JSSpamBlock 1.3
Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
A user of JSSpamBlock found a bug which is rather undesirable; it incorrectly assumes that comments are spam if a new comment hash has since been generated. Versions up to 1.2 have this bug. The new version 1.3 does not, and can be found here: http://wordpress.org/extend/plugins/jsspamblock/ . Sorry for any inconvenience. This will be the last JSSpamBlock for a while, I promise ;).
Thanks to Stephen Darlington for finding this bug.
Very nice simple design. I like it. I’m not a PHP programmer but I read the code to understand how it works.
I see you use it on your site too. That’s a good sign. I wonder how long until the spam bots work around it?
A few thoughts: If the person leaving the comment is logged in then no need to bother with this at all. Can you skip your code if you detect they are logged in?
Why bother with the auto increment ID column?
Shouldn’t the index be on both code and hash.
It would be nice if there were an easy way to modify the text of the prompt and error message. I just edited the code. Not too familiar with other plugins perhaps they all expect people to be able to muck with the code.
Hi John, thanks for the comments.
Yeah, I do use it here. To be honest, I wouldn’t use it here if I hadn’t written it, simply because this blog doesn’t get spammed. But I did testing on another blog that was set up as a spam trap, and it did very well in blocking the spam.
I guess it could be changed to detect if a user is logged in, the reason I didn’t do this is that unlike CAPTCHAs and similar systems, it doesn’t inconvenience the user unless they have JavaScript disabled.
Good point about the id column, it is not used by the script, but I am in the habit of giving every table a unique index. It only takes up a minimal amount of disk space to store, so I don’t plan to change this, but I will keep it in mind in the future.
Good point about the indexes as well, although I think the best way to do it would be to remove the index from `code` altogether. Since `hash` is unique, `code` is never used except to check that they are equal.
I will keep the text modification in mind for the next version as well.
Hey there,
I was just installing your plugin and wondering why I’d have to manually create the table in the database when I could see in the code it should be created automatically. So I did some digging and found out the add_action() isn’t quite right so the install and uninstall functions weren’t being called. Try altering them to include the subfolder path like this.
add_action(‘activate_jsspamblock/jsspamblock.php’, ‘jsspamblock_install’);
add_action(‘deactivate_jsspamblock/jsspamblock.php’, ‘jsspamblock_uninstall’);
It worked for me at least. :)
Thanks a lot david_kw, this makes sense now. I wrote the script expecting that it would be in the root of the plugins folder, not in a separate folder. It will be fixed shortly.
It is now fixed in the subversion repository, once WordPress updates the online version I will do a blog post.
thank you for a great work!
[...] section of the official WordPress plugin repository. I stumbled upon the excellent JSSpamBlock by Paul [...]