XML FeedsSpammer Banishing
By admin on Oct 1, 2005 | In CIRCA | 2 feedbacks »
A note to anyone using b2evolution. It's a very cool multi-user blog application. Spammers are causing us all nightmares! Here is one solution:
I have made it so that by default, all comments have comment_status 'draft'.
I was then wondering why new comments still showed up even though saved as draft within the DB.
Either I couldn't find the correct way to hide these posts, or there isn't one.
So I wrote one.
It seems that I needed a new function.. copy these steps if having comments hidden by default interests you.
1 - Inside b2evocore/_functions_bposts.php I created a function comment_statuses_where_clause which is pretty much exactly the same as statuses_where_clause() but with the SQL references to post_status changed to comment_status
2 - inside b2evocore/_class_commentlist.php, right under
$this->request .= ' AND '.statuses_where_clause( $show_statuses );
I put this line of code
$this->request .= ' AND '.comment_statuses_where_clause( $show_statuses );
3. inside htsrv/comment_post.php, in the SQL that adds the comment to the database, I've added a field so the SQL looks like this:
$query = "INSERT INTO $tablecomments( comment_post_ID, comment_type, comment_author_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_status)
VALUES( $comment_post_ID, 'comment', ".$DB->null($author_ID).",
".$DB->quote($author).", ".$DB->quote($email).",
".$DB->quote($url).",'".$DB->escape($user_ip)."','$now',
'".$DB->escape($comment)."', 'draft' )";
$DB->query( $query );
4. That's it! The spam no longer appears anywhere on the site! The spammer has no chance of publishing and soon gives up.
5. But we still have to manually approve posts that we want, rather than the other way around. That's no big drama either. We are now in a position where we approve the comments that we want, rather than delete the spam we don't want. It's much more relaxing... This can be done in the admin section. I'll post instructions on how to do that shortly.
Do the site admins want me to write this up a bit more properly or become an active committer?
Spam me - aha - you can't!
2 comments
B2evo has an anti-spam function, but it just isn't good enough.
I went into the hitlogs file and found where it was entering hits logs into the database and I commented it out. I don't get any stats, so I just plopped on a free one to the site's main page. Not really a solution if you want stats or if you have multiple blogs, but it worked for this situation fine.
Oh, I also went into the database and deleted all the damn spam, once and for all.
the file htsrv/trackback.php
has this line 82 changed to the below (comment_status and 'draft' added) in order to have trackbacks hidden by default...
$query = "INSERT INTO $tablecomments( comment_post_ID, comment_type, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_status)
VALUES( $comment_post_ID, 'trackback', '".$DB->escape($comment_author)."', '".$DB->escape($comment_author_email)."', '".$DB->escape($comment_author_url)."', '".$DB->escape($user_ip)."', '$now', '".$DB->escape($comment)."', 'draft' )";
This post has 1 feedback awaiting moderation...
Leave a comment
| « Hugging Fairies Is Not A Crime | Seriously Organised Crime, Please Sir » |
