Jump to content

Twitter followers


Friendr

Recommended Posts

Nice look but a HUGE flaw.

 

You use an e-mail actiavation system to prevent spam users. I or anyone with a small amount of knowledge can create a tiny script that will create millions of fake users.

 

At the momment you do this;

 

Sign up page or box -> fill details in -> validate and submit -> send e-mail -> Wait for user to click link in e-mail -> everything works

 

But the way you do it is really really bad.

 

For example;

I signed up with email@email.com and managed to active my account with http://www.friendr.co.uk/activateuser.php?email=email@email.com

 

You need checksums to stop it. If you require a demo then I'll happily help.

 

All the best

PaulTheProgrammer

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.