Wow. Never noticed it but very cool of AO...
Results 1 to 8 of 8

Thread: Wow. Never noticed it but very cool of AO...

  1. #1
    Banned
    Join Date
    Jul 2005
    Posts
    511

    Wow. Never noticed it but very cool of AO...

    I just noticed that you can get someone's profile by username instead of by userid. For example, to get my profile I just go to:
    http://www.antionline.com/member.php...username=katja

    Still, I'm not sure if AO really meant users to have access to the memberlist in this way... The default way would be through the userid like this:
    http://www.antionline.com/member.php...&userid=198056

    Still, I consider this a cool feature.

    Then again, passing information like this through the URL might not be the safest way.

  2. #2
    And why is this in the suggestions forum ?
    StreetsCrack.com Join The Best Music Social Network Online. Music downloads, promotions, forums, profile, games etc...

  3. #3
    Banned
    Join Date
    Jul 2005
    Posts
    511
    Because I suggested that it could be unsafe. I don't know if the URL allows other actions to be performed this way. For example, would a setdata action work too?

    And of course it's a nice suggestion for the members in case you quickly want to search for some member by name. No need to go to the member list and search for them there. Just use this link, change the name and done.

    Btw, about your mood... What's a girllfri?

  4. #4
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Posts
    3,171
    Hi katja,

    Why is that cool ?

    A cool feature would be being able to block trolls from accessing the site.

    OH...and I agree with Copyright...this is not a suggestion...it's an instruction on how to access a userid.

    Eg

  5. #5
    Btw, about your mood... What's a girllfri?
    I understand your joking but this issue has been presented to mnstrlgrl, never knew if she got around to fix it or not. I think the Location: used to split too ....
    StreetsCrack.com Join The Best Music Social Network Online. Music downloads, promotions, forums, profile, games etc...

  6. #6
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912

    Re: Wow. Never noticed it but very cool of AO...

    Originally posted here by Katja

    Still, I'm not sure if AO really meant users to have access to the memberlist in this way... The default way would be through the userid like this:
    http://www.antionline.com/member.php...&userid=198056

    Still, I consider this a cool feature.

    Then again, passing information like this through the URL might not be the safest way.
    Hi Katja,

    Why do you think it is not safe? It does not expouse critical data, and only AO member can see them!
    And all members' profiles are here ...
    http://www.antionline.com/memberlist.php?s=

    Cheers
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    If you think it's unsafe then either it belongs in Oops a Bug or should be sent as a note to mnstrgrl to fix before announcing...
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Banned
    Join Date
    Jul 2005
    Posts
    511
    No, it's not unsafe if this getinfo is the only action that can be executed this way. Besides, the site does check if the user is logged in or not. It's actually very useful to bookmark member profiles.
    Since the profiles don't contain any email addresses of members, it's no use for spammers to walk though the member list anyway to collect those addresses.

    It's just that I wondered if this functionality is in the site on purpose or if it's just a side-effect of how the php page is retrieving information from it's MySQL database.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •