+1 definitely want.

Also, love the new sent/received layout, much easier to read!

Agreed. This and the members wish-list are both wonderful community projects. Again, thanks to Barefoot_Monkey for all his hard work, and to everybody else who is contributing.

Wow, our avatars appeared on GogPM! :D Keep up good work :D

Damn - ninja'd! ;-) Thanks, Lex.

I've just finished a big update. First change is that we now have sane and consistant navigation instead of some haphazard links at the top of the page. Second change is that you are no longer able to create an account by posting on the verification thread as Guest - only real accounts work now. Shot to Lexor for noticing this exploit before it was used.

The third change... well, Lexor spotted it before I finished typing this message.

I think I'll dedicate this upgrade to Andy_Panthro. I wonder if he'll know why...

Well, Im preparing "you know what" so I was / am online "often". :D

BTW: I'm ready. ;)

I saw the changes, and must say, you've been very busy, Barefoot_Monkey! From Alpha to V2 in a few days!

It cost me $30 US to obtain the barefoot-monkey.org.za domain, but now it's mine permanently and I can use it for other purposes too. I'm also paying $8 per year for shared hosting based in Texas (from http://www.hybrid-host.net). So it hasn't really cost me much to get the site running.

Of course, getting donations would be wonderful. But before I can do that I need to find a good payment gateway (unfortunately PayPal is not a good option here). Maybe I'll create a new thread to ask for advice about that.

Yes :D I like this new look very much.

But now I'm afraid of one thing - as my PM list started to grow down, now there is need to scroll window to see them all. Maybe we need some "archive directory" where read messages would be put after some period of time?

I've been pondering that for a while. I think, since even a long list doesn't use much bandwidth to transfer, it might work to send the whole list as it is but have a script hide all but the latest 10 messages in each column, and add a link at the bottom which you can click to expand the list to full length. It can say something like "You have 23 more messages (4 unread). Click here to see".

That would be good idea :)

Rest assured, such an exploit will not work. When you start to register an account_request record is created containing a timestamp (so that it can expire), your confirmation code, your username and the password that you chose. It also deletes any existing account_request records you may have.

Then, when you are verifying your account, GogPM actually visits the GOG forum to read the post with the number that you gave it. It searches the post for a confirmation code and takes note of the username of the person who wrote that post. Both the username and the confirmation code have to match. If a match is found then an account is created and your account_request information is deleted. Basically, once you are verified your confirmation code is completely removed from the database and ceases to have any meaning.

No need to apologise - you haven't caused any problems at all.

+32 posts in GogPM verification thread since yesterday ^^

Not all of them are with confirmation code but still... :)

Yup. You've done a great job of making people aware of it.

Generated codes are purely random it seems - what if "hacker" is lucky and system generates for him the same code as before?

If new generated code is the same as the old one, GogPM will find such (old) post and allow "hacker" to reset account password.