Erik writes:
I think we're still talking past each other. Banned IP addresses can login, but they cannot edit, even if they're logged in. The IP address of the user in question (Stick) is not banned.
Yes. We're talking past each other. What I'm saying is that a banned IP that tries to access the "login" page, regardless of whether it's logged in already, could be served a 404. This could prevent people like Michael or yesterday's vandal from coming back with several different usernames. Again, I'm not sure if this is a good or bad idea--there may be other, bad results as well.
kq
__________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com
On Sunday 18 May 2003 08:04, koyaanis qatsi wrote:
Erik writes:
I think we're still talking past each other. Banned IP addresses can login, but they cannot edit, even if they're logged in. The IP address of the user in question (Stick) is not banned.
Yes. We're talking past each other. What I'm saying is that a banned IP that tries to access the "login" page, regardless of whether it's logged in already, could be served a 404. This could prevent people like Michael or yesterday's vandal from coming back with several different usernames. Again, I'm not sure if this is a good or bad idea--there may be other, bad results as well.
I'm not sure what the benefit of that would be. IP bans affect the IP even if edits coming from that IP are logged in, so they couldn't edit if they were coming from a banned IP. If they come back with a different IP, there's nothing we can do about it anyway with an IP ban.
Are you just suggesting we make "vandals" think that the wiki is "broken" so they'll go away?
-- brion vibber (brion @ pobox.com)
On Sun, 18 May 2003 08:04:56 -0700 (PDT), koyaanis qatsi obchodnakorze@yahoo.com gave utterance to the following:
Erik writes:
I think we're still talking past each other. Banned IP addresses can login, but they cannot edit, even if they're logged in. The IP address of the user in question (Stick) is not banned.
Yes. We're talking past each other. What I'm saying is that a banned IP that tries to access the "login" page, regardless of whether it's logged in already, could be served a 404. This could prevent people like Michael or yesterday's vandal from coming back with several different usernames. Again, I'm not sure if this is a good or bad idea--there may be other, bad results as well.
Given that any form POST of a reasonable length can have a GET substituted for it, it is easy to bookmark an URL which replicates the form submission and never requires the login page to be served. (I won't post that here but will explain off list if required).
Actually I've always wondered why non-logged users didn't see a quick login form on the Wikipedia home page.