Um, isn't that the idea behind a captcha? We've got that already. http://drupal.org/project/captcha On Saturday 01 October 2005 10:44 am, Theodore Serbinski wrote:
One method we may want to look into. When a session is created a for user and they are on a page that allows comments, we come up with a unique hash based on say the node ID and session ID. We store this in the user's session. When the user goes to create a comment, we pass this unique hash with a hidden input field and when they click "post comment" we verify this input hidden hash against one stored in the user's session. This should prevent most spam comments, IMO.
ted
On 10/1/05, Khalid B <kb@2bits.com> wrote:
This defense may work for a while, but will be very short lived.
Spam bots will be upgraded to fake a referer that contains the domain name.
The spam arms race continues ...
-- Larry Garfield AIM: LOLG42 larry@garfieldtech.com ICQ: 6817012 "If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it." -- Thomas Jefferson