Just tried to post a message to Tench on the Intel thread. It failed yet again! Link shown in web browser: siliconinvestor.com;
It's odd that it's possible for all SI members to see preview versions of other members' posts. All you have to do is find what the current number is (by for example posting your own message somewhere, or simply incrementing the number until you hit current previews) and you can see posts that haven't been published, yet - including spelling mistakes, and text that the poster may have decided not to include for whatever reason. You also have the option to edit the post, though the edit will post under your own user name. This is perhaps not a huge security leak, but you could use it to freak people out by, for example, posting under your own name, in original format, posts that the posters haven't yet had time to correct. Also, private messages use the same numbers, you can't view them using the same preview script used to post public messages, but you can if you use the private message preview script (send a PM to yourself, preview it, then increment the number to get the next message - if it's public it'll show the name of the person it's sent to only, if it's private and you're the one sending it it'll show you the message as well. I wonder if it checks the id of the person who sent it against the cookie of the current viewer, but if not then you can just increment the number until you hit someone else's private message. I have no way of checking this. PM someone, preview before sending, copy and paste the address of the preview page into the message and ask the person if he/she can access your preview version of the private message. Then you'll know.)
atto |
