Don't use this for anything you view as important. I just checked and there is no collision detection for usernames. You can signup for an account using any name and your account will seemingly just replace the previous created account. That is a big enough and obvious enough flaw that it also makes we wonder if this is just a phishing expedition or a way to mine email addresses.
I just fixed it. It was a change I did last night to fix a save bug. My apologies about that, it wasn't a good bug, but hopefully it's the last security-related one. Probably goes without saying, but this is definitely a beta project. I'm doing a lot of other things to protect this kind of attack (filename scrubbing, bcrypt passwords), so I'm pretty red in the face about how dumb this one was.
If you find any other bad bugs, please let me know (@kyledrake on Twitter) instead of, you know, trashing other people's work. I'm finding the duplicate sites right now and taking care of it. Thanks, and again my apologies.
This is not an email phishing expedition. I don't even require you to enter your email address to make a site.
Back then, this wasn't called collision detection, but proper database design. I can not even begin to fathom how you can inadvertently introduce this by fixing a save bug.
Don't use this for anything you view as important. Hosting that doesn't use a domain name that you control means that when the donation bucket is empty and the service goes under, your traffic and pagerank and brand is now lost forever.
Check out my all-new website showing some oldskool JScripting skillz at http://cd.neocities.org/. You can trick your friends by directing them there.
P.S.: Just checked and it actually works with Internet Exploder 6.0 in an M$ Windoze 98 VM, which I had running in VMWare Player 5.0.2 with my PC's physical DVD drive connected. Should work as long as your Win9x or pre-SP2 XP has WMP 7 installed.
PEOPLE. This is clearly not intended as a business. Stop asking about the "business model." It strikes me as just being a cool side project that enables people to make websites. That's it.
HN is supposed to be (partly) about the joy of building stuff, and yet this entire thread is all about people pointing out flaws, missing features and minor annoyances instead of saying, "Good job!".
Give the guy a break and a chance to get the project off the ground.
I wonder whether this 'negativity' is really negativity, or just well-meant criticism, testing and validating the idea, maybe even playing advocate of the devil. From what I've seen in the past years, the HN community is unlikely to produce a page with tons of similar 'Nice job!' postings.
I've hacked a little script together[1] for uploading all the files in a directory into NeoCities. Handy if you are working on your site and want to upload everything in one go.
Set your username and password at the beginning of the script and run it with the path to the directory as an argument:
I think its a nice website, don't be discouraged by the comments you get here. HN can be awful with this, but if you parse through all the bad mouthers you may find some gold :)
It is very refreshing that a side project/start-up related post has made it to number 1 spot on HN. And this is coming from someone who posted a Bee article that made it to the front page today.
kyledrake if any negativity on this thread gets to you, something tells me it will not, just ask yourself how many others have posted their side project on HN that made it to #1, I know I have not and that is why I created this account to begin with - to share my start-up with a start-up community.
Add a premium tier, even something as simple as integrated web analytics. Donations are charity. If you want this to be a sustainable business, ask for people to pay for value.
I was thinking about this too. I agree that counting on donations in sufficient quantity and regularity is like buying lotto tickets to pay your electric bill.
And if they add a premium tier... well then that kind of kills their differentiation, doesn't it? They're aiming for the niche of free, modest, simple, laissez faire vis-a-vis content. When you take 'free' out of the mix then you're in the arena of commoditized cheap hosting; inertia would be the only reason for someone to upgrade their free account to a premium plan.
guys i just made mine here http://rozap.neocities.org/index.html and it is best so you all can stop making them because it will fail to surpass my creation.
A couple of years back there was a website I use that switched to usernames as sub domains and I managed to break it by using "webmail" as a username, another user took "ns1" and "ns2" and now my first port of call on sites like this always checking out "webmail", "ns1" and "ns2". So childish but good harmless fun.
I love the browser editor you made. Very easy to get up and running fast. It'll be a useful tool for teaching, and also for small js projects. Fun project- Thanks!
It's definitely an awesome project, but I just don't see the advantage of NeoCities over hosting a website on Github or BitBucket yet, especially since those sites offer unlimited space and store all the old versions of your website for you. Some differentiation with those services is needed - for example, a privacy policy guaranteeing true anonymity (no IP address stored, no cookies) or a more layperson-accessible website creator.
Those have significant learning curves to people who don't speak web-l337 yet. Remember before you knew how to code? What version control was, and documentation was scary? Angelfire & GeoCities is where I learned to code HTML
[+] [-] slg|12 years ago|reply
[+] [-] kyledrake|12 years ago|reply
If you find any other bad bugs, please let me know (@kyledrake on Twitter) instead of, you know, trashing other people's work. I'm finding the duplicate sites right now and taking care of it. Thanks, and again my apologies.
This is not an email phishing expedition. I don't even require you to enter your email address to make a site.
[+] [-] peterwwillis|12 years ago|reply
He started a month ago. The 'Just Ship It' mantra basically declares that crappy bugs like this are A-OK. I don't know why you're surprised.
[+] [-] revelation|12 years ago|reply
[+] [-] ErikAugust|12 years ago|reply
That is pretty frigging mean to exploit such an obvious problem!
[+] [-] ErikAugust|12 years ago|reply
[+] [-] sneak|12 years ago|reply
[+] [-] daviddoran|12 years ago|reply
[+] [-] davidbanham|12 years ago|reply
[+] [-] colbyaley|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] networked|12 years ago|reply
Check out my all-new website showing some oldskool JScripting skillz at http://cd.neocities.org/. You can trick your friends by directing them there.
P.S.: Just checked and it actually works with Internet Exploder 6.0 in an M$ Windoze 98 VM, which I had running in VMWare Player 5.0.2 with my PC's physical DVD drive connected. Should work as long as your Win9x or pre-SP2 XP has WMP 7 installed.
P.P.S.: Do post here if it works for you!
[+] [-] big_lou|12 years ago|reply
Yeesh.
[+] [-] rollo_tommasi|12 years ago|reply
[+] [-] LandoCalrissian|12 years ago|reply
[+] [-] workhere-io|12 years ago|reply
Give the guy a break and a chance to get the project off the ground.
[+] [-] jstalin|12 years ago|reply
http://jstalin.neocities.org/index.html
It's going to play audio if you clink the link, unless you're using click to play
[+] [-] Samuel_Michon|12 years ago|reply
[+] [-] jmathai|12 years ago|reply
[+] [-] kybernetyk|12 years ago|reply
I think his service is kinda cool in a twisted way and I can totally see me building a little 'old school' homepage on it.
/edit: I did build a homepage: http://kybernetyk.neocities.org I feel better now ;)
[+] [-] omd|12 years ago|reply
Here's mine (NSFW-ish): http://nl.neocities.org
[+] [-] Luyt|12 years ago|reply
[+] [-] zephjc|12 years ago|reply
http://poeks.neocities.org/
http://skry.neocities.org/
http://jeremy.neocities.org/
[+] [-] brudgers|12 years ago|reply
http://www.geocities.com/clipart/pbi/backgrounds/
[+] [-] scottluptowski|12 years ago|reply
[+] [-] toni|12 years ago|reply
Set your username and password at the beginning of the script and run it with the path to the directory as an argument:
./neocities-uploader.php /path/to/my/site
[1] https://github.com/pwlin/neocities-uploader
[+] [-] ErikAugust|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] egeozcan|12 years ago|reply
[+] [-] ibudiallo|12 years ago|reply
[+] [-] will_brown|12 years ago|reply
kyledrake if any negativity on this thread gets to you, something tells me it will not, just ask yourself how many others have posted their side project on HN that made it to #1, I know I have not and that is why I created this account to begin with - to share my start-up with a start-up community.
[+] [-] mperham|12 years ago|reply
[+] [-] stinky613|12 years ago|reply
And if they add a premium tier... well then that kind of kills their differentiation, doesn't it? They're aiming for the niche of free, modest, simple, laissez faire vis-a-vis content. When you take 'free' out of the mix then you're in the arena of commoditized cheap hosting; inertia would be the only reason for someone to upgrade their free account to a premium plan.
[+] [-] ics|12 years ago|reply
[+] [-] rozap|12 years ago|reply
[+] [-] LandoCalrissian|12 years ago|reply
Already worth the price of admission. This is a really fun idea.
[+] [-] fragmede|12 years ago|reply
[+] [-] farinasa|12 years ago|reply
[+] [-] lotharbot|12 years ago|reply
http://secure.neocities.org/
"Security page. Please enter your password here."
[+] [-] citricsquid|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] davorak|12 years ago|reply
[+] [-] nickodell|12 years ago|reply
[+] [-] hnriot|12 years ago|reply
[+] [-] kwntm|12 years ago|reply
[+] [-] ddinh|12 years ago|reply
[+] [-] brennannovak|12 years ago|reply