[wp-hackers] spam comment link
Peter van der Does
peter at avirtualhome.com
Mon Mar 30 15:55:03 GMT 2009
On Mon, 30 Mar 2009 15:32:52 +0100
Simon Wheatley <simon at sweetinteraction.com> wrote:
> On Mon, Mar 30, 2009 at 11:27 AM, Ryan McCue <lists at rotorised.com>
> wrote:
> > Joost de Valk wrote:
> >>
> >> Is there any way that the comment emails could provide a link that
> >> would automatically spam the comment, instead of having to click
> >> the "Spam Comment" button again?
> >>
>
> This is a rub point for me too.
>
> >
> > I think you'd have to include a nonce with the email, but the point
> > of email is to be independent of time, so it's kind of
> > contradictory.
> >
>
> So maybe check the nonce is within 24 hours, if it is then delete the
> comment and if not, show the current screen?
>
Currently the nonce creation in WordPress involves a user_id. As the
comment is created by either a guest or a non-admin user, it is
more then likely the user clicking on the spam-it link will be a
different user the nonce check will fail.
So for the purpose of this request a new nonce creation function and
check function will have to be implemented.
The standard nonce checks in WordPress will fail if nonce has been
created more as 24 hours ago.
--
Peter van der Does
GPG key: E77E8E98
WordPress Plugin Developer
http://blog.avirtualhome.com
GetDeb Package Builder/GetDeb Site Coder
http://www.getdeb.net - Software you want for Ubuntu
More information about the wp-hackers
mailing list