Comments on: HeyCraig Goes International! http://www.pointlesscorp.com/heycraig-goes-international/ Neither pointless nor a corporation. Mon, 23 Jan 2012 08:53:42 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Kevin VandeKrol http://www.pointlesscorp.com/heycraig-goes-international/comment-page-1/#comment-82 Kevin VandeKrol Tue, 11 Aug 2009 14:59:34 +0000 http://www.pointlesscorp.com/?p=105#comment-82 I spent a few minutes this morning transferring all of my Craigslist RSS feeds to your site (16 of them). Over the course of entering them, I found a lot of rather serious bugs: 1. Five different times, I entered a search and clicked "yoink!" only to be taken to the search results for someone else's search. By clicking "your searches" at the top, I was "returned" to the searches for the account of the person whose search I just intercepted. 2. When I was returned someone else's search, it would appear in my account's searches under the name I gave it, but when I clicked on it, it'd be the other person's search. The only way to get it out of my list was to delete the search from their account... which it let me do. 3. Because of these two issues, my guess is that there are conflicts with the IDs you assign... these users were entering searches at the same time I was, and in many cases it's possible for the IDs to get mixed up, and the wrong ID can be assigned to the wrong account (or multiple accounts). 4. Since the user IDs default to sequential numbers, it was easy to just type in other numbers and access the accounts of other users. From here I could see all their searches, add new searches, and delete existing searches. 5. Similar to the previous one: Since the search IDs are sequential as well, just hex instead of decimal, it was easy to type a previous ID and access someone else's search. I spent a few minutes this morning transferring all of my Craigslist RSS feeds to your site (16 of them). Over the course of entering them, I found a lot of rather serious bugs:

1. Five different times, I entered a search and clicked “yoink!” only to be taken to the search results for someone else’s search. By clicking “your searches” at the top, I was “returned” to the searches for the account of the person whose search I just intercepted.

2. When I was returned someone else’s search, it would appear in my account’s searches under the name I gave it, but when I clicked on it, it’d be the other person’s search. The only way to get it out of my list was to delete the search from their account… which it let me do.

3. Because of these two issues, my guess is that there are conflicts with the IDs you assign… these users were entering searches at the same time I was, and in many cases it’s possible for the IDs to get mixed up, and the wrong ID can be assigned to the wrong account (or multiple accounts).

4. Since the user IDs default to sequential numbers, it was easy to just type in other numbers and access the accounts of other users. From here I could see all their searches, add new searches, and delete existing searches.

5. Similar to the previous one: Since the search IDs are sequential as well, just hex instead of decimal, it was easy to type a previous ID and access someone else’s search.

]]> By: Michael Pearson http://www.pointlesscorp.com/heycraig-goes-international/comment-page-1/#comment-81 Michael Pearson Tue, 11 Aug 2009 14:37:11 +0000 http://www.pointlesscorp.com/?p=105#comment-81 Never heard of the UK? I can get London, Canada, but not London, England. Never heard of the UK? I can get London, Canada, but not London, England.

]]> By: Abhimanyu Ghoshal http://www.pointlesscorp.com/heycraig-goes-international/comment-page-1/#comment-67 Abhimanyu Ghoshal Fri, 10 Jul 2009 10:24:13 +0000 http://www.pointlesscorp.com/?p=105#comment-67 Awesome way to search on craigslist! However, I'm in Bangalore, India, and my city's not listed... anything you can do about it? Keep up the great work, guys! Awesome way to search on craigslist! However, I’m in Bangalore, India, and my city’s not listed… anything you can do about it?

Keep up the great work, guys!

]]>