For custom text area width and future customization.

Currently uses a VCHAR:255 but this will need to be adjusted to the length that fits the game UI.

See http://logs.openra.net/?year=2018&month=07&day=01#19:19:24. This should supplement the new player indicators and not replace them.

This will need to done automatically because unlike the other badges, this can not be handled manually by the board admin. I'm not sure if the badge should be given to all registered users of the board or if there should be other requirements, like having a public key / fingerprint associated to the user that has been accessed.

The authentication does not work with the prototype OpenRA/OpenRA branch in my local development environment. We should make sure that this is not caused by an issue in the extension (would need to look here and if the encryption methods are used equally (i.e. sha1 the unstripped plaintext public key without salt). I'm also very confused that the sha1 of a public key is not identical to the output of web sha1 generators when using the same public key.

For services that make use https://forum.openra.net/openra/info/<fingerprint>, it would be nice if the ban information was exposed. On the competitive ladder, this could be used to ghost / hide a player.

This can be confusing because the revoked key will not appear in the key table.

Player details are shown in a tooltip in-game, so we need a way to guarantee a maximum content height. This means capping the maximum number of badges that a user can display to <N> (e.g. 5).

At some point in the future we can expect active players to earn more than <N> badges (especially if we give them out relatively freely, which is good for community interaction), and it's not reasonable to expect the admins / badge moderators to have to manage this for every user.

Instead, we should support arbitrary numbers of badges on the forum side, and give players a UCP panel where they can order them. The top <N> are then shown ingame.

While this can be done manually in the database and there won't be too many user badges, it makes sense to add an interface for it that supplements the implemented module which has a mode that already handles inserting badge data. This could replicate phpBB's functions in ACP -> Manage users -> -> Add feedback / Attachments or in MCP -> User notes -> Add feedback.

We could lower the entry barrier to participate in events and gather event data for detailed player profiles and a public scoreboard by adding the minimal required features to organize events like RAGL on the forum.

A minimal implementation could look like this:

• Admin defines a league and league officials.
• All users can apply to participate by requesting a season/tournament passport.
• Users that are given a season pass have access to a user tournament module to manage their participation and report match data (date it was played, result, link to replay).
• League officials have access to a moderator tournament module to manage seasons, divisions and groups. They approve the data in the passport applications, add additional data if required and may approve reported match data and make the match schedule manually (if we don't write logic for this).
• All data is stored and when useful displayed on a public tournament page, mainly the scoreboard and the schedule.

I have this data structure in mind as a start (tables):

leagues
league_id
league_name
league_status

seasons
season_id
league_id
season_name
season_start
season_end
season_status

season_passports
item_id
league_id
season_id
user_id
division
group
strikes
passport_status

matches
match_id
league_id
season_id
stage
home_user_id
guest_user_id
winner_id
map_id
date
replay
cast
status

My idea was to eliminate the need to write down the participants in a table for each season.

Once the leagues and seasons data is defined, users can fill out a form for requesting their season_passports. This would be approved by the league officials and the player pass would be activated for the defined league and season. The player then sees in the user tournaments module when he has to play vs an opponent. By clicking on a match item in the overview, the player can enter the match details and report the results. If they are approved, the match is marked as finished for both opponents (and in the general, public season overview page).

Examples of a round-robin generator:

• https://phpro.org/examples/Create-Round-Robin-Using-PHP.html#
• https://github.com/mnito/round-robin

This will need to be checked because during development this was not sufficiently taken into account (and I personally feel still insecure how to use visibility correctly).

The only thing it should do is to make the directory for the badges. The issue is that it requires an own constructor which seems to overwrite the parent's class constructor which breaks the other functions used in the migration file. Calling the parent constructor within the child's did not help, might have done it wrong. It might be possible to include all objects of the parent constructor in the child constructor so that it can overwrite it without breaking anything.

Low priority though and probably wasted time as the directory can easily be created manually. Might be better to just delete it.

The extension was built using (a now outdated version of) https://github.com/phpbb-extensions/phpbb-ext-skeleton. It's an official starterkit to bootstrap phpbb extensions.

Documentation about extension development can be found at https://area51.phpbb.com/docs/dev/3.2.x/extensions/index.html (note that this is for 3.2).

phpbb's API can be browsed at https://area51.phpbb.com/docs/code/3.2.x/index.html

Sometimes it's interesting to look how other extensions have solved a certain problem, these are all listed at https://www.phpbb.com/customise/db/extensions-36?sk=d.

XAMPP is one of many available tools to set up a development apache and mysql server and comes with phpmyadmin to inspect databases. https://www.apachefriends.org/faq_linux.html

Notify the users when they are given a new badge.

/controller/main.php: Return error messages as a response instead of echoing and exiting.

/core/core.php: get_badge_sql function shares no code between the userid / fingerprint cases, and will behave badly if neither are given. Split this into two different functions instead.

/ucp/useraccounts_module.php: empty($markedbadges) ? $delete_sql = '' : ' AND ' . $this->db->sql_in_set('badge_id', $markedbadges, true); looks bogus. Did you mean delete_sql = empty($markedbadges) ? '' : ' AND ' ...`? If not, write this as a proper if statement.

/language/en/*.php: Why do these filenames end with an underscore?

This config value is hardcoded at the moment and should be set via an input in the badges mode of the ACP badges_module.

Currently uses a dummy response while using echo to output data because the Symfony response will include header information. This information needs to be excluded to be compatible to game integration.

I removed all recently added milestones because I felt that this should be discussed before adding them.

The extension will need to use a version scheme in some places like for the migration files that update db/config/module data and settings. This could be a starting point for deciding which and how milestones can be used for the extension development (maybe one for each release like 1.0, 1.x or something like that) but overall I would like to let more experienced people decide how things like milestones or tags should be used here so related to #21.

The log entries added by the extension for several admin actions look broken.

Form key handling needs more investigation. The form key is currently only checked for submitting keys and not for revoking keys in the manage keys mode. Revoking keys is mainly based on how log entries are deleted from mcp logs and there the form key is not checked. However, the form key is checked in some other very similar pieces of code, for example when deleting entries in acp_users.php at Ln. 1186 which uses a very similar method. Due to this inconsistent handling in the phpbb code the recommended method is unknown at the moment.

Like the 'Default badges' tab but will list "special" badges the user earned. This is consistent with the current system which allows the user to select badges from default/special badges tab and then manage their order in the profile badges tab. Parts of the 'default_badges' code can be reused for this.

It would be sufficient if the user could manually link them to enable a "Show my maps on my profile page" option in their user account settings.

https://github.com/matjaeck/OpenRAUserAccounts/blob/master/migrations/v_1_0_db_schema.php#L90 should be 'user_id' => array('UINT', 0),

The OpenRA user profile should be more than just the forum profile. For example, we could allow users to:

• upload/link favorite replays
• select/link favorite maps
• select a favorite mod
• select a favorite faction

This information could be displayed in the forum user profile and in the author information in forum threads.

It would be very cool if the repository could move over to OpenRA and I have no objections against passing over ownership, losing push access or other privileges. I consider my job with things I can do independently almost done and future implementations would probably need to be discussed between the OpenRA devs. I already feel a bit out of place when suggesting or even implementing things which affect their project.

The changes, issues or recently added and assigned milestones represent my very limited experience in coding and software development (this is my first real project) and I would be glad if more experienced people took the lead here while I stay contributing and learning. In fact, I wouldn't want to have push access to an official OpenRA repository considering how often I break things. There are still a lot of things that I would like to implement as I have fun working on this (yes, php can be fun!) but from here on I would feel happy to do it on a pr basis.

If this is possible would have to fix things like formatting in files and remove outcommented WIP code before.

The current badge system does not scale well and is not suited to display detailed information like tournament details because of the limited space in the ingame tooltip. A better way would IMO be to add classes of badges and separate the badge class icon and name from the event that granted access to a special badge.

For example, instead of awarding players with multiple gold trophy badges named after the tournament, the player would award "Tournament Gold Class 1" for winning a major tournament and "Tournament Gold Class 2" for winning the second tournament. The badge icon would show the number in a slightly altered icon. League and tournaments should get their own badge type icons. Users would only have one badge per type (Tournament Gold) and that always in the highest class available.

The achievement of winning the first or the second tournament would be noted in a new achievements table. Instead of rewarding the badge directly to the user, the achievement would be activated for the user (and details like the tournament name added to it) and the defined badge would automatically be rewarded to the user. The achievement details may or may not be displayed ingame.

Later, these achievements could be made visible to the users in form of a gallery with details about the achievement requirements and the details of finished achievements. There could also be a "Request achievement award" feature in user accounts module which would allow users to use a form to provide information required to get a certain award (links to reported bugs that have been fixed / custom maps that reached a certain playcount / custom high quality lua maps).

The exposed YAML is currently only valid with the custom dialect implementation in OpenRA. External tools currently need to re-implement the whole parser. Here are the 2 main (and only?) issues:

Tabs/spaces

The exposed YAML uses tabs instead of spaces; this is not valid:

Why does YAML forbid tabs?

Tabs have been outlawed since they are treated differently by different editors and tools. And since indentation is so critical to proper interpretation of YAML, this issue is just too tricky to even attempt. Indeed Guido van Rossum of Python has acknowledged that allowing TABs in Python source is a headache for many people and that were he to design Python again, he would forbid them.

Source: yaml.org

I believe the OpenRA parser does handle spaces as well so this should be easy to fix.

Unquoted strings

The ProfileName contains arbitrary data from the users. I'm not sure how much is allowed from phpbb, but I know that at least Unicode (to some extent?) is permitted. This means that there is a potential corruption vector here to alter the implied type.

One example of this is user ".1" (pointwon). Using a standard YAML parser will recognize the value as a float, meaning it will be recognized as 0.1. This could imply all kind of various issues. We could technically have integers as well, and maybe other types such as lists (comma and linebreaks are allowed?).

One possible fix for this would be to quote the string, but I'm not sure OpenRA code can handle this. Also, what would happen with a \ or a " in the name, is that possible?

Also, while there is probably a filter in phpbb, I see no such thing while displaying it (no escaping), this might be another problem.

The avatar can not be guessed from the exposed yaml information because the avatar contains the extension: https://forum.openra.net/download/file.php?avatar=XXXX.{png,jpg,...}. Would be nice to expose it somehow.

Adding and updating badges replicates how ranks are handled which are cached by obtain_ranks() within the class service in service.php. This can probably be replicated too with a similar function that extends that class. Probably desirable for showing badges in the profile information of the post row.

The settings (at least hotkey definitions) should be parsed and saved in a user_settings table. This data could then be fetched by the game when you're logged in and overwrite the local settings. Later, this could be publicly displayed on new user profile pages on the forum so that users can look up the hotkey setup of other users.

The first release will require to manually add a /images/badges/ directory to the phpbb root directory ( unless the filesystem migration gets fixed before).

Badge images will need to be added manually to this directory to be accessible from the ACP badge module.

The upload and filespec classes provide methods to validate the file content, specify width and height and more. Docs

When the first key is submitted the forum should display a confirmation dialog (text to be confirmed, but with the gist of): "I agree to OpenRA's privacy policy and acknowledge that my OpenRA profile may be disabled without warning if I am found to have exploited or abused the system to the detriment of other players." [agree] [cancel]

Having badge_order = null until the Order badges page is loaded is not good and causes the counter for Bade used by users: to fail as it only considers order values <= 5 / the setting for max badges.

In the future I would like to add HiDPI glyph support to the UI, so we should design this in from the start.

The openra_badges table should rename badge_icon → badge_icon16

The profile yaml for badges should be formatted as:

Player:
    ...
    Badges:
        Badge@0:
            Label: First Badge Label
            Icon16: http://path/to/icon.png
        Badge@1:
            Label: Second Badge Label
            Icon16: http://path/to/icon.png