DEV Community


Discussion on: Learn from others mistakes: How not to write a PHP install script

antogarand profile image
Antony Garand

Did you send them an email regarding those first?

Although there are no "real" vulnerabilities disclosed, it is a bad practice to write about this without letting the author the change to fix the issues.

richard_klose profile image
Richard Klose Author

I tried to contact them on Twitter but they just ignored me. Thought they might not have seen it but they are responding to other people‘s tweets so I think they just do not want to hear this.

I am not the only one who found issues, if you search around in photography forums you‘ll find several other things people are unhappy with about koken. The result is nearly every time the same: People that report issues to koken are often ignored.

I thought about sending them emails and even about calling them directly, but when I read those reports from other people that tried to report issues, I decided to do not and publish this because I do not believe this would change anything in this situation.