Wp

’t Moet ergens van eind 2009 geweest zijn dat ik ogenschijnlijk nog gewerkt heb aan WP Mollom, een plugin voor WordPress die toelaat om comment spam te bestrijden via Mollom. De versie die op mijn blogje staat heeft sindsdien geen updates meer gekregen. En dat laat zich duidelijk voelen. Ik krijg af en toe te horen dat het niet zo eenvoudig is om commentaar hier achter te laten. En daar ben ik me maar al te bewust van.

Hoog tijd voor een nieuwe versie dus.

In het laatste anderhalf jaar heb ik, samen met anderen, af en aan gewerkt aan een opvolger. Er is nog geen eerste, stabiele versie van uit, maar ver zitten we er niet meer van af. Ik hou aan het principe eating your own dog food en dus heb ik bij wijze van test de opvolger op mijn blogje ingezet. Het idee is natuurlijk dat spam geblokkeerd blijft, maar dat jullie, lezers en lezeressen, een pak minder zullen worden gehinderd.

Voor de geïnteresseerden: je kan al eens neuzen in de code (gebruiken op eigen risico!). Pas als alle bugs er uit zijn geijzerd, komt de eerste stabiele versie uit. Nog even geduld dus.

We zijn razend benieuwd hoe de testversie presteert!

Over the past couple of days, it became apparent that WP Mollom suffers an issue where it “eats” your comment when a CAPTCHA is shown. The result is that only half of your comment is saved. Not good of course.  Apart from that, there was also a problem with character encoding.

Of course, this issue needs solving. I could recreate the problem on a testsetup and found the culprit. This issue rears its’ ugly head when a commenter uses double quotes in his/her comment. Because of the way WordPress implements commenting, I have to embed the commentdata in the CAPTCHA form as a cluster of hidden fields. The handling of the encoding was a bit wonky here which causes data to get corrupted.

I fixed the issue and commited the code in the development version of the plugin (trunk). I’m not commiting it to a stable version yet because the adjusted code needs testing against foreign non-western character sets like simplified chinese and such. If your blog is set to use UTF-8 encoding (which it should!), you shouldn’t notice big problems with this update.

If you’re really anxious to get your hands wet, you can download the development version here.

I just released WP Mollom 0.7.1. Here’s the changelog:

• fixed: all plugin panels are now shown in the new WP 2.7 administration interface menu
• fixed: non-western character sets are now handled properly in the captcha form
• fixed: handles threaded comments properly
• fixed: multiple records in the manage module not correctly processed
• improved: extra – non standard – fields added to the comment form don’t get dropped
• improved: revamped the administration panel
• improved: various smaller code improvements
• added: the plugin is now compatible with the new plugin uninstall features in WordPress 2.7
• added: the ‘quality’ of ‘spaminess’ of a comment is now logged and shown as an extra indicator

Wishing all the best in 2009!

So, I wrapped up version 0.5.2 of WP Mollom today. This release is all about fixing several bugs.

• fixed: passing $comment instead of the direct input from $_POST to the show_captcha() and check_captcha() functions.
• improved: implemented wpdb->prepare() in vunerable queries
• improved: mollom_activate() function now more robust
• changed: mollom_author_ip() reflects changes in the API documentation. This is to catch up on the abuse of proxies by spammers. If your host uses a reverse proxy and you know the ip(‘s), just enter them in the dashboard. The plugin takes care of the rest.

I tried to make the plugin compatible with the WP OpenID plugin over the past weeks. But no dice. Stable version 2.1.9 of WP OpenID doesn’t deal with extra fields added to the HTTP POST by other plugins when a request is send to wp-comments-post.php. This causes WP Mollom’s CAPTCHA form and subsequent checks to malfunction.

The good news is that Will Norris of WP OpenID is aware of the problem. The development version does contain a fix for this problem and is actually compatible with WP Mollom. You can check out a copy from the DiSo Project’s Google Code repository if you really want OpenID and Mollom support on your site.

As always: refer to the documentation regarding all the in’s and out’s.

I just released a minor update of WP Mollom with some bugfixes. This is the changelog:

• Fixed: minor issues with the Captcha not being rendered correctly
• Added: mollom_manage_wp_queue() function which adds Mollom support to the default comment administration panel
• Improved: updating from a previous version is now more robust

More info and download on WordPress Extend