[wp-hackers] Another anti-spam technique
Owen Winkler
ringmaster at midnightcircus.com
Thu Oct 28 16:30:33 UTC 2004
Donncha O Caoimh wrote:
> OK, when I said "you've", I meant in the third-person. If people want to
> modify their template via the online-template editor then index.php has
> to be editable.
> Version 1.3 can auto-update your .htaccess file when new pages are added
> I think, but will also update when you change the permalink structure.
I wasn't aware that a default installation required or set write access
to anything. I've never set write access to any WordPress files or
directories, but I've also never used the template editor.
Nevertheless, maybe it would be easier to simply rename the
wp-comments-post.php file with a random suffix (like
wp-comments-post-2132.php). Keep the name of the file in options along
with the date/time/commentcount when it was last updated. When the time
comes to change it (triggered when a comment form is displayed), simply
rename the file and update the options table. The permissions on the
file should remain the same if it's renamed, yes?
To avoid the post page vanishing for one user while another is
commenting, the stored option could contain two filenames, deleting the
oldest file, and adding the new copy to the top.
Owen
More information about the hackers
mailing list