[wp-hackers] Ideas for new features. (3.x?)

D. Benjamin Antieau d.ben.antieau at gmail.com
Tue Feb 7 13:43:07 GMT 2006


Your description of how cross-authentication might work does not take into
account potential commenters lacking a blog. How would they get
authenticated? Surely having a blog should not be a requirement for entry.

On 2/6/06, Nathan Ollerenshaw <chrome at stupendous.net> wrote:
>
> I'm new to this list, so I hope people can excuse my boldness.
>
> I've been giving some thought to what I would like out of a blogging
> tool. A few things stand out in my mind, some as a system engineer
> who would like to integrate Wordpress into a hosted environment for
> his users, and some as a user.
>
> 1. Securely editable templates.
>
> Some of the approaches to this have been to allow only CSS files to
> be uploaded/edited - but there are some problems with this security
> wise. Other approaches are to allow .php files to be uploaded/edited
> but have a list of PHP functions that may be used and reject the
> template if anything else appears.
>
> Personally, I don't like either of these approaches. I think that
> using Smarty makes a lot more sense, as it completely separates logic
> away from template design with the secure mode enabled.
>
> So I would like to see Wordpress move away from having php code
> directly in the templates, and all of the HTML code move outside of
> the PHP into the templates. I humbly suggest hunting down all
> instances of
>
>     echo "<p>$something</p>";
>
> and moving them into smarty templates.
>
> With the right variables being fed into each template, one could
> offer the template designer a huge amount of power in terms of what
> is displayed on each page, without having to expose any code to him.
>
> 2. Cross-authenticated comments and trackbacks.
>
> Hoo boy. This is something I've been thinking about for a while, to
> try and fix some aspects of the comment spam/traceback spam issue.
> None of the methods currently in use are particularly ideal, and
> something that doesn't exist in the core doesn't get used by most
> blogs - most of the blogs out there are clean installs with no
> plugins (or maybe a couple).
>
> What do I mean by 'cross-authentication'?
>
> Well, let me describe from a user point of view.
>
> Step 1: An external (ie, he is not registered to your blog) user
> views your blog. He wants to make a comment. He types his comment
> into your comments page, puts in his username (on HIS blog) in the
> name field, and puts the URL to HIS blog in the Website: field.
>
> Step 2: He presses Submit. Wordpress stores the comment in the
> comments DB and redirects to the remote user's blog's URL + something
> like "/verify-post.php?action=verify&postid=<postid>".
>
> Step 3: The remote user's blog connects to YOUR blog via verify-
> post.php and grabs the comment (via XML, whatever).
>
> Step 4: It then checks the remote user's cookies, and if he's logged
> in as the user specified in the username field, it creates a
> cryptographic hash (MD5 maybe) consisting of the post text, the user
> name and a secret key (not the password). It stores this in the
> database locally in case any comment needs to be reverified. If the
> user is NOT logged in, present a login form, let the guy
> authenticate, and then continue as if he was.
>
> Step 5: Remote blog pushes back to YOUR blog this hash with a token
> of "approved" or something like that.
>
> Step 6: Your blog marks the comment as "verified" and stores the hash
> in case this comment needs to be re-verified in the future.
>
> Step 7: Remote blog redirects user back to your comments page, which
> then can be configured to display the comment without moderation.
>
> This all could be done with AJAX maybe? Not sure how AJAX works but
> if I understand the gist of it, the redirect between the two sites
> could be done transparently to the user, except in the case that the
> user didn't have a valid cookie for his site.
>
> This methodology could be applied to trackbacks as well, but
> transparently to the user so that the blog receiving the tackback
> ping can check with the originating blog that it sent the ping. (Does
> this happen already? I don't know how trackbacks work under the hood).
>
> What does this buy us?
>
> A distributed authentication system, which allows anyone who has a
> blog that implements this system to comment onto anyone else's blog
> that implements this system without fear that they can be
> impersonated, or their comments modified by the site owners. (A
> 'verify this comment' button can be on the page, which redirects to
> the commenter's site which then displays a "this comment is verified
> as authentic" message along with the comment text)
>
> If I am an impersonator and try to post as you on my blog, if my blog
> implements this code it will check back with your blog and I won't be
> able to log in and authenticate.
>
> I can hack my blog to skip that step, and "pretend" to request
> authorisation for comments, but that would be easily detectable by
> anyone who wanted to check, because they can just click 'verify this
> comment'.
>
> The other thing it buys us is that spammers have to set up a working
> blog for them to be able to comment on our blog - suddenly the cost
> of comment spam goes up. And on our side, we can just do blanket
> "Disallow comments from this url" or even allow regexs so if the
> spammer uses a predictable blogname, we can block all instances of
> it. Or just go and post on HIS blog and call him names. Whatever :)
>
> Admittedly, I haven't thought about this too hard yet, and I don't
> know if it would work, but I'd like people's feedback on it - there
> are probably other ways to achieve the same thing, and probably other
> benefits and drawbacks, so it would be nice to know them.
>
> "Show me the code!"
>
> I'm working on code as a proof of concept, but its not a part of
> wordpress yet as I was getting a headache trying to decypher how
> wordpress works internally and its easier for me to just write a
> proof-of-concept blog tool and demonstrate that, and have someone
> else come along and get it working in WP.
>
> Um, thats it! Just two for now. Maybe more later. This mail got too
> long :)
>
> Cheers.
>
> Nathan.
>
> On Feb 7, 2006, at 5:09 AM, Matt Mullenweg wrote:
>
> > The last thread about the next version of WP had some interesting
> > ideas in it, but I think the question may have been framed the
> > wrong way. What I'm far more interested in working on for the next
> > version is this:
> >
> > How can we make WordPress simpler in the next release?
> >
> > How can we reduce support requests on the forums?
> >
> > How can we make it faster?
> >
> > (To riff on an idea, consider starting a new thread.)
> >
> > --
> > Matt Mullenweg
> >  http://photomatt.net | http://wordpress.org
> > http://automattic.com | http://akismet.com
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list