Opened 6 years ago
Closed 3 months ago
#7949 closed enhancement (invalid)
Restrict private messages sent via ID to only friends to prevent spam
Reported by: | hallme | Owned by: | espellcaste |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Messages | Keywords: | |
Cc: |
Description
When sending a private message from your own profile via "Compose", the ability of being able to send a message to a user via ID has allowed a bot to send a spam message to all users.
Can messages sent via ID filter out non-friends to prevent this?
Change History (5)
#2
@
6 years ago
- Milestone changed from Awaiting Review to Under Consideration
- Type changed from defect (bug) to enhancement
#3
@
4 months ago
- Milestone changed from Under Consideration to Up Next
- Owner set to espellcaste
- Status changed from new to assigned
I'll look into this.
I think it is odd that a bot can do this assuming it needs to be logged first.
#5
@
3 months ago
- Milestone 15.0.0 deleted
- Resolution set to invalid
- Status changed from assigned to closed
@hallme Sending a message via ID is not currently possible.
I'll resolve this as invalid. But feel free to share more. I assume since this ticket is 6 years old, it was a bug in the past, but not anymore.
You can use this plugin for now: https://github.com/r-a-y/bp-pms-for-friends
Might be time to merge that into Core. If so, would have to be considerate of other plugins like BP Follow.