I have a semi-popular bukkit plugin and I'm experimenting with the ability for owners and administrators to send in a support ticket through Minecraft to software install on my server. Right now I am using OSticket to handle my tickets rather than bukkit or GitHub but I feel like some people think its too difficult to go to my website and submit a ticket when they could just do it in-game, where the actual problem is.
OSticket has an API so I can submit tickets (and even an error log) through Minecraft, and it works (yay!). I however, have my doubts about using it in production. There a few issues like spam and exploitation that I don't really want to deal with. Normally to combat spam, you would issue the user a secret key and that key can be revoked in case of spam or other issues, but if I implement that into the plugin then the owner could just regenerate the config.yml (or wherever the key is stored) and just start spamming support tickets again.
I could issue a key through my server that is bound to a server IP address which first pings that server to ensure it is a Minecraft server. Then if there is any issues, I can revoke that key. A few problems with this though; getting the IP of the server can be tricky when the Minecraft server is being run on something like Multicraft. I can't rely on using Bukkit.getIP because that method returns only what the owner has set in the server.properties. Theoretically this is possible, but of course would require a bunch of testing.
So anyways my question is, would it be worth it to put into production? Or should I just scrap the idea. Open to suggestions as well
OSticket has an API so I can submit tickets (and even an error log) through Minecraft, and it works (yay!). I however, have my doubts about using it in production. There a few issues like spam and exploitation that I don't really want to deal with. Normally to combat spam, you would issue the user a secret key and that key can be revoked in case of spam or other issues, but if I implement that into the plugin then the owner could just regenerate the config.yml (or wherever the key is stored) and just start spamming support tickets again.
I could issue a key through my server that is bound to a server IP address which first pings that server to ensure it is a Minecraft server. Then if there is any issues, I can revoke that key. A few problems with this though; getting the IP of the server can be tricky when the Minecraft server is being run on something like Multicraft. I can't rely on using Bukkit.getIP because that method returns only what the owner has set in the server.properties. Theoretically this is possible, but of course would require a bunch of testing.
So anyways my question is, would it be worth it to put into production? Or should I just scrap the idea. Open to suggestions as well
http://dev.bukkit.or...onator-express/
Make sure you quote my post if you want me to see it.