[drupal-devel] simple and effective comment spam prevention
exists and works
Adrian Rossouw
adrian at bryght.com
Sun Oct 2 11:09:22 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02 Oct 2005, at 6:10 AM, Jeremy Andrews wrote:
> Something similar is in core already, and will be in Drupal
> 4.7. It currently cuts out over 99% of the spam I see on
> KernelTrap: http://drupal.org/node/28420
This has been integrated into the form api.
To make any form require a token, you set
$form[token] = $key;
Where key is something specific to the form .. in the case of comment :
$form[token] = 'comment' . $edit['nid'] . $edit['pid'];
It's still fairly easy to download the page first and grep out the
token to send back though, but
it's extra work for the spammer.
- --
Adrian Rossouw
Drupal developer and Bryght Guy
http://drupal.org | http://bryght.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFDP7/SgegMqdGlkasRArSaAJwND55A4jdH/DwS7e3fUjKTvlZ6EQCgutav
whI0qd2ZvcvxJvu4aKCuezM=
=Kl2Q
-----END PGP SIGNATURE-----
More information about the drupal-devel
mailing list