Fight Geeklog comment spam

Monday, October 10 2005 @ 04:10 PM EDT

Contributed by: Admin

I've got an ugly-but-it-works approach to fighting spam.

Update: this works. Perfectly. I haven't had a single piece of comment spam since implementing it. Of course, if spammers decide to start creating comment spam with less than three URLs, I'm hosed, but until then, I'm fine. Almost by definition, they won't. Having three links instead of twenty seems to be not worth it.

I tried 'bad_behavior' but it didn't do much for me. So, I put together this ugly hack to make the page die if someone submits a comment with more than three HREFs. Obviously this isn't for everyone, and it may not work with your particular installation of Geeklog or PHP, but it works for me.

I finally had a few minutes to figure this hack out and post this entry and let a couple people know about it. I didn't have time to make it as nice as the 'speed limit' feature and I probably won't take it any further. I got the idea from TUAW.com, who doesn't allow more than three comments. A number-of-links threshold could be implemented as easily and neatly as the 'speed limit' is currently, but that's beyond my capacity right now. If anyone wants something like this in the stock release, talk to the (awesome) GL team!

To enable: just add this after line 349--$comment = addslashes ($comment)--in 'comment.php'. (Might be different, I'm still a rev or two down, I think.)

# ugly code added by BMA to kill comment spam
# simple enough: 4 or more 'href' tags = DON'T ACCEPT
# ugly but I'm sick of cleaning up gl_comments in phpMyAdmin
#
# note that this happens *after* the speed limit test but *before* the 
# insert so if a user hits 'submit', gets this message, goes back, fixes 
# his comment, and presses 'submit' again, they will then see your
# 'speed limit' message if they edit quickly.
#
# improvements welcome!
# send comments, fixes, etc. to brianashe izat gmail dizot com
#
# To adjust the threshold, change commentParts[4]
# from '4' to whatever number you want to trigger a failure.
#
# 'strtolower' is used to capture href, HREF, HrEf, etc.
#

$commentSpamMessage="Sorry! We can't allow comments with more than three 'href'
    tags. This is an effort to reduce comment spam. If you have a legitimate
    need to post more than three links, please create a page somewhere and post
    one link to it here. Sorry to have to do this. Just another way spammers
    are ruining the world in general and the Internet in particular."; 
                   
if (isset($comment)) {
    $commentParts=explode("href",strtolower($comment));
    if (isset($commentParts[4])) {
        die ($commentSpamMessage);
    }
}

0 comments



http://apple.newbox.org/article.php?story=geeklog_spam