Need a Coder

[SMOKEY_TEK]

Hi,

I'm not sure if this would be the correct place to put this thread, but I'm looking for a coder that could secure my game and maybe reduce some of the code. I'm offering up to $250. I'm looking for someone that is very good at securing and coding PHP, Mysql, and maybe AJAX.

It's be nearly three years now that I have been working on trying to get my game live, but having a few issues.. I'm not very good at securing PHP, so that is why I'm making this thread. On the payments on this, I won't be able to pay $50 - $100 every two weeks, in a bind with other bills so this is how I could pay someone to do this for me. Your probably thinking why are you trying to make a text-base game if you can't secure PHP, well I really kinda just taught myself from messing around with the GRPG script.

If your interested in helping me out, please send me a Private Message on here or send me an email @ [email protected].

What I want done with my game, is securing it, fixing bugs/errors, reducing PHP coding, and maybe add in some ajax.

Regards,

James Ayling

[Ben Nash]

Added you on msn.

[SMOKEY_TEK]

Also, if I have 5 people that are interested in helping me out, I will choose one person out of those 5 to help me out. Again, I'm looking for someone that is good at high levels of PHP security. And I know $250 isn't a lot, but I'm really in need of some help..

[Spudinski]

Also, if I have 5 people that are interested in helping me out, I will choose one person out of those 5 to help me out. Again, I'm looking for someone that is good at high levels of PHP security. And I know $250 isn't a lot, but I'm really in need of some help..

PHP isn't high level security.

[Danny696]

Just a word of warning, many people will have looked at this, and saw the $250 your offering, sent you and sent you a message. Just think very very carefully about you chose.

[Paul Evans]

I agree with daniel people will just see the 250 dollars and eyes will light up be very careful who you choose from the people who contacted you and good luck.

[grant]

yip i agree with paul and danny make sure you get some info on who is doing it check up on there post and stuff see how much work they have done

[SMOKEY_TEK]

Yes, I understand, I been doing interviews already... Just waiting to get a couple more people to see if they want to help. I do appreciate you guys warning me. I wish you a Merry Christmas!

[Spudinski]

I don't see why everyone is so diligent to raise attention to the price, because it's not a lot. It's a moderate price.

Let's take for instance any other job: [(scripts to be secured * 0.25) * flat hour rate]. Assuming a developer takes an average +- 15 minutes per script, and doesn't go over the DB, etc.

A basic hourly rate is 40-120 for someone capable of doing this, so let's take the minimum of 40USD.

P = (scripts to be secured * 0.25) * flat hour rate

P = (50 * 0.25) * 40

P = 12.5 * 40

P = 500

[Spudinski]

Personally, I don't see the scripts as a collection of individual

entities, rather at least from a security perspective, they have to

addressed collectively.

The money is a sensible amount judging from the OPs initial statement,

but there could easily be problems that are not quite so simple to

rectify; i.e. old version of php, insecure zend extensions, poorly

configured server, file based sessions, weak memcache keys etc. etc.

Each and every aspect of a system needs to fully analyzed, taking into

consideration the cost of downtime versus the value of the stored data.

Good user account management, ideally fully unit-tested in a variety of

environments is a good start. After all, if you fall at the first hurdle

you are never going to complete the race.

True, but each script has to be evaluated for it's input and output, and optionally it's processing functions.

The server is another part in my opinion, one person might just install an IDS and say it's secure enough for a web-server while others may consider all applications individually(Such as the OP with PHP).

With PHP however, one can never reach pure authenticity since the "web"-applications used are public.