views:

220

answers:

7

I would like to have a system where my users can invite their friends. We prefer not to use a URL shortener when sending the invite link but it is also important that the link be relatively short. I am thinking the best way to accomplish this is just give each user a "profile username" like "tonyamoyal12" and let them request a new unique one if they want.

When my users send out invites, it will send out a URL like http://mydomain/invite/profile_username and essentially if the invitee logs in at that URL, the inviter gets credit. Can anyone think of drawbacks to this approach? Most invite URL's have hashes to verify the integrity of the invite but I think my approach works fine.

UPDATE The profile username is that of the INVITER not INVITEE. So a user signs up on the INVITER'S profile page and therefore the inviter gets a "point" for having someone sign up on his page.

Thanks!

+1  A: 

Why not just create your own bespoke URL shortening?

If the reason you are avoiding URL-shortening is that you don't want to depend on external companies then that could be a good solution for you.

ctford
not that it's a lot of work, but for this specific project i would rather use out-of-the-box rails plugins at this point. know any url shortening gems?
Tony
There's an interesting project named yourls.org written in php that will allow you to run your own URL shortening service.
GmonC
Oh, didn't see you're using ruby on rails. yourls.org still has an api though.
GmonC
yourls.org is very cool. i will definitely consider that. however this doesn't really address my question is there anything wrong with my approach
Tony
+1  A: 

well if the website is large you will get name conflicts, and you will be dependent on the inviter putting in the invitees name which they could do poorly.

If you want to do it that way then you will have to deal with name clashes.

Also it is possible that someone could come along and decide to randomly type in names to see if they get it hit. Say I wanted to be nosey and spy on a friend to see if they are sending out invites to other friends.

EDIT: ahh ok. well if they are just clicking a link to go to the inviter then thats not a problem. That seems perfectly normal and there is no secret about exposed usernames.

Arthur Thomas
not sure i follow this. the invite page will be the same as the home page except people logging in on the invite page will give credit to whosever invite page they logged in on. maybe reread the question? i think you missed the point
Tony
however...you are correct about name clashes but that is something i understand.
Tony
+2  A: 

In these types of systems, you don't usually assign any user data (i.e., user names) before the invitee has actually signed up, and it may be a bit of a pain to get that kind of URL working depending on the framework you're using.

The process is normally:

  1. Invite a user, which sends them an e-mail.
  2. Invitee clicks through a link in the e-mail to go to the site's main registration page.
  3. Invitee registers with a valid user name of their choosing, and based on some unique random key (included in the clickthrough link), you can do your business logic with the two users involved (add to friends list, or whatever).

The drawback to generating your own user names is that they're more likely to be guessed than a random number, because you'll likely use English words in them. If you generate and assign random user names (i.e., "s243k2ldk8sdl"), the invitee is not going to be pleased since they have to do extra work to change the user name, or somehow remember that name.

EDIT, since I didn't understand the question very well.

I think the scheme is fine, except I would just use the invitor's user name in the URL and not allow them to change it (why allow it?). The only issue is if there is some kind of limit put on the number of invites (or maybe there is a reward for each invite), where you'd want to secure each clickthrough with some kind of unique hash value only valid for the invitor's URL.

EDIT 2

Since the users in the system do not have user names assigned, you could go either way. Allowing "user name" assignment on a first-come, first-served basis would be fine, as this would let everyone share their URL more easily with friends since it's memorable and can simply be typed in. However, that goes out the window if a unique key is required to sign up... in which case, it's going to be simpler to just not implement the user name thing and direct everyone to a single registration page of some kind.

Jon Seigel
please read my update, it clarifies my question
Tony
the inviter has no username. i have to generate it for them. people are only logging in with openID so I do not identify uniquely with a username. but essentially this will mean i am doing that
Tony
Your question did not say that, so I assumed there were user names. I will update my answer.
Jon Seigel
+1  A: 
  1. You can't independently track the invites. At some point you may want to know how many invites went out from a user vs. how many were accepted. With this single URL system you can't track that information.

  2. Bots can easily be written to spam such a system. (Perhaps solved with captcha on resulting pages)

People have broken captcha it appears.
Woot4Moo
i am requiring that people register after they are "invited" so a bot would have to register
Tony
+1 for lack of independent invite tracking
Tony
A: 

I'd suggest passing the inviter's username in the querystring, and have that querystring fill either an editable or non-editable textbox on the new user registration page. That way you still have just one registration page, the URL is short, and users get credit for referring friends.

http://mydomain/invite/register.html?inviter=invitersUsername

leads to

First Name: _____
Last Name: _____
Referred By: invitersUsername

David Hague
i plan on doing what you said but using the scheme above. it's a REST approach
Tony
+1  A: 

You could create a unique hash for each invite and keep an association of hashes with user names. This would require a bit of storage overhead, but you could have expiration of invites to help combat that.

So http://mydomain/invite/RgetSqtu would be an example link, with a DB table that stores RgetSqtu/profile until it is used.

You would probably want to provide a helpful error page if the hash could not be found, like the following:

We are sorry but the invite you entered could not be found. This could be caused by the invite being typed incorrectly, being used already, or being too old (invites expire after 3 days).

Guvante
A: 

If I understand the setting correctly an existing user creates invites by giving emails of their friends to which your system will send a mail with in that the [inviteUrl]/[inveter'sUserName]. So in the case I send a mail to invite you, the url would be:

www.yourThang.com/invite/borisCallens

Every time somebody visits this I (the user borisCallens) gets a point. What would stop me from visiting this url a gazillion times and thus win the invite-your-friend game?

borisCallens
since i can't track each invite under this scheme, people will not get point for simply visiting those URL's. they get points for registering after visiting those URL's. it's stated in the question "if the invitee logs in at that URL, the inviter gets credit"
Tony