Comment Spammers are Scum! Every time something new and cool is invented, jerks like them have to pollute it and ruin it for everyone else.
I finally got tired of manually deleting comment spam from the WordPress comment queue. At this point, one week’s worth of spam added up to 208 messages! Half of these were for a card game that’s apparently popular in President Bush’s home state; the rest were for a diet drug. I won’t dignify either one with a real link.
So, no more pissing in my swimming pool, buddy.
I just implemented a very simple validation scheme. From now on, you must enter my first name when you post a comment. As a hint, I show my name right there on the comment entry screen, like this:
The HTML required to add this field to the form and the PHP used to validate that the field contains the proper string is trivial. In fact, I spent more time writing this post and editing the screen shot than I did working on the code.
First, I added an input field to wp-comments.php (I am assuming that you know enough HTML to figure out where this goes):
I also edited the tabindex for all of the fields after this one, and I made the exact same set of changes in wp-comments-popup.php.
Then I verified that the field was present, in wp-comments-post.php (somewhere around line 45 in my copy of the code): <div style="border: 1px dashed black; padding: 6px; background-color: beige;font-family:monospace;">
$jeff = trim($_POST[‘jeff’]);
if ( ‘Jeff’ != $jeff )
die(“You forgot Jeff’s first name. If you are forgetful, hit Back and try again. “);
The moral of the story is the important thing here. If your tools aren’t good enough, or if they don’t work the way that you want them to, then fix them! This is most easily done if you have the source code to your tools, of course. So, If you are not a developer and you want to learn how to write code, fixing your own tools is a great way to get started. Just pop open the hood, and start poking around inside. You might even learn something, and you could even add it to your resume.