Registered User
No Password Needed to Access E-mail Addresses?
We're considering purchasing this script but we're concerned that unregistered users (or registered users for that matter) can access each and every person's e-mail address (and other information) without being prompted for a password. This seems like quite a security risk. Is there a way to require the password before someone is allowed to see other's private information?
Active Member
esm
"The older I get, the more I admire competence, just simple competence, in any field from adultery to zoology."
.
Registered User
Wow, I'm shocked that's something that needs to be hacked in by the user.
The thread you linked me to was started almost 2 years ago, I can't believe nothing has been done about it. That's really disappointing. Thanks for your help though.
Last edited by kilcher; 03-27-2005 at 11:11 PM.
Active Member
yep. the programmer has been working on v4.
but it is an easy hack. it is still pretty good software. Not perfect. but then nothing is.
.
esm
"The older I get, the more I admire competence, just simple competence, in any field from adultery to zoology."
.
Registered User
Perhaps an easy hack, but not one I think that I should be responsible for implementing. I realize nothing is perfect, and for the price IndexU certainly seems to give a lot for the dollar. However, this a privacy issue, and one that I think should have been addressed, and fixed, long before now.Originally Posted by esm
yep. the programmer has been working on v4.
but it is an easy hack. it is still pretty good software. Not perfect. but then nothing is..
From a privacy point of view, and my own personal opinion, I think this is a serious oversight. The ease at which data can be obtained by anyone, simply by supplying a random siteid, is pretty difficult to overlook.
In any case, thanks for your reply ESM. I hope that privacy of information does indeed become a default feature in future versions.
Active Member
yep, v3.1 came out in April of 2003. There was a maintenance version v3.2 released in August ( ? ) 2004 but that dealt primarily with bugs. v3.2 did add three new features but alas, this was not one of them.
Consequently, INDEXU has gotten a little "long in the tooth" without updates. I even offered my MODs to the programmer but that didn't happen either. but we await v4 with anticipation...
But, if you purchase INDEXU I will install the hack for you at no charge.
.
esm
"The older I get, the more I admire competence, just simple competence, in any field from adultery to zoology."
.
Posting Permissions
