Combine the hammer idea with sourcepawn and then you have the best of both worlds.

We already have arenas set up for MGE, so wondering how hard could it be to take some popular 6s maps and transform them into these "retake" maps?

this lol. if it was too loud I would just turn down my hitsound in the advanced options

Kevin has been fantasic to work with in the past, and his projects are just a staple of how great people can come together and help out the newer players in our community. His passion alone deserves our funding!

Elo Associates will die today. I'll be working out a solution in the next week, but I'm not in a hurry due to other projects taking priority.

Thanks for everyone who has played! If you want to support me, you can checkout my patreon!. It certainly helps if you could help out, though it's not a big deal.

Also, need to find a location. Chicago is nice and all, but if people want a more central location I can see how ping is to more central locations. Respond if you want to see a new location, otherwise I'll grab a couple chicago servers.

SPY UPDATE

it's because everything's localized!

I try to keep every channel in only if they're still alive. I do a lot to manage the discord.

I also want to cater this to give new players the knowledge of existing platforms (mixchamp, pugchamp, noobie mixes) so that they have that as well as private pug groups.

I advertise this a lot, but if you have a pug group you really should put in a form.

Elo Associates is moving hosts come December 8th. I am shutting down the current server and going to spawn 2 new servers in place of that near mid december:

Changes taking effect December 8th:

mge.elo.associates will be a redirect to b4b.elo.associates, so both will become the same.

oih.elo.associates : Oihguv MGE
b4b.elo.associates : Beta B4B MGE

Looking forward to bringing MGE and SOAP dm servers to the Elo Associates family. I'm planning for this to be cheaper than running the 1 server currently.

The new servers may not be done until mid december. I want to get at least the beta b4b server up before December 15th, and both of them before the end of the month.

Cheers, 24.

This is only true to an extent. A cookie can have any arbitrary key/value. A cookie is just a place for the browser to store a value associated with a key that is given from a server. You can read and set cookies through JavaScript, which means that yes you can make it do the "keep me logged in", but this involves implimenting a refresh token system, which is a whole other system. A cookie can be useful for storing your credentials when you login (look into "JWT") which encrypts data to a 1-way operation so that you can always validate if a request came from the client and was not tampered with. But like I said, you can put literally anything you want in a cookie, but its ususally used to store your login "session id" or your "token" so then the server can authenticate you upon a request.

To address the rest of the thread / any other information:
Javascript isn't bad, just bad usage of such language.

The only way around this is to never login or touch a page ever. You HAVE to login in order for this type of attack to happen. Another thing, usually OAuth2 will tell you exactly what type of permissions the developer has when accessing your account. Discord does this very well, telling you "This will allow the access of your identification, guilds and email" for example.

Here's an example of OAuth2 "Login through Discord" with Mee6:

https://cdn.discordapp.com/attachments/629450079887163442/782788580900470784/unknown.png

Here's an example of OAuth2 "Login through Steam" with demos.tf (api.demos.tf in this case):

https://cdn.discordapp.com/attachments/629450079887163442/782788815566929950/unknown.png

Cookies aren't the only way a web browser has access to certain key/value pairs. There's also local storage, session storage, and of course a database. Peeking at cookies will not tell you certainly what or where your data went / has gone, but the only trust you have is in the domain you're accessing and the people behind it. Do not assume that just because there's a cookie that you're being hacked either. Cookies, local storage, and session storage all have their pros and cons to web development, and it's entirely up to the developer on how to use these APIs responsibly.

JavaScript, Steam, and any OAuth2 service that is out there are very secure. Logging in does not grant a user the ability to magically change your inventory or change your password without your consent. In addition to that, 2FA would stop anything, and bypassing this is not something that I've never heard happen (especially with a company such as Steam). There's plenty of exploits that I don't know about, however if you're sure that you never provided details (i.e. logging in through what looks like steam but is actually a spoofed website) through any medium and you're sure its fault of Steam, you should probably create a ticket on support, and while you're at it report the user and website you were given.

In addition to any of this, it's very easy to spoof a login website. If you're running chrome and save your steam username/password so you can just click on your account and login and you don't see that when you're trying to access a login page then you're most likely on a spoof site. Look below on details on how to exactly spot one if you're not sure. Again, if you do not trust the website or it's not properly established, then do not risk anything.

TL;DR:
If you log in and you do not see a green padlock (or just a padlock) left of the URL on the top of your screen when on the Steam page to signin, you are getting spoofed. Proof read your URLs before logging in.

Here's a picture of what that would look like:

https://cdn.discordapp.com/attachments/629450079887163442/782788090480951296/unknown.png

That padlock ensures that all your traffic is encrypted (at least between the browser and the server). However, just because this is secure does not mean it's the real Steam server...

Beyond the padlock:

https://cdn.discordapp.com/attachments/629450079887163442/782789923820142593/unknown.png

Clicking that "green" (or white) padlock will bring up connection details on Chrome. You can check who certified that certificate, and for steam, this will always be on behalf of the company (Valve Corp [US]). Company certs are always going to be from the company, as they're expensive and only given to real legal entities.

Hope this answers some questions about how logging in may give details about your profile, as told by a web developer. I do not know everything certainly, but I think I have worked long enough to at least tell people what to look for if you're skeptical.

Just please, don't click links that you've never heard of or "test" the website. You will always certainly not be the first person to fall victim.

If you log into a site, the site is given an "access token" that acts as "you". This can be used to make API requets that can change your avatar, change your username, or whatever you desire.

Not sure specifically how steam API works (as I usually only work with Discord or Auth0's implimentation), but this is usually how most OAuth2 apps work, including steam.

model o

beast

chicago and dallas were like 2 of the infinity stones that Lord Kodyn has collected

looking forward to what qix brings us next year!

You are in Position 1051 of 2516. Please be patient while we get to your inquery!!

Did you see his youtube banner?