[buddypress-trac] [BuddyPress] #4814: spammer can create group

buddypress-trac noreply at wordpress.org
Wed May 1 18:12:26 UTC 2013

#4814: spammer can create group
 Reporter:  intimez       |       Owner:  r-a-y
     Type:  defect (bug)  |      Status:  reopened
 Priority:  normal        |   Milestone:  1.8
Component:  Groups        |     Version:  1.7
 Severity:  critical      |  Resolution:
 Keywords:  dev-feedback  |

Comment (by r-a-y):

 > Something tells me the approach is probably fine, though it is a drastic
 behavioral change to make without having discussed it in a dev chat

 Sorry for not discussing this in a dev chat!

 I don't mind how we go about this issue, but we do have to address how a
 live user that is marked as a spammer is still able to do things as
 mentioned at the beginning of this ticket.

 My two cents can be
 [https://buddypress.trac.wordpress.org/ticket/4814#comment:5 found above].


 > The wp_die() approach gets the point across, but maybe it should be a
 more informative message/page within the theme? Like a 404 but for logged
 in users.

 That could work as well.  Perhaps redirect to homepage and use
 `bp_core_add_message()` saying the user is a spammer?


 > If we are going to kill the page like this, we should use the existing
 bp_is_user_spammer() and bp_is_user_deleted() functions, rather than off-
 load the logic.

 I decided not to use `bp_is_user_spammer()`, because we've already queried
 that data for the logged-in user in the `$bp->loggedin_user` object.
 Thanks to your feedback, I've added that logic directly in the function
 now.  See r6893.

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/4814#comment:11>
BuddyPress <http://buddypress.org/>

More information about the buddypress-trac mailing list