[wp-hackers] Fwd: [kunjan.net] Comment: "The Ansari X Prize"

Mark Jaquith mark.wordpress at txfx.net
Wed Nov 10 10:09:21 UTC 2004 

Not yet.  It's still rather specific to my setup... I need to get it 
working with relative paths before I can release it.  Also, it does 
require modification to wp-comments-post.php so that the plugin part of 
it can recognize that a comment was just moderated and redirect to the 
CAPTCHA form.  I don't really see a way around this, as I can't hook 
into the redirect URI at the bottom of wp-comments-post.php

But like I said, you can try it out on my test blog, here: 
http://txfx.net/wp-cvs/2004/11/10/test/

What I can do, is just give a brief overview of how it works.

In wp-comments-post.php, if a comment is moderated, some parameters are 
added to the end of the redirect URI.  As of right now you have to 
manually make it ?blah or &blah depending on if you are using clean URI 
permalinks or not.  Did the function to automatically do that get added 
to WP yet?  Anyway... so then when the user is redirected, they carry 
?mcid=###&mcauthor=name  The name is carried as a safeguard, so that 
people can't just enter in incremental comment ids and approve other 
people's comments.  A plugin looks for mcid and mcauthor in $_GET and 
redirects to the captcha if it finds them.  The captcha checks for a 
valid moderated comment with that id and author, and then hn_captcha 
takes care of the CAPTCHA stuff.  If the user passes the CAPTCHA, it 
approves the comment, and redirects the user to the permalink page for 
the entry.  Fairly simple.  You do need a writable temp image directory 
for the CAPTCHA and some TTF font files.

I'm going to work on reducing the amount of steps it takes for a user to 
install this... hopefully to the point where you can just drop in the 
files, activate the plugin, make a quick modification to 
wp-comments-post.php, make the image directory writable, and go. 

Kunjan Shah wrote:

>tht sounds cool!!!! do u have the plugin or source? 
>
>
>On Wed, 10 Nov 2004 01:47:07 -0500, Mark Jaquith
><mark.wordpress at txfx.net> wrote:
>  
>
>>Kunjan Shah wrote:
>>
>>
>>
>>    
>>
>>>thats cool too... Is 1.3 going to have something like that built in?
>>>Some simple spam protection ???
>>>
>>>
>>>On Wed, 10 Nov 2004 01:25:27 -0500, Mark Jaquith
>>><mark.wordpress at txfx.net> wrote:
>>>
>>>
>>>      
>>>
>>>>One solution would be to have a hidden value in the form that is checked
>>>>by a plugin when the comment is submitted.  This value could be
>>>>something like the hash of the raw entry text.  Sure, he could figure it
>>>>out by looking at the form, but most spammers don't... they post
>>>>comments directly.  This wouldn't penalize those who don't send referrers.
>>>>
>>>>
>>>>
>>>>        
>>>>
>>It doesn't have that at the moment... but it'd be simple to add... I
>>think I'm going to do it.
>>
>>    
>>
>>>I assume the original author, just like me, is getting fed up with
>>>having to moderate dozens to hundreds of comments per day. I'd much
>>>rather see them stopped at the door than having to wade through a
>>>moderation queue.
>>>
>>>-John
>>>      
>>>
>>The e-mail he posted was a notification that the comment had actually
>>been posted.  But yeah, it can be a hassle having to wade through
>>moderation.  Kitten's Spaminator is a good way to stop them "at the
>>door," but it can be overzealous.
>>
>>My latest trick was to have an optional CAPTCHA on moderation.  That is,
>>if a comment goes to moderation, the user is redirected to a CAPTCHA
>>form.  If they pass it, the comment is approved automatically.  If a
>>disabled user gets caught in moderation, I can approve it manually, so
>>there's no penalty for them like with a forced CAPTCHA.
>>
>>Check it out here:  http://txfx.net/wp-cvs/2004/11/10/test/
>>
>>_______________________________________________
>>
>>
>>hackers mailing list
>>hackers at wordpress.org
>>http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>>
>>    
>>
>
>
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/hackers_wordpress.org/attachments/20041110/a393f82b/attachment.htm

More information about the hackers mailing list