Getting ready for bigger things!

This week’s update was a very large preparation for what’s next on this site. More transparent functions have been added to keep track of how our users interact with the site as well as track security flaws and logins.

Manage Users Dashboard
The Manage Users page is now available in the Admin Dashboard. Here you can search all of the sites users and see the status of their account, their location, the amount of their interactions, and the date they signed up. Users can be searched by country, name, and account access. This section will be very important for the upcoming subscription content as well as adding more contributors and admins to the site. Now, you can upgrade a user from a user to an admin or contributor from the manage users dashboard and give them access to more sections of the site. This section also allows you to manually reset a user’s password. When their password is reset by an admin, their new password will automatically be emailed to the address associated with their account. It is now also possible to manually reset a user’s profile image in case it is inappropriate or otherwise.

Profile Pictures and Secure Database Access
Users can now change their profile pictures from the profile page. There is a 100kB limit so the image does not slow down the site and their images are stored as base64 code so extra images are not floating around on the server. The user’s profile image is stored in a separate table from their sensitive data. Also, the user table (with every users username, password, and email) is more secure and is only accessed when they log in. Instead of streaming user profiles from the user database when displaying comments, a "view" has been created that merges all of their data into a non-editable, auto-updating table so their data is never directly accessed.

Login tracking
In order to keep a user’s tracking data up to date, their IP address, timezone, country, and region is logged in a new table of the database every time they log in. This data is then compared to the data already logged to their account and is updated accordingly. This will help keep track of subscriptions and denial of service attacks that could happen to the site from a user.

What’s Next
At this point the site is starting to get very heavy once again. Over the course of the next few updates, some areas of the site will be reprogrammed to share functions and use more discreet javascript functions. As of right now, the javascript code is public through the inspector tool of most browsers and it is very bulky. Fortunately, all of the javascript used on this site is not very sensitive information, however, it could point someone with the right knowledge and wrong intentions in the right direction for a data attack. This process will be difficult, but thankfully, the framework will remain the same and it will speed up the site. This will also leave room for more intuitive functions like lazy loading, complex requests, streamlined responses. Before any credit card payments can be made on this site, it must be certain that it is fast and bulletproof! The subscription functions may not be ready for the next update because their is still much preparation to be done, but expect faster speeds and more intuitive functionality.