ClanKiller.com
http://forums.clankiller.com/

Memberlist AWOL.
http://forums.clankiller.com/viewtopic.php?f=9&t=1473		 Page 1 of 1
Author:  derf [ Thu Oct 13, 2005 9:49 am ]
Post subject:  Memberlist AWOL.
read title.
Author:  ElevenBravo [ Thu Oct 13, 2005 10:58 am ]
Post subject: 
For security reasons. So spammer dont see your profile and get your email or send you PMs or get your AOL info or something.
Author:  RB [ Thu Oct 13, 2005 11:06 am ]
Post subject: 
Well, not so lucky solution since profiles of those who post are still visible to the guests and it is still very easy to acquire the list of members and get all the public visible data, even if members.php is moved, belive me. Effect is just - nothing (ok, not absolutely nothing - we will kick out the kids that are new in the job), if it was a goal. Was it?

But, hmmmmm... disabling a bot to send PM by hiding the memberlist? :shock: What one can do is disabling of PM service to the members that are not by some way approved or/and putting the word or/and link filter in PM service.
Author:  Satis [ Thu Oct 13, 2005 12:09 pm ]
Post subject: 
primary reason for memberlist removal: destroy bot link generators.

Bots (or people) would generate logins with links to their home pages in the hope that search engines would see the links and boost their relevancy ratings. My disabling the memberlist, I've removed that.

This was a very real problem here. At least 50% of our users were fake users used for the crosslinking thing.

Harvesting emails is another reason, but obviously I haven't taken care of that entirely. To do that I would need to kill email display for the email link at the bottom of each post and in the person's profile. And anywhere else is may exist, though those are the big ones.

As for pm spamming...you have to be a registered user to pm. If someone pm spams, I'll disable that account. If someone starts making alot of fake users to pm spam, I'll probably apply my word filter hack to pms also.
Author:  RB [ Thu Oct 13, 2005 12:21 pm ]
Post subject: 
Satis wrote:
Bots (or people) would generate logins with links to their home pages in the hope that search engines would see the links and boost their relevancy ratings. My disabling the memberlist, I've removed that.

So, the memberlist is moved because of the search engines? Ok.
Author:  derf [ Thu Oct 13, 2005 12:42 pm ]
Post subject: 
maybe you can create one manually? one that doesnt come up in these searches? I doubt youve even read my post past the word 'manual'. that word scares you too much. in that case, manualmanualmanualmanualmanualmanualmanualmanualmanualmanualmanual you suck ass manualmanualmanualmanualmanualmanualmanualmanualmanualmanual.
Author:  Satis [ Thu Oct 13, 2005 1:18 pm ]
Post subject: 
@gfreeman... yes. Mainly to dissuage people from creating fake users just to boost their search engine rankings.

@derf...wtf
Author:  RB [ Thu Oct 13, 2005 3:22 pm ]
Post subject: 
derf wrote:
maybe you can create one manually? one that doesnt come up in these searches? I doubt youve even read my post past the word 'manual'. that word scares you too much. in that case, manualmanualmanualmanualmanualmanualmanualmanualmanualmanualmanual you suck ass manualmanualmanualmanualmanualmanualmanualmanualmanualmanual.

Well I haven't got what he is saying, Satis, but if you dissable memberlist just for the guests, you will make it available for us and it will be still invisible for the search engines. Just my 5¢, do it in the way you choose. ;)
Author:  Satis [ Thu Oct 13, 2005 4:06 pm ]
Post subject: 
meh, I think the memberlist is pretty useless, personally. I could stick in some code to make it only come up for registered users, but why bother? It disappeared at the same time I made the antispam changes, so it's taken awhile for anyone to even notice. :)
Author:  Arathorn [ Thu Oct 13, 2005 5:09 pm ]
Post subject: 
Do those bots use the standard adress for memberlists in phpbb fora? In that case would adding a single digit to the link fix the problem?
Author:  RB [ Thu Oct 13, 2005 5:39 pm ]
Post subject: 
Arathorn wrote:
Do those bots use the standard adress for memberlists in phpbb fora? In that case would adding a single digit to the link fix the problem?

I think they just suck any link recursively. One searching thread dies when it makes the dead loop. So no such solution, I think. Anyway, malevolent guests won't notice that only one digit is changed and they will keep making the useless profiles. :?

Yes, I use the memberlist very rarely, just to remind me in which order is the registration of the members done.
Author:  RB [ Wed Oct 19, 2005 12:36 pm ]
Post subject: 
I just noticed I had the same problem. The memberlist is now allowed only for the users that are logged in.

# OPEN>
includes/page_header.php

# FIND>
Code:
'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx),


# REPLACE WITH>
Code:
'U_MEMBERLIST' => (($userdata['session_logged_in'])?append_sid('memberlist.'.$phpEx):""),


In this case, click on the memberlist redirect the guest to the index page.
Author:  Satis [ Wed Oct 19, 2005 3:35 pm ]
Post subject: 
cool. Good hack. Neater than just killing the link. :p
Page 1 of 1 All times are UTC - 6 hours
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/