-
October 12th, 2005, 10:48 AM
#1
Wow. Never noticed it but very cool of AO...
I just noticed that you can get someone's profile by username instead of by userid. For example, to get my profile I just go to:
http://www.antionline.com/member.php...username=katja
Still, I'm not sure if AO really meant users to have access to the memberlist in this way... The default way would be through the userid like this:
http://www.antionline.com/member.php...&userid=198056
Still, I consider this a cool feature.
Then again, passing information like this through the URL might not be the safest way.
-
October 12th, 2005, 11:13 AM
#2
And why is this in the suggestions forum ?
-
October 12th, 2005, 11:20 AM
#3
-
October 12th, 2005, 11:26 AM
#4
Hi katja,
Why is that cool ?
A cool feature would be being able to block trolls from accessing the site.
OH...and I agree with Copyright...this is not a suggestion...it's an instruction on how to access a userid.
Eg
-
October 12th, 2005, 11:31 AM
#5
Btw, about your mood... What's a girllfri?
I understand your joking but this issue has been presented to mnstrlgrl, never knew if she got around to fix it or not. I think the Location: used to split too ....
-
October 12th, 2005, 11:32 AM
#6
Re: Wow. Never noticed it but very cool of AO...
Originally posted here by Katja
Still, I'm not sure if AO really meant users to have access to the memberlist in this way... The default way would be through the userid like this:
http://www.antionline.com/member.php...&userid=198056
Still, I consider this a cool feature.
Then again, passing information like this through the URL might not be the safest way.
Hi Katja,
Why do you think it is not safe? It does not expouse critical data, and only AO member can see them!
And all members' profiles are here ...
http://www.antionline.com/memberlist.php?s=
Cheers
\"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster
-
October 12th, 2005, 11:55 AM
#7
If you think it's unsafe then either it belongs in Oops a Bug or should be sent as a note to mnstrgrl to fix before announcing...
-
October 12th, 2005, 12:09 PM
#8
No, it's not unsafe if this getinfo is the only action that can be executed this way. Besides, the site does check if the user is logged in or not. It's actually very useful to bookmark member profiles.
Since the profiles don't contain any email addresses of members, it's no use for spammers to walk though the member list anyway to collect those addresses.
It's just that I wondered if this functionality is in the site on purpose or if it's just a side-effect of how the php page is retrieving information from it's MySQL database.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|