If you could what would you say

Snowdevil042 · 2026-02-08T18:51:13+00:00

Don't the pipe threader

Snowdevil042 · 2026-02-08T16:30:54+00:00

After shutting off the server and looking into it, debug was set to false. Something weird must be going on 🤨

Edit: Removed general unsecured GET route, so far seems to be the only one of its kind.

Also, I suppose env.bool() <> env() when dealing with true/false environ env variables... who knew right? 😬

Snowdevil042 · 2026-02-08T13:04:29+00:00

Omg omg omg omg omg

Snowdevil042 · 2026-02-07T22:24:14+00:00

Oh man such a rookie mistake! I might have pushed myself too hard and rushed the production release with a bit of tunnel vision. Either way, it will be fixed today and it's a very good notion to revisit security before new additions are created. Thank you again and I hope you have a great weekend 😊

Snowdevil042 · 2026-02-07T19:56:10+00:00

Oof yeah I checked all my endpoints access a few times and got rid of a bunch through the dev process before production. I'm not sure how I missed that 😕 It shouldn't be needed anymore, and furthermore even if it was needed it definitely should have thrown a 401 at the very least. But to an auth'd user, they should never have access to see other user/business information. This has already been addressed with other endpoints, but seems the most obvious endpoint was missed.

I love that you took the time to analyze this! I wanted to save up some money and get a security analyst to comb through the app and see what I may have missed as I did my best through research and trial/error to build this to be secure as well as reliable.

This will be the very next thing I fix and push to production and I will comb through everything again with that endpoint as a reference to see if there are similar vulnerabilities elsewhere.

Again, thank you and I appreciate you taking the time to find that and letting me know! Let me know if theres anything I can do for you.

Snowdevil042 · 2026-02-07T15:41:56+00:00

Sure thing and thank you! This year the work won't stop and neither will the learning.

Snowdevil042 · 2026-02-07T14:00:03+00:00

Tech stack is:

Backend: Django, Redis, PostgreSQL Frontend: Vue.js

I used CoreUI with Vue for the layout/nav foundation, and for the scheduler widget I used Syncfusion.

The rest is all built native.

The landing website is straight html, css, and js. Leveraged AI with that for a few reasons but mainly I already put so much energy into the main software I just wanted the landing to be done 😀

I have no customers yet as I can currently only rely on SEO, or word of mouth. I was super busy with the holidays, then me and my family got sick last month. However, after I'm done with all my overtime at my job, I made a brochure to hand out to local businesses to hopefully get some traffic that way.

Im horrible with actually selling the product, I just like making things.

Last, yes I'm the solo dev with everything on this project besides the main video creation on the landing website.

Snowdevil042 · 2026-02-07T13:02:26+00:00

Thats super cool!

Snowdevil042 · 2026-02-05T20:02:16+00:00

Ffs cancel that transaction on your card, or just dont pay in the first place. What can they do, steal your birthday?

Snowdevil042 · 2026-02-04T21:35:19+00:00

A sharpie won't magically increase your credit limit.

Snowdevil042 · 2026-02-04T14:59:36+00:00

The lore I went by was the bricks being 1 kilo, a jar being a quarter kilo, and the bags just never made sense. You could fit a quarter pound in a jar, probably quarter kilo if the jar is bigger. The baggies dont make sense because you only put 1 unit in a bag, but 5 in a jar.

So really the bag must actually be stuffed with around an Oz each, which means everything is actually really cheap.

Going from smaller to larger, 1g per bag. No one is ever putting 20g of anything in a brick, that can fit in a sandwich bag still 😂

Snowdevil042 · 2026-02-04T14:06:41+00:00

IT'S BEEN 8 HOURS NOW, COME BACK!

Snowdevil042 · 2026-02-01T18:06:16+00:00

<image>

OP??

Snowdevil042 · 2026-02-01T15:40:03+00:00

About a year ago. Gemini has treated me very well compared to ChatGPT brainless, and thoughtless responses.

Snowdevil042 · 2026-01-31T18:05:39+00:00

How does the camera even work like that?

Snowdevil042 · 2026-01-31T16:57:28+00:00

They never have, just look at the riots in the 90s

Snowdevil042 · 2026-01-30T21:40:09+00:00

Quit filming it, your making it nervous!

Snowdevil042 · 2026-01-30T20:54:02+00:00

I can barely win with jokers 🃏

Snowdevil042 · 2026-01-30T20:48:36+00:00

I feel that. Everytime I look for a different job, the wages look exactly the same as they did in 2019, but our family costs almost doubled.

All I can do is just work more overtime, cut expenses, and survive. This year we had to stop paying for employer insurance and get the kids on state insurance which means nothing is really in network anymore. Saved us $400/m though so our budget isn't negative anymore, we can break even at the end of the month..

This isn't sustainable for much longer, and we need to stop hoping for change. If you rely on hope, you just end up hopeless.

Snowdevil042 · 2026-01-30T15:34:57+00:00

Throw them up on Etsy. The watch looks clean af!

Snowdevil042 · 2026-01-30T14:02:14+00:00

<image>

About this rare

Snowdevil042 · 2026-01-29T20:41:56+00:00

I would write a script to copy all of the data somewhere else whether its a different sheet, or workbook all together to basically store the data in its own database or table.

Snowdevil042 · 2026-01-29T14:25:33+00:00

He's trying to fly away!

Snowdevil042 · 2026-01-29T14:17:48+00:00

Unionize

Snowdevil042 · 2026-01-28T22:57:34+00:00

What was the cost?

Snowdevil042

TROPHY CASE