Posted on: 05/14/08 06:21am
By: railwayman
We have had a member - now banned - who used the email link on the profile page to contact the person with silly questions which we felt amounted to a security issue.
I know you can set emailuser in config to 0 or 1 but is there anyway of disabling this link without serious hacking.
Appreciate any urgent help on this one.
Re: Profile issue
Posted on: 05/14/08 04:20pm
By: Dirk
You could remove the link from the template file (users/profile.thtml) but that won't stop anyone from calling the link directly, of course, assuming they know them.
If you want to be evil: Remove the link from the profile, then open profiles.php and comment out the first call to COM_mail (the second is for the "send story to a friend" function). If you do that, it would still display the email form and all that but wouldn't actually send the email ...
bye, Dirk
Re: Profile issue
Posted on: 05/15/08 05:41am
By: railwayman
Thanks Dirk
I like the evil approach
think I will adopt that
Many thanks
Re: Profile issue
Posted on: 05/17/08 03:36pm
By: railwayman
Dirk
I took the 'evil' approach but have had to revert it stopped notification of Forum posts to members and Contact mail to Admin, we run a closed site - will have to see if I can get someone to write a custom hack.
Many thanks anyway for your help appreciated.