[buddypress-trac] [BuddyPress] #4814: spammer can create group
buddypress-trac
noreply at wordpress.org
Wed May 1 14:17:52 UTC 2013
#4814: spammer can create group
--------------------------+-----------------------
Reporter: intimez | Owner: r-a-y
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 1.8
Component: Groups | Version: 1.7
Severity: critical | Resolution:
Keywords: dev-feedback |
--------------------------+-----------------------
Comment (by johnjamesjacoby):
Replying to [comment:8 DJPaul]:
> Reopening. If we are going to kill the page like this, we should use the
existing bp_is_user_spammer() and bp_is_user_deleted() functions, rather
than off-load the logic.
>
> This is also a fairly substantial change in our approach; until now,
we've not stopped spam accounts being able to *read* the site, and instead
have been preventing them posting to forms, and blocking them from
creating new content (this bug not withstanding), etc. I think I prefer
this "old" approach, so I wanted to re-open for a bit more discussion.
>
> Sorry for not having seen this patch in the last couple of months to
offer this feedback prior to the commit.
Agree with Paul here. Something tells me the approach is probably fine,
though it is a drastic behavioral change to make without having discussed
it in a dev chat together. The wp_die() approach gets the point across,
but maybe it should be a more informative message/page within the theme?
Like a 404 but for logged in users.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/4814#comment:9>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list