an odd thinking to stop spam.

[jdleung]

I wonder if this way can work.

my comment page is implemented within the front page. popup the form when click the comment icon

index.php?#addcomment

I'm thinking if we can add a value in the link: index.php?&can_comment=1#addcomment

click to transfer the value to the form
<form method='post' action='index.php?x=save_comment&can_comment=can_c omment' ...>

and then modify the index.php, just before saving the comment
if ($can_comment==1){ save the comment... }
else { go to fail... }

maybe it's odd, can tell me if this works?

thanks.

[GeoS+]

Its good way but mechanizm is too easy. Grabbing this variable from code wont be hard for BOTs and SPAM will go back after short time of freedom.

[DikkieBurger]

How about working with sha1? like index.php?x=comment&a=d0be2dc421be4fcd0172e5afceea 3970e2f3d940

Everytime there is a comment posted this sha1 string is being changed in de database, so the next time someone pushes the comment button it gives the new sha1 string.

[GeoS+]

But there is no problem for BOT to come on site, read its content to find out SHA1 hash and put it into http POST stream for PHP script adding comments on site.
Much better would be to use strange names for variables. It can be some short hash strings based on variable getted from comment poster enviroment (like his IP, host, browser agent string or any other) and mixing key generated once per each Pixelpost intallation which can be changed in everytime by user from admin panel. On script supporting comments after that is quite easy to check validation of it.

At this weekend, if there would be free time, Ill work on template using AJAX to post comments. I want to publicatem complete hack. Main idea for now is quite simple.
On site there are only fields like <input>, <textarea> and there is no <form> tag. Under submit button there is connected JavaScript function. It retrieves
data and translates to new variable names which in next step is handled by AJAX, i.e. with POST method and posted to seperate comments support script.There is next step of data validation almost similar to oryginal one and after getting sure all is fine comment is added to DB, email is send and AJAX gives back data to Pixelpost interface to simulate for user that comment is added (I dont reload and page just append its content with new comments).
Almost similar solution you can watch on my site. If I good remember there isnt only variable names translation.

[jdleung]

ok. give up digging on it.

and waiting yours...

[jgrayson]

i used askimet and it was stopping most of the spam but i still had to manually delete the tagged spam in the admin.... but then i read this thread:
http://forum.pixelpost.org/showthread.php?t=4310
made the suggested changes and have not had one single spam since.

[jdleung]

without any spam addon, not even a spam came to my site.
I'm waiting for them ;-D

[jgrayson]

Quote:

Originally Posted by jdleung

without any spam addon, not even a spam came to my site.
I'm waiting for them ;-D

that's probably because i don't think you listed you blog on photoblogs.org yet. once you list in a directory like that the spam will come.

[jdleung]

ok, I'm going to list it later.

[GeoS+]

I was listed for long time and for very long didnt get any SPAM. If I would not be a Pixelpost developer it was possible to not get any. As dev I had one interesting and just few not interesting SPAMs. It would be nice if only human can post SPAM on my site ;P