Java-Gaming.org Hi !
Featured games (81)
games approved by the League of Dukes
Games in Showcase (513)
Games in Android Showcase (119)
games submitted by our members
Games in WIP (576)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1] 2 3 4
  ignore  |  Print  
  who needs judges?  (Read 17825 times)
0 Members and 1 Guest are viewing this topic.
Offline woogley
« Posted 2006-01-27 14:32:43 »

well, you know, I guess it's that time of year when I desperately ask "who will judge the 4K games?" But this year is going to be different. Why should we rely on 3 judges and hope their's no serious bias? I think 3 is just not enough people. So I decided this year there will be a public vote! No more judges! I'm planning (still coding) these 2 voting systems:

1) have people rate any game (even from 4K 2005) on undecided categories from 1 (being poor) to 5 (being best). that way authors can see anything they might want to tweak in their game. I'm trying to get this system up before the contest ends.

2) at the end of the contest, Februrary 28th, I'm going to open up a poll for 72 hours. This poll will simply ask you to list your top 3 favorite games. The first favorite will get +3 points, the second will get +2 points, and the third +1 point. at the end of the poll, on March 4th, I'll display results! Obviously the game with the most points (the game that was people's top 3 list the most) wins.

Of course, there always is that issue of cheating.. like, how am I supposed to know if someone's voting twice? There's no way I can check if someone's changing their IP to vote again, and there's no point and setting a cookie saying that person has voted. Obviously the best way to do it is using a user-based system. However, one of the original ideas of Java Unlimited was "not to be another site you have to register to." So, I kinda was talking to ChrisM about things and he was unsure if I could pull this off, but I have Smiley I have managed to have Java Unlimited synch with JGO's roster Cheesy. So, if you're a JGO member, you can vote on the games! No registration needed.

For those who are worried about what I mean when I say "synch," I don't mean the JGO roster is on my database. All of the user info (password, email, etc) is on JGO only, but Java Unlimited is able to validate if you're a JGO member by having you login to JGO FROM Java Unlimited. No registering needed Smiley. I've run this by ChrisM, he didn't seem to have objections to this, but he hasn't given me the final word yet. I'm sure he won't mind as long as I prove all I'm doing is checking if your JGO login is correct - not storing anything. For those who are still curious, I can show you the PHP script I wrote to check the JGO login.

So, feedback please! Smiley
Offline jbanes

JGO Coder


Projects: 1


"Java Games? Incredible! Mr. Incredible, that is!"


« Reply #1 - Posted 2006-01-27 15:07:21 »

Woogley, you read my mind. Smiley

What I think the process showed last year was that we tried to get too clever with the scoring system. It was based on a system that one person had adjusted to meet how he wanted to score a given year's games, and just didn't extrude very well into a real world system. In addition, the judges also had a hard time spending enough time with a game to evaluate less concrete features such as addictiveness.

As a bonus, JavaUnlimited would finally be able to show the rankings of the games so that Slashdotters don't wonder who actually won. Wink

Quote
For those who are worried about what I mean when I say "synch," I don't mean the JGO roster is on my database. All of the user info (password, email, etc) is on JGO only, but Java Unlimited is able to validate if you're a JGO member by having you login to JGO FROM Java Unlimited.

IMHO, this is the best way to do it. This way you won't run into delays between new users registering and JU syncing up its database. Strictly speaking, there's likely to be some security issues (e.g. JU shouldn't handle the password. Ever.), but I don't consider my JGO account to be a high security account. Plus, I trust you. As long as both sides can be trusted, the security is good enough. Smiley

Java Game Console Project
Last Journal Entry: 12/17/04
Offline DonaldEKnuth

Junior Duke





« Reply #2 - Posted 2006-01-27 17:00:58 »

The only problem I see is that most people won't try out all the games, which might exclude some games from having a fair chance.

In reality I think that the result list will be roughly equal to the download statistics, as the most downloaded games and the first listed games are the ones new visitors try out first and are most likely to rate. I bet that if you have two versions of the same game, were one is called Ypsilon and the other one is called AAArgh, the latter one will be the most downloaded. With that said, the download statistics probably reflects the quality to some degree, which means that it's not necessarily such a bad thing. The clear advantage is of course that many people get to vote (everyone that wants to).

My 4k 2006 Entry: Sokoban4k
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline woogley
« Reply #3 - Posted 2006-01-27 17:04:22 »

Java Unlimited only handles the password as one GETVAR variable through the form, it is never passed to the database. check this out:

1  
2  
3  
4  
5  
6  
7  
8  
9  
10  
11  
12  
13  
14  
15  
16  
17  
18  
function jgo_check($user,$pass) {
   $errno = 0;
   $errstr = "";
   $sock = @fsockopen("www.java-gaming.org",80,$errno,$errstr,30);
   $u = urlencode($user);
   $p = urlencode($pass);
   $post = "user={$u}&passwrd={$p}&cookielength=-1";
   $s = "POST /forums/index.php?action=login2 HTTP/1.0\r\n" .
        "From: webmaster@javaunlimited.net\r\n" .
        "User-Agent: JavaUnlimited/1.0\r\n" .
        "Content-Type: application/x-www-form-urlencoded\r\n" .
        "Content-Length: ".strlen($post)."\r\n\r\n" .
        "{$post}";
   @fwrite($sock,$s);
   $result = @fgets($sock);
   @fclose($sock);
   return (strstr($result,"HTTP/1.1 302 Found") != FALSE);
}


I think this voting system will work much better than previous years, Donald, because on the poll you'll be encouraged to try all the games first. Also, I don't understand your example Donald? Are you saying people only try games that are alphabetically first? Because according to my statistics most people also sort by author and by download, and most importantly .. date. Wink Perhaps on the Java Unlimited front page I should list the newest 4 or 5 that have been added..

edit: Donald, just look at the download count on my sad little game, Warpstar4K, it got plenty of downloads even though its alphabetically one of the last on the list. Not to mention Xero by jbanes ..

edit 2: don't forget everyone, people are more likely to play your game if you post a (working) screenshot ... Wink
Offline jojoh

JGO Knight


Medals: 5
Projects: 7


games4j.com


« Reply #4 - Posted 2006-01-27 18:09:17 »

Great work I agree that the more judges, the better!
edit 2: don't forget everyone, people are more likely to play your game if you post a (working) screenshot ... Wink
I think that is a bit the point that Donald is getting at. Nice screenshot => more viewers => higher score (but not necesarily better game).
However if just an average of the 1-5 ratings are used then it should be quite fair as long as each game gets at least a few ratings.
A comments section would be really nice as well, for all the non JGF ppl flocking to the page  Cheesy But then it might be the problem w spam vs annoying pwd.

Great site!

Offline jbanes

JGO Coder


Projects: 1


"Java Games? Incredible! Mr. Incredible, that is!"


« Reply #5 - Posted 2006-01-27 18:13:45 »

Java Unlimited only handles the password as one GETVAR variable through the form, it is never passed to the database.

That wasn't my point. My point was that you have access to the password. In a high security system, we'd never trust you with that info. For all we know you could be feeding us fake source code for examination. However, this is mitigated by two factors:

1. I'm not concerned about ensuring high security for my JGO account.
2. I trust you with the information, and so does the JGO staff.

Those are good enough for me. Smiley

Java Game Console Project
Last Journal Entry: 12/17/04
Offline Anon666

Junior Duke




aka Abuse/AbU5e/TehJumpingJawa


« Reply #6 - Posted 2006-01-27 18:31:16 »

Display the games sorted in ascending order, by their current number of downloads!
its a well known fact, links @ the top of pages are clicked more than those at the bottom  Wink
Offline g666

Junior Duke





« Reply #7 - Posted 2006-01-27 19:54:19 »

Im going to put some nice screenshots and descriptions on my games now Smiley

desperately seeking sanity
Offline jojoh

JGO Knight


Medals: 5
Projects: 7


games4j.com


« Reply #8 - Posted 2006-01-27 21:40:46 »

Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/tmp/mysql.sock' (111) in /home/woogley/public_html/unlimited/include/sql.php on line 17
Shocked
Maybe something to look into before voting starts. Happened while looking at the games list. Have seen it before...

1. I'm not concerned about ensuring high security for my JGO account.
2. I trust you with the information, and so does the JGO staff.

Those are good enough for me. Smiley
Agree with Jbanes, both the issues he pointed out before and that it still is good enough for me. I will try to participate in the voting if it all pans out.

Offline nonnus29

Senior Duke




Giving Java a second chance after ludumdare fiasco


« Reply #9 - Posted 2006-01-27 23:27:23 »

Quote
The only problem I see is that most people won't try out all the games, which might exclude some games from having a fair chance.

This is a very common problem when it comes to voting on these things.  Very few people play all the games and the games on the first page and/or the top of the list will be played more when people are 'trying to play them all so I can vote intelligently'. 

And if there's no screenshot you can bet the game won't get as many hits.  BUT the screenshot should be an ingame shot and NOT a 3d rendering or doom3 screen shot (like 'bleeting sheep' or whatever last year....).

I also think comments would be good.
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #10 - Posted 2006-01-28 00:03:12 »

I don't mean to sound negative, but there's no way I'm sharing my password like that.

If the vote's only open for people from the JGO boards, why not just run a poll here?

Play Minecraft!
Offline oNyx

JGO Coder


Medals: 2


pixels! :x


« Reply #11 - Posted 2006-01-28 00:53:05 »

>BUT the screenshot should be an ingame shot and NOT a 3d rendering or doom3 screen shot (like 'bleeting
>sheep' or whatever last year....).

Mhyea... well, my screenshot is a collage of two screenshots together with some added text. Is that still alright?

>why not just run a poll here?

Polls are sorta limited. Like you can either have a vote where you can vote for one title... or one where you can vote for several. Both options arent all that nice.

Hm... eventually someone could write a module for smf, which allows some proper voting?

http://mods.simplemachines.org/index.php?mod=91

The Topic Rating mod could be (ab)used for that.

This mod allows users to rate topics (1 to 5 stars). Admins choose which board(s) users can rate topics on, so if you don't want them rating your announcements, you can set it so they can't rate topics on that particular board.

The one with the most stars (and most votes [secondary sorting criteria]) wins.

弾幕 ☆ @mahonnaiseblog
Offline woogley
« Reply #12 - Posted 2006-01-28 01:07:33 »

the polls cant run here because their are individual statistics for *each* game. even after the board had that many topics voted on etc .. it would be a hell of a job synching it with the java unlimited database.

markus, you're not sharing your password with anyone, it's being sent to the very same HTTP process as the JGO board itself. do you really think I would cache these passwords..? Huh

the only way I guess I can earn your trust would be to give full FTP access to someone trustworthy who would be able to see every script that java unlimited uses. either that, or, I guess markus won't be voting... Undecided

regarding the MySQL error, the server is down at the moment.
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #13 - Posted 2006-01-28 02:21:46 »

markus, you're not sharing your password with anyone, it's being sent to the very same HTTP process as the JGO board itself. do you really think I would cache these passwords..? Huh

No, I'm sharing my password with you (or rather, your code), then you share it with the jgo servers.
This goes against everything that is holy when it comes to password security, and not only am I against it on principle, I think it's a dangerous hack.

Besides, I'd just vote for my own entires anyway. Wink

Play Minecraft!
Offline woogley
« Reply #14 - Posted 2006-01-28 02:23:22 »

you mind explaining why it's a dangerous hack? I am curious..

edit: the reason I see it harmless is because it works just like your browser does with sending the POST variables (it's straight up HTTP in a socket). do you consider your browser a security leak? the only difference is one extra middleman: me. but, like I said, my site isnt caching these passwords
Offline kappa
« League of Dukes »

JGO Kernel


Medals: 78
Projects: 15


★★★★★


« Reply #15 - Posted 2006-01-28 03:10:56 »

great idea, what thinking myself too if a system like this could be used instead of judges. i don't have any problem with the password issue but clearly some ppl are unhappy about giving out their password, why not just change your password a few days before the voting and change it back after a while to the old password. besides even if someone does steal your account its not like your losing much, in the unlikely event you can just create another account.
Offline nonnus29

Senior Duke




Giving Java a second chance after ludumdare fiasco


« Reply #16 - Posted 2006-01-28 03:26:19 »

Quote
Mhyea... well, my screenshot is a collage of two screenshots together with some added text. Is that still alright?

In my opinion even that is questionable.  Is it a screenshot or an advertisement for the game?  Is it an accurate representation of the game or an idealized abstraction?  Is there a level field such that every entry will have a comparable advertisement for their game? 

Just 'adding text' in this competition is a big deal because that (edit) gives the appearance you did more with fewer bytes than you actually did.
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #17 - Posted 2006-01-28 03:28:49 »

This is a prime example of how to NOT use passwords.

It is a hack because the indented purpose of /forums/index.php?action=login2 isn't to make sure that a user with that password exists, but to log in the user. You're abusing it, and logging in users from your computer.
This could mean, for example, that we all show up as having logged in from the same ip in some log, which normally raises warning flags.

It's dangerous because your only reason for doing it is to get "secure" logins so we can't cheat.
So instead of risking [cheating in a competition with no prizes], you're risking [leaking the password of everyone who votes in the competition]

I seriously hope ChrisM says no to this idea.


A much better alternative, as I said before, would be to just run the voting on these forms.
If not a poll, it could be something as simple as a thread where people post the names of the games they want to vote for followed by the score they want to give that game. You could then write an app that reads that thread, checks who voted what, and that they only voted for the games once.

Play Minecraft!
Offline woogley
« Reply #18 - Posted 2006-01-28 03:37:06 »

This is a prime example of how to NOT use passwords.

It is a hack because the indented purpose of /forums/index.php?action=login2 isn't to make sure that a user with that password exists, but to log in the user. You're abusing it, and logging in users from your computer.
This could mean, for example, that we all show up as having logged in from the same ip in some log, which normally raises warning flags.

I would hardly call it abusing. since your cookies arent changed at all, it doesnt affect your overrall login time on the forum at all. if you're not logged onto JGO, then run the login script from Java Unlimited, you're STILL not logged into JGO due to the cookies arent set.

Quote
It's dangerous because your only reason for doing it is to get "secure" logins so we can't cheat.
So instead of risking [cheating in a competition with no prizes], you're risking [leaking the password of everyone who votes in the competition]
how would your password get leaked? it passes through the JGO form just like your browser passes it!

Quote
A much better alternative, as I said before, would be to just run the voting on these forms.

that would be "abusing" this forum to get individual stats for at least 80 games
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #19 - Posted 2006-01-28 03:40:25 »

I'm not going to argue about this. Knock yourself out.

Play Minecraft!
Offline woogley
« Reply #20 - Posted 2006-01-28 03:41:51 »

I'm seriously asking how you think your password will get leaked. is there some flaw in the socket code I posted?
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #21 - Posted 2006-01-28 03:50:55 »

Yes, that's exactly what I meant. There's a huge gaping hole in your code that nobody has pointed out yet, and I think it's going to leak all our passwords.

 Roll Eyes

Play Minecraft!
Offline woogley
« Reply #22 - Posted 2006-01-28 03:54:08 »

well it's not like you told me what WOULD leak it!

ffs ..  Undecided
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #23 - Posted 2006-01-28 03:56:23 »

That was the point of my sarcasm.
If I knew what would leak it, I wouldn't think it would be leak it, as I would tell you about it.

Call it a case of dont-trust-hacks-with-your-password-itis.

Play Minecraft!
Offline woogley
« Reply #24 - Posted 2006-01-28 03:58:35 »

well you kept saying your password would leak, so I was seriously curious. half of my decisions for java unlimited is by asking for opinions and advice. I believe this has made the site more solid and enjoyable.

but, if you're using a password that you would protect with your life on a forum  .. that's a mistake right there already. if you trust this site, you should trust a site that is doing the same thing you do every day to login.

more ideas welcome.
Offline jbanes

JGO Coder


Projects: 1


"Java Games? Incredible! Mr. Incredible, that is!"


« Reply #25 - Posted 2006-01-28 05:36:42 »

Yes, that's exactly what I meant. There's a huge gaping hole in your code that nobody has pointed out yet, and I think it's going to leak all our passwords.

You're posting the passwords through HTTP rather than HTTPS. The result of this transfer is that anyone who's standing in the middle of the path of your packets (or on the same subnets) could intercept the packets, decode them, and have your password. For safety reasons you should really be using an HTTPS post.

What I find laughable about this is that JGO doesn't use HTTPS to log in its users. Passwords are sent in the clear, period. Which begs the question why Markus is using a highly sensitive password that he feels he is unable to lose on a site that is extremely low security.

Remember Markus, security is like an Onion. Keep those layers separate. Wink

Java Game Console Project
Last Journal Entry: 12/17/04
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #26 - Posted 2006-01-28 11:26:32 »

(you probably mean "raises the question", not "begs the question")


Thanks for agreeing with me, jbanes.
That's another reason not to send the passwords to woogley. Instead of one network to worry about, there suddenly are two networks to worry about.

If both JGO and Woogleys site used https, I would trust this idea more.


The "highly sensitive password" is the password for my login on this site, and a bunch of other web forums I don't consider important enough to give unique passwords. The worst a hacker could do is to post a bunch of posts in my name.
But that doesn't mean I'm going to give you or anyone else my password.

Play Minecraft!
Offline Morre

JGO Knight


Medals: 2
Projects: 10


I'm Dragonene on IRC.


« Reply #27 - Posted 2006-01-28 12:39:02 »

Allright, here's my honest opinion.
Obviously, the more popular games will get noted in one way or another (if not due to download counts and high votes, then because some site will link to them, and generate more attention). This extra exposure will surely let them have more viewers, and thus more points. Popularity will be exponential, so that while less popular games might end up with nothing more than a few points, the popular ones might get hundreds of points. This, in my opinion, has to be thought over.

First of all, since I don't believe cheating would be such an issue (and, rather easily detected at that, unless they're changing IP once a second, and you don't do that), I'd say public voting would be best. Second, I don't agree with the "72 hour poll idea", since I believe the "three favorite games" will be the same ones for each and every user (or, almost), giving perhaps 5 or 10 games hundreds of points, and leaving the rest with none. Absolutely no points at all. A weighted average based on the 1/2/3/4/5 for every game would be better. Now the problem with this is the timing issue - newer games would have been exposed for shorter periods of time, and the average would mean less with fewer votes, etc, etc. You could solve this using two techniques:

1) Make sure the system works, check it, double-check it, but do not put it on JU until the contest is over. That way, every game can have the same exposure time-wise.
2) Use a weighted average of some sort, something like that the IMDB uses for the top 250 movies:

Quote
The formula for calculating the Top Rated 250 Titles gives a true Bayesian estimate:

weighted rating (WR) = (v ÷ (v+m)) × R + (m ÷ (v+m)) × C


 where:

  R = average for the movie (mean) = (Rating)

  v = number of votes for the movie = (votes)

  m = minimum votes required to be listed in the Top 250 (currently 1300)

  C = the mean vote across the whole report (currently 6.8)

EDIT: Minor changes.

Offline DonaldEKnuth

Junior Duke





« Reply #28 - Posted 2006-01-28 14:18:26 »

I think that this algorithm would work fine, as it would balance the voting so that all games would get about the same amount of votes:


Let MaxDifference = 20
Let M = GetGameWithLeastAmountOfVotes(Games)
For each game G in Games
        Let G.youMayVoteOnThisGame = false
        Let G.showThisGameInTheListOfGamesYouCanVoteOn = false
        If G.votes < (M.votes+MaxDifference)
                Let G.youMayVoteOnThisGame = true
        End If
        If G.votes < (M.votes+(MaxDifference/2))
                Let G.showThisGameInTheListOfGamesYouCanVoteOn = true
        End If
End For



Then you have a special page for voting on games where their information is shown, only games with the property showThisGameInTheListOfGamesYouCanVoteOn == true would be shown. The games are shown in ascending order of votes. New votes won't be accepted on games with a property value of youMayVoteOnThisGame == false , they are not the same property to handle lots of voters in a nice way.

This will make sure that all games get reviews and thus have a fair chance in this competition. Any "non-vote balancing" system who presents the games in a certain way will be more or less unfair, perhaps it still will be "fair enough" but I would prefer this method.

[edit] Corrected the algorithm

My 4k 2006 Entry: Sokoban4k
Offline jojoh

JGO Knight


Medals: 5
Projects: 7


games4j.com


« Reply #29 - Posted 2006-01-28 14:53:09 »

A weighted average based on the 1/2/3/4/5 for every game would be better.

Agree!

Use a weighted average of some sort, something like that the IMDB uses for the top 250 movies:

A bit over the top, but sure why not. Would be a shame if a game gets 500 votes and an average of 4.8 and gets beaten by a game that gets 3 votes and average of 5.0...

Reagrding pwd:
Woogley, would it be possible to change it so that instead of "checking login at JGF" you could automatically send a message to a user (from your user account maybe)? If that could work, then each judge would only have to give you its login name. You could then send a "voting key" (possibly generated by the user name, so it would be the same if requested several times) to the users message box.. The judges would then only supply the voting key when they give grades. That way no JGF pwds would be exposed, and only JGO users can vote to prevent cheating (might have to check so that users with < 10 posts can't vote, but I doubt it). Probably a bit more complex for you to create, but a good challenge right?

If that doesn't work, then we might want a poll on who would take part with the "insecure methode". It might be the best option anyway, if it's anly a few who refuse to take part. There is not discussion that it is just "wrong way of doing it", but I'd just change my pwd before voting and change it back when done, no need to make a big deal out of it I think.

Pages: [1] 2 3 4
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

Longarmx (39 views)
2014-10-17 03:59:02

Norakomi (30 views)
2014-10-16 15:22:06

Norakomi (24 views)
2014-10-16 15:20:20

lcass (28 views)
2014-10-15 16:18:58

TehJavaDev (57 views)
2014-10-14 00:39:48

TehJavaDev (58 views)
2014-10-14 00:35:47

TehJavaDev (48 views)
2014-10-14 00:32:37

BurntPizza (64 views)
2014-10-11 23:24:42

BurntPizza (36 views)
2014-10-11 23:10:45

BurntPizza (78 views)
2014-10-11 22:30:10
Understanding relations between setOrigin, setScale and setPosition in libGdx
by mbabuskov
2014-10-09 22:35:00

Definite guide to supporting multiple device resolutions on Android (2014)
by mbabuskov
2014-10-02 22:36:02

List of Learning Resources
by Longor1996
2014-08-16 10:40:00

List of Learning Resources
by SilverTiger
2014-08-05 19:33:27

Resources for WIP games
by CogWheelz
2014-08-01 16:20:17

Resources for WIP games
by CogWheelz
2014-08-01 16:19:50

List of Learning Resources
by SilverTiger
2014-07-31 16:29:50

List of Learning Resources
by SilverTiger
2014-07-31 16:26:06
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!