View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000803 | XMB1 | Bugs | public | 2025-07-01 08:39 | 2025-07-13 16:19 |
| Reporter | flushedpancake | Assigned To | miqrogroove | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Product Version | 1.9.8 SP2 | ||||
| Target Version | 1.10.00 | Fixed in Version | 1.10.00 | ||
| Summary | 0000803: Flood interval doesn't care about U2Us | ||||
| Description | This is quite a glaring fault. | ||||
| Steps To Reproduce | 1) Spam the send button. 2) Enjoy. | ||||
| Tags | No tags attached. | ||||
| MySQL Version | |||||
| PHP Version | |||||
| Web Server | |||||
| Browser | |||||
| Flags | |||||
| Original Reporter | |||||
| SVN Revision | |||||
| Git Commit | https://github.com/miqrogroove/xmb/commit/da1edab67453f8f9a54138fb57df97b18949309f | ||||
|
|
Reusing the setting for post flooding for U2Us would be more than acceptable here. A good minimum time default would be 10-30 seconds if there isn't one already. Also, its whitescreening like newreply was before at the moment lol |
|
|
Yes I can see there are some alpha typos to work on. Probably an anti-CSRF token would solve this cosmetically. But a bot could also request unlimited tokens, so it would be best to implement the flood control setting. |
|
|
There is a flood protect line of code already in XMB. I can't figure out how to test it in Firefox because the response from the alpha site is nearly instant. I will check if the Chrome DevTools has a speed setting for this. |
|
|
With the Chrome window throttled to "3G" speed, I was able to click the submit button 3 or 4 times. This triggered XMB flood protection, generated an error page, and sent only one message. If you are seeing different behavior, first check that you have flood control set to a reasonable number >= 5 (seconds). Next, if you can still reproduce a problem, please provide more details about what you are doing and how it might be different from what I've tried. |
|
|
I found one small difference in the U2U form which did not have the client-side disable feature. I added that now and I couldn't find any "fault" anywhere. If you have some other info to report then you can reopen this issue. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-07-01 08:39 | flushedpancake | New Issue | |
| 2025-07-01 08:43 | flushedpancake | Note Added: 0000567 | |
| 2025-07-01 14:56 | miqrogroove | Status | new => confirmed |
| 2025-07-01 14:56 | miqrogroove | Target Version | => 1.10.00 |
| 2025-07-01 14:56 | miqrogroove | Note Added: 0000568 | |
| 2025-07-13 08:58 | miqrogroove | Note Added: 0000576 | |
| 2025-07-13 09:10 | miqrogroove | Status | confirmed => feedback |
| 2025-07-13 09:10 | miqrogroove | Note Added: 0000577 | |
| 2025-07-13 16:19 | miqrogroove | Assigned To | => miqrogroove |
| 2025-07-13 16:19 | miqrogroove | Status | feedback => resolved |
| 2025-07-13 16:19 | miqrogroove | Resolution | open => fixed |
| 2025-07-13 16:19 | miqrogroove | Fixed in Version | => 1.10.00 |
| 2025-07-13 16:19 | miqrogroove | Git Commit | => https://github.com/miqrogroove/xmb/commit/da1edab67453f8f9a54138fb57df97b18949309f |
| 2025-07-13 16:19 | miqrogroove | Note Added: 0000580 |
