it's abstract - you decide what it means and you can make it mean nothing at all if you please
Please see the Readme file https://github.com/opensource-socialnetwork/opensource-socialnetwork/blob/master/README.md
Please see the Readme file https://github.com/opensource-socialnetwork/opensource-socialnetwork/blob/master/README.md
Yes you are right , maybe we create theme like Google + like we created theme similar facebook
Nice idea, as we are initial stage, i created task for this https://github.com/opensource-socialnetwork/opensource-socialnetwork/issues/31
return md5($password.$salt);
}
using md5 and a salt to generate password.
HAHAHAHAHAHAHA, you're not even encrypting anything. What a joke.
Please report to github if you think there is any kind of issue in function or send pull request if you know how to fix.
No. You're not encrypting anything, you're merely hashing with a salt. Hashing is fast and weak. Encryption is supposed to be slow and strong.
If I have the salt and the hash password, I could supposedly reverse the hashing and get the password.
Can you please suggest us a encryption methods for encrypting passwords?
Hashing is one-way, that's the entire point of using it for passwords.
You can't reverse a hash, you can only look it up in a rainbow table and hope it exists (which is doubtful if it uses a good salt)
If you get the salt and the hashed password, the only thing you can do is use brute force (with the salt).
If it was "encrypted" it can be "decrypted" so hashing is the correct method for storing passwords.
Although I would recommend using SHA2 (PHP's
hash
function)bcrypt encryption through crypt - http://sg2.php.net/manual/en/function.crypt.php or PHP's password hash method - http://sg2.php.net/manual/en/function.password-hash.php
Both are very similar, just that the original crypt supports older versions of PHP
No, you're wrong too. Encryption is a two way process, you can get the original data back out of it. A hash is one way. You want to use a slow hashing function such as mcrypt.
No, don't do this. Use mcrypt or preferably bcrypt. You can also use password_hash() which by default uses crypt.
The idea of using a slow algorithm is that it's slow to run a brute force too.
You guys should learn some more about good password hashing practices.
I did not said that encryption is not a two way process. obviously there's a term called decrypting.
This.
You wouldn't encrypt a password, you'd hash it. If you can decrypt it by methods other than things like rainbow tables or brute forcing it's not a hash. If you can't decrypt it, it's not encryption.
Not bad
Well, I didn't look at his code, but I would assume it has a limit of how many times you can attempt to log in before it locks the account out. That's what I always do anyway.
That's not why you use slow hashing, you should be locking people out after x bad logins to prevent web based brute forces. The danger is that someone dumps your database and sees that it's full of very weak hashes.
And that's exacly why PHP's native password_hash function should be used. It's very simple and creates secure hash.