Jump to content

Cannot moderate private messaging abuse

NexusMods

By NexusMods
in Feedback

 Share

Recommended Posts

NexusMods Explorer

NexusMods

Posted
Posted (edited)

Hi there,

We unfortunately have come across some abuse of the private message / conversation feature.

What happens:

Users can message each other, then block the others / themselves from a conversation. As the conversation then has no participants, it's deleted and we have no trace, making it difficult to moderate.

Expected behaviour:

When there are only two participants, users shouldn't be able to remove the other member (to cause the deletion), or there needs to be some way of verifying that the PM did exist as a forum admin.

 

How to reproduce:

Here is the steps to reproduce from our team:

 

  1. Log into AccountA - send a PM to AccountB
  2. Within the PM UI, select AccountB from the list of participants and select "Remove from conversation".
  3. Delete the message from your inbox as AccountA.
  4. Log into AccountB - see that this PM "never existed" but you still have an email confirming it was sent to you.

 

The class / method in question is 

Messenger\Conversation::deauthorize




If you need any more information, please let us know.

Edited by NexusMods
topic title
  • NexusMods changed the title to Cannot moderate private messaging abuse
Joel R Mentor

Joel R

Posted
Posted

1. I'm giggling at the cleverness of humanity to continue to find creative new ways to be an @$$ to other members.  

2. You may want to investigate some member group settings.  For example, you can restrict members from deleting their own personal messages. This does pose other consequences, such as accruing a lifetimes worth of personal messages. 

Could contain: Page, Text, Electronics, Mobile Phone, Phone, File

 

  • 2 weeks later...
AlexWright Proficient

AlexWright

Posted
Posted
On 4/27/2024 at 2:49 PM, Joel R said:

1. I'm giggling at the cleverness of humanity to continue to find creative new ways to be an @$$ to other members.  

2. You may want to investigate some member group settings.  For example, you can restrict members from deleting their own personal messages. This does pose other consequences, such as accruing a lifetimes worth of personal messages. 

Could contain: Page, Text, Electronics, Mobile Phone, Phone, File

 

We just had a similar issue. Turning off the ability to delete PMs doesn't actually disable the "Remove from Conversation" feature, which still acts as if the conversation has been deleted to the other party.

 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...