Loading ...
Sorry, an error occurred while loading the content.
 

Re: manpageview rating dive

Expand Messages
  • Bram Moolenaar
    ... Right, the form was using a GET. That s wrong. I changed it to a POST now. Please verify the rating still works. I found another one on the page where a
    Message 1 of 7 , Sep 2, 2011
      Benjamin Haskell wrote:

      > On Wed, 31 Aug 2011, Charles Campbell wrote:
      >
      > > Charles Campbell wrote:
      > >> Hello!
      > >>
      > >> I recently checked my plugins' ratings:
      > >>
      > >> 08/09/11 script 677/279/10776: Manpageview.vim
      > >> 08/31/11 script -133/1094/10866: Manpageview.vim
      > >>
      > >> This seems like an odd thing -- is this preparation for a general
      > >> bombing of plugins' ratings?
      > > I should explain this a bit more. The rating for Manpageview on
      > > August 9, 2011 was 677, with 279 people having rated it, and 10776
      > > having downloaded it.
      > > On August 31, 2011, the rating was -133, 1094 people having rated it,
      > > and 10866 having downloaded it.
      > >
      > > It is odd that Manpageview received -810 in karma when there were only
      > > 90 additional downloaders over that time period. Did irc have a
      > > anti-Chip attack? Is someone testing a bot to destroy multiple
      > > plugins' ratings?
      >
      > Can't find it currently, but someone mentioned in the not-so-distant
      > past that some search engine(s) grabbed the down-vote URL when crawling
      > www.vim.org. In this case, googling:
      >
      > site:www.vim.org inurl:unfulfilling
      >
      > (where 'unfulfilling' is the 'rating' value for a down-vote) comes up
      > with exactly one result for me:
      >
      > ManPageView - Viewer for manpages, gnu info, perldoc, and php …
      >
      > With the link: (...'s to prevent clicking)
      >
      > http://.../scripts/script.php?script_id=489&rating=unfulfilling
      >
      > And I may have accidentally just downvoted it myself, by hovering over
      > the result (which pops up a preview).
      >
      > Seems like the ratings should only use $_POST (PHP var), but they appear
      > to be using $_GET, too.

      Right, the form was using a GET. That's wrong. I changed it to a POST
      now. Please verify the rating still works.

      I found another one on the page where a script delete is confirmed.
      Fixed that too.

      --
      BLACK KNIGHT: I'm invincible!
      ARTHUR: You're a looney.
      "Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

      /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
      /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
      \\\ an exciting new programming language -- http://www.Zimbu.org ///
      \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

      --
      You received this message from the "vim_dev" maillist.
      Do not top-post! Type your reply below the text you are replying to.
      For more information, visit http://www.vim.org/maillist.php
    Your message has been successfully submitted and would be delivered to recipients shortly.