Jump to content

Twitter followers


Recommended Posts

Nice look but a HUGE flaw.


You use an e-mail actiavation system to prevent spam users. I or anyone with a small amount of knowledge can create a tiny script that will create millions of fake users.


At the momment you do this;


Sign up page or box -> fill details in -> validate and submit -> send e-mail -> Wait for user to click link in e-mail -> everything works


But the way you do it is really really bad.


For example;

I signed up with email@email.com and managed to active my account with http://www.friendr.co.uk/activateuser.php?email=email@email.com


You need checksums to stop it. If you require a demo then I'll happily help.


All the best


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.