Interesting fact about the iphone app

Found out a very interesting fact about the iphone app that tiered membership sites should know.  In its current form, the iphone app does not comply with membership restrictions.  It doesn't matter if you set the membership level to not view videos or music or photos or even set how many they can see in a certain period of time, they can do it on the iphone app!   The only restriction that seems to apply itself is if you don't allow a membership level to view a profile, then it sends a connect error.  If you have a tiered membership site this app is not for you if you want to restrict member access to content in any way.

Wow, that's excellent info Mauricecano.  Maybe once they release the source someone will fix this major issue.

I made a blog about this but also want to publish new factoid information as well.

The Iphone app is the spammers dream come true!


Testing of the iphone app revealed several disturbing issues that were never addressed by Boonex.

1.  It appears there are no options to prohibit Iphone app from connecting and using your site.  No administrative options indicate we can disable Iphone apps from connecting to our sites.  That means anyone with the app can use it to browse the site.  The only way to prevent this from occurring is having invite registration only and allow a limited number of people to have user names.  Otherwise, if you have a user name to the website you can connect to it.

2.  Continuing with the unlimited access issue in 1, any user with a user name to the website can browse all your content regardless of any membership restrictions!  That's correct, none of the membership restrictions in boonex will limit Iphone app users.  This means that anyone with a simple user name and password can find all your users, view all their photos, music, videos unlimited!  This issue combined with 1 means there is NOTHING you can do as a website owner to stop content leaching, bandwidth stealing, of any simply registered users.

3.  This app is the spammers wet dream!  Guess what else comes with 1 & 2 combined?  Spammers can make a user name on your website, get on the iphone app and spam the holly living hell out of your users.  Iphone app has a contact ability and they can email any url, any spam they wish to your users one by one.  A smart spammer can quickly capitalize on this by making an iphone app to automate the spam, it only requires a simple jailbreak and they can put whatever programs on their iphone.  Again, because of the issue in 1, there is nothing we can do to stop the iphone app connection.  Isn't it nice to have phpids and this black hole sitting out there in the dark.

Boonex need to overhaul the iphone app soon to address these issues.  Each one carries very heavy consequences.  Some sort of mechanism must be in place to allow me to disable the iphone app from connecting to my website if I choose.

User restrictions on membership levels must absolutely be included in the iphone app, that's how some of us make money and this app destroys those restrictions.  The only thing a user cannot do is access the forum, groups, and chat....small potatoes when the user can get all of our site's user generated content.

Why did you go through all the trouble of creating phpids to stop spamming and then leave the iphone app alone where anything can be emailed to people advertising any link?


Boonex, you cannot afford to stay silent on these issues any longer and address the short comings of the ihpone app.

To end on a positive note, I believe once these, and other, issues are resolved the iphone app will be a huge step forward in mobile social websites.  You have great ground work but its not complete.

Considering the cost and limitations of an AT&T Wireless iPhone account I doubt this will ever be a real issue because the return will never exceed the costs. But, it should be corrected if this is true none the less.

1. you can delete whole /xmlrpc/ dir from your site, then iPhone app will not be able to work with your site at all!

2. All the site restrictions have effect on iPhone app too ! The only miss is viewing of video/audio/photo content for memberships only ! ... privacy settings are considered and have effect already !

3. As I said ALL the site restrictions have effect, except membership restriction on viewing media!


remember ... it is the first public version ! only 2 people have tested it on development stage !