I sort of dropped off the radar for a while because I didn’t have much to show in the way of progress on XMICAE, mostly due to school-related things. Fortunately, as of Wednesday I’ll be back on track to be making (almost) full time progress on XMICAE. I’ve mostly been coding in downtime right now, since I’ve been so busy, but I have managed to make a few improvements.
First, I’ve got the rolling system conceptually mapped. It involved going back and adding some special case handling; namely, you can now set an authorization ignore* flag when doing things (if you’re writing an extension that uses it you’ll have to remember to turn it off again, though the security vulnerabilities that result from us skipping authorization. What this means is that rather than having to figure out some of the ID stuff and make some complex interactions, if you’re calling stuff outside of the XMI parser you can simply make actions happen, which is nice. This is a core component of our dice roller, which generates its actions and goes through them in a single action, instead of waiting for user input.
I’m also working on prepared statements more. I’ve had a hard time wrapping my head around them (if anyone knows a great PHP/MySQL interfacing guide I could use it), but I think I’ve finally figured out how to write really good prepared statements. This will allow XMICAE to be leaps and bounds more secure than it used to be, but also allows us to do some more interesting things than we used to be able to do. Some of my old ways of doing SQL were also inspired by things that don’t necessarily match what’s really required, so switching over to a prepared statement method should actually create easier user configuration on the MySQL side and potentially even allow installer-driven setup for the project, which would make it very novice-friendly (even more so than including a starter database file).
Finally, I’m making some progress on my storyline. I’ve got some confidence that I have everything I could want on the XMICAE codebase roadmap, but once I start writing and implementing content I should be able to add any overlooked features quickly enough.
*This is for game elements only, it doesn’t allow any real back-end access or bypass anything security related.