WordPress.org

Ready to get started?Download WordPress

Forums

"Comment author must have a previously approved comment" not working? (28 posts)

  1. Pontificator
    Member
    Posted 9 years ago #

    I have checked "Comment author must have a previously approved comment" under Options. Why is it that spam is still able to get through into the comments?

  2. NuclearMoose
    Member
    Posted 9 years ago #

    Did you make sure to click the "Update Options" button after checking the option? Sorry, have to ask...it's something that I myself forget to do.

  3. watts
    Member
    Posted 9 years ago #

    I'm noticing the same thing. Fortunately, spammers aren't hitting the site yet, but people who haven't commented before are being allowed to comment. I do have the "previously approved comment" option checked.

    While I'm not positive, in comment-functions.php it looks like lines 729-731 are executed early in check_comment:

    $mod_keys = trim( get_settings('moderation_keys') );
    if ('' == $mod_keys )
    return true; // If moderation keys are empty

    ...and that looks like it means that if you don't have anything in your moderation keys, all comments will be approved. I've just put a few spam words in my moderation key block to test this, though. :)

  4. watts
    Member
    Posted 9 years ago #

    The next comment that came in after the spam words were put in the moderation key was in fact held for moderation, so this is the bug.

  5. steevak
    Member
    Posted 9 years ago #

    watts, I've had spam words since the beginning and this function has never worked for me. I don't think that's the only problem. I still get new commenters getting through, and unfortunately most of the new commenters are spammers.

  6. ColdForged
    Member
    Posted 9 years ago #

    I'm issuing a Mosquito report with a patch for the moderation keys thing. Nice find watts.

    steevak, I don't know what to say about your problem, I can't find another hole in it and a test of comments from previously unknown name/addresses get put into moderation. Might you have any plugins that would affect this?

  7. ColdForged
    Member
    Posted 9 years ago #

    Might they be trackbacks or pingbacks, by the way? If so, there was a bug recently reported and fixed for future versions.

  8. steevak
    Member
    Posted 9 years ago #

    coldforged, none of my plugins touch comments. I have comment spam key words and blacklisted words. There are no errors (i.e. blanks,/'s, etc) in these lists. I am definitely still getting commenters who have not been previously approved. For example, today an obviously randomly typing commenter made it through. These are not trackbacks or pingbacks.

    Maybe it's an issue of comment words being carried over from the 1.3a release? Do you think flushing my comment spam words and re-entering them might help?

  9. ColdForged
    Member
    Posted 9 years ago #

    Worth a shot, man. That and perhaps run the upgrade.php script again for good measure.

  10. Pontificator
    Member
    Posted 9 years ago #

    bump

  11. steevak
    Member
    Posted 9 years ago #

    It didn't work. Though I didn't have spam for a few days, I just got 3 comments that made it through which were not from commenters who had previous approved comments. What I have done so far:
    1. Upgraded to 1.5 from 1.3a.
    2. Ran upgrade.php
    3. I have cleared my spam and blacklisted fields, and then reentered it all. I'm positive there are no errors in either of these lists.
    4. I have activated the requirements for name and email, and I have activated the requirement for previously approved comments.
    5. I ran upgrade.php again.
    6. I have also made it that 1 single link causes the comment to be marked for moderation. Apparently this doesn't work if the link is in the URL field.

    As far as I can tell, there either is something uniquely strange with my setup or there is some type of bug.

  12. acrylamid
    Member
    Posted 9 years ago #

    I got the same problem.
    But I have a HTMLArea plugin witch add a HTML-editor to the comments.

  13. Ryan Boren
    WordPress Dev
    Posted 9 years ago #

    Fixed. Whitelisting is no longer skipped if moderation keys are empty.

    http://mosquito.wordpress.org/view.php?id=1028

  14. steevak
    Member
    Posted 9 years ago #

    Ryan, maybe I'm misunderstanding something. Are the moderation keys the spam words and the blacklists? If so, this bug won't be fixed because I have have both of those and the whitelist is still skipped.

  15. h3h
    Member
    Posted 9 years ago #

    I agree with steevak here. It seems there were two separate bugs at work. The first may have been fixed, but now even with the patch applied, people that have previously approved comments cannot submit comments without being flagged for moderation.

    Can we re-examine this problem? I'll look at diving into the code a bit.

  16. h3h
    Member
    Posted 9 years ago #

    I was looking at the code for comment_check() and realized that the whitelisting check is AFTER the moderation keys check. Shouldn't the whitelisting come first?

  17. Ryan Boren
    WordPress Dev
    Posted 9 years ago #

    Yes, we have two separate issues and yes the whitelist arguably should be checked before the spam flags. I thought about rearranging it and then decided to leave it as is for now. If someone wants to write a bug requesting that the whitelist be checked first, I will helpfully assign it to Matt. :-)

  18. h3h
    Member
    Posted 9 years ago #

  19. 46664
    Member
    Posted 9 years ago #

    i just installed 1.5
    i tried posting using a difft name to check if i can post wihtout prior approved comment.
    i encountered the same problem. :(

  20. zodawrap
    Member
    Posted 9 years ago #

    So is this an issue we have to deal with until the next release of WordPress?

    Is there a temporary workaround we can employ?

  21. zodawrap
    Member
    Posted 9 years ago #

    Ahh, I see, you just need to enter at least one word for automatic Comment Moderation and then the previously commented moderation works.

    I wasn't clear on that when I first read the thread.

  22. richards1052
    Member
    Posted 8 years ago #

    This is happening to me as well. When I first installed my blog about a month ago, this setting worked great for me & new comments were moderated. But in the past wk. or so it's stopped working & all new commenters are getting published w/o moderation. I don't have a clue what might've caused this.

    Since I've been linked to today by an anti-Semitic site & have 800 Jew haters now visiting my site & commenting away like mad, this becomes an important issue. Pls. I hope someone can fix it soon or if it has been fixed someone pls. let me know the solution.

  23. richards1052
    Member
    Posted 8 years ago #

    I've even added the setting forcing every comment to be moderated. But it's not working. So every comment is getting published no matter what comment moderation setting I've checked.

    Is this bug being addressed globally in any way &/or is there anything I can do to fix this myself?

  24. Mark (podz)
    Support Maven
    Posted 8 years ago #

    I would very strongly suggest that given the nature of these comments you talk more to your host. They may have had customers with this situation before and given that you pay them money, you should hassle them for help.

    For now:
    - Check "Users must be registered and logged in to comment"
    - RENAME wp-register.php
    - Invite people to contact you by email and you register them

    This means of course that you now get nasty emails. talk to your host. It becomes a legal matter and on those, you really should not be asking a public forum.

  25. richards1052
    Member
    Posted 8 years ago #

    Podz: Thanks for yr. suggestions.

    But I'm not sure how my host will help me with WP's comment settings not working. That's what concerns me most.

    If you mean I should talk to my host about how to deal with an attack of anti-Semitic comments--I can do that (& will). But basically I'm guessing they're going to tell me to use IP Deny Mgr. to deny access to those who abuse my comment section (which I'm now doing thanks to a suggestion made by someone here). That's fine as far as creating a barrier against future infractions. But it does nothing to prevent their first comment. If WP's comment settings worked then it would catch the abusive initial comment. That's what I need.

    Sorry I neglected to reply to your suggestions about changing wp configs. Could you explain what renaming wp-register.php will do & why it might fix things? I don't doubt you--I just like having things explained a bit so I can understand them better.

    I'm not seeing the "user must be registered & logged in to comment" setting. Where is it located?

  26. richards1052
    Member
    Posted 8 years ago #

    Podz wrote:

    For now:
    - Check "Users must be registered and logged in to comment"
    - RENAME wp-register.php
    - Invite people to contact you by email and you register them

    Yes, this is a legitimate route to choose, but not for me. I'm not prepared to become that draconian. If I force every commenter to register before commenting then I immediately lose 90% of all comments. Who wants to go through the rigamarole of registering to make a single comment?

    Though I mentioned a problem w. anti-Semitic commenters above, that's not the main problem. The main problem is I can't get my comment moderation feature working at all. Even with the system configured to moderate every comment, none are & all are published.

    I wish someone who posted earlier in this thread about this being a bug would let me know whether it is & how it's being handled (if at all). It's a serious issue for me & I can't seem to find out anything about it beyond what's been written here.

  27. h3h
    Member
    Posted 8 years ago #

    Richard:

    The patch I posted was for the second described problem (whitelisting occurred after moderation). I'm not sure if this patch is even applicable to the current 1.5 code base anymore.

    Your problem stems from the first bug discussed in this thread which was evidently fixed. You should upgrade your installation to the latest version (1.5.1.3 currently) if you don't already have it.

    If you're still having issues then chances are that something isn't being upgraded properly, you have something configured incorrectly, or something else similar.

    Good luck.

  28. richards1052
    Member
    Posted 8 years ago #

    h3h: I'm new to WP & have never upgraded before here (though I've upgraded FF often & it may be a similar process). What I'm concerned about is all the plugins, hacks & patches I've installed. Will the upgrade take that all into acct. & adjust accordingly; or will I have to go back & update specific files which may be overwritten in the upgrade installation?

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.