Support » Plugin: Participants Database » Editing layout form

  • Hi,

    I have a few questions. First: can I change the look of the form? As you can see here: http://tjoa.biz/imanage/become-a-member/ the layout isn’t really nice. Also the checkboxes at ‘study year’ are not on one line.

    Second: when we ask bankaccountnumbers, they only may use 123456789 and a dot. Where can I find the setting to only allow these characters?

    I also noticed two things:
    1. when you download a blank database (or filled in) all info is put in one square. Like this: name,last_name,etcetc. They have to be seperated 😉 I know how to do this in Excel, but I don’t think everyone knows this.
    2. When you visit the page and add a number after ‘id=’ I still receive emails with ‘someone signed up’. For example when you go to http://tjoa.biz/imanage/become-a-member/?id=1010101010 I will receive an email. It also is not save, because when I go to http://tjoa.biz/imanage/become-a-member/?id=1, I can see who signed up. So there’s not really privacy if you know what I mean.
    Do you know something to do about this?

    Thank you for the great plugin 🙂 And sorry for the bad English.

    Kind regards,
    Wilma

    http://wordpress.org/extend/plugins/participants-database/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author xnau webdesign

    (@xnau)

    Hi Wilma,

    I can’t really help you too much with the layout of the form…it is up to your theme to make it look good, and if that does not work, you’ll have to change the theme CSS to make it look that way you want.

    When you export a CSV, it has to be imported correctly into your spreadsheet program. This is not the fault of the plugin, this is just the way CSV works, it is not a strict standard format.

    Yes, the problem with visiting the page with “id=” in the URL is a bug. It is possible to fix the bug, but it is usually not a problem.

    If you need to fix it, the fix is in this thread: http://wordpress.org/support/topic/receiving-tons-of-fake-subscription-emails?replies=9

    Thread Starter WilmaW

    (@wilmaw)

    Thanks. Followed the steps, but still got the problem. This is what I mean: When you go to http://tjoa.biz/imanage/become-a-member/?pdbid=5, I’ll receive an email. So if you f5 the page like 10 times, I receive 10 emails. Also when you go to that url, you can see the message: “Thanks you, Name, for… Ok, I can fix this by removing the persons name in messages, but then I still have the problem that people can abuse the link and spam me. 🙁

    Plugin Author xnau webdesign

    (@xnau)

    Wilma,

    Yes, that wil occur even with the fix. All it does is make sure the ID is valid. The question is: is it happening on your site because someone is coming by and doing this? If someone is actually exploiting this, it becomes more urgent.

    The plugin has always worked this way, and it hasn’t really been a problem–not that I don’t intend to fix it, but it won’t be until the next major release.

    Thread Starter WilmaW

    (@wilmaw)

    Okay, thanks for the quick response. The website will be launched somewhere next week, so this is not a problem yet. I hope the students won’t figure out this bug before your update then. They are smart though. Also other study associations might abuse this bug when they figure out. 🙁 When do you think the update will take place? Days, weeks, months?

    Plugin Author xnau webdesign

    (@xnau)

    Well, I’m not to the point of making promises yet, but the timeframe is at least a month. It’s big release.

    However, you shouldn’t have trouble with this because there is a time lockout that happens so that for two minutes after the emails are sent, another email for that ID cannot be sent. These situations you’re seeing on that thread have to do with websites that are sending these emails because of automatic processes the site itself is generating…in other words it’s doing it all the time, so eventually the timeout gives out and an email is sent…every two minutes.

    In order for someone to exploit this, they would have to go to quite a bit of trouble…they couldn’t just refresh and send an email as you suggest. You can test this yourself if you like.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Editing layout form’ is closed to new replies.