Out now: Anti-Comment-Spam-Addon Version 1.0.1

Friends,

after some time, now this AddOn is released.

It is not a modification of the index-files anymore, it is a real Addon, which you can upload to your addon-directory.

the (temporary) download-link is here:
http://www.bildgier.de/download/anti...addon_v102.zip

and this is the readme, which is included, please read it!!!

Good luck, Connie

Quote:

Readme-File for the
Anti-Comment-Spam-AddOn, version 1.0.1

This AddOn will help to reduce the molesting spam-comments,
as it integrates a socalled "captcha" into the comment-form.
Thus a robot will not be able to enter the correct code and
by that no spam-comment will be entered into your database.

If you choose to be noticed by mai when new comments are entered,
this addon will only send notification emails in case the
captcha-numbers are entered correctly.

Another step to make PixelPost the best photoblog-software,
to make it the most secure photoblog-software and
to make it the easiest photoblog-software!

Read the install-instructions below the licence-information!
-------------------------------------------------------------------------
Pixelpost www: http://www.pixelpost.org/

Anti-Comment-Spam-Addon, version 1.0.1
Developer Team:
Ramin Mehran, Connie Mueller-Goedecke
May 2005

Anti-Comment-Spam-AddOn is compatible with
- PixelPost 1.4.1
- PixelPost 1.4
- PixelPost 1.3

Copyright (c) 2005 the PixelPost Team
License: http://www.gnu.org/copyleft/gpl.html

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

-------------------------------------------------------------------------
COMPONENTS
-------------------------------------------------------------------------
This ADDON comes in a zip-file "anti_comment_spam_addon_v1.zip" and
contains the following files:

readme.txt
spamsecure.php
anti_comment_spam.php

lang-english.php <= as an example
lang-german.php <= as an example

For comments in the main-window:
image_template.html <= as an example

For PopUp-Comments:
comment_template.html <= as an example

extract the zipfile "anti_comment_spam_addon_v1.zip" into a directory
at your harddisk.
-------------------------------------------------------------------------
ADDON INSTALLATION
-------------------------------------------------------------------------

1. There are two different forms, depending on your template:

a) Using the comment-form in the index-page of PixelPost:
open your file image_template.html from your template-directory

replace the existing form
"<form method='post' action='index.php?x=save_comment' name='commentform' ... </form>

with this form:

<form method="post" action="index.php?commment=save_comment_nospam" name="commentform" accept-charset="UTF-8">
<img width="120" height="30" src="includes/spamsecure.php" border="1" hspace="10" align="left">
please enter the correct code because of security:
<input maxlength="5" size="5" name="userinput" type="text" value="">
<br clear="all">
Message:<br />
<textarea name="message" rows="2" cols="45"></textarea><p />
Name:<br />
<input type="text" name="name" class="input" value="<VINFO_NAME>" /><p />
Website URL, if any: <br />
<input type="text" name="url" class="input" value="<VINFO_URL>" /><p />
<input type="checkbox" value="set" name="vcookie" /> Save User Info<p />
<input type="submit" value="Add" />
<input type="hidden" name="parent_id" value="<IMAGE_ID>" />
</form>

you find an example-html-file in the zip: image_template.html

b) using the comment-form in a popup-window
open your file "comment_template.html" from your template-directory
replace the existing form
"<form method='post' action='index.php?popup=comment&x=save_com ment'
name='commentform' accept-charset='UTF-8'> ... </form>"

with this form:
<form method="post" action="index.php?commment=save_comment_nospam" name="commentform" accept-charset="UTF-8">
<img width="120" height="30" src="includes/spamsecure.php" border="1" hspace="10" align="left">
please enter the correct code<br />because of security:
<input maxlength="5" size="5" name="userinput" type="text" value="">
<br clear="all">
Message:<br />
<textarea name="message" rows="2" cols="45"></textarea><p />
Name:<br />
<input type="text" name="name" class="input" value="<VINFO_NAME>" /><p />
Website URL, if any: <br />
<input type="text" name="url" class="input" value="<VINFO_URL>" /><p />
<input type="checkbox" value="set" name="vcookie" /> Save User Info<p />
<input type="submit" value="Add" />
<input type="hidden" name="parent_id" value="<IMAGE_ID>" />
<input type="hidden" name="popupcomment" value="yes" />
</form>

take care the hidden input-field 'popupcomment' is in your comment_template.html!

you find an example-html-file in the zip: comment_template.html

2. open your language-file and add the translation for the new text-snippet.
You find an example for english and german language in the language-directory.

// Comments text for SPAM ADDON
$lang_wrong_input_spam = "You entered wrong code.";


3. upload the modified template-file to your template-directory at your webspace.

4. upload the file anti_comment_spam.php to the addon-directory at your webspace.

5. upload the modified language-file to your language-directory at your webspace.

6. upload the file spamsecure.php to the includes-directory at your webspace.
if you used the anti-comment-spam-modification with PixelPost 1.3,
you can delete the file spamsecure.php in the admin-folder.
7. Go to the Admin-Panel/Addons and check whether the AddOn
"anti_comment_spam.php - version 1.0" is listed there.

8. Test the Anti-SPAM-comment-function in your PixelPost Installation!

Good success!

-------------------------------------------------------------------------
--- Changelog -----------------------------------------------------------
-------------------------------------------------------------------------

version 1.0.1, May 21, 2005, changed by Connie Müller-Gödecke
-- changed the link back to the form in the popup-comment-version
so after incomplete input or wrong CAPTCHA-Data the link directs back
to the comment-popup window
-- $lang_comment_close_window not longer needed

[/b]

[doffer]

Hi connie!

Really great! This one have been wanted for a long time, and it's really nice for us not having to hack the index anymore :lol:

Thanks

[japanwindow]

I have someone who says he carefully entered the correct capcha several times, and it always says he entered the wrong numbers. The comment form works just fine for most people, including myself. He is using NetBSD as his operating system, and he may be using a Japanese version. I'm wondering if the problem could be with character encoding. Your comment form says to use the charset: UTF-8. Could that cause a problem for some people? I wonder if there is any other charset that would solve the problem this person is having?

Thanks. You can see my site URL below.

[blinking8s+]

utf-8 is supposed to be the universal safeguard...it sounds like his OS is causing the problems though, this is the 2nd error you have mentioned that they have encountered that shouldnt happen to start with

Well, it's difficult for me to "talk" to somebody whith the name "japanwindow" :lol:

well, I tested your page. I could enter the code. it worked.
I see the problem in that way that maybe the visitor's browser does not recognize the UTF-Charset very well
some browsers have wrong preferences, if the default-character-encoding is set to maybe some other characterset that may cause problems

I see another problem in your template, it's missing the HTML-Tag at the beginning

Quote:

<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<head>

try to change this to that:

Quote:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>

you will get a lot less validation errors,
take off <IMAGE_PREVIOUS> from your template, there is no tag like that, only

Quote:

<IMAGE_PREVIOUS_LINK> || full link that says "Previous", or empty if no previous
<IMAGE_PREVIOUS_ID> || id of previous image
<IMAGE_PREVIOUS_TITLE> || if empty, displays "No Previous Image"

please ask your visitor if possible which browser he is using, I used FireFox and Opera to check your comment-form

[japanwindow]

I will make those changes -- thanks for looking so carefully (and maybe this should go out to all Pepper template users).

The person who is having a problem says that he's sending pure ASCII encoded text. He is actually super knowledgable (more so than me). Here is the text from his last email:

====

I'm definitely submitting standard ASCII. I wonder if there's a way to debug this. Maybe put an HTML comment in the response that shows what number it thinks you entered?

I'm willing to help debug it, and can do packet sniffing on the TCP stream as well to see what my browser is actually sending, but we'd probably want a comment test page.

[japanwindow]

My name is Andy. Thanks for the comment on my picture, too.

Andy,

well, the problem is not what he is sending, the problem is what the browser is sending. So it still is the question which browser he is using etc.

I am thinking about his offer for debugging
it will not be necessarily your blog as test-model, I will try to make a small testscript without all the blog-features around, then I can tell him the URL and we can test, ok?

It would be of great help, for sure

[japanwindow]

That sounds great. Just send me the URL and I'm sure he'd be willing.

Andy,

here you can test it at one of my installations:
http://www.hafenfotografen.de/pixelp...ntformtest.php

if you want to test it at your site, download the script from http://www.hafenfotografen.de/downlo...ntformtest.zip
and install it in the main directory of your Pixelpost installation

it's the same form as in the AddOn, but only repeating and comparing the input, not very beautiful design though :cry:

but when your friend checks, just do a screenshot and send it to me or show it here in the posting

good luck, Connie