I havnt really dug into it at all yet so it may be justified for some
reason, but isn't this a large security hole? I intend to fix it
before going public, but am wondering if there is some reason for
this... Once the user signs up their activation code is in the url...
Doesn't that defeat the purpose of sending an activation email to help
prevent spammers/bots etc... While even activation emails aren't that
great of a system to stop bots it still makes it more difficult...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CommunityEngine" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/communityengine?hl=en
-~----------~----~----~----~------~----~------~--~---
