Yes it’s true, I’ve had zero comment spam since implementing the keyword scheme. I’ve had quite a few comments, even one from my Dad, which demonstrates that entering the keyword isn’t too onerous. As promised, here’s what I did.
First of all I added the following (in green) at the end of wp-includes/template-functions-comments.php:
echo '</rdf:RDF>';
}
}
function ordinalSuffix($number) {
$suffixes = array("th","st","nd","rd");
$suffixIndex = $number % 10;
if ( $suffixIndex > 3
|| $number == 11
|| $number == 12
|| $number == 13) {
$suffixIndex = 0;
}
return $suffixes[$suffixIndex];
}
?>
Then, I modified wp-comments.php by adding the following:
<p>
<label for="comment"><?php _e("Your Comment"); ?></label>
<br />
<textarea name="comment" id="comment" cols="70" rows="4" tabindex="4"></textarea>
</p>
<p>
<label for="phraseword">As a comment spam precaution, please type the
<?php _e( (1 + ($id % 16)) . ordinalSuffix(1 + ($id % 16)) ) ?>
word of the following phrase: <br />
<q>I know a bank where the wild thyme blows,
where oxlips and the nodding violet grows</q>
</label>
<br />
<input type="text" name="phraseword" id="phraseword" size="28" tabindex="5 " />
</p>
<p>
<input name="submit" type="submit" tabindex="5" value="<?php _e("Say It!"); ?>" />
</p>
Feel free to choose your own pass phrase. Finally, I added the following to wp-comments-post.php:
$comment = trim($_POST['comment']);
$comment_post_ID = intval($_POST['comment_post_ID']);
$user_ip = $_SERVER['REMOTE_ADDR'];
$phrase = 'I know a bank where the wild thyme blows, where oxlips and the nodding violet grows';
$keywords = preg_split("/[s,.]+/", $phrase);
$phraseword = trim($_POST['phraseword']);
if ( empty ($phraseword) ) {
die( __('Sorry, you didn't enter the phrase word.') );
}
else {
if ($phraseword != $keywords[ $comment_post_ID % count($keywords)]) {
die( __('Sorry, you didn't enter the correct phrase word. '));
}
}
if ( 'closed' == $wpdb->get_var("SELECT comment_status FROM $tableposts WHERE ID = '$comment_post_ID'") )
Make sure that your phrase doesn’t have any punctuation at the end otherwise the code to split the phrase into words will add an extra empty word at the end and confuse the code that checks the poster entered the correct word.
There it is. Zero comment spam. For now at least.
I had trouble implementing your system, but finally got it to work. Here are the tweaks I needed to make:the regular expression should be: “/[\s,]+/”,Yours had a period in it, which caused it to match too much.Also, you have ‘Sorry you didn’t… The apostrophe in didn’t causes trouble. I changed it to did not.
(Obviously, this is working properly on your system, but it didn’t on mine until I made those changes. For reference, I’m using 1.3 alpha 2, though I’d be surprised if it really makes a difference.)
Hey, wanted to know if you mind if I try to implement this in Moveable Type with a few modifications. I’d give you full credit in the script and HTML via comments, and supply you with a copy of my modifications so that you can refer MT users to them. Feel free to email, or my AIM is jacksonqwest.