dant
The Living Force
Just wondered....
I did a security check behind the 'href' code on the forum page and it appears
that you did the right thing to hide the actual email address with the user's ID code.
Once someone sends an email message to a forum member, the email address
of the sender is unmasked and revealed. This may be a security problem for a
troll or worst, a PTB agent.
If this is a problem, then you might consider a gateway program that can process
the email headers so that the TO/FROM fields are addressed to the email gateway
program so that members are annoyomous? Dunno. Check it out with your IT
folks and maybe they know of a better way.
[Added] ===============================================
Come to think about it. Why have an email link at all, but instead provide a private
Person to Person database entry so that all messages stays in the database and can
be triggered to flush out after some duration, that way, you can cut down - way down,
the traffic/processing that email involves PLUS the legal stuff where emails are being
used nowadays.
I did such a thing for a website I am responsible for and I have eliminated email addressing
entirely and created a database/form and it does work well, for me.
Again, maybe IT has a better idea.
I did a security check behind the 'href' code on the forum page and it appears
that you did the right thing to hide the actual email address with the user's ID code.
Once someone sends an email message to a forum member, the email address
of the sender is unmasked and revealed. This may be a security problem for a
troll or worst, a PTB agent.
If this is a problem, then you might consider a gateway program that can process
the email headers so that the TO/FROM fields are addressed to the email gateway
program so that members are annoyomous? Dunno. Check it out with your IT
folks and maybe they know of a better way.
[Added] ===============================================
Come to think about it. Why have an email link at all, but instead provide a private
Person to Person database entry so that all messages stays in the database and can
be triggered to flush out after some duration, that way, you can cut down - way down,
the traffic/processing that email involves PLUS the legal stuff where emails are being
used nowadays.
I did such a thing for a website I am responsible for and I have eliminated email addressing
entirely and created a database/form and it does work well, for me.
Again, maybe IT has a better idea.
