Comment hijack…help!

Do you have any comment-related plugin? It could be it.
I haven’t checked WP code, but I don’t think WP will do that.

Just search the code of SK2 for that site and replace it with whatever you want (e.g. your homepage). (I guess, since I don’t use SK2.)

Does the comment still make it to moderation when the visitor gets redirected?

SK2 does not contain a reference to that site anywhere in it’s source code.

This is not normal SK2 behaviour!

Edit:
Looking at the code in spam_karma_2_plugin.php the redirect to the Second Chance page happens around lines 950-965 – could you paste those lines of that file here for us to check??

westi

Ok that code looks like it is correct.

Would it be possible for you to reenable the plugin for a short period for me to see the problem in action by trying to post a comment on your site?

westi

Ok,

Just done a test post and now I understand why this is happening.

The redirection code in Spam Karma 2 is not sending back a fully qualified url for the second-chance page.

When your browser tries to follow the link it can’t because it’s not fully qualified and so it may helpfully try a “I’m feeling lucky” lookup in google and take you there – like if you miss type something in the url bar.

The url that gets returned in the redirect is:

HTTP/1.x 302 Found
Date: Fri, 08 Jul 2005 18:42:01 GMT
Server: Apache/2.0.53
X-Powered-By: PHP/4.3.11
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 08 Jul 2005 18:42:02 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Location: //wp-content/plugins/SK2/sk2_second_chance.php?c_id=148&c_author=example%40example.com
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html


The browser then does this:

http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=wp-content

GET /search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=wp-content HTTP/1.1
Host: http://www.google.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: PREF=ID=27664863d4f98241:CR=1:TM=1114451930:LM=1117277536:L=0AA:S=n5Wt5n6iGz-2mY63

HTTP/1.x 302 Found
Location: http://coding.mu/wp-content/mvcdemo.htm
Cache-Control: private
Content-Type: text/html
Server: GWS/2.1
Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Fri, 08 Jul 2005 18:42:04 GMT

Which sends you to the site in question coding.mu – This is the first result for the following Google Search: wp-content

The following workaround will allow you to use Spam Karma 2:

1. Disable the Capatcha Check plugin in the Spam Karma 2 Options pages by setting it’s strength to disabled.

I have contacted the author of Spam Karma 2 zedrdave and hopefully a fix for this issue will be available soon!

westi

Thats ok.

Hope the Spam Karma 2 Moderate plugin works OK for you now!

westi