|
Chris Maunder wrote: "thumbs up / thumbs down" icon
A picture is worth thousand words and I am sure this would be a good value-addition.
|
|
|
|
|
Hi Chris,
Using the icons takes language out of the equation. That should work well (unless of course we are in ancient Rome where 'thumbs down' was a good thing).
Jeff
|
|
|
|
|
"You can't vote for messages posted using your IP address" might not be applicable in many places in India.
Reasons:
There are even some cable ISPs who mask many providers behind a single IP address.
Suggested Workaround:
A combination of cookie + logged on user account + session + time stamp can be used to fix this bug.
|
|
|
|
|
Yes you are correct. In my office we have a shared internet connection. Single line is shared on all systems. So outgoing IP will be same for all systems. CP's restriction allows any one in the whole company to vote. Other's can't vote for the same message
|
|
|
|
|
I think the current approach would be using REMOTE_ADDR . I would suggest HTTP_X_FORWARDED_FOR give the IP address of the actual web browser system behind the proxy/firewall. Isn't it?
|
|
|
|
|
It's not a bug, it's by design.
cookie == session, and a cookie is deletable which completely defeats the purpose. New accounts can also be created which again defeats the purpose.
Having some people miss out on being able to vote is better than allowing many others to unfairly cast multiple votes.
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
Chris Maunder wrote: cookie == session, and a cookie is deletable which completely defeats the purpose. New accounts can also be created which again defeats the purpose.
I agree that each of the parameters has loopholes.
Chris Maunder wrote: Having some people miss out on being able to vote is better than allowing many others to unfairly cast multiple votes.
Looks bad though. But I understand that at least the integrity of the system is maintained. It was always involves a tradeoff in a way or another though.
|
|
|
|
|
|
We're going to remove the login condition in the profile list.
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
So, in effective, member images can henceforth be viewed without logon anywhere in the website. Wouldn't that mean reducing the security of the fortress?
|
|
|
|
|
Vasudevan Deepak Kumar wrote: Wouldn't that mean reducing the security of the fortress?
You're kidding me, right?
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
Chris Maunder wrote: You're kidding me, right?
No.
I would like to clarify. In the previous instance when non-member image display is suppressed, you save bandwidth for CP alongside that abuse of images is achieved.
Now since you are lifting off this security check from all the pages, both these security restrictions are being lifted off.
|
|
|
|
|
gmail is giving me grief when I try to email an article update that contains an exe. I suggest adding an "Update" button on the article page, which would work just like the Submission Wizard, except that some fields would be read only (like the name). The button would only appear if the article had been edited and moved. Currently I'm renaming zip's to ".zzz", but that has already caused some confusion on your end.
|
|
|
|
|
Good one.
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
The code in the article I submitted is not colorized correctly (I have the code property to vbnet). Keywords like dim, as, if, then, etc are formatted normally - in black. This isn't too bad, but it makes the code look a little plain.
See it here.[^]
|
|
|
|
|
Formatting is awfully broken. You sc***ed my new HP mouse by unnecessary horizontal scrolling.
|
|
|
|
|
Our coloriser is busted.
It makes us sad
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
Weekend? BTW, where is the Friday post this week?
|
|
|
|
|
The particular way you wrote that cracks me up.
--Justin
Microsoft MVP, C#
|
|
|
|
|
|
Chris Maunder wrote: Our coloriser is busted.
Try a colouriser
|
|
|
|
|
This member, Lallous has just posted an article without a title, making it unclickable.
Trinity: Neo... nobody has ever done this before.
Neo: That's why it's going to work.
|
|
|
|
|
Fixed
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|
|
Chris,
Can we include some defensive mechanisms into the posts submissions against these attacks? I recall a few days back, a member abused the website in the forums in the similar way.
|
|
|
|
|
This wasn't an attack - this was a bug at our end.
Relax
cheers,
Chris Maunder
CodeProject.com : C++ MVP
|
|
|
|