Subject:
|
Re: MOTM / SOTM Voting For December Is Now Open
|
Newsgroups:
|
lugnet.cad.dev.org.ldraw
|
Date:
|
Wed, 7 Dec 2005 00:13:57 GMT
|
Viewed:
|
2025 times
|
| |
|
|
In lugnet.cad.dev.org.ldraw, Dan Boger wrote:
> On Tue, Dec 06, 2005 at 10:14:28AM +0000, Jacob Sparre Andersen wrote:
> > > This prevents people from remotely calling the followon PHP function
> > > to process the form data without actually using the form (i.e. bot
> > > protection among other things).
> >
> > And what do we need "bot protection" for? It is already a "members
> > only" page.
>
> Not to mention that it's trivial to bypass it if you did want to use a
> bot. If we need to do bot protection, we can use a captcha (similar to
> the way we're protecting the full installer) when votes are actually
> submitted. But there's no reason (imo) to disallow multiple windows.
I'm hesitant to use a captcha since it's just one more step in a process that's
supposed to be quick and easy (i.e. it makes since to us webheads but the
general user will see it as a pain-in-the-rear). I do however agree that a
permissions check is also done so this "authid generation" might be pointless.
I've asked the PN forums for more clarification on the issue since I can easily
remove authid checks in this instance (i.e. it's in the code for the module and
not part of core PN).
-Orion
|
|
Message has 1 Reply:
Message is in Reply To:
 | | Re: MOTM / SOTM Voting For December Is Now Open
|
| (...) Not to mention that it's trivial to bypass it if you did want to use a bot. If we need to do bot protection, we can use a captcha (similar to the way we're protecting the full installer) when votes are actually submitted. But there's no reason (...) (18 years ago, 6-Dec-05, to lugnet.cad.dev.org.ldraw)
|
19 Messages in This Thread:
  
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
