Monday, July 23, 2007

Moods (Emoting)

This one's very interesting. Moods is vulnerable to the typical problem that we've seen in the past. Mainly, viewing a non-friend's mood history. In order to check out someone's history, simply alter the following url.

Obviously substituting the person's id for the uid variable.

Now, here's the twist with this application. It doesn't even check to ensure that you are trying to set YOUR OWN MOOD! Yes, you can update someone's mood for them. Simply go to and copy the link to Update My Mood. It'll look something like the following. Now just substitute the proper ID for fb_sig_user.


kevin said...

I think you have rightly pointed out this wild west trend that is a bit frustrating to me as well. I have witnessed many a 'programmer' learning php to write an app for facebook.

Unfortunately this is not limited to facebook apps. I see this with developers all the time.

It is a bit like writing "if:then"'s with no ":else" clause to protect/redirect/alert/or give a clean exit to the user.

One of my biggest pet peaves are programs that barely do what they are supposed to do, but have no built in protection from doing things it WASN'T meant to do.

Scary, and good catch.

Robert said...

I am looking to send a link in an email to non-friends (members of a group), that will allow them to bring up my application page and join me (even though they aren't a friend yet).

Any suggestions?

If you already had the app installed, friend or not - you could bring up the page below and align yourself to me:

However I am looking for a way for people who do not have the app yet installed to install it and then have it bring up my page.


Facebook Applications Developer said...

please tell me more about this applicatins

andrea said...

Always looking for good sites and I would have to say that this is one I will bookmark and return to again and again, I like your theme is it freely available?


Ranganath said...

Hi, Some one from facebook refereed your link i have book marked it nice blogs you write see Free  how to grow twitter followers here

agathiyan said...

interesting blog. It would be great if you can provide more details about it. Thanks you

J2ME Application Development

marshall said...

This must be a nice status mood. Will gonna check this out. Thank you! :)

facebook applications developers