WordPress.org

Support

Support » Plugins and Hacks » trencaspammers (antispam) improvement

trencaspammers (antispam) improvement

  • The trenscanspammers (http://www.estherfuldauer.com/2004/11/08/trencaspammers-10rc-wp-plugin-anti-spam-para-wordpress/)
    plugin is really easy to implement. It’s a picture-authorization scheme that only involves placing one file in your plugins directory and a copy-and-paste of code into wp-comments.php and wp-comments-post.php
    The only problem is that the random number in the image is passed back to the server in the hidden field called ts_random. As more WP sites install this anti-spam plugin, the spambot authors only need to filter the form HTML to capture the value of this field and submit it.
    Here’s an easy fix– customize the name of that hidden field. This obfuscation should make trenscanspammers a bulletproof solution to comment spam.
    wp-comments.php-
    <input type=”hidden” name=”YOUR_IMAGINATION_HERE” value=”<?php print $ts_random; ?>”/>
    wp-comments-post.php-
    $ts_random=$_POST[‘YOUR_IMAGINATION_HERE’];
    The 2 lines of code you’re looking for are in the stuff you copy-and-paste from the trenscanspammers code files. The value you’ll see there will be ts_random instead of “YOUR_IMAGINATION_HERE”.
    Hope this helps people!
    di11rod

Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘trencaspammers (antispam) improvement’ is closed to new replies.
Skip to toolbar