[FEEDBACK] New Thinkdigit Website

What do you think of the all new ThinkDigit.com?


  • Total voters
    181
Status
Not open for further replies.

anniyan

Texan
Everything looks good except the adsense. IMO, digit should remove adsense to give a complete professional look
 

victor_rambo

हॉर्न ओके प्लीज़
You guys forgot to change the logo in the forum. It still shows the old logo!
*www.thinkdigit.com/forum/images/ca_evo2/misc/logo.gif

*www.thinkdigit.com/images/logo.gif
 

hansraj

In the zone
cant u do it without the ads..... digit should be able to make exclusive pages without any ads.... it looks very cheap
 

victor_rambo

हॉर्न ओके प्लीज़
^R u guyz using Opera?
1. There seems some problem because of which you cannot sign-in using Opera.
2. english has been way too sloppy at some places.
3. While subscribing for newsletters, the email address is not confirmed by sending any confirmation email.
4. The welcome letter which is sent after you subscribe has horrible english:
Hello rohan Your newsletter signup is successfully complated. Now you can receive monthly newsletter from thinkdigit.
-No comma after Hello Rohan.
-Spelling of completed is wrong
-thinkdigit has been written so loosely. Doesn't feel like a brand!

5. No email confirmation is sent on registration. Directly a welcome email is sent.
Hello rohan Your ThinkDigit Account is active now. Your Account information is given bellow.

Your UserName : *********
Your Password : *******
English is horrible!

6. In password retrieval, the email sent with the updated password has a typo in its subject line
Your password has beed updated successfully in www.thinkdigit.com

7. There is SO MUCH inconsistency over teh word "thinkdigit" that sometimes I find it written as "thinkdigit", or sometimes "ThinkDigit" or sometimes "www.thinkdigit.com"
 
Last edited:

victor_rambo

हॉर्न ओके प्लीज़
^Continued
8. Logging out of the ThinkDigit site also logs out from the thinkdigit forum.
 

victor_rambo

हॉर्न ओके प्लीज़
^I have found other security holes too. :D
Powered by: Indus Net Technologies
These indus technologies guyz claim to be "Premier Internet Consultancy" firms. You can be assured that they are "Fools of First Order" because their code has such great blunders that I was shocked to see that they have been in the business for some "10 Years". I will soon go through their portfolios if they have offered such sloppy services to other websites too.

TO DIGIT: I DID NOT EXPECT YOU TO HIRE SUCH SLOPPY WEB PROGRAMMERS.
Poor show indus guys!

They claim their website to be XHTML valid whereas it is has 12 errors.

The "Edit Profile" page is accessible even if the user is not logged in.
*www.thinkdigit.com/editprofile.php

Even if enter any random details and submit the form, it returns a "successfully edited profile". lol :D
 
Last edited:

DigitalDude

PhotonAttack
^^^^
LOL...

there are a TON of companies like that... mostly because people who hire them know not much about the job in hand :D and people who visit the websites also dont care unless they are gonna enter their credit card number :p


_
 

victor_rambo

हॉर्न ओके प्लीज़
^Ya, I know, India is especially known for "cheap" outsourcing. May be these Indus guyz are one of those flocks!

But still I didn't expect such a thing from digit.
 

victor_rambo

हॉर्न ओके प्लीज़
One more security risk:
Full path disclosure:
Warning: session_start(): The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in /usr/local/apache12/htdocs/techkhoj/thinkdigit/lib/var.inc.php on line 6

:D
 

DigitalDude

PhotonAttack
^^^
is it that big a risk ? :D

most of the php errors throw up similar kinda statements with full paths :D
db and file read errors are most common

and btw since the session itself is not getting initialised no one can login :lol:
expert php programmers :p


_
 

victor_rambo

हॉर्न ओके प्लीज़
^
*www.owasp.org/index.php/Full_Path_Disclosure
It may not be highly risky, but it does pose a thread ;)
 

DigitalDude

PhotonAttack
^^thx for the link

btw now only noticed we can change the color scheme of the website - Red, Blue, Green, Orange.. by logging in and going to the profile page :D


_
 

victor_rambo

हॉर्न ओके प्लीज़
yaa........u can change color........but its stored the selection in a session cookie. So as soon as you log out, you will have the default maroon-red scheme.
 
Status
Not open for further replies.
Top Bottom