2 things was wondering about

Submitted by Anonymous on Tue, 03/06/2012 - 03:03
Written by
William

1. since potential spammer status is based on post count of members how does it work exactly for non member basis (guests)?

2. under edit this member, activation, if you set a member to inactive, what happens when you set to that?

Thank you

One more thing, think the avatar URL should be disabled as well for potential spammers, couldn't someone use malicious code in some way through that.

1. Upon activation, the status of a member account is set to "potential spammer" (when enabled). A maximum post count may be set upon where the status will be removed, but this is optionally. When not set the status remains as-is. For guests it is basically the same but of course without the maximum post count. Every guest simply has the enabled restrictions all the time.

2. The user can no longer log in. No activation email will be sent. This is the same as admin based activation.

The avatar might indeed be disabled, however I currently don't have that planned. Will look into adding this for some future release after 1.0.15.

Thank you Dietrich, thats exactly what I wanted to know.

Still like to see avatar url disabled like links are.

Don't know if you added or plan to add something, would be nice just to add with...

Potential spammer: disable profile links.
- Potential spammers can not set website field or use links in signature or use avatar URL.

UseBB 1 development has pretty much stopped. The only stuff done are bug fixes and really small changes. Fiddling with v1 has taken too long and less people have been using the system over the years.

I have done some small improvements to the v2 code in the past week, and aim at doing a small amount of work every week in order to get 2.0.0 feasible, which will eventually surpass v1 and finally leave it unsupported. I confirm v2 has been planned and in (re)development for several years, but I am now continuing on the October 2011 code so I can have a base framework finally ready.

It's a bug bearer when people link to an avatar off-site and then later delete that avatar (now not getting displayed) on your forum anymore.

Never really liked the Avatar URL option and felt you're better not having it showing a default avatar if a person doesn't "upload one". I really like UseBB and it comes with some very useful needed features like Stop Forum Spam and no bloated junk. But do wish it had an avatar upload option there, along with file attachment upload option in posts.

But understand UseBB 1 is only getting bug fixes now.

Things like this will become available in v2, either some day in the core package or as a plug-in.

Trying to add this to UseBB 1 is fiddling for hours. Plus v1 does not have any unit tests so it is always a matter of doing manual tests to see whether anything broke. Also not everyone uses all features, and disabling them often still gets the code loaded in anyway.

In the very beginning I still thought about developing 1.1, 1.2 etc but that is out of the question now. Too many things have changed since 2004.

Someone could add:

http://www.someplace.com/images/filename.php

As an image, with all intentions of being malicious.

See if can come up with something, don't expect anything anytime soon.

This can happen with a .png or .gif extension too. It can be any script behind the scenes that records browser info, but so does a web server itself too.

In any case, this is going a little off topic. For more questions please open a new thread.

Already asked about it in this topic, 2nd post.

William

Someone could add:

http://www.someplace.com/images/filename.php

As an image, with all intentions of being malicious.

See if can come up with something, don't expect anything anytime soon.

It can happen on any forum that allows IMG BBCode tags in posts and signatures. I often read forum being hit by this method used and many are paid forum scripts like vBulletin and a few others. There's not a lot you can do about it really bar remove the use of IMG tags in posts and signatures completely. Only other thing was what I mentioned before about using border styling wrapped around IMG BBCode images, so if a person posted a 1px transparent image that would normally be very hard to detect in a post. It would be spotted easy if using a 4px white border added automatic to all IMG BBCode images giving it away.

I wasn't born yesterday, you know. I know all about those other means.

Just going to figure out how to disable avatar url myself, have it disabled just like website field and signature.