113 posts
  • Author had a File in an Envato Bundle
  • Bought between 100 and 499 items
  • Exclusive Author
  • Has been a member for 3-4 years
  • Referred between 50 and 99 users
  • Sold between 50 000 and 100 000 dollars
  • United Kingdom
Sneek says

It appears they have found a solution…

http://imageshack.us/f/341/screenshot20120109at093.png/
1033 posts
  • Sold between 50 000 and 100 000 dollars
  • Contributed a Tutorial to a Tuts+ Site
  • Referred between 1000 and 1999 users
  • Bought between 10 and 49 items
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Has been a member for 3-4 years
  • Exclusive Author
  • Czech Republic
+1 more
survivor says

It appears they have found a solution… http://imageshack.us/f/341/screenshot20120109at093.png/

But when You click ok – You end up on blank page…

It would be nice if we have these important changes in our Dashboard, so noone miss it…

360 posts
  • Envato Staff
  • Reviewer
  • Sold between 10 000 and 50 000 dollars
  • Has been a member for 5-6 years
  • Bought between 50 and 99 items
  • Contributed a Tutorial to a Tuts+ Site
  • Beta Tester
+4 more
Philo01 Reviewer says

any chance you can redirect the url to take you to the users profile? Just so all those links that are now spread around the site can be utilized :)

+1 :)

1158 posts
  • Football Contest Participant/Runner-up
  • Brazil
  • Sold between 10 000 and 50 000 dollars
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Most Wanted Bounty Winner
  • Envato Studio (Microlancer) Beta Tester
  • Referred between 100 and 199 users
+3 more
RafaelOliveira says

Bad news :( I need to change about 85 descriptions….
Any chance to redirect the users to the profile page like was said?

2088 posts
  • Author had a File in an Envato Bundle
  • Contributed a Blog Post
  • Exclusive Author
  • Has been a member for 4-5 years
  • Interviewed on the Envato Notes blog
  • Most Wanted Bounty Winner
  • Referred between 1 and 9 users
  • Serbia
+1 more
urbazon says

I don’t see how can anybody mislead somebody to follow them when there is pop-up message/alert (like shown on Sneek’s screenshot)??? I don’t get it…

2024 posts
  • Elite Author
  • Author had a Free File of the Month
  • Has been a member for 4-5 years
  • Austria
  • Exclusive Author
  • Interviewed on the Envato Notes blog
  • Envato Studio (Microlancer) Beta Tester
+3 more
revaxarts says

I don’t see how can anybody mislead somebody to follow them when there is pop-up message/alert (like shown on Sneek’s screenshot)??? I don’t get it…

You’re not a coding dude I guess :P

4335 posts
  • Beta Tester
  • Bought between 10 and 49 items
  • Community Moderator
  • Contributed a Blog Post
  • Contributed a Tutorial to a Tuts+ Site
  • Exclusive Author
  • Grew a moustache for the Envato Movember competition
+6 more
Reaper-Media Volunteer moderator says

A good solution would be to do this:

if the POST variable authenticity_token is sent, continue as normal, otherwise:

load a webpage with some text which says “You are about to follow this user on the marketplaces, do you want to continue?” and display a form with its method as POST and target as the current page and a hidden input authenticity_token. and another one with something like display_page = true. (currently when authenticity_token is undefined it returns a blank page with a 404 header)

Then when the url is visited, and authenticity_token sent AND display_page is also sent via POST variables, instead of returning JSON data, it will return a page with a confirmation message.

sorted. All the old links work and there are no security holes! :-)

I am right in thinking the url which was disabled is: marketplace.net/user/someone/follow right? :P

1406 posts
  • Envato Studio (Microlancer) Beta Tester
  • Europe
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Contributed a Blog Post
  • Author had a Free File of the Month
  • Has been a member for 4-5 years
  • Bought between 10 and 49 items
  • Football Contest Participant/Runner-up
  • Referred between 10 and 49 users
+2 more
Stylius says

D’oh :S

Too bad for the people who have to change ALL the descriptions of their items. But devs, I’m sure you are that cool to find a solution to this instead of disabling it! right? ;)

3424 posts
  • Elite Author
  • Sold between 250 000 and 1 000 000 dollars
  • Community Moderator
  • Bought between 100 and 499 items
  • Referred more than 2000 users
  • United States
  • Has been a member for 4-5 years
+5 more
sevenspark Volunteer moderator says

A good solution would be to do this:

if the POST variable authenticity_token is sent, continue as normal, otherwise:

load a webpage with some text which says “You are about to follow this user on the marketplaces, do you want to continue?” and display a form with its method as POST and target as the current page and a hidden input authenticity_token. and another one with something like display_page = true. (currently when authenticity_token is undefined it returns a blank page with a 404 header)

Then when the url is visited, and authenticity_token sent AND display_page is also sent via POST variables, instead of returning JSON data, it will return a page with a confirmation message.

sorted. All the old links work and there are no security holes! :-)

I am right in thinking the url which was disabled is: marketplace.net/user/someone/follow right? :P

+1

Either that or Adam’s idea (redirect to profile) in the short term at least, otherwise we’re going to have a lot of confused customers and authors.

I certainly understand the need to plug the security hole. It’s really too bad when a few immoral authors ruin things for everyone :x

934 posts
  • Author had a Free File of the Month
  • Bought between 10 and 49 items
  • Canada
  • Exclusive Author
  • Has been a member for 3-4 years
  • Most Wanted Bounty Winner
  • Sold between 5 000 and 10 000 dollars
graphicmind says

It appears they have found a solution… http://imageshack.us/f/341/screenshot20120109at093.png/

Wasn’t this there for some time?

by
by
by
by
by
by