manpageview rating dive

29 views
Skip to first unread message

Charles Campbell

unread,
Aug 31, 2011, 10:29:03 AM8/31/11
to vim...@googlegroups.com
Hello!

I recently checked my plugins' ratings:

08/09/11 script 677/279/10776: Manpageview.vim
08/31/11 script -133/1094/10866: Manpageview.vim

This seems like an odd thing -- is this preparation for a general
bombing of plugins' ratings?

Regards,
Chip Campbell

Charles Campbell

unread,
Aug 31, 2011, 11:49:32 AM8/31/11
to vim...@googlegroups.com
I should explain this a bit more. The rating for Manpageview on August
9, 2011 was 677, with 279 people having rated it, and 10776 having
downloaded it.
On August 31, 2011, the rating was -133, 1094 people having rated it,
and 10866 having downloaded it.

It is odd that Manpageview received -810 in karma when there were only
90 additional downloaders over that time period. Did irc have a
anti-Chip attack? Is someone testing a bot to destroy multiple
plugins' ratings?

Chip

Tony Mechelynck

unread,
Sep 1, 2011, 11:24:03 AM9/1/11
to vim...@googlegroups.com, Charles Campbell

I wonder how SourceForge allocates memory for these numbers. It sounds
like overflow into the sign bit, except that the next bit above 677 is
1024 (2^10) which is not at a byte or word boundary...

Only 90 new downloads but as many as 815 new ratings is also a bit weird
to say the least. And almost all of those negative? Some troll must hate
Manpageview (and/or you) quite a bit to have gone to the trouble of
logging in 810 times to give a negative rating.

Best regards,
Tony.
--
hundred-and-one symptoms of being an internet addict:
167. You have more than 100 websites in your Bookmark.

Ingo Karkat

unread,
Sep 1, 2011, 12:01:29 PM9/1/11
to vim...@googlegroups.com

I have seen a similar drastic downvote for the SmartCase plugin,
http://www.vim.org/scripts/script.php?script_id=1359; its rating is -326/355,
Downloaded by 488, even though it works perfectly well for me.

My best guess is that some bot did this; either by accident or through human
evil. In these times, voting probably needs to be protected by captcha, but that
would just make the feature even less attractive. As long as these are rare
incidents, stick with the current system, and only move to e.g. an invitation to
"comment on this script on the linked Vim Tips Wiki page" if it gets worse.

-- regards, ingo

Benjamin R. Haskell

unread,
Sep 1, 2011, 6:01:09 PM9/1/11
to vim...@googlegroups.com

Can't find it currently, but someone mentioned in the not-so-distant
past that some search engine(s) grabbed the down-vote URL when crawling
www.vim.org. In this case, googling:

site:www.vim.org inurl:unfulfilling

(where 'unfulfilling' is the 'rating' value for a down-vote) comes up
with exactly one result for me:

ManPageView - Viewer for manpages, gnu info, perldoc, and php …

With the link: (...'s to prevent clicking)

http://.../scripts/script.php?script_id=489&rating=unfulfilling

And I may have accidentally just downvoted it myself, by hovering over
the result (which pops up a preview).

Seems like the ratings should only use $_POST (PHP var), but they appear
to be using $_GET, too.

--
Best,
Ben

Charles E Campbell Jr

unread,
Sep 1, 2011, 8:06:16 PM9/1/11
to vim...@googlegroups.com
Benjamin R. Haskell wrote:
> On Wed, 31 Aug 2011, Charles Campbell wrote:
>
>
>> Charles Campbell wrote:
>>
>>> Hello!
>>>
>>> I recently checked my plugins' ratings:
>>>
>>> 08/09/11 script 677/279/10776: Manpageview.vim
>>> 08/31/11 script -133/1094/10866: Manpageview.vim
>>>
>>> This seems like an odd thing -- is this preparation for a general
>>> bombing of plugins' ratings?
>>>
>> I should explain this a bit more. The rating for Manpageview on
>> August 9, 2011 was 677, with 279 people having rated it, and 10776
>> having downloaded it.
>> On August 31, 2011, the rating was -133, 1094 people having rated it,
>> and 10866 having downloaded it.
>>
>> It is odd that Manpageview received -810 in karma when there were only
>> 90 additional downloaders over that time period. Did irc have a
>> anti-Chip attack? Is someone testing a bot to destroy multiple
>> plugins' ratings?
>>
> Can't find it currently, but someone mentioned in the not-so-distant
> past that some search engine(s) grabbed the down-vote URL when crawling
> www.vim.org. In this case, googling:
>
> site:www.vim.org inurl:unfulfilling
>
> (where 'unfulfilling' is the 'rating' value for a down-vote) comes up
> with exactly one result for me:
>
> ManPageView - Viewer for manpages, gnu info, perldoc, and php �

>
> With the link: (...'s to prevent clicking)
>
> http://.../scripts/script.php?script_id=489&rating=unfulfilling
>
> And I may have accidentally just downvoted it myself, by hovering over
> the result (which pops up a preview).
>
> Seems like the ratings should only use $_POST (PHP var), but they appear
> to be using $_GET, too.
>
>
Nice bit of sleuthing! So perhaps the large downvoting is due to bots
such as google, yahoo, bing, etc., and I suppose Manpageview can expect
a continuing more-of-the-same.

Bram: any chance that this situation can be fixed?

Regards,
Chip

Bram Moolenaar

unread,
Sep 2, 2011, 8:07:51 AM9/2/11
to Benjamin R. Haskell, vim...@googlegroups.com

Benjamin Haskell wrote:

Right, the form was using a GET. That's wrong. I changed it to a POST
now. Please verify the rating still works.

I found another one on the page where a script delete is confirmed.
Fixed that too.

--
BLACK KNIGHT: I'm invincible!
ARTHUR: You're a looney.
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///

Reply all
Reply to author
Forward
0 new messages