yeah for me too, a captcha is absolutly neccessary as i always have spam bots attempting to get through. I also dont think my users would just write their name in unless they were required.
Installed a few days ago. 1) Wonder why the DiscussionForm_SignOutGuest delegate tests for whether the user is logged in as Guest. The delegate is registered only if ($Context->Session->UserID <= 0). Edit: I see, it also logs users out if the test is left in. However, even if I set $GU with the constant value, the test always fails?
2) At the time the comment is posted, the poster is auth'ed as Guest and if an error occurs, the top-right area shows Signed in as Guest. If DiscussionForm_SignOutGuest does not log the user out as pointed out in 1), the user is still logged in! 3) Aside from issues raised by others above, what about spam protection as set in Application Settings (Members cannot post more than comments within x seconds)? Does it mean if two or more users post independently, they may see the blocking message?
Hi Minisweeper. Is there any time schedule when you could have the name field extension completed as my forum is now completely dead. I have more comments on my content items and am getting really desperate. I would even implement it without captcha at this point, anything to save my forum. It used to be so active but now people are always asking me what happened to my website?
I just wrote the extra bit so it adds the name to the front of the comment, then I realised it'd only work if the comment was HTML formatted. Is that gonna be a problem?
Ok I installed it already and love it. Lets see if the spam bots pick up on it or not. Also, is there anyways to make it mandatory to fill in the username?
Further to Rasqual Twilight's comments (sorry it took a while), 1) I'm not really sure what you mean...? It tests to see if the user is logged in as a guest so that if a user uses the forum to login to their account it doesnt log them out once the post is completed. Were you aware of that functionality? What did you mean by the test failing? At the point the delegate is called the user is 'registered' because they havent been logged out yet. I hope that covers your question cause otherwise i'm confused. 2) Can't really think of a work-around for that yet but it is a bit of an issue...ideas anyone?
try it ... i know this trick from wordpress
http://bueltge.de/wp-simpler-spamschutz-bei-kommentaren/169 (its german, but i think you can read the code)
I guess most bots don't send form data for elements they don't understand, so it relies on the writer of the bot not having made something to handle unforseen checkboxes like that.
hmm. with that checkbox would be interesting to know but it sounds a bit too easy for me. I mean, come on, the spambots are so sophisticated by now and change everyday that im sure they will be able to tick a checkbox.
Also, if that would work i dont think everybody would be using a captcha system which is much more a hassle to use for users.
i agree that spam is always an issue but wanted to just let you know there are situations where this is NOT an issue.
our Vanilla forum is behind a firewall and part of an intranet. so we have total control over the system and don't want people to have to register.
so, minisweeper's solution was the easiest and quickest outside of doing database/application logic surgery.
Comments
1) Wonder why the
DiscussionForm_SignOutGuestdelegate tests for whether the user is logged in as Guest. The delegate is registered onlyif ($Context->Session->UserID <= 0).Edit: I see, it also logs users out if the test is left in. However, even if I set $GU with the constant value, the test always fails?
Proposed fix:
$Username = ForceIncomingString('Username', ''); $Password = ForceIncomingString('Password', ''); if ( $Username == '' ) { $Username = GuestUsername; $Password = GuestPassword; define('IS_GUEST', 1); }and
if (defined('IS_GUEST')) { $DiscussionForm->Context->Session->End($DiscussionForm->Context->Authenticator); }2) At the time the comment is posted, the poster is auth'ed as Guest and if an error occurs, the top-right area shows . If
DiscussionForm_SignOutGuestdoes not log the user out as pointed out in 1), the user is still logged in!3) Aside from issues raised by others above, what about spam protection as set in Application Settings (Members cannot post more than comments within x seconds)? Does it mean if two or more users post independently, they may see the blocking message?
1) I'm not really sure what you mean...? It tests to see if the user is logged in as a guest so that if a user uses the forum to login to their account it doesnt log them out once the post is completed. Were you aware of that functionality? What did you mean by the test failing? At the point the delegate is called the user is 'registered' because they havent been logged out yet. I hope that covers your question cause otherwise i'm confused.
2) Can't really think of a work-around for that yet but it is a bit of an issue...ideas anyone?